From owner-freebsd-questions@FreeBSD.ORG Fri Aug 8 14:20:57 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 78AF22CF for ; Fri, 8 Aug 2014 14:20:57 +0000 (UTC) Received: from nm40-vm2.bullet.mail.bf1.yahoo.com (nm40-vm2.bullet.mail.bf1.yahoo.com [72.30.239.210]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2C24F288C for ; Fri, 8 Aug 2014 14:20:56 +0000 (UTC) Received: from [98.139.212.151] by nm40.bullet.mail.bf1.yahoo.com with NNFMP; 08 Aug 2014 14:18:36 -0000 Received: from [98.139.212.230] by tm8.bullet.mail.bf1.yahoo.com with NNFMP; 08 Aug 2014 14:18:36 -0000 Received: from [127.0.0.1] by omp1039.mail.bf1.yahoo.com with NNFMP; 08 Aug 2014 14:18:36 -0000 X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 900669.71382.bm@omp1039.mail.bf1.yahoo.com Received: (qmail 19024 invoked by uid 60001); 8 Aug 2014 14:18:36 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1407507516; bh=AIf1Qjg4V4DtfNH11GTh8TcQd5Na54mU29z2jpCt+L4=; h=References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=zumXqv8aZneSWka+ig43/j1uZjTK/qapyr8nA+A5Ilp3nyrncyNS2y4qXRscplWR7OQCJSnp6t66oz5GrjgJ0cqPEN1w4UX0Hcya2lqkydGKdaBISAtelXe8vPOHympXODc0cFhji3I2VY3NYJDPB0KYhV5C8GeTnNgoafy8Cj8= X-YMail-OSG: PLmAMUwVM1lOwEbaP_TtQ3ZudVySAsEBqL.RIff0b52GdRN sMIcBpouZbfhOct.136yU2YSfyNQoBlGtzBLYL0nd0zu7JoX9m2sCgy3fr6m aIRM.05yBZXk.QdUVAaOY535Q_9dnp2LDWA39bwx38saNjw2SZd0.Xcp12fK 1fjzW.zTAG1OyQGJorzaGdTujh_X7QH1A2mbkAx_HQhjQWwiSs6zlxE0vOvn FP7hbNNl8mjK7a3RrxGQ1aWtd9rMJlnGeWDXWITtkjGltNWJicXZTrcPLYi. roAdrnyM6NyV3izoism7r.Q4E08F7p45rvHfS8YnDsvtZ8U_iXVwR9OaRuet QyEB9dX6McPR.84RQZxxjC4IoInX12xrUtdhq1uJictpc4caUPJaFJ3lozDa WKL6Q5WSaZ0ImmrzvMw4zC.aCyM.17aNqkY6SuabJKIll3wMo9Nv38UAhIgk IowEcOMTousJTgQZGZQ8XhYNm18OCzudsg5iOK_e63rZNnO.htftjVEXXXsm 9aLyc6E9n6gESbX.wDXja_jnojQnnKYk6bXED98TZ97BkSaOMf2cYrzVLuTp .AuWijKBnLCnwo9OX7_c7hXyrXIXxQdHZbGKH7KqtbfZwZfIcYecgqUpC9Fk YOqnIoJjqd0RJg2xaMWPor1IAMiak1xyHXQ-- Received: from [212.92.1.119] by web160705.mail.bf1.yahoo.com via HTTP; Fri, 08 Aug 2014 07:18:36 PDT X-Rocket-MIMEInfo: 002.001, SGF2ZSB5b3UgdHJpZWQgZGlzYWJsaW5nIGxvZ2dpbmc_wqAKQXQgbGVhc3QgaXQgY2FuIGhlbHAgcmVkdWNpbmcgdGhlIGxvYWQuCgoKT24gVGh1cnNkYXksIEF1Z3VzdCA3LCAyMDE0IDI6MTIgUE0sIE5vcm1hbiBLaGluZSA8bm9ybWFuQGtoaW5lLm5ldD4gd3JvdGU6CiAKCgpoZWxsbywgaSBoYXZlIGEgd2ViIGFwcGxpY2F0aW9uIHJ1bm5pbmcgMyBqYWlsIGVudmlyb25tZW50cyBvbmUgZm9yIE5naW54CldlYiBzZXJ2ZXIsIG9uZSBmb3IgTW9uZ29EQi9SZWRpcyBhbmQgb25lIGZvciBteSBOb2RlLmpzIGEBMAEBAQE- X-Mailer: YahooMailWebService/0.8.198.689 References: Message-ID: <1407507516.17973.YahooMailNeo@web160705.mail.bf1.yahoo.com> Date: Fri, 8 Aug 2014 07:18:36 -0700 From: Laszlo Danielisz Reply-To: Laszlo Danielisz Subject: Re: correctly configuring PF with jailed environments To: Norman Khine , "freebsd-questions@freebsd.org" In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.18 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Aug 2014 14:20:57 -0000 Have you tried disabling logging?=A0=0AAt least it can help reducing the lo= ad.=0A=0A=0AOn Thursday, August 7, 2014 2:12 PM, Norman Khine wrote:=0A =0A=0A=0Ahello, i have a web application running 3 jail env= ironments one for Nginx=0AWeb server, one for MongoDB/Redis and one for my = Node.js application=0A=0Athis is my current pf.conf file=0A=0Ahttps://gist.= github.com/nkhine/d03ea23a749c47bcc4d0=0A=0Athis works, as there is no acce= ss to my node app nor any of the dbs from=0Apublic interfaces.=0A=0Athe rul= es come out as=0A=0A# pfctl -s rules=0Ascrub out log on igb0 all random-id = min-ttl 15 set-tos 0x1c fragment=0Areassemble=0Ascrub in log on igb0 all mi= n-ttl 15 fragment reassemble=0Ascrub in all fragment reassemble=0A=0Ai find= that on my webserver i get timeouts and the applicationd does not=0Aload u= p quickly!=0A=0Aalso, are there any improvements i can make to this as to e= nsure a more=0Asecure environment?=0A=0Aany advice much appreciated=0A=0A--= =0A%>>> "".join( [ {'*':'@','^':'.'}.get(c,None) or chr(97+(ord(c)-83)%26)= for=0Ac in ",adym,*)&uzq^zqf" ] )=0A______________________________________= _________=0Afreebsd-questions@freebsd.org mailing list=0Ahttp://lists.freeb= sd.org/mailman/listinfo/freebsd-questions=0ATo unsubscribe, send any mail t= o "freebsd-questions-unsubscribe@freebsd.org" From owner-freebsd-questions@FreeBSD.ORG Fri Aug 8 14:27:39 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 64F3C54B for ; Fri, 8 Aug 2014 14:27:39 +0000 (UTC) Received: from mail.parts-unknown.org (home.parts-unknown.org [50.250.218.161]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3E56228F9 for ; Fri, 8 Aug 2014 14:27:38 +0000 (UTC) Received: from mail.parts-unknown.org (unknown [127.0.0.1]) by mail.parts-unknown.org (Postfix) with ESMTP id 8B749598CDCC; Fri, 8 Aug 2014 07:27:38 -0700 (PDT) Received: by mail.parts-unknown.org (Postfix, from userid 1001) id 6CC0D598CDB5; Fri, 8 Aug 2014 07:27:38 -0700 (PDT) Date: Fri, 8 Aug 2014 07:27:38 -0700 From: David Benfell To: "illoai@gmail.com" Subject: Re: Touchpad issues Message-ID: <20140808142738.GA99074@home.parts-unknown.org> References: <20140802223804.GA42137@home.parts-unknown.org> <20140808034755.GA98543@home.parts-unknown.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="YiEDa0DAkWCtVeE4" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) X-Virus-Scanned: ClamAV using ClamSMTP on home.parts-unknown.org Cc: "freebsd-questions@freebsd.org" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Aug 2014 14:27:39 -0000 --YiEDa0DAkWCtVeE4 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Aug 08, 2014 at 08:36:35AM -0400, illoai@gmail.com wrote: > On 7 August 2014 23:47, David Benfell wrote: > > On Thu, Aug 07, 2014 at 12:22:34PM -0400, illoai@gmail.com wrote: > >> > >> I strongly dislike xorg taking over the kernel r=F4le of > >> mediating hardware, so I don't have a HAL-ified xorg, > >> & I have > >> hw.psm.synaptics_support=3D1 > >> in my /boot/loader.conf > >> & I use the old, simple "Driver" "mouse" with /dev/sysmouse > >> (Options "Protocol" "auto"). Letting moused(8) > >> handle the plugging & unplugging of USB mousies > >> works fine & everything I need does what I need. > >> > No HAL at all (you have to build xorg-server from ports). I also have > hald_enable=3D"NO" (& dbus_enable=3D"NO") set in /etc/rc.conf because > I simply dislike those abominations. moused(8), handles USB mousies > just fine for my purposes. >=20 > Set up basically just like https://wiki.freebsd.org/SynapticsTouchpad > The default min_pressure of 16 has worked okay for a couple of > years, it only reacts when my palm actually brushes the touchpad. >=20 Okay, thanks! I will give all this a try. --=20 David Benfell See https://parts-unknown.org/node/2 if you don't understand the attachment. --YiEDa0DAkWCtVeE4 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJT5N5aAAoJEBV64x4SNmArzZoQAInddSkZdb0xP/syhT5En4BU m6ss7oPesu4TJk+muLHzMv7jfHsx9WsSsTKwmfTvft3lNQhGSbVk/CCNdpBlFp08 1Rf7xcOB+DJL4yyvT86x3s/UtLU063C97ZfT/OHEqQZuimV3yRT93iohPr7OMcGN pe69Lc50f3pfTDWOp5c2dEwoQv6Tj/U5pvmdaCxPzgnk3ng67AIOIZwSrkRt0QlN 3Uwzwqgvk8pzY9VccnFhsxNSN+5lTeIHPXEl0GdKsG+VqH714DshzT382rI3OYKU x6gd9jc6W7YIGcu8229w0uuiNXPmDPpAjBEEJuQYMTHqLazO1IaAg9OsdMqI+ReE L/drWBzATGgT9wVDnby0KhUOait/N18wH1O84EVLvvpdQGAtBsdEPymBk/2iPg1q UU56VRan4MK9HtJzln9XGczc313qHcFBpW1DG/+pkAOt/Y2O/cGQZhL415aijuXf 0RSv6z2u+6PJzmT+UW/ncWedjlPxLCrzqEpYhw0MHzzIwdV5cS0k5AATjBXbZmke nIOQAQSL4LZJjhdvdpGjv2WAhDL6UI8Wkjslhsss7hUZyykN17Wtofcc3Z9Bt8k0 /b2Jf6u3hlg3cAXFOmknWrEXPCFby/bG7bMq4UNUi3HGO+C4pRvkuoYTu63PQy7G 4Rz3Xscf2PvJOKCT2Ufq =GuYD -----END PGP SIGNATURE----- --YiEDa0DAkWCtVeE4--