From owner-freebsd-isp@FreeBSD.ORG Sun Sep 21 09:59:05 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 11E7E16A4B3 for ; Sun, 21 Sep 2003 09:59:05 -0700 (PDT) Received: from srv1.cosmo-project.de (srv1.cosmo-project.de [213.83.6.106]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7BDD243FE0 for ; Sun, 21 Sep 2003 09:59:03 -0700 (PDT) (envelope-from ticso@cicely12.cicely.de) Received: from cicely5.cicely.de (cicely5.cicely.de [IPv6:3ffe:400:8d0:301:200:92ff:fe9b:20e7]) (authenticated bits=0) h8LGwwFs098606 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=OK); Sun, 21 Sep 2003 18:59:00 +0200 (CEST) (envelope-from ticso@cicely12.cicely.de) Received: from cicely12.cicely.de (cicely12.cicely.de [IPv6:3ffe:400:8d0:301::12]) by cicely5.cicely.de (8.12.10/8.12.10) with ESMTP id h8LGwuWZ022962 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 21 Sep 2003 18:58:57 +0200 (CEST) (envelope-from ticso@cicely12.cicely.de) Received: from cicely12.cicely.de (localhost [127.0.0.1]) by cicely12.cicely.de (8.12.9/8.12.9) with ESMTP id h8LGwurY058125; Sun, 21 Sep 2003 18:58:56 +0200 (CEST) (envelope-from ticso@cicely12.cicely.de) Received: (from ticso@localhost) by cicely12.cicely.de (8.12.9/8.12.9/Submit) id h8LGwphG058124; Sun, 21 Sep 2003 18:58:51 +0200 (CEST) Date: Sun, 21 Sep 2003 18:58:50 +0200 From: Bernd Walter To: nbari@unixmexico.com Message-ID: <20030921165850.GW21665@cicely12.cicely.de> References: <45984.148.243.211.1.1064121651.squirrel@mail.unixmexico.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <45984.148.243.211.1.1064121651.squirrel@mail.unixmexico.com> X-Operating-System: FreeBSD cicely12.cicely.de 5.1-CURRENT alpha User-Agent: Mutt/1.5.4i cc: freebsd-isp@freebsd.org Subject: Re: server rebooted X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: ticso@cicely.de List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Sep 2003 16:59:05 -0000 On Sun, Sep 21, 2003 at 12:20:51AM -0500, nbari@unixmexico.com wrote: > Hello. > > I have a dedicated server the one was up for more than 84 days but this > Friday 19, suddenly the server was rebooted. > > this is the output of the "last" command > > # last | grep reboot > reboot ~ vie 19 sep 13:55 > > > I already have check the logs but i can't found any hint that could help > me to know why the server as was rebooted. > > > Any idea on what to check or how to know what makes the server to reboot? If there's no shutdown entry then it most likely crashed or power dropped. -- B.Walter BWCT http://www.bwct.de ticso@bwct.de info@bwct.de From owner-freebsd-isp@FreeBSD.ORG Mon Sep 22 05:21:01 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B273016A4B3 for ; Mon, 22 Sep 2003 05:21:01 -0700 (PDT) Received: from smtp04.wxs.nl (smtp04.wxs.nl [195.121.6.59]) by mx1.FreeBSD.org (Postfix) with ESMTP id CC01043FAF for ; Mon, 22 Sep 2003 05:21:00 -0700 (PDT) (envelope-from akruijff@kruij557.speed.planet.nl) Received: from kruij557.speed.planet.nl (ipd50a97ba.speed.planet.nl [213.10.151.186]) by smtp04.wxs.nl (iPlanet Messaging Server 5.2 HotFix 1.14 (built Mar 18 2003)) with ESMTP id <0HLM007OH775OY@smtp04.wxs.nl> for freebsd-isp@freebsd.org; Mon, 22 Sep 2003 14:11:31 +0200 (MEST) Received: from Intranet.lan (akruijff@localhost [127.0.0.1]) h8MC9C9k042309;akruijff@Intranet.lan) Received: (from akruijff@localhost) by Intranet.lan (8.12.8p1/8.12.8/Submit) id h8MC9BF5042308; Mon, 22 Sep 2003 14:09:11 +0200 (CEST envelope-from akruijff) Date: Mon, 22 Sep 2003 14:09:11 +0200 From: Alex de Kruijff In-reply-to: <1063258944.19647.5.camel@dreamboy.private.aros.net> To: Devin Message-id: <20030922120911.GG36591@dds.nl> MIME-version: 1.0 Content-type: text/plain; charset=us-ascii Content-transfer-encoding: 7BIT Content-disposition: inline User-Agent: Mutt/1.4.1i References: <1063258944.19647.5.camel@dreamboy.private.aros.net> cc: freebsd-isp@freebsd.org Subject: Re: FreeBSD 4.9-PRERELEASE SMP Problem! X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Sep 2003 12:21:01 -0000 On Wed, Sep 10, 2003 at 11:42:24PM -0600, Devin wrote: > > We currently have a Dual Athlon MP 2000+ Processor machine > using an ASUS A7M266-D motherboard running the latest > FreeBSD Stable source. What happened is the main drive in the > machine decided to stop working so I put in a new hard drive > and restore the system onto the machine using the restore command. > I notice that now when the machine tries to boot up using the SMP kernel > it gets to the point where it says "CPU #1 Launched" and then > the machine reboots. I notice that if I boot the machine up > with 1 processor kernel it boots just fine. After looking at > the dmesg output it appears that a normal kernel would > normally do: > > Waiting 5 seconds for SCSI devices to settle > Mounting root from ufs:da0s1a > > So it appears maybe when in the SMP kernel it reboots around > the time that it is suppose to be mounting the main root filesystem? > > I checked and the BIOS is seeing both processors just fine I am > just not sure what could be the problem since I have never seen > this behavior before. > > Any ideas would help greatly. > > Devin Atencio > > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" The stable list is better suited for these types of mails. -- Alex Articles based on solutions that I use: http://www.kruijff.org/alex/index.php?dir=docs/FreeBSD/ From owner-freebsd-isp@FreeBSD.ORG Mon Sep 22 19:07:44 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C9C7116A4BF for ; Mon, 22 Sep 2003 19:07:44 -0700 (PDT) Received: from smtp3.sentex.ca (smtp3.sentex.ca [64.7.153.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7C97143FE9 for ; Mon, 22 Sep 2003 19:07:43 -0700 (PDT) (envelope-from mike@sentex.net) Received: from smtp2.sentex.ca (smtp2c.sentex.ca [64.7.153.30]) by smtp3.sentex.ca (8.12.9/8.12.9p) with ESMTP id h8N27Z03001334; Mon, 22 Sep 2003 22:07:35 -0400 (EDT) (envelope-from mike@sentex.net) Received: from BLUELAPIS.sentex.ca (cage.simianscience.com [64.7.134.1]) by smtp2.sentex.ca (8.12.9/8.12.9p) with SMTP id h8N27e2x096723; Mon, 22 Sep 2003 22:07:40 -0400 (EDT) (envelope-from mike@sentex.net) From: Mike Tancsa To: Devin Date: Mon, 22 Sep 2003 22:07:42 -0400 Message-ID: References: In-Reply-To: X-Mailer: Forte Agent 1.93/32.576 English (American) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable cc: freebsd-isp@freebsd.org Subject: Re: FreeBSD 4.9-PRERELEASE SMP Problem! X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Sep 2003 02:07:44 -0000 On 10 Sep 2003 23:42:24 -0600, in sentex.lists.freebsd.isp you wrote: > >We currently have a Dual Athlon MP 2000+ Processor machine >using an ASUS A7M266-D motherboard running the latest >FreeBSD Stable source. What happened is the main drive in the >machine decided to stop working so I put in a new hard drive >and restore the system onto the machine using the restore command. >I notice that now when the machine tries to boot up using the SMP kernel >it gets to the point where it says "CPU #1 Launched" and then >the machine reboots. I notice that if I boot the machine up >with 1 processor kernel it boots just fine. After looking at >the dmesg output it appears that a normal kernel would=20 >normally do: > >Waiting 5 seconds for SCSI devices to settle >Mounting root from ufs:da0s1a How recent is your stable ? Also, you should post something like this to the stable list. I am running=20 4.9-PRERELEASE FreeBSD 4.9-PRERELEASE #1: Thu Sep 18 on a dual CPU: AMD Athlon(TM) MP 2000+ (1666.74-MHz 686-class CPU) Origin =3D "AuthenticAMD" Id =3D 0x662 Stepping =3D 2 =46eatures=3D0x383fbff AMD Features=3D0xc0480000 Do you have INVARIANTS defined in your kernel by chance ?=20 ---Mike > >So it appears maybe when in the SMP kernel it reboots around >the time that it is suppose to be mounting the main root filesystem? > >I checked and the BIOS is seeing both processors just fine I am >just not sure what could be the problem since I have never seen >this behavior before. > >Any ideas would help greatly. > >Devin Atencio > > >_______________________________________________ >freebsd-isp@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-isp >To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Mon Sep 22 22:53:07 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0DB4916A4B3 for ; Mon, 22 Sep 2003 22:53:07 -0700 (PDT) Received: from webmail.akwireless.net (webmail.akwireless.net [192.189.218.15]) by mx1.FreeBSD.org (Postfix) with SMTP id 1509243FCB for ; Mon, 22 Sep 2003 22:53:06 -0700 (PDT) (envelope-from dee@akwireless.net) Received: (qmail 20592 invoked from network); 23 Sep 2003 05:53:05 -0000 Received: from unknown (HELO papa.wdm.com) (127.0.0.1) by 0 with SMTP; 23 Sep 2003 05:53:05 -0000 From: "W.D. McKinney" To: FreeBSD-ISP In-Reply-To: <000d01c37940$ed542b50$0301a8c0@mrwinslows> References: <000d01c37940$ed542b50$0301a8c0@mrwinslows> Content-Type: text/plain Message-Id: <1064296479.2436.151.camel@papa.wdm.com> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.4 Rubber Turnip www.usr-local-bin.org Date: Mon, 22 Sep 2003 21:54:39 -0800 Content-Transfer-Encoding: 7bit Subject: Re: qmail and signatures X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Sep 2003 05:53:07 -0000 Michael, Did you ever get your question answered ? Dee On Fri, 2003-09-12 at 07:17, Michael Sig Birkmose wrote: > Hi, > > I don't know if this is a good place to ask this question or if I should do > it at an qmail site... > > Anyhow we are setting up an server (running FreeBSD of course) with qmail as > MTA. We are interested in adding signatures to all our outgoing emails. > Is this possible to do on a SMTP level with qmail? The tricky part is that > it would be very nice if signatures also gets added to html mails... > > Cheers, -- W.D.McKinney (Dee) | Affordable E-Mail and Internet Solutions Alaska Wireless Systems | for Schools, Libraries, Clinics & Business' http://www.akwireless.net | Call 1-907-349-4308 From owner-freebsd-isp@FreeBSD.ORG Tue Sep 23 00:13:53 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EB85516A4B3 for ; Tue, 23 Sep 2003 00:13:53 -0700 (PDT) Received: from gisp.dk (62.79.61.146.adsl.aboes.tiscali.dk [62.79.61.146]) by mx1.FreeBSD.org (Postfix) with SMTP id 178A243F3F for ; Tue, 23 Sep 2003 00:13:52 -0700 (PDT) (envelope-from birkmose@gisp.dk) Received: (qmail 2854 invoked by uid 1001); 23 Sep 2003 07:26:04 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 23 Sep 2003 07:26:04 -0000 Date: Tue, 23 Sep 2003 09:26:04 +0200 (CEST) From: Michael Sig Birkmose To: "W.D. McKinney" In-Reply-To: <1064296479.2436.151.camel@papa.wdm.com> Message-ID: <20030923092526.K2798@server.gisp.dk> References: <000d01c37940$ed542b50$0301a8c0@mrwinslows> <1064296479.2436.151.camel@papa.wdm.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: FreeBSD-ISP Subject: Re: qmail and signatures X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Sep 2003 07:13:54 -0000 Hi! No unfortunatly :( Cheers, -- Michael Birkmose On Mon, 22 Sep 2003, W.D. McKinney wrote: > Michael, > > Did you ever get your question answered ? > > Dee > > On Fri, 2003-09-12 at 07:17, Michael Sig Birkmose wrote: > > Hi, > > > > I don't know if this is a good place to ask this question or if I should do > > it at an qmail site... > > > > Anyhow we are setting up an server (running FreeBSD of course) with qmail as > > MTA. We are interested in adding signatures to all our outgoing emails. > > Is this possible to do on a SMTP level with qmail? The tricky part is that > > it would be very nice if signatures also gets added to html mails... > > > > Cheers, > > -- > W.D.McKinney (Dee) | Affordable E-Mail and Internet Solutions > Alaska Wireless Systems | for Schools, Libraries, Clinics & Business' > http://www.akwireless.net | Call 1-907-349-4308 > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > From owner-freebsd-isp@FreeBSD.ORG Tue Sep 23 02:05:51 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7394716A4B3 for ; Tue, 23 Sep 2003 02:05:51 -0700 (PDT) Received: from mail.arc.net.my (nagano.arc.net.my [203.115.225.22]) by mx1.FreeBSD.org (Postfix) with ESMTP id F012643FE5 for ; Tue, 23 Sep 2003 02:05:49 -0700 (PDT) (envelope-from nick@arc.net.my) Received: from roponggi (roppongi.arc.net.my [203.115.225.83]) by mail.arc.net.my (iPlanet Messaging Server 5.1 Patch 1 (built Jun 6 2002)) with SMTP id <0HLN00292T8V15@mail.arc.net.my> for freebsd-isp@freebsd.org; Tue, 23 Sep 2003 17:05:19 +0800 (SGT) Date: Tue, 23 Sep 2003 17:07:04 +0800 From: Nick Kraal To: freebsd-isp@freebsd.org Message-id: <008d01c381b2$0e8d2a00$53e173cb@arc.net.my> MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 X-Mailer: Microsoft Outlook Express 6.00.2800.1158 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT X-Priority: 3 X-MSMail-priority: Normal References: <1063258944.19647.5.camel@dreamboy.private.aros.net> <20030922120911.GG36591@dds.nl> Subject: SSHD Patch X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Nick Kraal List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Sep 2003 09:05:51 -0000 We were patching our 4.8 servers with the sshd patch. Not so experienced in this, but get this output. How do we move on from this. Best regards, -nick/ aoto% patch < /root/patch/buffer46.patch Hmm... Looks like a new-style context diff to me... The text leading up to this was: -------------------------- |Index: crypto/openssh/buffer.c |=================================================================== |RCS file: /home/ncvs/src/crypto/openssh/buffer.c,v |retrieving revision 1.1.1.6 |retrieving revision 1.2 |diff -c -p -c -r1.1.1.6 -r1.2 |*** crypto/openssh/buffer.c 29 Jun 2002 11:33:59 -0000 1.1.1.6 |--- crypto/openssh/buffer.c 17 Sep 2003 00:58:33 -0000 1.2 -------------------------- File to patch: From owner-freebsd-isp@FreeBSD.ORG Tue Sep 23 02:18:45 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 63BAE16A4B3 for ; Tue, 23 Sep 2003 02:18:45 -0700 (PDT) Received: from mail.trueafrican.com (mail.trueafrican.com [212.88.98.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9924943FFB for ; Tue, 23 Sep 2003 02:18:42 -0700 (PDT) (envelope-from begj@trueafrican.com) Received: from mail.trueafrican.com ([127.0.0.1]) by localhost (mail.trueafrican.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 53076-10; Tue, 23 Sep 2003 12:21:35 +0300 (EAT) Received: by mail.trueafrican.com (Postfix, from userid 520) id 492F41637B2; Tue, 23 Sep 2003 12:21:35 +0300 (EAT) Date: Tue, 23 Sep 2003 12:21:35 +0300 (EAT) From: Joseph Begumisa To: Nick Kraal In-Reply-To: <008d01c381b2$0e8d2a00$53e173cb@arc.net.my> Message-ID: <20030923121506.R70439@mail.trueafrican.com> References: <1063258944.19647.5.camel@dreamboy.private.aros.net> <20030922120911.GG36591@dds.nl> <008d01c381b2$0e8d2a00$53e173cb@arc.net.my> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-isp@freebsd.org Subject: Re: SSHD Patch X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Sep 2003 09:18:45 -0000 hi, the security advisory gives all the directions needed to carry out the patching operation for ssh in the base system step by step. it looks to me that you aren't in the directory that you should be in i.e you should be in /usr/src (when running the patch command) then it wont ask you for the file to patch as it does now. Joseph. On Tue, 23 Sep 2003, Nick Kraal wrote: > We were patching our 4.8 servers with the sshd patch. Not so experienced in > this, but get this output. How do we move on from this. > > Best regards, > > -nick/ > > aoto% patch < /root/patch/buffer46.patch > Hmm... Looks like a new-style context diff to me... > The text leading up to this was: > -------------------------- > |Index: crypto/openssh/buffer.c > |=================================================================== > |RCS file: /home/ncvs/src/crypto/openssh/buffer.c,v > |retrieving revision 1.1.1.6 > |retrieving revision 1.2 > |diff -c -p -c -r1.1.1.6 -r1.2 > |*** crypto/openssh/buffer.c 29 Jun 2002 11:33:59 -0000 1.1.1.6 > |--- crypto/openssh/buffer.c 17 Sep 2003 00:58:33 -0000 1.2 > -------------------------- > File to patch: From owner-freebsd-isp@FreeBSD.ORG Tue Sep 23 02:38:31 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F04E916A4B3 for ; Tue, 23 Sep 2003 02:38:31 -0700 (PDT) Received: from mail.arc.net.my (nagano.arc.net.my [203.115.225.22]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1EAD444001 for ; Tue, 23 Sep 2003 02:38:31 -0700 (PDT) (envelope-from nick@arc.net.my) Received: from roponggi (roppongi.arc.net.my [203.115.225.83]) by mail.arc.net.my (iPlanet Messaging Server 5.1 Patch 1 (built Jun 6 2002)) with SMTP id <0HLN002AHUPD4D@mail.arc.net.my> for freebsd-isp@freebsd.org; Tue, 23 Sep 2003 17:36:49 +0800 (SGT) Date: Tue, 23 Sep 2003 17:38:33 +0800 From: Nick Kraal To: Joseph Begumisa Message-id: <00d301c381b6$74941a80$53e173cb@arc.net.my> MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 X-Mailer: Microsoft Outlook Express 6.00.2800.1158 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT X-Priority: 3 X-MSMail-priority: Normal References: <1063258944.19647.5.camel@dreamboy.private.aros.net> <20030922120911.GG36591@dds.nl> <008d01c381b2$0e8d2a00$53e173cb@arc.net.my> <20030923121506.R70439@mail.trueafrican.com> cc: freebsd-isp@freebsd.org Subject: Re: SSHD Patch X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Nick Kraal List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Sep 2003 09:38:32 -0000 Joseph, Thanks for your reply. Yup, read all the directions before mailing the mailing list. Saved the patch file in /root/patch and 'cd' to /usr/src. Even copied the patch files to /usr/src. And still get the message. Any ideas? -nick/ ----- Original Message ----- From: "Joseph Begumisa" To: "Nick Kraal" Cc: Sent: Tuesday, September 23, 2003 5:21 PM Subject: Re: SSHD Patch > > hi, > > the security advisory gives all the directions needed to carry out the > patching operation for ssh in the base system step by step. it looks to > me that you aren't in the directory that you should be in i.e you should > be in /usr/src (when running the patch command) then it wont ask you for > the file to patch as it does now. > > Joseph. > > On Tue, 23 Sep 2003, Nick Kraal wrote: > > > We were patching our 4.8 servers with the sshd patch. Not so experienced in > > this, but get this output. How do we move on from this. > > > > Best regards, > > > > -nick/ > > > > aoto% patch < /root/patch/buffer46.patch > > Hmm... Looks like a new-style context diff to me... > > The text leading up to this was: > > -------------------------- > > |Index: crypto/openssh/buffer.c > > |=================================================================== > > |RCS file: /home/ncvs/src/crypto/openssh/buffer.c,v > > |retrieving revision 1.1.1.6 > > |retrieving revision 1.2 > > |diff -c -p -c -r1.1.1.6 -r1.2 > > |*** crypto/openssh/buffer.c 29 Jun 2002 11:33:59 -0000 1.1.1.6 > > |--- crypto/openssh/buffer.c 17 Sep 2003 00:58:33 -0000 1.2 > > -------------------------- > > File to patch: > > From owner-freebsd-isp@FreeBSD.ORG Tue Sep 23 02:51:21 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D8C5016A4B3 for ; Tue, 23 Sep 2003 02:51:21 -0700 (PDT) Received: from mail.trueafrican.com (mail.trueafrican.com [212.88.98.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id A8E2C43FA3 for ; Tue, 23 Sep 2003 02:51:19 -0700 (PDT) (envelope-from begj@trueafrican.com) Received: from mail.trueafrican.com ([127.0.0.1]) by localhost (mail.trueafrican.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 71570-04; Tue, 23 Sep 2003 12:54:12 +0300 (EAT) Received: by mail.trueafrican.com (Postfix, from userid 520) id 462C51637AB; Tue, 23 Sep 2003 12:54:12 +0300 (EAT) Date: Tue, 23 Sep 2003 12:54:12 +0300 (EAT) From: Joseph Begumisa To: Nick Kraal In-Reply-To: <00d301c381b6$74941a80$53e173cb@arc.net.my> Message-ID: <20030923125324.B75618@mail.trueafrican.com> References: <1063258944.19647.5.camel@dreamboy.private.aros.net> <008d01c381b2$0e8d2a00$53e173cb@arc.net.my> <00d301c381b6$74941a80$53e173cb@arc.net.my> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-isp@freebsd.org Subject: Re: SSHD Patch X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Sep 2003 09:51:22 -0000 On Tue, 23 Sep 2003, Nick Kraal wrote: > Joseph, > > Thanks for your reply. Yup, read all the directions before mailing the > mailing list. Saved the patch file in /root/patch and 'cd' to /usr/src. Even > copied the patch files to /usr/src. And still get the message. Any ideas? > > -nick/ > do you have the crypto directory under /usr/src? Joseph. From owner-freebsd-isp@FreeBSD.ORG Tue Sep 23 17:14:00 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A639416A4B3; Tue, 23 Sep 2003 17:14:00 -0700 (PDT) Received: from munk.nu (mail.munk.nu [213.152.51.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5D4A543FFB; Tue, 23 Sep 2003 17:13:59 -0700 (PDT) (envelope-from munk@munk.nu) Received: from munk by munk.nu with local (Exim 4.22) id 1A1xI6-00012i-Rd; Wed, 24 Sep 2003 01:13:58 +0100 Date: Wed, 24 Sep 2003 01:13:58 +0100 From: Jez Hancock To: FreeBSD Security List , FreeBSD ISP List Message-ID: <20030924001358.GB901@users.munk.nu> Mail-Followup-To: FreeBSD Security List , FreeBSD ISP List Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="nVMJ2NtxeReIH9PS" Content-Disposition: inline User-Agent: Mutt/1.4.1i Sender: User Munk Subject: [da@securityfocus.com: ISS Security Brief: ProFTPD ASCII File Remote Compromise Vulnerability (fwd)] X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Sep 2003 00:14:00 -0000 --nVMJ2NtxeReIH9PS Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Recent proftpd security vulnerability release FYI. Ports has latest patched proftpd distribution. -- Jez http://www.munk.nu/ --nVMJ2NtxeReIH9PS Content-Type: message/rfc822 Content-Disposition: inline Received: from outgoing2.securityfocus.com ([205.206.231.26]) by munk.nu with esmtp (Exim 4.22) id 1A1sTY-000JnK-0k for jez.hancock@munk.nu; Tue, 23 Sep 2003 20:05:28 +0100 Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19]) by outgoing2.securityfocus.com (Postfix) with QMQP id 19F208FDBE; Tue, 23 Sep 2003 04:44:48 -0600 (MDT) Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm Precedence: bulk List-Id: List-Post: List-Help: List-Unsubscribe: List-Subscribe: Delivered-To: mailing list bugtraq@securityfocus.com Delivered-To: moderator for bugtraq@securityfocus.com Received: (qmail 29816 invoked from network); 23 Sep 2003 10:31:52 -0000 Date: Tue, 23 Sep 2003 10:25:54 -0600 (MDT) From: Dave Ahmad To: bugtraq@securityfocus.com Subject: ISS Security Brief: ProFTPD ASCII File Remote Compromise Vulnerability (fwd) Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Score: -103.8 (---------------------------------------------------) X-Spam-Status: No, hits=-103.8 required=6.0 tests=KNOWN_MAILING_LIST,PGP_SIGNATURE,USER_AGENT_PINE, USER_IN_WHITELIST version=2.55 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp) -----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security Brief September 23, 2003 ProFTPD ASCII File Remote Compromise Vulnerability Synopsis: ISS X-Force has discovered a flaw in the ProFTPD Unix FTP server. ProFTPD is a highly configurable FTP (File Transfer Protocol) server for Unix that allows for per-directory access restrictions, easy configuration of virtual FTP servers, and support for multiple authentication mechanisms. A flaw exists in the ProFTPD component that handles incoming ASCII file transfers. Impact: An attacker capable of uploading files to the vulnerable system can trigger a buffer overflow and execute arbitrary code to gain complete control of the system. Attackers may use this vulnerability to destroy, steal, or manipulate data on vulnerable FTP sites. Affected Versions: ProFTPD 1.2.7 ProFTPD 1.2.8 ProFTPD 1.2.8rc1 ProFTPD 1.2.8rc2 ProFTPD 1.2.9rc1 ProFTPD 1.2.9rc2 Note: Versions previous to version 1.2.7 may also be vulnerable. For the complete ISS X-Force Security Advisory, please visit: http://xforce.iss.net/xforce/alerts/id/154 ______ About Internet Security Systems (ISS) Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a pioneer and world leader in software and services that protect critical online resources from an ever-changing spectrum of threats and misuse. Internet Security Systems is headquartered in Atlanta, GA, with additional operations throughout the Americas, Asia, Australia, Europe and the Middle East. Copyright (c) 2003 Internet Security Systems, Inc. All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this document. It is not to be edited or altered in any way without the express written consent of the Internet Security Systems X-Force. If you wish to reprint the whole or any part of this document in any other medium excluding electronic media, please email xforce@iss.net for permission. Disclaimer: The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information. X-Force PGP Key available on MIT's PGP key server and PGP.com's key server, as well as at http://www.iss.net/security_center/sensitive.php Please send suggestions, updates, and comments to: X-Force xforce@iss.net of Internet Security Systems, Inc. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBP3BeFTRfJiV99eG9AQG2ngP/XopPpEYCbR6HSYhObaK+c2D32kwfiQEP CJqXmoljU661kBKvL2RclLF8tutegL3T44/5utBuVgzCWALSRrJiJgZMWafRtE7m lnl7V5Rzo7aEBxhmiaOqdLoNgzNd8NTtSkPrcFQZxjrQe9FvpIgsyiuY6ADNoDfH mXStpCwCFWg= =TZR3 -----END PGP SIGNATURE----- --nVMJ2NtxeReIH9PS-- From owner-freebsd-isp@FreeBSD.ORG Tue Sep 23 17:19:54 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6BFC316A4B3 for ; Tue, 23 Sep 2003 17:19:54 -0700 (PDT) Received: from munk.nu (mail.munk.nu [213.152.51.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2C99744020 for ; Tue, 23 Sep 2003 17:19:47 -0700 (PDT) (envelope-from munk@munk.nu) Received: from munk by munk.nu with local (Exim 4.22) id 1A1xNj-0001At-0j for freebsd-isp@freebsd.org; Wed, 24 Sep 2003 01:19:47 +0100 Date: Wed, 24 Sep 2003 01:19:46 +0100 From: Jez Hancock To: FreeBSD ISP List Message-ID: <20030924001946.GD901@users.munk.nu> Mail-Followup-To: FreeBSD ISP List Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="f0KYrhQ4vYSV2aJu" Content-Disposition: inline User-Agent: Mutt/1.4.1i Sender: User Munk Subject: [da@securityfocus.com: ISS Security Brief: ProFTPD ASCII File Remote Compromise Vulnerability (fwd)] X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Sep 2003 00:19:54 -0000 --f0KYrhQ4vYSV2aJu Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Recent proftpd security vulnerability release FYI. Ports has latest patched proftpd distribution. -- Jez http://www.munk.nu/ --f0KYrhQ4vYSV2aJu Content-Type: message/rfc822 Content-Disposition: inline Received: from outgoing2.securityfocus.com ([205.206.231.26]) by munk.nu with esmtp (Exim 4.22) id 1A1sTY-000JnK-0k for jez.hancock@munk.nu; Tue, 23 Sep 2003 20:05:28 +0100 Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19]) by outgoing2.securityfocus.com (Postfix) with QMQP id 19F208FDBE; Tue, 23 Sep 2003 04:44:48 -0600 (MDT) Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm Precedence: bulk List-Id: List-Post: List-Help: List-Unsubscribe: List-Subscribe: Delivered-To: mailing list bugtraq@securityfocus.com Delivered-To: moderator for bugtraq@securityfocus.com Received: (qmail 29816 invoked from network); 23 Sep 2003 10:31:52 -0000 Date: Tue, 23 Sep 2003 10:25:54 -0600 (MDT) From: Dave Ahmad To: bugtraq@securityfocus.com Subject: ISS Security Brief: ProFTPD ASCII File Remote Compromise Vulnerability (fwd) Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Score: -103.8 (---------------------------------------------------) X-Spam-Status: No, hits=-103.8 required=6.0 tests=KNOWN_MAILING_LIST,PGP_SIGNATURE,USER_AGENT_PINE, USER_IN_WHITELIST version=2.55 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp) -----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Security Brief September 23, 2003 ProFTPD ASCII File Remote Compromise Vulnerability Synopsis: ISS X-Force has discovered a flaw in the ProFTPD Unix FTP server. ProFTPD is a highly configurable FTP (File Transfer Protocol) server for Unix that allows for per-directory access restrictions, easy configuration of virtual FTP servers, and support for multiple authentication mechanisms. A flaw exists in the ProFTPD component that handles incoming ASCII file transfers. Impact: An attacker capable of uploading files to the vulnerable system can trigger a buffer overflow and execute arbitrary code to gain complete control of the system. Attackers may use this vulnerability to destroy, steal, or manipulate data on vulnerable FTP sites. Affected Versions: ProFTPD 1.2.7 ProFTPD 1.2.8 ProFTPD 1.2.8rc1 ProFTPD 1.2.8rc2 ProFTPD 1.2.9rc1 ProFTPD 1.2.9rc2 Note: Versions previous to version 1.2.7 may also be vulnerable. For the complete ISS X-Force Security Advisory, please visit: http://xforce.iss.net/xforce/alerts/id/154 ______ About Internet Security Systems (ISS) Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a pioneer and world leader in software and services that protect critical online resources from an ever-changing spectrum of threats and misuse. Internet Security Systems is headquartered in Atlanta, GA, with additional operations throughout the Americas, Asia, Australia, Europe and the Middle East. Copyright (c) 2003 Internet Security Systems, Inc. All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this document. It is not to be edited or altered in any way without the express written consent of the Internet Security Systems X-Force. If you wish to reprint the whole or any part of this document in any other medium excluding electronic media, please email xforce@iss.net for permission. Disclaimer: The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information. X-Force PGP Key available on MIT's PGP key server and PGP.com's key server, as well as at http://www.iss.net/security_center/sensitive.php Please send suggestions, updates, and comments to: X-Force xforce@iss.net of Internet Security Systems, Inc. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBP3BeFTRfJiV99eG9AQG2ngP/XopPpEYCbR6HSYhObaK+c2D32kwfiQEP CJqXmoljU661kBKvL2RclLF8tutegL3T44/5utBuVgzCWALSRrJiJgZMWafRtE7m lnl7V5Rzo7aEBxhmiaOqdLoNgzNd8NTtSkPrcFQZxjrQe9FvpIgsyiuY6ADNoDfH mXStpCwCFWg= =TZR3 -----END PGP SIGNATURE----- --f0KYrhQ4vYSV2aJu-- From owner-freebsd-isp@FreeBSD.ORG Tue Sep 23 17:23:21 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 635C816A4B3 for ; Tue, 23 Sep 2003 17:23:21 -0700 (PDT) Received: from inetbml02.citec.qld.gov.au (inetbml02.citec.qld.gov.au [203.5.10.211]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3D2F443FE0 for ; Tue, 23 Sep 2003 17:23:20 -0700 (PDT) (envelope-from sgcccdc@citec.qld.gov.au) Received: from inetbml1.citec.qld.gov.au (inetbml1.citec.qld.gov.au [147.132.176.90]) by inetbml02.citec.qld.gov.au (Postfix) with ESMTP id AD34B93B78 for ; Wed, 24 Sep 2003 10:23:18 +1000 (EST) Received: from guru.citec.qld.gov.au (ux11003313.pclan.citec.com.au [147.132.22.88]) by inetbml1.citec.qld.gov.au (Postfix) with ESMTP id 6D407603AD for ; Wed, 24 Sep 2003 10:23:18 +1000 (EST) Received: from guru.citec.qld.gov.au (localhost.citec.qld.gov.au [127.0.0.1]) by guru.citec.qld.gov.au (Postfix) with SMTP id 081C2D92A for ; Wed, 24 Sep 2003 10:23:18 +1000 (EST) Date: Wed, 24 Sep 2003 10:23:17 +1000 From: Colin Campbell To: freebsd-isp@freebsd.org Message-Id: <20030924102317.7b4eea6f.sgcccdc@citec.qld.gov.au> In-Reply-To: <1064296479.2436.151.camel@papa.wdm.com> References: <000d01c37940$ed542b50$0301a8c0@mrwinslows> <1064296479.2436.151.camel@papa.wdm.com> Organization: Citec X-Mailer: Sylpheed version 0.8.9 (GTK+ 1.2.10; i386-unknown-freebsd4.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: qmail and signatures X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Sep 2003 00:23:21 -0000 Hi, On Mon, 22 Sep 2003 21:54:39 -0800 "W.D. McKinney" wrote: > Michael, > > Did you ever get your question answered ? > > Dee > > On Fri, 2003-09-12 at 07:17, Michael Sig Birkmose wrote: > > Hi, > > > > I don't know if this is a good place to ask this question or if I should do > > it at an qmail site... > > > > Anyhow we are setting up an server (running FreeBSD of course) with qmail as > > MTA. We are interested in adding signatures to all our outgoing emails. > > Is this possible to do on a SMTP level with qmail? The tricky part is that > > it would be very nice if signatures also gets added to html mails... This question is asked frequently on the postfix-users list. The answer is that you can't do it reliably. If the message is plain text you are fine but once you introduce MIME you have problems. You can't just tack the signature on the bottom because it breaks all the mime encoding. You have to basically disassembl;e the message and reassemble it with a new mime section, the signature. This can conveniently be done using a content filter. Colin -- Colin Campbell Unix Support/Postmaster/Hostmaster Citec +61 7 3227 6334 From owner-freebsd-isp@FreeBSD.ORG Tue Sep 23 17:27:55 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C4B7916A4B3 for ; Tue, 23 Sep 2003 17:27:55 -0700 (PDT) Received: from webmail.akwireless.net (webmail.akwireless.net [192.189.218.15]) by mx1.FreeBSD.org (Postfix) with SMTP id AB76443FF5 for ; Tue, 23 Sep 2003 17:27:54 -0700 (PDT) (envelope-from dee@akwireless.net) Received: (qmail 22904 invoked from network); 24 Sep 2003 00:27:54 -0000 Received: from unknown (HELO papa.wdm.com) (127.0.0.1) by 0 with SMTP; 24 Sep 2003 00:27:54 -0000 From: "W.D. McKinney" To: FreeBSD-ISP In-Reply-To: <20030924102317.7b4eea6f.sgcccdc@citec.qld.gov.au> References: <000d01c37940$ed542b50$0301a8c0@mrwinslows> <1064296479.2436.151.camel@papa.wdm.com> <20030924102317.7b4eea6f.sgcccdc@citec.qld.gov.au> Content-Type: text/plain Message-Id: <1064363371.3975.100.camel@papa.wdm.com> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.4 Rubber Turnip www.usr-local-bin.org Date: Tue, 23 Sep 2003 16:29:32 -0800 Content-Transfer-Encoding: 7bit Subject: Re: qmail and signatures X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Sep 2003 00:27:55 -0000 I know of a patch for qmail that does allow for this. So, yes, we can do this with qmail, reliably. And, yes, it's a frequent question on all MTA lists for sure. Dee On Tue, 2003-09-23 at 16:23, Colin Campbell wrote: > Hi, > > On Mon, 22 Sep 2003 21:54:39 -0800 > "W.D. McKinney" wrote: > > > Michael, > > > > Did you ever get your question answered ? > > > > Dee > > > > On Fri, 2003-09-12 at 07:17, Michael Sig Birkmose wrote: > > > Hi, > > > > > > I don't know if this is a good place to ask this question or if I should do > > > it at an qmail site... > > > > > > Anyhow we are setting up an server (running FreeBSD of course) with qmail as > > > MTA. We are interested in adding signatures to all our outgoing emails. > > > Is this possible to do on a SMTP level with qmail? The tricky part is that > > > it would be very nice if signatures also gets added to html mails... > > This question is asked frequently on the postfix-users list. The answer is that > you can't do it reliably. If the message is plain text you are fine but once you > introduce MIME you have problems. You can't just tack the signature on the > bottom because it breaks all the mime encoding. You have to basically > disassembl;e the message and reassemble it with a new mime section, the > signature. This can conveniently be done using a content filter. > > > Colin > -- > Colin Campbell > Unix Support/Postmaster/Hostmaster > Citec > +61 7 3227 6334 > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" -- W.D.McKinney (Dee) | Affordable E-Mail and Internet Solutions Alaska Wireless Systems | for Schools, Libraries, Clinics & Business' http://www.akwireless.net | Call 1-907-349-4308 From owner-freebsd-isp@FreeBSD.ORG Tue Sep 23 23:29:26 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 84E5E16A4B3 for ; Tue, 23 Sep 2003 23:29:26 -0700 (PDT) Received: from mail.arc.net.my (nagano.arc.net.my [203.115.225.22]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7991843FEC for ; Tue, 23 Sep 2003 23:29:19 -0700 (PDT) (envelope-from nick@arc.net.my) Received: from roponggi (roppongi.arc.net.my [203.115.225.83]) by mail.arc.net.my (iPlanet Messaging Server 5.1 Patch 1 (built Jun 6 2002)) with SMTP id <0HLP00881GHHQT@mail.arc.net.my> for freebsd-isp@freebsd.org; Wed, 24 Sep 2003 14:24:53 +0800 (SGT) Date: Wed, 24 Sep 2003 14:26:15 +0800 From: Nick Kraal To: Joseph Begumisa Message-id: <015a01c38264$c225bf20$53e173cb@arc.net.my> MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 X-Mailer: Microsoft Outlook Express 6.00.2800.1158 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT X-Priority: 3 X-MSMail-priority: Normal References: <1063258944.19647.5.camel@dreamboy.private.aros.net> <20030922120911.GG36591@dds.nl> <008d01c381b2$0e8d2a00$53e173cb@arc.net.my> <20030923121506.R70439@mail.trueafrican.com> <00d301c381b6$74941a80$53e173cb@arc.net.my> <20030923125324.B75618@mail.trueafrican.com> cc: freebsd-isp@freebsd.org Subject: Re: SSHD Patch X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Nick Kraal List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Sep 2003 06:29:26 -0000 Nope. The only file/directory in /usr/src is sys. The crypto directory is under /usr/src/sys aoto% pwd /usr/src/sys/crypto aoto% lf blowfish/ des/ md5.h rijndael/ sha1.h cast128/ md5.c rc4/ sha1.c sha2/ -nick/ ----- Original Message ----- From: "Joseph Begumisa" To: "Nick Kraal" Cc: Sent: Tuesday, September 23, 2003 5:54 PM Subject: Re: SSHD Patch > On Tue, 23 Sep 2003, Nick Kraal wrote: > > > Joseph, > > > > Thanks for your reply. Yup, read all the directions before mailing the > > mailing list. Saved the patch file in /root/patch and 'cd' to /usr/src. Even > > copied the patch files to /usr/src. And still get the message. Any ideas? > > > > -nick/ > > > > do you have the crypto directory under /usr/src? > > Joseph. From owner-freebsd-isp@FreeBSD.ORG Tue Sep 23 23:55:59 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B6E0716A4B3 for ; Tue, 23 Sep 2003 23:55:59 -0700 (PDT) Received: from surfeu.fi (mailbox.surfeu.fi [213.173.154.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8674D43FF9 for ; Tue, 23 Sep 2003 23:55:58 -0700 (PDT) (envelope-from vezku@surfeu.fi) Received: from [213.173.154.9] (HELO surfeu.fi) by surfeu.fi (CommuniGate Pro SMTP 3.4.1) with SMTP id 51922419 for freebsd-isp@freebsd.org; Wed, 24 Sep 2003 09:55:56 +0300 Received: from 62.142.81.6 (SquirrelMail authenticated user vezku) by redbull.tiscali.fi with HTTP; Wed, 24 Sep 2003 09:48:10 +0300 (EEST) Message-ID: <4878.62.142.81.6.1064386090.squirrel@redbull.tiscali.fi> Date: Wed, 24 Sep 2003 09:48:10 +0300 (EEST) From: To: X-Priority: 3 Importance: Normal X-Mailer: SquirrelMail (version 1.2.11) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Subject: static ARP X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Sep 2003 06:55:59 -0000 Hi all, I was thinking about the following scenario. I have one interface in my BSD router that serves a private network. Is it possible to disable ARP on that interface and make static ARP entries on router? I'm looking for a way to allow only certain MAC addresses to access via this interface. I do know it's only false security, but it would prevent people adding easily unauthorized computers. And since there are only about 10 comps in this particular network, maintaining static ARP entries would not be worksome. I would not like to get into bridging if this works. -Vesa, SysAdmin From owner-freebsd-isp@FreeBSD.ORG Wed Sep 24 00:25:53 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 18D7616A4B3 for ; Wed, 24 Sep 2003 00:25:53 -0700 (PDT) Received: from mail.trueafrican.com (mail.trueafrican.com [212.88.98.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id E318E43F75 for ; Wed, 24 Sep 2003 00:25:48 -0700 (PDT) (envelope-from begj@trueafrican.com) Received: from mail.trueafrican.com ([127.0.0.1]) by localhost (mail.trueafrican.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 16776-02; Wed, 24 Sep 2003 10:28:38 +0300 (EAT) Received: by mail.trueafrican.com (Postfix, from userid 520) id DA73E1637A3; Wed, 24 Sep 2003 10:28:38 +0300 (EAT) Date: Wed, 24 Sep 2003 10:28:38 +0300 (EAT) From: Joseph Begumisa To: Nick Kraal In-Reply-To: <015a01c38264$c225bf20$53e173cb@arc.net.my> Message-ID: <20030924101503.A18103@mail.trueafrican.com> References: <1063258944.19647.5.camel@dreamboy.private.aros.net> <008d01c381b2$0e8d2a00$53e173cb@arc.net.my> <00d301c381b6$74941a80$53e173cb@arc.net.my> <015a01c38264$c225bf20$53e173cb@arc.net.my> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-isp@freebsd.org Subject: Re: SSHD Patch X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Sep 2003 07:25:53 -0000 On Wed, 24 Sep 2003, Nick Kraal wrote: > Nope. The only file/directory in /usr/src is sys. The crypto directory is > under /usr/src/sys > > aoto% pwd > /usr/src/sys/crypto > aoto% lf > blowfish/ des/ md5.h rijndael/ sha1.h > cast128/ md5.c rc4/ sha1.c sha2/ > > -nick/ So you found the problem. You don't have the sources so the file to patch cannot be found. Run a cvsup to download the sources. I suppose by now all corrections have been made to the souces. Therefore no patch will be needed after the download except having to run a make world to build and install the sources. Joseph. From owner-freebsd-isp@FreeBSD.ORG Wed Sep 24 03:51:16 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 877BC16A4B3 for ; Wed, 24 Sep 2003 03:51:16 -0700 (PDT) Received: from supermail.ispro.net.tr (supermail.ispro.net.tr [217.21.68.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id 78BD743FCB for ; Wed, 24 Sep 2003 03:51:13 -0700 (PDT) (envelope-from yurtesen@ispro.net.tr) Received: (qmail 13464 invoked by uid 0); 24 Sep 2003 10:51:09 -0000 Received: from opisadsl.tekniikka.turkuamk.fi (HELO ispro.net.tr) (yurtesen@ispro.net.tr@193.166.136.253) by supermail.ispro.net.tr with AES256-SHA encrypted SMTP; 24 Sep 2003 10:51:09 -0000 Message-ID: <3F720398.8020805@ispro.net.tr> Date: Wed, 24 Sep 2003 13:50:32 -0700 From: Evren Yurtesen User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5b) Gecko/20030808 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Martin Jessa References: <20030924123420.26140297.freebsd@yazzy.org> In-Reply-To: <20030924123420.26140297.freebsd@yazzy.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by IsproNET cc: freebsd-isp Subject: Re: 4 network segments and dhcpd X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Sep 2003 10:51:16 -0000 You cant use 192.168.100.1 gw for 192.168.101/24 network the gw should be an IP address inside the network. You should define multiple IP addresses to your gw interface, lets say 192.168.100.1 mask 255.255.255.0 192.168.101.1 mask 255.255.255.0 192.168.102.1 mask 255.255.255.0 Then define these networks in your dhcp server separately so that if a user gets ip from 192.168.101.0/24 network the gw will be set to 192.168.101.1. You can also increase the number of IP addresses in your 192.168.100.0/24 network by decreasing the mask by using mask 255.255.252.0 then tell your dhcp server to give IP's in between 192.168.100.2-192.168.110.103.254 But I still suggest you to use PPPoE instead of this :) A lot less trouble and supported in FreeBSD ppp implementation with radius support. Plus by using something like mikrotik routeros you can limit the bandwidth at the same time from radius server. Evren Martin Jessa wrote: > Hi. > > I have a wireless network with a FreeBSD router acting as a poptop vpn server. > To extend the amount of my clients I have to add 3 extra network segments, each with /24, ie 192.168.100.0, 192.168.101.0, 192.168.102.0 and 192.168.103.0 > Each of the clients connects to our wireless equipement, gets his IP from dhcpd with a default route to 192.168.0.1. > Then when he logs in creating vpn tunnel over pptp he receives a static IP from our radius server and his bandwith is throttled. > How can I run a dhcpd for four network segments? > How can I solve that so all the users can use 192.168.100.1 as their default gw? > Or should each of the users rather use the first IP from his segment as his default gw? > I assume I would need a 255.255.252.0 > > > Address: 192.168.100.0 > Netmask: 255.255.252.0 = 22 > Wildcard: 0.0.3.255 > Network: 192.168.100.0/22 (Class C) > Broadcast: 192.168.103.255 > HostMin: 192.168.100.1 > HostMax: 192.168.103.254 > Hosts/Net: 1022 (Private Internet RFC 1918) > > > YazzY From owner-freebsd-isp@FreeBSD.ORG Wed Sep 24 05:07:40 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F3DED16A4B3 for ; Wed, 24 Sep 2003 05:07:39 -0700 (PDT) Received: from mail.arc.net.my (nagano.arc.net.my [203.115.225.22]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5BF9744014 for ; Wed, 24 Sep 2003 05:07:38 -0700 (PDT) (envelope-from nick@arc.net.my) Received: from roponggi (roppongi.arc.net.my [203.115.225.83]) by mail.arc.net.my (iPlanet Messaging Server 5.1 Patch 1 (built Jun 6 2002)) with SMTP id <0HLP00AG2VPVFL@mail.arc.net.my> for freebsd-isp@freebsd.org; Wed, 24 Sep 2003 19:53:55 +0800 (SGT) Date: Wed, 24 Sep 2003 19:53:12 +0800 From: Nick Kraal To: Joseph Begumisa Message-id: <029e01c38292$7b2eb300$53e173cb@arc.net.my> MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 X-Mailer: Microsoft Outlook Express 6.00.2800.1158 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT X-Priority: 3 X-MSMail-priority: Normal References: <1063258944.19647.5.camel@dreamboy.private.aros.net> <20030922120911.GG36591@dds.nl> <008d01c381b2$0e8d2a00$53e173cb@arc.net.my> <20030923121506.R70439@mail.trueafrican.com> <00d301c381b6$74941a80$53e173cb@arc.net.my> <20030923125324.B75618@mail.trueafrican.com> <015a01c38264$c225bf20$53e173cb@arc.net.my> <20030924101503.A18103@mail.trueafrican.com> cc: freebsd-isp@freebsd.org Subject: Re: SSHD Patch X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Nick Kraal List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Sep 2003 12:07:40 -0000 Thanks there Joseph!! Will get cracking on this then. -nick/ ----- Original Message ----- From: "Joseph Begumisa" To: "Nick Kraal" Cc: Sent: Wednesday, September 24, 2003 3:28 PM Subject: Re: SSHD Patch > On Wed, 24 Sep 2003, Nick Kraal wrote: > > > Nope. The only file/directory in /usr/src is sys. The crypto directory is > > under /usr/src/sys > > > > aoto% pwd > > /usr/src/sys/crypto > > aoto% lf > > blowfish/ des/ md5.h rijndael/ sha1.h > > cast128/ md5.c rc4/ sha1.c sha2/ > > > > -nick/ > > So you found the problem. You don't have the sources so the file to patch > cannot be found. Run a cvsup to download the sources. I suppose by now > all corrections have been made to the souces. Therefore no patch will be > needed after the download except having to run a make world to build and > install the sources. > > Joseph. From owner-freebsd-isp@FreeBSD.ORG Thu Sep 25 23:14:56 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2486F16A4B3 for ; Thu, 25 Sep 2003 23:14:56 -0700 (PDT) Received: from avalon.pptus.ru (avalon.pptus.ru [212.73.100.133]) by mx1.FreeBSD.org (Postfix) with ESMTP id C90C843FDF for ; Thu, 25 Sep 2003 23:14:54 -0700 (PDT) (envelope-from alexei@pptus.ru) Received: from avalon.pptus.ru (avalon.pptus.ru [212.73.100.133]) by avalon.pptus.ru (Postfix) with ESMTP id 99A3EF84E for ; Fri, 26 Sep 2003 10:14:52 +0400 (MSD) Date: Fri, 26 Sep 2003 10:14:52 +0400 (MSD) From: Alexei Evdokimov To: freebsd-isp@freebsd.org In-Reply-To: <4878.62.142.81.6.1064386090.squirrel@redbull.tiscali.fi> Message-ID: <20030926095646.E96986@avalon.pptus.ru> References: <4878.62.142.81.6.1064386090.squirrel@redbull.tiscali.fi> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: Re: static ARP X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Sep 2003 06:14:56 -0000 On Wed, 24 Sep 2003 vezku@surfeu.fi wrote: > I was thinking about the following scenario. I have one interface in my > BSD router that serves a private network. > > Is it possible to disable ARP on that interface and make static ARP > entries on router? I'm looking for a way to allow only certain MAC > addresses to access via this interface. I do know it's only false > security, but it would prevent people adding easily unauthorized > computers. And since there are only about 10 comps in this particular > network, maintaining static ARP entries would not be worksome. > > I would not like to get into bridging if this works. Parameter -arp will disable ARP on the interface: ifconfig ... -arp To set static ARP table write authorized pairs ip:mac in a file and load it it in the table: arp -f file -- Alexei Evdokimov alexei@pptus.ru From owner-freebsd-isp@FreeBSD.ORG Fri Sep 26 00:08:10 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C244E16A4BF for ; Fri, 26 Sep 2003 00:08:10 -0700 (PDT) Received: from avalon.pptus.ru (avalon.pptus.ru [212.73.100.133]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6877143FE3 for ; Fri, 26 Sep 2003 00:08:09 -0700 (PDT) (envelope-from alexei@pptus.ru) Received: from avalon.pptus.ru (avalon.pptus.ru [212.73.100.133]) by avalon.pptus.ru (Postfix) with ESMTP id 4992FF84E for ; Fri, 26 Sep 2003 11:08:05 +0400 (MSD) Date: Fri, 26 Sep 2003 11:08:05 +0400 (MSD) From: Alexei Evdokimov To: freebsd-isp@freebsd.org In-Reply-To: <20030926095646.E96986@avalon.pptus.ru> Message-ID: <20030926104610.U96986@avalon.pptus.ru> References: <4878.62.142.81.6.1064386090.squirrel@redbull.tiscali.fi> <20030926095646.E96986@avalon.pptus.ru> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: Re: static ARP X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Sep 2003 07:08:10 -0000 On Fri, 26 Sep 2003, Alexei Evdokimov wrote: > > I was thinking about the following scenario. I have one interface in my > > BSD router that serves a private network. > > > > Is it possible to disable ARP on that interface and make static ARP > > entries on router? I'm looking for a way to allow only certain MAC > > addresses to access via this interface. I do know it's only false > > security, but it would prevent people adding easily unauthorized > > computers. And since there are only about 10 comps in this particular > > network, maintaining static ARP entries would not be worksome. > > > > I would not like to get into bridging if this works. > > Parameter -arp will disable ARP on the interface: > > ifconfig ... -arp > > To set static ARP table write authorized pairs ip:mac in a file > and load it it in the table: > > arp -f file Unfortunatly with -arp parameter the router won't reply to ARP request about his address so you need to manually add ARP record about the router to each host's ARP table or you can try Ruslan Ermilov's patch (posted in freebsd security list a couple days ago) which solve this problem. -- Alexei Evdokimov alexei@pptus.ru From owner-freebsd-isp@FreeBSD.ORG Fri Sep 26 03:04:58 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8CAE216A4B3 for ; Fri, 26 Sep 2003 03:04:58 -0700 (PDT) Received: from web10010.mail.yahoo.com (web10010.mail.yahoo.com [216.136.128.121]) by mx1.FreeBSD.org (Postfix) with SMTP id 9CE7D44028 for ; Fri, 26 Sep 2003 03:04:57 -0700 (PDT) (envelope-from lowbeeleng@yahoo.com) Message-ID: <20030926100457.38535.qmail@web10010.mail.yahoo.com> Received: from [203.106.78.237] by web10010.mail.yahoo.com via HTTP; Fri, 26 Sep 2003 03:04:57 PDT Date: Fri, 26 Sep 2003 03:04:57 -0700 (PDT) From: low bee leng To: freebsd-isp@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: ATM requirement information X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Sep 2003 10:04:58 -0000 What kind of software and hardware technology needed to implement the below ATM system. The below is the requirement information for development a ATM machine 120 inquires entered at each branch in the busiest hour 120 replies received at each branch in the busiest hour Resources: Operating environment 23 characters in each inquiry 65 characters in each reply 100 msec for the computer center to process a inquiry 2 modem turnaround required per inquiry 10-msec modem turnaround time (inbound) 0-msec modem turnaround (outbound) 8 characters per poll 8 bits per character 8 overhead characters per message lines line speed in 56 kbps lines are full-duplex line error rate is 1 bit per 100,000 design goals 95% transaction to be handled within 2 sec, response time --------------------------------- Do you Yahoo!? The New Yahoo! Shopping - with improved product search