From owner-freebsd-questions@FreeBSD.ORG Wed Aug 4 16:19:52 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D58EE16A4CE for ; Wed, 4 Aug 2004 16:19:52 +0000 (GMT) Received: from internet.potentialtech.com (h-66-167-251-6.phlapafg.covad.net [66.167.251.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5ED2543D58 for ; Wed, 4 Aug 2004 16:19:52 +0000 (GMT) (envelope-from wmoran@potentialtech.com) Received: from working.potentialtech.com (pa-plum-cmts1e-68-68-113-64.pittpa.adelphia.net [68.68.113.64]) by internet.potentialtech.com (Postfix) with ESMTP id 6C22769A71; Wed, 4 Aug 2004 12:19:51 -0400 (EDT) Date: Wed, 4 Aug 2004 12:19:50 -0400 From: Bill Moran To: DK Message-Id: <20040804121950.6127e395.wmoran@potentialtech.com> In-Reply-To: <20040804151516.41150.qmail@web41007.mail.yahoo.com> References: <20040802093414.GA39066@orion.daedalusnetworks.priv> <20040804151516.41150.qmail@web41007.mail.yahoo.com> Organization: Potential Technologies X-Mailer: Sylpheed version 0.9.12 (GTK+ 1.2.10; i386-portbld-freebsd4.9) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit cc: freebsd-questions@freebsd.org Subject: Re: firewalls, connecting, config & apachetoolbox (was: Re: BigApache [..]) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Aug 2004 16:19:52 -0000 Honestly, you'll get much better response if you ask 1 question per email. An email this long with multiple questions in it forces someone to read the entire email just to see if there's something there they want to answer. DK wrote: > Hi Giorgos et al, > > thanks for your patience. > > I have enclosed the output of dsmeg, ps, XF86Config if it helps in > understanding why my system runs slower than W2000 & why I cannot connect to > the net via my broadband connection. > > --- Giorgos Keramidas wrote: > > Bearing this in mind you might, of course, find it a bit more reassuring to > > run a firewall like IPFW. But this doesn't *require* a kernel recompile. > > You can simply load the ipfw.ko module with kldload(8) and immediatelly > > start setting up the rules of your firewall ruleset. As root, you can load > > the ipfw module by: # kldload ipfw > > Thanks for that. I have ipfw loaded okay(I hope). After reading 14.8.3 from > the > handbook regarding IPFW, I was a little worried. > > "14.8.3 Enabling IPFW on FreeBSD > As the main part of the IPFW system lives in the kernel, you will need to add > one or more options to your kernel configuration file, depending on what > facilities you want, and RECOMPILE your kernel." It _used_ to be this way ... it looks like it's time to update that page of the handbook. > > The default set of firewall packet inspection rules that ipfw loads will > > block *EVERYTHING* so you might want to do a bit of research on the > > available rulesets by reading about rc.firewall, rc.conf and/or browse the > > contents of the /etc/defaults/rc.conf file: > > If I understand it correctly after reading the handbook, if I add > 'firewall_type=open' in my '/etc/rc.conf' file, will it make all > incoming/outgoing ports open so I can connect to the net with sysinstall to > download packages ??? Yes. > > The "bad intepreter" error means that the `install.sh' script (most likely) > > starts with a line like this: > > Edit `install.sh' and replace `/bin/bash' with `/usr/local/bin/bash' if you > > have bash installed. > > Legend. Got this script working now :)) > > ...Except...All modules seem to install okay Except for "mod_perl". > > > I get the error: > ----------------------- > [-] 16) -Mod Perl 1.29 > > Choice [?] 16 > LWP::UserAgent not installed! > HTML::HeadParser not installed! > Type "perl -MCPAN -e shell" to start the perl CPAN > shell, then "install LWP::UserAgent" to install the LWP::UserAgent module! > Substitute LWP::UserAgent for any perl module. > ------------------------------ > > I don't understand what I am supposed to "substitute" (above) ??? With the name of the perl module. Apparently, that script is making assumptions about what is installed on your system, and is assuming wrong. Doesn't sound like a very good script. You'll have a better time of it if you look up the "UserAgent" and "HeadParser" packages for perl in the ports collection and install them from there, but the CPAN method will work as well. See the CPAN docs for details. > Other problems(Doh!): > > 1) For automount, I edited /etc/fstab. > It was easier & more logical than the editing amd(/etc/amd.conf & /etc/amd.map) > Problem: There has to be a CD in the CD drive & a floppy in the floppy drive > otherwise the drives don't automount & the bootup faulters !! > - This is annoying. Is there a way around this so I can automount at bootup > without a disk being in the drive ??? You're a little confused. I saw an email go by earlier with someone suggesting changes to /etc/fstab, and that was bad advice and probably what confused you. Putting those entries in /etc/fstab does not constitute "automounting", it just causes them to be mounted. Although it's easier to set up, it's not a good idea to configure removable devices to mount automatically at boot up by adding entries to /etc/fstab (as you've discovered) The method using amd is the correct way to do it, it causes the amd program to check for media in the drive and mount it if available. This is the behaviour you're used to in Windows, and will not be accomplished by editing /etc/fstab. /etc/fstab is a list of filesystems that must be mounted at boot time, and would create unreasonable requirements for removable media. Additionally, when you switch media (i.e. change to a different CD) the new CD won't be remounted. amd can handle this. > 4) I am taking your advice & am trying to connect to the net with > sysinstall so > I can download packages/ports & hopefully find an easier way to install apps. > However when I go through the steps to install a package & select a > freebsd ftp > site, at the end, a prompt comes up saying something like "cannot resolve > ftp... name server, network needs to be configured..) ... or something like > that > > Q: Do I need to get my broadband login client working to connect to the net OR > can I login to my ISP from a terminal within BSD ??? Depends on the connection system you use for your broadband access. If they're using standard TCP, then you just need to set up the network card for DHCP. If they're using PPPOE, you'll need to log in. > Q: Do I need to login to my broadband ISP via my login client to enable > "sysinstall" to be able to download packages etc ... ??? You need access. What you have to do to get access is dependent on your ISP. > Q: Like tracert on W2000, is their a command I can use in BSD to see when I am > connected to the net ??? W2K's tracert is based on BSD's traceroute -- Bill Moran Potential Technologies http://www.potentialtech.com