Re: cputype=486
* Marcel Moolenaar <[EMAIL PROTECTED]> [010901 18:10]: > On Sat, Sep 01, 2001 at 01:22:12PM -0700, John Baldwin wrote: > > > > >> > > >> Is *ANYTHING* going to be done about this ever? It appears nothing > > >> was done at all during the 4.4 cycle. > > > > > > If I have some time (yeah, right :-) I'll take a look at it. The > > > quickest fix would be to define CPUTYPE as empty when building > > > cross- and build-tools. This should override any definitions that > > > are present in /etc/make.conf. > > > > That doesn't help. The problem is that the cross-tools built during buildworld > > are linked against the hosts' libc.a, and then run on the target machine in > > installworld. Thus, in this case you end up running a 686 libc.a in the cross > > tool on a 486 and it blows up. > > > > Ah yes. In that case it only works if you link shared, but then you > have different problems. I guess this rules out CPUTYPE as a generic > tunable. If you want the highest possible performance, you give up > on portibility. You can't have it both... Is this a *NO*, we're not interested in fixing it? If so, some BIG notices should be in /etc/defaults/make.conf around the CPUTYPE setting. I really think this should be fixed somehow (Not that I would know how...) -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 972-414-9812 E-Mail: [EMAIL PROTECTED] US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749 To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: Ethernet Card Recommendation...
Tenebrae <[EMAIL PROTECTED]> wrote: > > One of the replies to my inquiry said that the Netgear network adapters do > > not work well with certain AMD-based motherboards. Considering that one of > > my future upgrades will be to build a multi-processor Athlon system, this > > caused me a bit of concern. > > Not sure about that... > I am using a Netgear FA310TX network card on my freeBSD 4.3-STABLE server > with an ASUS P5A Super Socket 7 motherboard (ALi chipset) and an AMD > K6-2/350 processor. I've been pretty happy with it. Only problems I've The Netgear card is definitely an issue with the ASUS A7M266 motherboard (AMD 760-based, single CPU however). Check out the alt.comp.periphs.mainboard.asus newsgroup for more info. -- Darryl Okahata [EMAIL PROTECTED] DISCLAIMER: this message is the author's personal opinion and does not constitute the support, opinion, or policy of Agilent Technologies, or of the little green men that have been following him all day. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: FreeBSD and Athlon Processors
"Juha Saarinen" <[EMAIL PROTECTED]> wrote: > Have a look at www.viahardware.com, where they test a variety of boards > for the data corruption bug. For the lazy, the URL is: http://www.viahardware.com/686b_1.shtm -- Darryl Okahata [EMAIL PROTECTED] DISCLAIMER: this message is the author's personal opinion and does not constitute the support, opinion, or policy of Agilent Technologies, or of the little green men that have been following him all day. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: NeoMagic 256Z: pcm0: play interrupt timeout, channel dead
Warner Losh writes: > In message <[EMAIL PROTECTED]> Andrew Gallatin >writes: > : And I've appended a dmesg. > : > : Thanks for any help.. > > Does it work if you disable pcic in your kernel? I hope the answer is > "no change" > > Warner No change. You're off the hook. BTW, no breakage between 4.2-stable and now as far as the pccard stuff goes either. Keep up the good work ;) Drew To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: DOS prevent ?
On Sunday 02 September 2001 02:19, klein brock wrote: > Hi, > > does anybody know how to prevent DOS ? i was DOSed and > down for 1 day... can somebody help me ? - You need more details - This isn't really a "stable" issue; I'd use questions. - If you are personally be DOSed, in the sense that your ports are being flooded, then just shut off all services. Of course, if you are running a server, this isn't feasible. But if you can just go into inet and shut everything down and shut down all other internet daemons, there's nothing to flood; if that's too drastic, stop services at the firewall to all except those you intend to serve. If you are really running an internet server, then it's really hard. You can set up filters that reject packets from the same location "too close" to each other, but at some point the time to analyze the packtes and figure out that you should reject them can be flooded, too, so ultimately, against a sufficiently strong DOS, you are SOL. > > Thank you > > __ > Do You Yahoo!? > Get email alerts & NEW webcam video instant messaging with Yahoo! Messenger > http://im.yahoo.com > > To Unsubscribe: send mail to [EMAIL PROTECTED] > with "unsubscribe freebsd-stable" in the body of the message -- Brian T. Schellenberger . . . . . . . [EMAIL PROTECTED] (work) Brian, the man from Babble-On . . . . [EMAIL PROTECTED] (personal) > Free Dmitry Sklyarov! <- To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: NeoMagic 256Z: pcm0: play interrupt timeout, channel dead
Gregory Neil Shapiro writes: > imp> Does it work if you disable pcic in your kernel? I hope the answer is > imp> "no change" > > Since I have the same sound driver and it is having the same problem, I am > "happy" (though that is the wrong word) to report that removing pcic from > the kernel doesn't fix the problem. My laptop remains soundless. I don't suppose you have any idea when it broke? I update this machine very infrequently -- pccard & vmware are in use on this machine and make it a PITA to upgrade.. My working kernel is dated March 1st, 2001. When's the last time sound worked on your machine? Thanks, Drew To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: cputype=486
If I am installing FreeBSD 4.3RC X or the upcoming 4.4 Release on a 486 based machine, how will this affect me. Is there a workaround necessary?, or will the system binary install work fine? Could I run into problems with a later buildworld?, and if so is there a procedure to prevent that? Thanks in advance, Stephen Hilton To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: cputype=486
On Sun, Sep 02, 2001 at 01:28:15PM -0500, Stephen Hilton wrote: > If I am installing FreeBSD 4.3RC X or the upcoming 4.4 Release on a 486 > based machine, how will this affect me. > > Is there a workaround necessary?, or will the system binary install work > fine? > > Could I run into problems with a later buildworld?, and if so is there a > procedure to prevent that? > It would be useful if you included some context so that one would know what you are talking about. >From the subjectline I assume that you refer to the fact that setting CPUTYPE in /etc/make.conf can cause problems in certain situations. If CPUTYPE is not set then you don't have to worry about it. By default it is not set. The releases are compiled without it. The only time setting CPUTYPE can cause problems is if you are building the world on one machine and then installing on another and the world that is running on the buildmachine was previously built with a CPUTYPE setting that the installmachine does not support. If you install one of the official releases and never set CPUTYPE then you will not have any problems. (At least not from this. Other problems might of course occur. :-) ) -- Erik Trulsson [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
IPFirewall again
Hello If I use the following rules and I can connect via ftp (for example ftp.freebsd.org) but after the successful login I can't do "ls". The permissons are always denied. Why? Which port need I also? # DNS (läuft nur über UDP) ipfw add allow udp from me to any 53 keep-state # SMTP ipfw add allow tcp from me to any 25 keep-state ipfw add allow udp from me to any 25 keep-state # POP3 ipfw add allow tcp from me to any 110 keep-state ipfw add allow udp from me to any 110 keep-state # HTTP ipfw add allow tcp from me to any 80 keep-state ipfw add allow udp from me to any 80 keep-state # FTP ipfw add allow tcp from any to any 20 keep-state ipfw add allow udp from any to any 20 keep-state # FTP 2. ipfw add allow tcp from any to any 21 keep-state ipfw add allow udp from any to any 21 keep-state # SSH ipfw add allow tcp from me to any 22 keep-state ipfw add allow udp from me to any 22 keep-state # Telnet ipfw add allow tcp from me to any 23 keep-state ipfw add allow udp from me to any 23 keep-state # Ping / TraceRoute ipfw add allow icmp from me to any # Whois ipfw add allow tcp from me to any 63 keep-state ipfw add allow udp from me to any 63 keep-state # Gopher ipfw add allow tcp from me to any 70 keep-state ipfw add allow udp from me to any 70 keep-state # Finger ipfw add allow tcp from me to any 79 keep-state ipfw add allow udp from me to any 79 keep-state # NNTP ipfw add allow tcp from me to any 119 keep-state ipfw add allow udp from me to any 119 keep-state # NTP ipfw add allow tcp from me to any 123 keep-state ipfw add allow udp from me to any 123 keep-state -- Regards, Martin Schweizer <[EMAIL PROTECTED]> PC-Service M. Schweizer; Gewerbehaus Schwarz; CH-8608 Bubikon Tel. +41 55 243 30 00; Fax: +41 55 243 33 22; http://www.pc-service.ch To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
RE: IPFirewall again
try ftp ftp.host.domain ftp> passive should switch passive on or off not sure now. does it work then? Sven Huster > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Martin Schweizer > Sent: 02 September, 2001 19:44 > To: [EMAIL PROTECTED] > Subject: IPFirewall again > > > Hello > > If I use the following rules and I can connect via ftp (for example > ftp.freebsd.org) but after the successful login I can't do "ls". The > permissons are always denied. Why? Which port need I also? > > # DNS (läuft nur über UDP) > ipfw add allow udp from me to any 53 keep-state > # SMTP > ipfw add allow tcp from me to any 25 keep-state > ipfw add allow udp from me to any 25 keep-state > # POP3 > ipfw add allow tcp from me to any 110 keep-state > ipfw add allow udp from me to any 110 keep-state > # HTTP > ipfw add allow tcp from me to any 80 keep-state > ipfw add allow udp from me to any 80 keep-state > # FTP > ipfw add allow tcp from any to any 20 keep-state > ipfw add allow udp from any to any 20 keep-state > # FTP 2. > ipfw add allow tcp from any to any 21 keep-state > ipfw add allow udp from any to any 21 keep-state > # SSH > ipfw add allow tcp from me to any 22 keep-state > ipfw add allow udp from me to any 22 keep-state > # Telnet > ipfw add allow tcp from me to any 23 keep-state > ipfw add allow udp from me to any 23 keep-state > # Ping / TraceRoute > ipfw add allow icmp from me to any > # Whois > ipfw add allow tcp from me to any 63 keep-state > ipfw add allow udp from me to any 63 keep-state > # Gopher > ipfw add allow tcp from me to any 70 keep-state > ipfw add allow udp from me to any 70 keep-state > # Finger > ipfw add allow tcp from me to any 79 keep-state > ipfw add allow udp from me to any 79 keep-state > # NNTP > ipfw add allow tcp from me to any 119 keep-state > ipfw add allow udp from me to any 119 keep-state > # NTP > ipfw add allow tcp from me to any 123 keep-state > ipfw add allow udp from me to any 123 keep-state > > -- > Regards, > > Martin Schweizer > <[EMAIL PROTECTED]> > > PC-Service M. Schweizer; Gewerbehaus Schwarz; CH-8608 Bubikon > Tel. +41 55 243 30 00; Fax: +41 55 243 33 22; http://www.pc-service.ch > > To Unsubscribe: send mail to [EMAIL PROTECTED] > with "unsubscribe freebsd-stable" in the body of the message > To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: IPFirewall again
Maybe my configs can help you to setup a simple statuful firewall. you don't need to use rules like this "allow from me to any" there are "in" and "out" filters. use them --- ppp.conf default: set log Phase Chat LCP IPCP CCP tun command set redial 15 65536 set reconnect 15 65536 nat enable yes nat deny_incoming no nat punch_fw 500 100 #<- Keep an EYE on THIS this allows temp rules be added which allow activ FTP traffic back in. It's the ppp client from CURRENT. nat use_sockets yes nat same_ports yes nat port tcp 172.16.1.101:4000 4000 nat port tcp 172.16.1.1:80 80 nat port tcp 172.16.1.1:443 443 disable iface-alias ipfw.rules fwcmd="/sbin/ipfw" #Flush all $fwcmd -f flush #Temp-rule $fwcmd add 5 pass all from any to any #LOCALDEVICES $fwcmd add 20 pass all from any to any via lo0 $fwcmd add 30 pass all from any to any via rl0 $fwcmd add 40 pass all from any to any via xl0 #BOGUS NETWORK $fwcmd add 50 deny log all from 192.168.0.0/16 to any in via tun0 $fwcmd add 60 deny log all from 172.16.0.0/12 to any in via tun0 $fwcmd add 70 deny log all from 10.0.0.0/8 to any in via tun0 $fwcmd add 80 deny log all from 127.0.0.0/8 to any in via tun0 $fwcmd add 90 deny log all from 0.0.0.0/8 to any in via tun0 $fwcmd add 100 deny log all from 169.254.0.0/16 to any in via tun0 $fwcmd add 110 deny log all from 192.0.2.0/24 to any in via tun0 $fwcmd add 120 deny log all from 204.152.64.0/23 to any in via tun0 $fwcmd add 130 deny log all from 224.0.0.0/3 to any in via tun0 #COUNTRULES FOR MRTG $fwcmd add 131 count tcp from any to any via tun0 $fwcmd add 132 count udp from any to any 27000-28000 out via tun0 $fwcmd add 133 count tcp from any 1024-65535 to any 21 in via tun0 $fwcmd add 134 count tcp from any 20 to any 1024-65535 out via tun0 $fwcmd add 135 count tcp from any 49153-65535 to any 1024-65535 out via tun0 $fwcmd add 136 count tcp from any to any 80 in via tun0 $fwcmd add 136 count tcp from any to any 80 out via tun0 #shape outgoing FTP-traffic $fwcmd add 140 pipe 1 tcp from any 20 to any 1024-65535 out via tun0 $fwcmd add 141 pipe 1 tcp from any 1024-65535 to any 21 in via tun0 $fwcmd add 142 pipe 1 tcp from any 49153-65535 to any 1024-65535 out via tun0 $fwcmd pipe 1 config bandwidth 96Kbit/s queue 20Kbyte $fwcmd add 160 check-state #Let Ping,traceroute, work in both directions $fwcmd add 200 pass icmp from any to any in via tun0 icmptypes 8,11,3 keep-state $fwcmd add 205 pass udp from any to any 33434-33690 in via tun0 keep-state #Allow access to port 22,80,25,443,21 $fwcmd add 210 pass tcp from any to any 22 in via tun0 keep-state setup $fwcmd add 220 pass tcp from any to any 80 in via tun0 keep-state setup $fwcmd add 225 pass tcp from any to any 25 in via tun0 keep-state setup $fwcmd add 230 pass tcp from any to any 443 in via tun0 keep-state setup $fwcmd add 240 pass tcp from any to any 21 in via tun0 keep-state setup #Allow others to use my FTP passive PORT-range $fwcmd add 250 pass tcp from any 1024-65535 to any 49153-65535 in via tun0 keep-state setup #Deny authorize.quake3arena.com ;) $fwcmd add 260 deny udp from any to 192.246.40.56 out via tun0 #Allow all TCP/UDP/ICMP requests out and let them keep state. $fwcmd add 280 pass tcp from any to any out via tun0 setup keep-state $fwcmd add 290 pass udp from any to any out via tun0 keep-state $fwcmd add 300 pass icmp from any to any out via tun0 keep-state #Log all denied packets $fwcmd add 65530 deny log all from any to any #Delete TEMP-RULE $fwcmd delete 5 - - Original Message - From: "Martin Schweizer" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, September 02, 2001 7:44 PM Subject: IPFirewall again > Hello > > If I use the following rules and I can connect via ftp (for example > ftp.freebsd.org) but after the successful login I can't do "ls". The > permissons are always denied. Why? Which port need I also? > > # DNS (läuft nur über UDP) > ipfw add allow udp from me to any 53 keep-state > # SMTP > ipfw add allow tcp from me to any 25 keep-state > ipfw add allow udp from me to any 25 keep-state > # POP3 > ipfw add allow tcp from me to any 110 keep-state > ipfw add allow udp from me to any 110 keep-state > # HTTP > ipfw add allow tcp from me to any 80 keep-state > ipfw add allow udp from me to any 80 keep-state > # FTP > ipfw add allow tcp from any to any 20 keep-state > ipfw add allow udp from any to any 20 keep-state > # FTP 2. > ipfw add allow tcp from any to any 21 keep-state > ipfw add allow udp from any to any 21 keep-state > # SSH > ipfw add allow tcp from me to any 22 keep-state > ipfw add allow udp from me to any 22 keep-state > # Telnet > ipfw add allow tcp from me to any 23 keep-state > ipfw add allow udp from me to any 23 keep-state > # Ping / TraceRoute > ipfw add allow icmp from me to any > # Whoi
Re: IPFirewall again
"Sven Huster" writes: > try > > ftp ftp.host.domain > ftp> passive > > should switch passive on or off not sure now. > does it work then? For passive to work one has to allow all tcp outgoing connections. Or if not all, then at least over a broad range of ports. For non-passive to work one has to allow incoming connections from remote port 20. Would be a useful addition to the keep-state rules: an exception which opens a specific reverse opening from port 20 of any host which has an active port 21 connection. natd's punch_fw option monitors port 21 connections for the sequences which cause data connections to open and inserts ipfw rules to allow both passive and non-passive. Then removes when the connection is finished. Have found this works with IE 5.0 on MacOS but not on Win32. Something is different about the exchange, even to the same ftpd server. The command line ftp on the Win32 machine has no problems where IE fails. Am not sure how to make natd apply to the machine which is hosting natd. Haven't tried very hard, but do know my firewall can't fetch thru itself. -- David Kelly N4HHE, [EMAIL PROTECTED] = The human mind ordinarily operates at only ten percent of its capacity -- the rest is overhead for the operating system. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: IPFirewall again
Martin Schweizer <[EMAIL PROTECTED]> wrote: > If I use the following rules and I can connect via ftp (for example > ftp.freebsd.org) but after the successful login I can't do "ls". As a side note, if you only need a directory listing, you can also type "rs ." (don't forget the dot). If you use an FTP client that doesn't know the rs command, you can use "quote stat ." instead. FreeBSD's client knows rs, so you can use that. The advantage of rs over ls is that it works through fire- walls, no matter what, because the directory listing data is transferred through the control connection (it doesn't require a data connction like "ls"). Unfortunately, some FTP servers don't support it correctly. Most servers whose authors have read and understood RFC959 usually get it right, though, which includes FreeBSD's ftpd and wuftpd. ;-) Regards Oliver -- Oliver Fromme, secnetix GmbH & Co KG, Oettingenstr. 2, 80538 München Any opinions expressed in this message may be personal to the author and may not necessarily reflect the opinions of secnetix in any way. "All that we see or seem is just a dream within a dream" (E. A. Poe) To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
