From owner-freebsd-isp@FreeBSD.ORG Sun Jan 4 19:36:11 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 905E816A4CE for ; Sun, 4 Jan 2004 19:36:11 -0800 (PST) Received: from otter3.centtech.com (moat3.centtech.com [207.200.51.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4952B43D31 for ; Sun, 4 Jan 2004 19:36:10 -0800 (PST) (envelope-from anderson@centtech.com) Received: from centtech.com ([192.168.42.24]) by otter3.centtech.com (8.12.3/8.12.3) with ESMTP id i053a86T079025; Sun, 4 Jan 2004 21:36:08 -0600 (CST) (envelope-from anderson@centtech.com) Message-ID: <3FF8DB8F.5060902@centtech.com> Date: Sun, 04 Jan 2004 21:35:43 -0600 From: Eric Anderson User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Justin Hopper References: <1073197690.2074.45.camel@work.gusalmighty.com> In-Reply-To: <1073197690.2074.45.camel@work.gusalmighty.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-isp@freebsd.org Subject: Re: mod_frontpage vulnerability? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Jan 2004 03:36:11 -0000 Justin Hopper wrote: >On Sat, 2004-01-03 at 20:57, Peter Brezny wrote: > > >>Greetings, >> >>I wanted to know if any of you have experienced recent problems running >>mod_frontpage. >> >> > >Are you sure the problems were with mod_frontpage or with the Server >Extensions? I haven't seen many problems with mod_frontpage, but the >Server Extensions often have problems (and they're not Open Source, so >they are difficult to work with). > > On a side note - are there any good docs on setting this up (server extensions and all) for virtual hosting? Also - Justin, I noticed on the bsdhosting.net site, you have a "root server" option - is that using jails? vmware servers? And what tools do must of you use for "control panel" apps? Eric -- ------------------------------------------------------------------ Eric Anderson Systems Administrator Centaur Technology All generalizations are false, including this one. ------------------------------------------------------------------ From owner-freebsd-isp@FreeBSD.ORG Tue Jan 6 13:27:08 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9325816A4CE for ; Tue, 6 Jan 2004 13:27:08 -0800 (PST) Received: from out004.verizon.net (out004pub.verizon.net [206.46.170.142]) by mx1.FreeBSD.org (Postfix) with ESMTP id 20AEC43D53 for ; Tue, 6 Jan 2004 13:27:07 -0800 (PST) (envelope-from fbsd@webwingsnet.com) Received: from web-roost1 ([4.8.68.143]) by out004.verizon.net (InterMail vM.5.01.06.06 201-253-122-130-106-20030910) with ESMTP id <20040106212706.MEQY12902.out004.verizon.net@web-roost1> for ; Tue, 6 Jan 2004 15:27:06 -0600 Message-ID: <200401061627060502.25C8C57F@outgoing.verizon.net> X-Mailer: Courier 3.50.00.01.1085 (http://www.rosecitysoftware.com) (K) Date: Tue, 06 Jan 2004 16:27:06 -0500 From: "Russell Dickson" To: freebsd-isp@freebsd.org Content-Type: text/plain; charset="us-ascii" X-Authentication-Info: Submitted using SMTP AUTH at out004.verizon.net from [4.8.68.143] at Tue, 6 Jan 2004 15:27:06 -0600 Subject: resources for mhash X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Jan 2004 21:27:08 -0000 Hello, I have a public server running FreeBSD 4.7, Apache 1.23.55 and PHP 4.2.3, and want to install mHash compiled into PHP. I would like to know how heavy mHash might be on resources, mostly if it takes much RAM and how much it adds to the web daemon? Also, if any has had any serious problems installing mHash? I've searched the web and archives with little success for anything on mHash. Installation problems that I've seen are mainly with other systems. BTW, mHash is required for the new Authorize.Net integration methods. There doesn't seem to be an alternative. Any information in this direction is very much appreciated. Russell Dickson Web Wings Net Web Hosting & Design Solutions http://WebWingsNet.com Wings@WebWingsNet.com 941-379-2167 (Voice/Fax) 866-379-2167 (Toll Free/US) From owner-freebsd-isp@FreeBSD.ORG Wed Jan 7 08:08:15 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 02D4916A4CE for ; Wed, 7 Jan 2004 08:08:15 -0800 (PST) Received: from inbox.nyi.net (inbox-reverse.nyi.net [66.111.15.35]) by mx1.FreeBSD.org (Postfix) with SMTP id B5A5D43D49 for ; Wed, 7 Jan 2004 08:08:13 -0800 (PST) (envelope-from darek@nyi.net) Received: (qmail 93872 invoked by uid 79); 7 Jan 2004 16:04:37 -0000 Received: from unknown (HELO nyi.net) (64.90.164.230) by 0 with SMTP; 7 Jan 2004 16:04:37 -0000 Message-ID: <3FFC2EEB.6040503@nyi.net> Date: Wed, 07 Jan 2004 11:08:11 -0500 From: Darek M User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.6b) Gecko/20031205 Thunderbird/0.4 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-isp@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: logging/counting network CRCs on an interface X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Jan 2004 16:08:15 -0000 Hi guys, I hope this is the right list to post this to. I looked around online but could not find much info. I want to see a count of packets that arrived on an ethernet interface that had CRC errors in them. From what I understand, the network driver keeps track of the info. The problem is making that info available higher up for a program like ifconfig, or some custom console app. But if the procedure is much simpler than this, and there's a package already available, I'm all ears. Thanks for any pointers. From owner-freebsd-isp@FreeBSD.ORG Wed Jan 7 08:15:51 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0CD2216A4CE for ; Wed, 7 Jan 2004 08:15:51 -0800 (PST) Received: from otter3.centtech.com (moat3.centtech.com [207.200.51.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 89EF243D1F for ; Wed, 7 Jan 2004 08:15:48 -0800 (PST) (envelope-from anderson@centtech.com) Received: from centtech.com (neutrino.centtech.com [10.177.171.220]) by otter3.centtech.com (8.12.3/8.12.3) with ESMTP id i07GFl6T000600; Wed, 7 Jan 2004 10:15:47 -0600 (CST) (envelope-from anderson@centtech.com) Message-ID: <3FFC309F.5090700@centtech.com> Date: Wed, 07 Jan 2004 10:15:27 -0600 From: Eric Anderson User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Darek M References: <3FFC2EEB.6040503@nyi.net> In-Reply-To: <3FFC2EEB.6040503@nyi.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-isp@freebsd.org Subject: Re: logging/counting network CRCs on an interface X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Jan 2004 16:15:51 -0000 Darek M wrote: > Hi guys, > > I hope this is the right list to post this to. > > I looked around online but could not find much info. I want to see a > count of packets that arrived on an ethernet interface that had CRC > errors in them. > > From what I understand, the network driver keeps track of the info. > The problem is making that info available higher up for a program like > ifconfig, or some custom console app. > > But if the procedure is much simpler than this, and there's a package > already available, I'm all ears. I thought netstat included them in it's in/out packet errors, but now that I check, I'm not certain. See: man ifnet look for "ifi_ierrors" Somewhat ambiguous as to what it includes.. Eric -- ------------------------------------------------------------------ Eric Anderson Systems Administrator Centaur Technology All generalizations are false, including this one. ------------------------------------------------------------------ From owner-freebsd-isp@FreeBSD.ORG Wed Jan 7 09:28:51 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 165B516A4CE for ; Wed, 7 Jan 2004 09:28:51 -0800 (PST) Received: from tomts22-srv.bellnexxia.net (tomts22.bellnexxia.net [209.226.175.184]) by mx1.FreeBSD.org (Postfix) with ESMTP id D7B2643D3F for ; Wed, 7 Jan 2004 09:28:46 -0800 (PST) (envelope-from freeman@cs.dal.ca) Received: from [192.168.1.4] ([65.93.82.31]) by tomts22-srv.bellnexxia.net ESMTP <20040107172844.REAH26187.tomts22-srv.bellnexxia.net@[192.168.1.4]>; Wed, 7 Jan 2004 12:28:44 -0500 From: Kenny Freeman To: freebsd-isp@freebsd.org Date: Wed, 7 Jan 2004 13:26:21 -0500 User-Agent: KMail/1.5.4 References: <20031211213245.I61349@vette.gigo.com> In-Reply-To: <20031211213245.I61349@vette.gigo.com> MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="Boundary-02=_R9E//ebY+mj2YBI"; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200401071326.25126.freeman@cs.dal.ca> cc: "::::Carlos:::Ariel:::Canta::::::::" Subject: Re: djbdns X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: freeman@cs.dal.ca List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Jan 2004 17:28:51 -0000 --Boundary-02=_R9E//ebY+mj2YBI Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Description: signed data Content-Disposition: inline My experience with bind has been less than fun - a pain to maintain with al= l=20 of these security fixes and also the file format is terrible. I switched to= =20 djbdns as soon as I found out about it and was happy with a test server tha= t=20 I setup. It is a bit of a hassle to get up and running, but when it is=20 finally setup properly you don't have to touch it at all, period. I have be= en=20 running djbdns for well over a year, more like over two years and I have no= t=20 had to touch it even once in that time. I have a perl script that updates t= he=20 data files from a MySQL database. I also have a CGI interface to the db, so= I=20 can add/edit/delete dns records thru my web browser. The djbdns data file=20 format is very simple and a joy to work with compared to binds. You should= =20 note however that with djbdns, instead of using 2 ips for 2 nameservers I=20 have to use 2xcache ips, 2xserver ips, and 2x zone xfer ips, and also that= =20 the caches have to be notified of any dns servers for domains that you host= -=20 my perl script takes care of that for me tho. Oh, and another thing... I ha= ve=20 heard of people having problems with djbdns on extremely heavily loaded=20 servers where queries were getting dropped - in that case I would use a rou= nd=20 robin nat in front of the servers to distribute the load among many dns=20 servers... my $0.02. =2DKenny On December 12, 2003 12:35 am, Jason Fesler wrote: > > How does djbdns measure up to bind anyway? Bind works wonderfully > > for us.. any reasons someone can come up with (other then the beaten > > to deal security arguments) why a person should change over? > > If you are happy with bind; > If you stay current on bind security problems; > If you find the ISC to be hoopy froods and DJB to be, well, DJB; > then focus your attention to more fruitful efforts. > > Really. > > --jason > (a die hard djbdns user, who fears bind to death, but not an evangelist) > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" --Boundary-02=_R9E//ebY+mj2YBI Content-Type: application/pgp-signature Content-Description: signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQA//E9RJgVCrHv0mQsRAlK9AKCoWbG4jcC+wgPRJws3/i6cXreWbACbBh8L raBuVGJEYjhveOrniWLeGI0= =FKYQ -----END PGP SIGNATURE----- --Boundary-02=_R9E//ebY+mj2YBI-- From owner-freebsd-isp@FreeBSD.ORG Wed Jan 7 22:31:14 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5B9F216A4CE for ; Wed, 7 Jan 2004 22:31:14 -0800 (PST) Received: from n14.grp.scd.yahoo.com (n14.grp.scd.yahoo.com [66.218.66.69]) by mx1.FreeBSD.org (Postfix) with SMTP id B5E3743D3F for ; Wed, 7 Jan 2004 22:31:12 -0800 (PST) probe-1073539854-1073543472-freebsd-isp=freebsd.org@returns.groups.yahoo.com) X-eGroups-Return: probe-1073539854-1073543472-freebsd-isp=freebsd.org@returns.groups.yahoo.com Received: from [66.218.66.176] by n14.grp.scd.yahoo.com with NNFMP; 08 Jan 2004 06:31:12 -0000 Message-ID: Date: 08 Jan 2004 06:31:12 -0000 From: Yahoo!Groups To: freebsd-isp@freebsd.org MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit Subject: Please reactivate your Yahoo! Groups account X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: confirm-unbounce-1073539854-150025628-81523@yahoogroups.com List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Jan 2004 06:31:14 -0000 Hello, You belong to one or more email groups provided by Yahoo! Groups (groups.yahoo.com). Email from these groups can be recognized by looking for a group name in the message Subject line, like [pet-owners] or [music-fans]. Recently, messages sent to you from Yahoo! Groups have been returned to us as undeliverable. To prevent any problems with your email service, we have temporarily turned your Yahoo! Groups account OFF. If you are reading this message now, the delivery problem appears to be fixed. However, we won't know that the problem is fixed until you tell us. To turn your Yahoo! Groups account ON: - Please REPLY to this message. Send that reply back to us without changing anything. OR - While connected to the Internet, click on the following Web link (or copy and paste it into your Web browser and hit the RETURN key): http://groups.yahoo.com/unbounce?adj=150025628,81523&p=1073539854 Once we get a response from you, we will turn your Yahoo! Groups account back ON, and you will begin to receive messages from your groups again. After you respond, you can read any messages you might have missed while your account was off by visiting: http://groups.yahoo.com/mygroups Thank you for using Yahoo! Groups! Yahoo! Groups Customer Care Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ From owner-freebsd-isp@FreeBSD.ORG Thu Jan 8 04:53:45 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 34C8016A4CE for ; Thu, 8 Jan 2004 04:53:45 -0800 (PST) Received: from h2.liquidneon.com (h2.liquidneon.com [216.38.206.182]) by mx1.FreeBSD.org (Postfix) with SMTP id 7CD8543D48 for ; Thu, 8 Jan 2004 04:53:43 -0800 (PST) (envelope-from bdavis@house.so14k.com) Received: (qmail 21367 invoked from network); 8 Jan 2004 12:53:42 -0000 Received: from c-24-8-51-173.client.comcast.net (HELO mccaffrey.house.so14k.com) (24.8.51.173) by h2.liquidneon.com with SMTP; 8 Jan 2004 12:53:42 -0000 Received: by mccaffrey.house.so14k.com (Postfix, from userid 1001) id 1D230A32; Thu, 8 Jan 2004 05:53:16 -0700 (MST) Date: Thu, 8 Jan 2004 05:53:16 -0700 From: Brad Davis To: freebsd-isp@freebsd.org Message-ID: <20040108125316.GA50144@mccaffrey.house.so14k.com> Mail-Followup-To: freebsd-isp@freebsd.org References: <20031211213245.I61349@vette.gigo.com> <200401071326.25126.freeman@cs.dal.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200401071326.25126.freeman@cs.dal.ca> User-Agent: Mutt/1.4.1i Subject: Re: djbdns X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Jan 2004 12:53:45 -0000 Note that even the BIND developers admitted that it is recommended to run a seperate instance of BIND for publishing dns records and another for a cache.. DJBDNS just forces you to do this :) Brad Davis DJBDNS user for 6 months On Wed, Jan 07, 2004 at 01:26:21PM -0500, Kenny Freeman wrote: Content-Description: signed data > My experience with bind has been less than fun - a pain to maintain with all > of these security fixes and also the file format is terrible. I switched to > djbdns as soon as I found out about it and was happy with a test server that > I setup. It is a bit of a hassle to get up and running, but when it is > finally setup properly you don't have to touch it at all, period. I have been > running djbdns for well over a year, more like over two years and I have not > had to touch it even once in that time. I have a perl script that updates the > data files from a MySQL database. I also have a CGI interface to the db, so I > can add/edit/delete dns records thru my web browser. The djbdns data file > format is very simple and a joy to work with compared to binds. You should > note however that with djbdns, instead of using 2 ips for 2 nameservers I > have to use 2xcache ips, 2xserver ips, and 2x zone xfer ips, and also that > the caches have to be notified of any dns servers for domains that you host - > my perl script takes care of that for me tho. Oh, and another thing... I have > heard of people having problems with djbdns on extremely heavily loaded > servers where queries were getting dropped - in that case I would use a round > robin nat in front of the servers to distribute the load among many dns > servers... my $0.02. > > -Kenny > > On December 12, 2003 12:35 am, Jason Fesler wrote: > > > How does djbdns measure up to bind anyway? Bind works wonderfully > > > for us.. any reasons someone can come up with (other then the beaten > > > to deal security arguments) why a person should change over? > > > > If you are happy with bind; > > If you stay current on bind security problems; > > If you find the ISC to be hoopy froods and DJB to be, well, DJB; > > then focus your attention to more fruitful efforts. > > > > Really. > > > > --jason > > (a die hard djbdns user, who fears bind to death, but not an evangelist) > > _______________________________________________ > > freebsd-isp@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Fri Jan 9 10:12:59 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AFF7316A4D0 for ; Fri, 9 Jan 2004 10:12:59 -0800 (PST) Received: from mail.lphp.org (APastourelles-107-1-17-19.w81-48.abo.wanadoo.fr [81.48.127.19]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6643343D39 for ; Fri, 9 Jan 2004 10:12:56 -0800 (PST) (envelope-from ajacoutot@lphp.org) Received: from admin.dioranews.com (modem209.metz.imaginet.fr [195.68.12.209] (may be forged)) by mail.lphp.org (8.12.10/8.12.10) with ESMTP id i09ICeR1053926 for ; Fri, 9 Jan 2004 19:12:40 +0100 (CET) (envelope-from ajacoutot@lphp.org) From: Antoine Jacoutot To: freebsd-isp@freebsd.org Date: Fri, 9 Jan 2004 19:12:46 +0100 User-Agent: KMail/1.5.4 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200401091912.46936.ajacoutot@lphp.org> Subject: routing question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Jan 2004 18:12:59 -0000 Hello everybody :) I have a routing question and was wondering if FreeBSD was able to do this. I have 2 ISPs (so 2 connections). Can I use only one FreeBSD box as a gateway to: - route LAN --> INTERNET (using connection 1) - route DMZ --> INTERNET (using connection 2) - route LAN --> DMZ (simple routing through the gateway) The gateway would have either one of the 2 connections as default gateway. I do not need any kind of load-balance nor failover for now, just routing. Thanks in advance. Regards, Antoine From owner-freebsd-isp@FreeBSD.ORG Fri Jan 9 11:50:44 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3655416A4CE for ; Fri, 9 Jan 2004 11:50:44 -0800 (PST) Received: from otter3.centtech.com (moat3.centtech.com [207.200.51.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3DDA543D5D for ; Fri, 9 Jan 2004 11:50:42 -0800 (PST) (envelope-from anderson@centtech.com) Received: from centtech.com (neutrino.centtech.com [10.177.171.220]) by otter3.centtech.com (8.12.3/8.12.3) with ESMTP id i09Jof6T013648; Fri, 9 Jan 2004 13:50:41 -0600 (CST) (envelope-from anderson@centtech.com) Message-ID: <3FFF05FB.9090002@centtech.com> Date: Fri, 09 Jan 2004 13:50:19 -0600 From: Eric Anderson User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Antoine Jacoutot References: <200401091912.46936.ajacoutot@lphp.org> In-Reply-To: <200401091912.46936.ajacoutot@lphp.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-isp@freebsd.org Subject: Re: routing question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Jan 2004 19:50:44 -0000 Antoine Jacoutot wrote: >Hello everybody :) > >I have a routing question and was wondering if FreeBSD was able to do this. >I have 2 ISPs (so 2 connections). >Can I use only one FreeBSD box as a gateway to: >- route LAN --> INTERNET (using connection 1) >- route DMZ --> INTERNET (using connection 2) >- route LAN --> DMZ (simple routing through the gateway) >The gateway would have either one of the 2 connections as default gateway. >I do not need any kind of load-balance nor failover for now, just routing. > > I can't think of any reason this couldn't be done.. -- ------------------------------------------------------------------ Eric Anderson Systems Administrator Centaur Technology All generalizations are false, including this one. ------------------------------------------------------------------ From owner-freebsd-isp@FreeBSD.ORG Fri Jan 9 16:55:20 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E6B7C16A4D1 for ; Fri, 9 Jan 2004 16:55:20 -0800 (PST) Received: from mail.lphp.org (APastourelles-107-1-17-19.w81-48.abo.wanadoo.fr [81.48.127.19]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8473C43D46 for ; Fri, 9 Jan 2004 16:55:18 -0800 (PST) (envelope-from ajacoutot@lphp.org) Received: from sta01 (sta01.lphp.local [192.168.0.3]) by mail.lphp.org (8.12.10/8.12.10) with ESMTP id i0A0stR1057384; Sat, 10 Jan 2004 01:54:55 +0100 (CET) (envelope-from ajacoutot@lphp.org) From: Antoine Jacoutot To: Eric Anderson Date: Sat, 10 Jan 2004 01:53:17 +0100 User-Agent: KMail/1.5.4 References: <200401091912.46936.ajacoutot@lphp.org> <3FFF05FB.9090002@centtech.com> In-Reply-To: <3FFF05FB.9090002@centtech.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200401100153.18052.ajacoutot@lphp.org> cc: freebsd-isp@freebsd.org Subject: Re: routing question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 Jan 2004 00:55:21 -0000 On Friday 09 January 2004 20:50, Eric Anderson wrote: > Antoine Jacoutot wrote: > >I have a routing question and was wondering if FreeBSD was able to do > > this. I have 2 ISPs (so 2 connections). > >Can I use only one FreeBSD box as a gateway to: > >- route LAN --> INTERNET (using connection 1) > >- route DMZ --> INTERNET (using connection 2) > >- route LAN --> DMZ (simple routing through the gateway) > >The gateway would have either one of the 2 connections as default gateway. > >I do not need any kind of load-balance nor failover for now, just routing. > > I can't think of any reason this couldn't be done.. Allright, great :) ... but how ? How can I tell to my FreeBSD that default route from DMZ to the NET is xxx.xxx.xxx.xxx and default route from LAn to the NET is yyy.yyy.yyy.yyy ? Thanks for your reply, I'm actually quite happy this can obviously be done. Regards, Antoine From owner-freebsd-isp@FreeBSD.ORG Fri Jan 9 16:57:56 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8F62B16A4CE for ; Fri, 9 Jan 2004 16:57:56 -0800 (PST) Received: from otter3.centtech.com (moat3.centtech.com [207.200.51.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2324A43D7E for ; Fri, 9 Jan 2004 16:57:49 -0800 (PST) (envelope-from anderson@centtech.com) Received: from centtech.com ([192.168.42.24]) by otter3.centtech.com (8.12.3/8.12.3) with ESMTP id i0A0vm6T068759; Fri, 9 Jan 2004 18:57:48 -0600 (CST) (envelope-from anderson@centtech.com) Message-ID: <3FFF4DF7.3040007@centtech.com> Date: Fri, 09 Jan 2004 18:57:27 -0600 From: Eric Anderson User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Antoine Jacoutot References: <200401091912.46936.ajacoutot@lphp.org> <3FFF05FB.9090002@centtech.com> <200401100153.18052.ajacoutot@lphp.org> In-Reply-To: <200401100153.18052.ajacoutot@lphp.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-isp@freebsd.org Subject: Re: routing question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 Jan 2004 00:57:56 -0000 Antoine Jacoutot wrote: >On Friday 09 January 2004 20:50, Eric Anderson wrote: > > >>Antoine Jacoutot wrote: >> >> >>>I have a routing question and was wondering if FreeBSD was able to do >>>this. I have 2 ISPs (so 2 connections). >>>Can I use only one FreeBSD box as a gateway to: >>>- route LAN --> INTERNET (using connection 1) >>>- route DMZ --> INTERNET (using connection 2) >>>- route LAN --> DMZ (simple routing through the gateway) >>>The gateway would have either one of the 2 connections as default gateway. >>>I do not need any kind of load-balance nor failover for now, just routing. >>> >>> >>I can't think of any reason this couldn't be done.. >> >> > >Allright, great :) ... but how ? >How can I tell to my FreeBSD that default route from DMZ to the NET is >xxx.xxx.xxx.xxx and default route from LAn to the NET is yyy.yyy.yyy.yyy ? >Thanks for your reply, I'm actually quite happy this can obviously be done. > > Ok, well, in order to help you more, I'll need to know some things - like, are the IP's in your DMZ going to be publicly accessible? Are the routable IP's (static IPs) you received from your provider? How about the "LAN" addresses? Eric -- ------------------------------------------------------------------ Eric Anderson Systems Administrator Centaur Technology All generalizations are false, including this one. ------------------------------------------------------------------ From owner-freebsd-isp@FreeBSD.ORG Fri Jan 9 17:02:27 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 07EE916A4E7 for ; Fri, 9 Jan 2004 17:02:27 -0800 (PST) Received: from mail.lphp.org (APastourelles-107-1-17-19.w81-48.abo.wanadoo.fr [81.48.127.19]) by mx1.FreeBSD.org (Postfix) with ESMTP id DB9E743D2F for ; Fri, 9 Jan 2004 17:02:21 -0800 (PST) (envelope-from ajacoutot@lphp.org) Received: from srv01.lphp.local (localhost [127.0.0.1]) by mail.lphp.org (8.12.10/8.12.10) with ESMTP id i0A120R1057548; Sat, 10 Jan 2004 02:02:00 +0100 (CET) (envelope-from ajacoutot@lphp.org) Received: (from www@localhost) by srv01.lphp.local (8.12.10/8.12.10/Submit) id i0A11xmg057547; Sat, 10 Jan 2004 02:01:59 +0100 (CET) (envelope-from ajacoutot@lphp.org) Received: from sta01.lphp.local (sta01.lphp.local [192.168.0.3]) by webmail.lphp.org (IMP) with HTTP for ; Sat, 10 Jan 2004 02:01:59 +0100 Message-ID: <1073696519.3fff4f07796ac@webmail.lphp.org> Date: Sat, 10 Jan 2004 02:01:59 +0100 From: Antoine Jacoutot To: Eric Anderson References: <200401091912.46936.ajacoutot@lphp.org> <3FFF05FB.9090002@centtech.com> <200401100153.18052.ajacoutot@lphp.org> <3FFF4DF7.3040007@centtech.com> In-Reply-To: <3FFF4DF7.3040007@centtech.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 3.2.2 / FreeBSD-5.1 cc: freebsd-isp@freebsd.org Subject: Re: routing question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 Jan 2004 01:02:27 -0000 Selon Eric Anderson : > Ok, well, in order to help you more, I'll need to know some things - > like, are the IP's in your DMZ going to be publicly accessible? Are the > routable IP's (static IPs) you received from your provider? How about > the "LAN" addresses? OK :) So, my LAN will be 192.168.0.0/24. The @IP in my DMZ will be public @IP (I got something like 10 @IP publicly available from my provider). Thanks for answering... SO FAST ! Antoine From owner-freebsd-isp@FreeBSD.ORG Fri Jan 9 19:39:16 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ADA3F16A4CE for ; Fri, 9 Jan 2004 19:39:16 -0800 (PST) Received: from otter3.centtech.com (moat3.centtech.com [207.200.51.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id DFEA643D54 for ; Fri, 9 Jan 2004 19:39:14 -0800 (PST) (envelope-from anderson@centtech.com) Received: from centtech.com ([192.168.42.24]) by otter3.centtech.com (8.12.3/8.12.3) with ESMTP id i0A3dC6T084464; Fri, 9 Jan 2004 21:39:13 -0600 (CST) (envelope-from anderson@centtech.com) Message-ID: <3FFF73CB.1090304@centtech.com> Date: Fri, 09 Jan 2004 21:38:51 -0600 From: Eric Anderson User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Antoine Jacoutot References: <200401091912.46936.ajacoutot@lphp.org> <3FFF05FB.9090002@centtech.com> <200401100153.18052.ajacoutot@lphp.org> <3FFF4DF7.3040007@centtech.com> <1073696519.3fff4f07796ac@webmail.lphp.org> In-Reply-To: <1073696519.3fff4f07796ac@webmail.lphp.org> Content-Type: text/plain; charset=ISO-8859-15; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-isp@freebsd.org Subject: Re: routing question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 Jan 2004 03:39:16 -0000 Antoine Jacoutot wrote: >Selon Eric Anderson : > > >>Ok, well, in order to help you more, I'll need to know some things - >>like, are the IP's in your DMZ going to be publicly accessible? Are the >>routable IP's (static IPs) you received from your provider? How about >>the "LAN" addresses? >> >> > >OK :) > >So, my LAN will be 192.168.0.0/24. >The @IP in my DMZ will be public @IP (I got something like 10 @IP publicly >available from my provider). > I'll assume a few things - you have 1 network card for each "internet" connection, and you are receiving the IP for that card via DHCP. I'll also assume that the internet connection used for the DMZ is going to a router (DSL modem, ISDN router, something). Keep in mind, there are probably 50 different ways to do this, and others on this list most likely know far more than I do, and will probably suggest even better ways to do it. You'll need natd (or ipnat) running for the LAN<->WAN1 and LAN<->DMZ connections. This will take care of your LAN connecting to the net, and also give it access to the DMZ (and the DMZ won't have access to the LAN). Now the harder part comes in when you want to set up the DMZ<->WAN2 connection (by the way, I'm using WAN as "internet connection"). You could do this part a lot of ways - so here's one: set up a bridge between DMZ and WAN2, and selectively allow in traffic you deem "ok" using ipfw (or ipfw2, or ipfilter, or..). You could also set up natd (or ipnat) on the DMZ<->WAN2 connection, mapping your 10 IP's to certain hosts on the DMZ'd network - and the DMZ's hosts could have IP's like 10.0.0.xx - that gives you a lot of flexibility. So, you'll need 4 network cards, a simple FreeBSD box, and a little time to read some docs. Here are some pointers to pages with more information: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls.html http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-bridging.html http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-natd.html >Thanks for answering... SO FAST ! > > No problem! Eric -- ------------------------------------------------------------------ Eric Anderson Systems Administrator Centaur Technology All generalizations are false, including this one. ------------------------------------------------------------------ From owner-freebsd-isp@FreeBSD.ORG Sat Jan 10 07:46:30 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8CD1F16A4CE for ; Sat, 10 Jan 2004 07:46:30 -0800 (PST) Received: from stonefish.tiscali.nl (stonefish.tiscali.nl [195.241.76.181]) by mx1.FreeBSD.org (Postfix) with ESMTP id 98FEB43D3F for ; Sat, 10 Jan 2004 07:46:29 -0800 (PST) (envelope-from eric@monkey-online.net) Received: from ericvlaptop.monkey-online.net (195-241-113-9-mx.xdsl.tiscali.nl [195.241.113.9]) by stonefish.tiscali.nl (Postfix) with ESMTP id 7D0AC6D39F for ; Sat, 10 Jan 2004 16:46:14 +0100 (MET) Message-Id: <6.0.0.22.0.20040110164557.01ba1670@mail.monkey-online.net> X-Sender: eric@mail.monkey-online.net (Unverified) X-Mailer: QUALCOMM Windows Eudora Version 6.0.0.22 Date: Sat, 10 Jan 2004 16:46:17 +0100 To: freebsd-isp@freebsd.org From: Eric Veraart Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Subject: Installing frontpage doesn't create shtml.exe X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 Jan 2004 15:46:30 -0000 Hello, I'm trying to install frontpage extions for some virtual hosts. I use Plesk 6.0.2 to enable Frontpage support for the sites. Plesk runs the fpinstall.sh script, and it creates the config files, and a _vti_bin directory with a _vti_adm and _vti_aut directory. But all these directories are empty. When I copy shtml.exe from the exes dir in frontpage, and chown it to the correct user it works. But I don't feel like copying all the files for all the domains manually, and chown them. Does anybody have an idea why fpinstall.sh only creates empty dirs in the httpdocs directory of the vhost? Greetings, Eric From owner-freebsd-isp@FreeBSD.ORG Sat Jan 10 08:20:00 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 94E3E16A4CE for ; Sat, 10 Jan 2004 08:20:00 -0800 (PST) Received: from exit1.i-55.com (exit1.i-55.com [208.231.96.22]) by mx1.FreeBSD.org (Postfix) with ESMTP id A6C6043D3F for ; Sat, 10 Jan 2004 08:19:59 -0800 (PST) (envelope-from dap99@i-55.com) Received: from mybox (dsl-209-205-185-56.i-55.com [209.205.185.56]) by exit1.i-55.com (8.11.7/8.11.4) with SMTP id i0AGK1H01681 for ; Sat, 10 Jan 2004 10:20:01 -0600 From: dap99@i-55.com Message-ID: <016e01c3d795$92ea3f70$6401a8c0@mybox> To: Date: Sat, 10 Jan 2004 10:19:21 -0600 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 Jan 2004 16:20:00 -0000 From owner-freebsd-isp@FreeBSD.ORG Sat Jan 10 08:38:09 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9DD7816A4CE for ; Sat, 10 Jan 2004 08:38:09 -0800 (PST) Received: from exit1.i-55.com (exit1.i-55.com [208.231.96.22]) by mx1.FreeBSD.org (Postfix) with ESMTP id D1AEA43D5A for ; Sat, 10 Jan 2004 08:37:44 -0800 (PST) (envelope-from dap99@i-55.com) Received: from mybox (dsl-209-205-185-56.i-55.com [209.205.185.56]) by exit1.i-55.com (8.11.7/8.11.4) with SMTP id i0AGbkH06673 for ; Sat, 10 Jan 2004 10:37:46 -0600 From: dap99@i-55.com Message-ID: <018e01c3d798$0de66670$6401a8c0@mybox> To: Date: Sat, 10 Jan 2004 10:36:48 -0600 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: Failover of FreeBSD firewall with ipfw/natd X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 Jan 2004 16:38:09 -0000 Apologies for the first empty post. I am running FreeBSD 4.8-REL with ipfw and natd. My firewall has a primary IP address and several other IP addresses aliased on the public interface. This firewall serves as a gateway and performs NAT for a set of servers offering web, email, and HTTPS. We have two machines that can serve as the firewall: One is the primary firewall, and the second can be brought up manually as the firewall in case of a failure of the first machine. I would like to automate the process of failover for the firewall. Counting the backup firewall, which is also the file and database server, we have four internal servers, all FreeBSD 4.8-REL. I am looking for suggestions on the best way to solve the failover problem. In my mind, the following needs to happen if the primary firewall dies: 1. The backup firewall needs to recognize that the primary firewall is indeed dead. 2. The backup firewall needs to bring up the public IP addresses on it's public interface. 3. The backup firewall needs to activate the firewall ruleset. 4. The backup firewall needs to bring up natd. 5. The internal machines need to recognize the backup firewall as the default gateway. First of all, are there any tools available that will help automate this process? I should be able to do availability checks between the primary and backup firewalls using something like heartbeat, but I am open to other suggestions! Second, how are you solving this problem with FreeBSD and ipfw/natd? The third questin concerns testing if a firewall is actually dead rather than the backup firewall losing connectivity. I will be using something along the lines of this test: If the backup firewall cannot connect to the primary firewall and the backup firewall can connect to the outside world and the backup firewall can connect to the internal network then failover. How are you solving this problem? From owner-freebsd-isp@FreeBSD.ORG Sat Jan 10 10:52:26 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5B06C16A4CE for ; Sat, 10 Jan 2004 10:52:26 -0800 (PST) Received: from bsdhosting.net (bsdhosting.net [65.39.221.113]) by mx1.FreeBSD.org (Postfix) with SMTP id 8C4D343D73 for ; Sat, 10 Jan 2004 10:52:22 -0800 (PST) (envelope-from jhopper@bsdhosting.net) Received: (qmail 40555 invoked from network); 10 Jan 2004 18:51:08 -0000 Received: from bsdhosting.net (HELO work.gusalmighty.com) (jhopper@bsdhosting.net@65.39.221.113) by bsdhosting.net with SMTP; 10 Jan 2004 18:51:08 -0000 From: Justin Hopper To: FreeBSD ISP Mailing List In-Reply-To: <6.0.0.22.0.20040110164557.01ba1670@mail.monkey-online.net> References: <6.0.0.22.0.20040110164557.01ba1670@mail.monkey-online.net> Content-Type: text/plain Message-Id: <1073760522.7833.35.camel@work.gusalmighty.com> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.5 Date: Sat, 10 Jan 2004 10:48:42 -0800 Content-Transfer-Encoding: 7bit Subject: Re: Installing frontpage doesn't create shtml.exe X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 Jan 2004 18:52:26 -0000 On Sat, 2004-01-10 at 07:46, Eric Veraart wrote: > Hello, > > I'm trying to install frontpage extions for some virtual hosts. I use Plesk > 6.0.2 to enable Frontpage support for the sites. Plesk runs the > fpinstall.sh script, and it creates the config files, and a _vti_bin > directory with a _vti_adm and _vti_aut directory. But all these directories > are empty. When I copy shtml.exe from the exes dir in frontpage, and chown > it to the correct user it works. But I don't feel like copying all the > files for all the domains manually, and chown them. > > Does anybody have an idea why fpinstall.sh only creates empty dirs in the > httpdocs directory of the vhost? The directories should be empty. The mod_frontpage.so Apache module should intercept a request for files in these directories and call the appropriate files in /usr/local/frontpage/... or where ever you have the core FrontPage files installed. This of course will not occur if you do not have the mod_frontpage.so module loaded, so that may be the first thing to check. Check your error_log (both the vhost log and main Apache log, if you have vhosts configured) for the FrontPage-specific error. I remember there was some specific problem related to shtml.exe that often came up, but I can't remember what it was. If you can find an error log entry, that may refresh my memory on the solution. > Greetings, > Eric > > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" -- Justin Hopper UNIX Systems Engineer BSDHosting.net Hosting Division of Digital Oasys Inc. http://www.bsdhosting.net From owner-freebsd-isp@FreeBSD.ORG Sat Jan 10 12:46:59 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 122EE16A4CE for ; Sat, 10 Jan 2004 12:46:59 -0800 (PST) Received: from gumby.citytel.net (gumby.citytel.net [204.244.98.46]) by mx1.FreeBSD.org (Postfix) with ESMTP id 59D9643D54 for ; Sat, 10 Jan 2004 12:46:58 -0800 (PST) (envelope-from kwoody@citytel.net) Received: from pop.citytel.net (pop.citytel.net [204.244.98.50]) by gumby.citytel.net (Postfix) with ESMTP id 5BEBA237355 for ; Sat, 10 Jan 2004 12:46:54 -0800 (PST) Date: Sat, 10 Jan 2004 12:46:54 -0800 (PST) From: Keith Woodworth To: freebsd-isp@freebsd.org Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: Server Hardware. X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 Jan 2004 20:46:59 -0000 Weve been running BSD/OS since 1996, with a few small FreeBSD machines thrown in for testing and monitoring of things. Now since BSD/OS is EOL'd by WindRiver we will be moving to FreeBSD on production machines. First will be a new webserver and probably a mailserver. Been looking at some SuperMicro stuff and some of their machines are SATA Intel RAID and it looks like FBSD 5.1 has support for this in their ata(4) driver. Is this so? Anyone have recommendations on a board that will work with SCSI or IDE Raid 1 under FBSD 4.8, 4.9 or even the 5.x train, that they are using in production? Thanks, Keith Woodworth MSN: shasta_5000@hotmail.com From owner-freebsd-isp@FreeBSD.ORG Sat Jan 10 14:38:05 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0B83816A4CE for ; Sat, 10 Jan 2004 14:38:05 -0800 (PST) Received: from spooky.eis.net.au (spooky.eis.net.au [203.12.171.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id CC91C43D53 for ; Sat, 10 Jan 2004 14:38:03 -0800 (PST) (envelope-from ernie@spooky.eis.net.au) Received: (from ernie@localhost) by spooky.eis.net.au (8.12.10/8.12.9) id i0AMc1a7044361 for freebsd-isp@freebsd.org; Sun, 11 Jan 2004 08:38:01 +1000 (EST) (envelope-from ernie) From: User Ernie Message-Id: <200401102238.i0AMc1a7044361@spooky.eis.net.au> To: freebsd-isp@freebsd.org Date: Sun, 11 Jan 2004 08:38:01 +1000 (EST) X-Mailer: ELM [version 2.4ME+ PL99b (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Subject: L2TP LNS setup X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 Jan 2004 22:38:05 -0000 Anyone used a FreeBSD machine as an LNS to terminate a bunch of L2TP tunnels, and spawn of PPPoE sessions? I currently use Cisco routers to do this for my ADSL clients, but they have built in chassis restrictions on the number of vpdn sessions you can run before you need to buy another router. I looked at l2tpd in the ports collection, it's on the right track but I am not sure if it will stand up to commercial applications. - Ernie. From owner-freebsd-isp@FreeBSD.ORG Sat Jan 10 17:03:35 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A59A816A4CE for ; Sat, 10 Jan 2004 17:03:35 -0800 (PST) Received: from joseph.outreachnetworks.com (joseph.outreachnetworks.com [65.196.249.147]) by mx1.FreeBSD.org (Postfix) with SMTP id D1B8043D45 for ; Sat, 10 Jan 2004 17:03:33 -0800 (PST) (envelope-from elh@outreachnetworks.com) Received: (qmail 22257 invoked from network); 11 Jan 2004 01:03:32 -0000 Received: from joseph.outreachnetworks.com (HELO preacher.outreachnetworks.com) (65.196.249.147) by joseph.outreachnetworks.com with SMTP; 11 Jan 2004 01:03:32 -0000 Received: by preacher.outreachnetworks.com (sSMTP sendmail emulation); Sat, 10 Jan 2004 20:03:32 -0500 Date: Sat, 10 Jan 2004 20:03:32 -0500 From: "Eric L. Howard" To: freebsd-isp@freebsd.org Message-ID: <20040111010331.GA1754@outreachnetworks.com> Mail-Followup-To: freebsd-isp@freebsd.org References: <018e01c3d798$0de66670$6401a8c0@mybox> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <018e01c3d798$0de66670$6401a8c0@mybox> X-Favorite-Scripture: Romans 8:18 X-Theocratic-Rule-Advocate: http://www.crossmovement.com X-Registered-Secret-Agent: Agent Double-Naught Seven X-Operating-System: Linux 2.4.22-mywin4lin User-Agent: Mutt/1.5.4i Subject: Re: Failover of FreeBSD firewall with ipfw/natd X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 Jan 2004 01:03:35 -0000 At a certain time, now past [Jan.10.2004-10:36:48AM -0600], dap99@i-55.com spake thusly: > Apologies for the first empty post. > > I am running FreeBSD 4.8-REL with ipfw and natd. My firewall has a primary > IP address and several other IP addresses aliased on the public interface. > This firewall serves as a gateway and performs NAT for a set of servers > offering web, email, and HTTPS. We have two machines that can serve as the > firewall: One is the primary firewall, and the second can be brought up > manually as the firewall in case of a failure of the first machine. > > I would like to automate the process of failover for the firewall. This has come up in the past...did you check the archives? [admin@zechariah ports]$ make search key=freevrrp Port: freevrrpd-0.8.7 Path: /usr/ports/net/freevrrpd Info: This a VRRP RFC2338 Compliant implementation under FreeBSD Maint: spe@bsdfr.org Index: net B-deps: R-deps: [admin@zechariah freevrrpd]$ less pkg-descr freevrrpd is a VRRP (Virtual Router Redundancy Protocol) implementation daemon under FreeBSD. freevrrpd is part of the High UpTime project. This daemon has been rewritten from scratch and is not based on existing projects. In this second public release, you can find: * A daemon RFC 2338 Compliant adapted on FreeBSD systems * Implementation of Virtual Adresses * Support for multiples VRID * Master announce state by sending multicast packets via BPF * Changing routes and IP in 3 seconds * Doing gratuitous ARP requests to clean the cache of all hosts * Election between different slave servers * Same host can be Slave and Master at the same time * Automatic Downgrade to Slave if a Master is up again * Anti-Address Conflict system * Multi-threaded vrrp daemon * Plain text password authentication * Using now only one BPF device for all VRID * Support netmask for Virtual IP addresses * Support for monitored circuit and dependances between VRIDs WWW: http://www.bsdshell.net/ I don't use ipfw or natd...so I can't comment on that portion...but again..it's come up in the past...check the archives for -isp, -security and -ipfw. ~elh -- Eric L. Howard e l h @ o u t r e a c h n e t w o r k s . c o m ------------------------------------------------------------------------ www.OutreachNetworks.com 313.297.9900 ------------------------------------------------------------------------ JabberID: elh@jabber.org Advocate of the Theocratic Rule From owner-freebsd-isp@FreeBSD.ORG Sat Jan 10 21:01:10 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6E45316A4CE for ; Sat, 10 Jan 2004 21:01:10 -0800 (PST) Received: from exit1.i-55.com (exit1.i-55.com [208.231.96.22]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4CAF143D41 for ; Sat, 10 Jan 2004 21:01:08 -0800 (PST) (envelope-from dap99@i-55.com) Received: from mybox (dsl-209-205-185-56.i-55.com [209.205.185.56]) by exit1.i-55.com (8.11.7/8.11.4) with SMTP id i0B51EH13404 for ; Sat, 10 Jan 2004 23:01:14 -0600 From: dap99@i-55.com Message-ID: <002c01c3d7ff$e6ff28e0$6401a8c0@mybox> To: Date: Sat, 10 Jan 2004 23:00:51 -0600 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: Fw: Jails not quite stable.. X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 Jan 2004 05:01:10 -0000 I meant to CC isp@freebsd.org since I am actually doing this for a hosting provider. Because of the fact that jails can make it easy to manage services I have to assume that other people on this list are trying (or have accomplished) what I'm trying to do here. Thoughts? ----- Original Message ----- From: To: Sent: Saturday, January 10, 2004 10:59 PM Subject: Jails not quite stable.. > I am working on a project to move various services running directly under > FreeBSD 4.8-REL to run under jails on the same servers. Setting up the jails > is no problem at all (I can follow manpages), and bringing the jails up > using either '/bin/sh /etc/rc' or '/usr/local/sbin/jailer' works as well. > Basically, I can get a jail up and running with the desired service. > > However, I've found that jails are producing some problems during my > testing. > > 1. On several occassions I have been unable to kill a process in a jail, > even with a 'kill -9' from inside or outside the jail as root. > > europa# ps aux|grep J > root 90423 0.0 0.4 1268 920 p0- DJ 10:44PM 0:00.01 /bin/csh > europa# kill 90423 > europa# ps aux | grep J > root 90423 0.0 0.4 1268 920 p0- DJ 10:44PM 0:00.01 /bin/csh > europa# kill -9 90423 > europa# ps aux | grep J > root 90423 0.0 0.4 1268 920 p0- DJ 10:44PM 0:00.01 /bin/csh > > (If I reboot this machine it will probably hang. See below.) > > 2. On one occasion (and I haven't attempted to replicate this), I tried a > server reboot (with 'reboot') after a jailed process would not die, and the > server promptly went offline to never return. I had to have someone hard > reset the server. Unfortunately, I am not sure what was on the screen as I > wasn't around. I can say though that the server was pingable but not > reachable otherwise. > > 3. If a process is hung, such as /bin/csh, then odd things happen when > accessing the location of the jail: > > # cd /dsk/jails/ > # ll > total 51684 > drwxr-xr-x 13 root wheel 512 Jan 10 22:17 mail1 > -rw------- 1 root wheel 52896075 Jan 10 20:47 skel.tgz > # cd mail1europa > # ll > (ls just hangs at this point) > > I have to kill my ssh session using ~. to get out of this. Note that > /dsk/jails/mail1 is not mounted via NFS. It's on the actual local disk. > > These problems are reproducible across machines running both FreeBSD 4.8-REL > and FreeBSD 4.9-STABLE: > > # uname -v > FreeBSD 4.9-STABLE #0: > > I WANT to use jails to host most of our services, if for no other reason > than the increase manageability, but there just seems to be a stability > issue here. I realize I will get a lot of "It works for me", but again, > these problems are reproducible, so I'm sure someone else has seen it. :) > > Thoughts on this? >