|
Don't forget Fail2ban, which works for a variety of services.
|
# ? Oct 12, 2010 00:32 |
|
|
# ? May 28, 2024 05:06 |
|
I need to reinstall freebsd on my laptop, I wiped it the last time I installed windows, so I will test the usb trickery and report back anti ssh bruteforcing pf magic: code:
code:
|
# ? Oct 12, 2010 04:45 |
|
EvilMoFo posted:install the port expiretable and put this in the crontab for root, this is mine "crontab for root" I was under the general impression that the standard way of doing things on BSD was to put all crons in /etc/crontab if possible. Only users who can't edit /etc/crontab use their own. Thoughts?
|
# ? Oct 12, 2010 05:26 |
|
I tend to be lazy, su/sudo + crontab -e seems easier than vi /etc/crontab I have my pfstat crontab entries under root also in other news... yeah, freebsd does not see the grub assisted iso file boot as an install device. I guess the best option is to use bootonly and either extract the files to do an install from a dos partition or use ftp
|
# ? Oct 12, 2010 06:10 |
|
Which Java run-time is the best? I use PS3 Media Server on my box and presently its on diablo-jdk1.6.0 - but I thought I heard somewhere that OpenJDK was better? Anyone have an opinion?
|
# ? Oct 12, 2010 16:04 |
|
roadhead posted:Which Java run-time is the best? I use PS3 Media Server on my box and presently its on diablo-jdk1.6.0 - but I thought I heard somewhere that OpenJDK was better? Anyone have an opinion? The FreeBSD Foundation funded Sun certification testing for diablo-jdk so it was possible to distribute binary packages and use it to build java/jdk16. The java build process requires java. There seem to be binary packages available for OpenJDK now, though, and that's where the majority of development takes place. OpenJDK is the only one with a working browser plugin, for instance.
|
# ? Oct 13, 2010 15:34 |
|
OpenBSD 4.8 is officially released. The big feature this time is ACPI suspend/resume support for most laptops. This is a custom ACPI implementation written with OpeNBSD (actually rewritten several times from scratch to get it right) rather than the Intel ACPI that most others use. Check the release announcement for the long list of improvements. Freeloaders can now download the release from mirrors, and those of us that pre-ordered can get the full selection of binary packages. Theo de Raadt posted:We are pleased to announce the official release of OpenBSD 4.8.
|
# ? Nov 1, 2010 16:59 |
|
Ok, this is driving me crazy. I have two FreeBSD 8.0 webservers, w1.acme.com (which serves the acme.com website) and w2.acme.com (has nothing to do with the acme.com website, it serves subdomains). I have an Exchange server than handles my organizations acme.com mail. The mail server works perfectly, and w2.acme.com can send mail to acme.com accounts. w1.acme.com, however, thinks that it is responsible for the acme.com accounts and delivers it locally. Mail to other domains is sent without a problem. Any ideas on where to look to solve this? The MX records are correct and resolv.conf is set to use the DNS server responsible for the acme.com zone, it should know that the mail server is elsewhere, like w2.acme.com does. There is an A record for acme.come that points to w1.acme.come's IP, but that shouldn't matter. These servers are basically stock, I have not messed with the sendmail configs at all and there is no local DNS service running.
|
# ? Dec 6, 2010 21:59 |
|
A records will be followed for mail delivery if no MX record exists. If I were to send mail to foo@w1.acme.com and there's no MX record, mail servers would send it to that server whose A is w1.acme.com. Is it running the default MTA (sendmail) or something else? Assuming the mail you're concerned with is foo@acme.com, something in yourconfiguration considers acme.com locally. look in /etc/mail if it's sendmail. One way to force it would be to create an entry (and the file) /etc/mail/mailertable that looks like: code:
code:
|
# ? Dec 6, 2010 23:59 |
|
falz posted:A records will be followed for mail delivery if no MX record exists. If I were to send mail to foo@w1.acme.com and there's no MX record, mail servers would send it to that server whose A is w1.acme.com. Thanks for the reply. It is sendmail, completely stock as FreeBSD installed it. If I do an nslookup on acme.com, it provides the correct MX record for the Exchange SMTP server). I created the mailertable and restarted sendmail but that did not make a difference. Emails sent to user@w1.acme.com and user@acme.com are both going to the same /var/mail/user file. ARGH!
|
# ? Dec 7, 2010 17:42 |
|
Does the Windows server have anything in DNS that references the other server?
|
# ? Dec 7, 2010 18:42 |
|
this suggests you edit the sendmail config and addcode:
|
# ? Dec 7, 2010 18:49 |
|
Bob Morales posted:Does the Windows server have anything in DNS that references the other server? Nope. Everything worked perfectly until about a month and a half ago. I strongly suspect that it is DNS related, even though the OS and sendmail see the correct MX records. Thanks for the suggestion though, I appreciate it! EvilMoFo posted:this suggests you edit the sendmail config and add I think that did it! Mail is coming though!
|
# ? Dec 7, 2010 21:49 |
|
Out of curiosity, what does that server think its hostname is? What's in /etc/hosts ?
|
# ? Dec 8, 2010 14:08 |
|
Just got this on the OpenBSD mailing list, apparently there may have been backdoors planted in OpenBSD by the US Government?The de Raadt posted:I have received a mail regarding the early development of the OpenBSD What else would have used the code from OpenBSD?
|
# ? Dec 15, 2010 02:22 |
|
From what I can tell it's a non-story. Just someone either crazy or trying to stir up trouble. http://www.itworld.com/open-source/130820/openbsdfbi-allegations-denied-named-participant
|
# ? Dec 15, 2010 18:31 |
|
It didn't make it to the front page of freebsd.org, but 8.2 BETA1 and 7.4 BETA1 have been released. http://lists.freebsd.org/pipermail/freebsd-stable/2010-December/060541.html Hopefully we will get RELEASE sometime early in January.
|
# ? Dec 15, 2010 19:52 |
|
I am attempting to compile perl on my Dockstar and it is dying with signal 11. I have swap, which the first and only Google hit mentions as a possible remedy, but alas the error still comes up.code:
|
# ? Dec 19, 2010 10:50 |
|
EvilMoFo posted:I am attempting to compile perl on my Dockstar and it is dying with signal 11. I have swap, which the first and only Google hit mentions as a possible remedy, but alas the error still comes up. Are you running out of swap? How much do you have? I would also check to see if it dies at the exact spot every time. Are you getting anything in weird in /var/log/messages?
|
# ? Dec 19, 2010 20:45 |
|
Yes, same place every time, originally with an earlier version or patch and now with 5.10.1_3. I have 1gb of swap, I have not seen it go past 5mb.code:
edit: I see there is perl 5.12, I am going to try that now edit 2: same issue code:
edit 3: awesome, it looks like it could be gcc loving up my day http://forums.freebsd.org/showthread.php?p=102074 ... but I have gcc4.2.1 EvilMoFo fucked around with this message at 22:16 on Dec 19, 2010 |
# ? Dec 19, 2010 21:16 |
|
I ran into the same thing. 5.8.9 should build properly.
|
# ? Dec 19, 2010 23:38 |
|
In case anyone cares you can't run BSD on the Google Cr-48 laptop. Well you can, but you can't run X. The Intel chip is one of the new ones that needs the GEM/KMS stuff that's only in Linux right now. edit: I suppose you could run it as vesa, but that's stupid.
|
# ? Jan 5, 2011 04:32 |
|
feld posted:In case anyone cares you can't run BSD on the Google Cr-48 laptop. Well you can, but you can't run X. The Intel chip is one of the new ones that needs the GEM/KMS stuff that's only in Linux right now. At least you got one. I assume by BSD you mean FreeBSD. Have you tried a -current OpenBSD? Even if it didn't work I'm sure they'd love to get a dmesg and acpidump from it.
|
# ? Jan 5, 2011 18:21 |
|
Cpt.Wacky posted:At least you got one. Correct, FreeBSD. I haven't tried OpenBSD because running a desktop/laptop on OpenBSD is a bit too masochistic for my tastes. I did provide some FreeBSD devs the pciconf and verbose dmesg dump. It really won't be functional on any *BSD until the KMS/GEM support layers are ported from Linux, which is in progress. After that we'll be able to use the new Nouveau driver and the currently maintained Intel drivers.
|
# ? Jan 5, 2011 23:16 |
|
Does anyone know if it is possible to mount HFS+ volumes under FreeBSD? They only have to be readonly to copy some data into a ZFS pool.
|
# ? Jan 10, 2011 02:47 |
|
Finally getting around to trying to actually use OpenVPN - and I can load pages served by the BSD box across the link, other machines on the LAN can ping the VPN IP of the server. But I can't ping other machines on the LAN with the client, or ping the client from the LAN. I added a route to my gateway to direct 192.168.254.0/8 traffic to 192.168.1.2 - the local IP of the BSD box. I can ping 192.168.254.1 from either side, LAN or VPN - but not say 192.168.254.6 which is the IP my client is getting. I can ping 192.168.1.2 from the VPN, but not 192.168.1.1 or anything else. Must be a routing/firewall thing I've yet to configure eh? UPDATE: Crashed Apache on the gateway using the web interface to change the metric on the only static route I've put on the device. Telnet in and view the routes, and suddenly it decides to work. I guess it wasn't fully set/needed a bump. Of course this was a problem with the device in the equation running Linux! EDIT: Ok I can ping, and FileZilla will SFTP (over VPN, seems like overkill!) but won't vanilla FTP. I can use windows CLI FTP. I have also set the DNS IPs, tested them using nslookup, and can get DNS resolution via nslookup, but not just using ping at a cmd prompt. Could this be a problem with my config? Its an IP Tunnel using UDP. EDIT2: Discovered how to push DHCP options like the DNS suffix to my windows clients, and DNS resolution is working great now. I much prefer http://camera/ to http://whatever.dyndns.org:8080/ - but I am just weird I guess roadhead fucked around with this message at 15:38 on Jan 17, 2011 |
# ? Jan 10, 2011 19:20 |
|
I just installed FreeBSD (8.2-RC) coming from a linux-environment. I really like most stuff except that I'm apparently retarded and can't configure DHCP anymore (took me a good 12 hours to notice 192.168.0.0 vs 192.168.1.0. To my defense I was tired). I'm sure 99 % of the people here knows it, but enabling compression on a RAIDZ array is a very bad idea for speed. Over gigabit ethernet I got ~16 mb/s, without compression it jumped to ~40mb/s - still a bit slow considering it's a 3 disk array. Is there any way to further improve speeds?
|
# ? Jan 17, 2011 15:43 |
|
Marinmo posted:I just installed FreeBSD (8.2-RC) coming from a linux-environment. I really like most stuff except that I'm apparently retarded and can't configure DHCP anymore (took me a good 12 hours to notice 192.168.0.0 vs 192.168.1.0. To my defense I was tired). What drives? Isn't RAIDZ going to be ~ fast as a single drive for random stuff? Also, shouldn't compression be faster as long as you're not using a really slow CPU?
|
# ? Jan 17, 2011 16:09 |
|
You didn't apply compression to a volume full of already compressed things, did you? FLACs and MP3s will cause gzip to chug CPU with little gain.
|
# ? Jan 17, 2011 17:01 |
|
This is why you setup several "datasets" under the one volume, each can have different ZFS options, such as which hash to use, compression and what level, and lots of other stuff.
|
# ? Jan 17, 2011 17:38 |
|
I think if you enable compression (or dedup for that matter, or any similair properties) it only applies the property to newly created files. So enabling compression on a full filesystem won't compress the contents, only new files put there.
|
# ? Jan 17, 2011 18:45 |
|
Bob Morales posted:What drives? Isn't RAIDZ going to be ~ fast as a single drive for random stuff? I copied some already compressed files in this case. Haven't tried uncompressed stuff. The CPU is a C2D 6750 with 4 gigs of ram, should be plenty, no? complex posted:You didn't apply compression to a volume full of already compressed things, did you? FLACs and MP3s will cause gzip to chug CPU with little gain. roadhead posted:This is why you setup several "datasets" under the one volume, each can have different ZFS options, such as which hash to use, compression and what level, and lots of other stuff. FISHMANPET posted:I think if you enable compression (or dedup for that matter, or any similair properties) it only applies the property to newly created files. So enabling compression on a full filesystem won't compress the contents, only new files put there.
|
# ? Jan 17, 2011 18:54 |
|
Marinmo posted:1,5TB Seagate Barracuda 7200rpm, so it's not the green edition stuff that's hampering me. All the datasets pull from the same pool of free disk space, its just that you can have different options for each one depending on the kind of data you are storing. Look at my free space for instance code:
|
# ? Jan 18, 2011 22:45 |
|
Marinmo posted:Well I don't really need to enable it, just thought it was a neat idea. Almost slicing speeds by three was not acceptable, so I just removed it. It actually makes /usr/ports and /usr/src much faster to work with on my Atom NAS. Also, it's great to use it for /var/log so you dont have to compress logs when you rotate.
|
# ? Jan 18, 2011 23:31 |
|
I am fed up with usb ethernet devices, both of my aue devices (one dlink, one linksys) crash and make the dockstar completely useless as a router. Has anyone else experienced their usb network cards constantly going up and down only to eventually become unresponsive with ping screaming that there is "no buffer space available"? I saw a post about axe having the problem, and that it is apparently fixed in -current, but there was no mention of a fix for aue. I sense that, in the end, I will simply just go back to an x86 router. Though, spending ~150 and get this, with 2 real network interfaces, might be worth it.
|
# ? Feb 18, 2011 08:46 |
|
EvilMoFo posted:I am fed up with usb ethernet devices, both of my aue devices (one dlink, one linksys) crash and make the dockstar completely useless as a router. I had two axe devices that simply burnt out after being online for a month. After it happened two times i just gave up the usb plan.
|
# ? Feb 18, 2011 15:23 |
|
conntrack posted:I had two axe devices that simply burnt out after being online for a month. After it happened two times i just gave up the usb plan. I thought GigE performance on my re0 device was bad (no jumbo frame support in the FreeBSD drive) - but at least its stable!
|
# ? Feb 18, 2011 15:53 |
|
EvilMoFo posted:Though, spending ~150 and get this, with 2 real network interfaces, might be worth it. Everything I've heard about these says they aren't worth it because the power supplies are horrible, overheat and die. Something like the Microtek Routerboards might be worth a shot instead.
|
# ? Feb 18, 2011 18:14 |
|
I got an ITX board and put a random pci card in it with openbsd. the machine reboots when there is poweroutages or if i kick the power cord. the last reboot was when i upgraded the OS to 4.8 in november. poo poo takes 45w of power idle or 100% loaded no difference but it is rock solid and true 100mbit.
|
# ? Feb 18, 2011 22:40 |
|
|
# ? May 28, 2024 05:06 |
|
I had one of these running OpenBSD as a irc/shell box, but it only had one ethernet port. If it had a second (and possibly a wifi card) it would have been perfect. Power brick was 1.2A @ 12v
|
# ? Feb 18, 2011 22:47 |