How to block 200K ip addresses?

Aminuddin amin.scg at gmail.com
Sat Aug 25 09:50:26 PDT 2007 

Hi,
How do you block this large range of ip addresses from different subnet?
IPFW only allows 65536 rules while this will probably use up a few hundred
thousands of lines.

I'm also trying to add this into my proxy configuration file, ss5.conf but
it doesn't allow me to add this large number.

IS this the limitation of IPF or FreeBSD? How do I work around this?



-----Original Message-----
From: owner-freebsd-questions at freebsd.org
[mailto:owner-freebsd-questions at freebsd.org] On Behalf Of
freebsd-questions-request at freebsd.org
Sent: Saturday, August 25, 2007 8:00 PM
To: freebsd-questions at freebsd.org
Subject: freebsd-questions Digest, Vol 191, Issue 37

Send freebsd-questions mailing list submissions to
	freebsd-questions at freebsd.org

To subscribe or unsubscribe via the World Wide Web, visit
	http://lists.freebsd.org/mailman/listinfo/freebsd-questions
or, via email, send a message with subject or body 'help' to
	freebsd-questions-request at freebsd.org

You can reach the person managing the list at
	freebsd-questions-owner at freebsd.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of freebsd-questions digest..."


Today's Topics:

   1. Re: FreeBSD and ImageMagick crashes OS? (Kris Kennaway)
   2. RE: spammers harvesting emaill address from this list
      (Ted Mittelstaedt)
   3. Re: READ_DMA Error (Bahman M.)
   4. Re: best way to keep track of new developments (Michel Talon)
   5. Re: spammers harvesting emaill address from this list
      (Andrew Gould)
   6. Re: /var or /usr for data? (rloefgren at forethought.net)
   7. Mouse suddenly gets detached and reattached (Bahman M.)


----------------------------------------------------------------------

Message: 1
Date: Sat, 25 Aug 2007 05:56:59 +0000
From: Kris Kennaway <kris at FreeBSD.org>
Subject: Re: FreeBSD and ImageMagick crashes OS?
To: Norberto Meijome <freebsd at meijome.net>
Cc: User Questions <freebsd-questions at freebsd.org>,	Roger Olofsson
	<raggen at passagen.se>
Message-ID: <20070825055659.GA42274 at hub.freebsd.org>
Content-Type: text/plain; charset=us-ascii

On Fri, Aug 24, 2007 at 08:26:50PM +1000, Norberto Meijome wrote:
> On Fri, 24 Aug 2007 11:29:59 +0200
> Roger Olofsson <raggen at passagen.se> wrote:
> 
> > Turns out ImageMagick was called through php to resize the .JPG and most

> > likely, the server runs out of memory/disk space. /var/tmp fills up and 
> > console spews as follows:
> > 
> > Aug 22 19:29:49 rutilus kernel: vnode_pager_putpages: I/O error 28
> > Aug 22 19:29:49 rutilus kernel: vnode_pager_putpages: residual I/O 32768

> > at 62620
> > Aug 22 19:29:49 rutilus kernel: pid 29 (syncer), uid 0 inumber 49382 on 
> > /var: filesystem full
> 
> :) having been bitten by that in several unix-like OS (pick any Linux
distro, and freebsd too), i just remove /var/tmp and make a smylink to /tmp
, which is big enough for my foreseeable needs. I like to keep my /var clean
of tmp rubbish.
> 
> and yes,  configuring PHP and it's libraries helps too :)

That's not an answer obviously.  Error 28 is

#define ENOSPC          28              /* No space left on device */

This seems like a bug to me: when a filesystem fills you shouldn't be
getting this behaviour.  Can you please follow the directions in the
developers handbook chapter on kernel debugging, and when you trigger
a hang, break to DDB from the console and force a dump, then file a PR
and make the core file available to the developers.  Unfortunately
unless a developer can replicate the behaviour, providing access to a
core is the only real debugging option.

Thanks,
Kris




------------------------------

Message: 2
Date: Sat, 25 Aug 2007 00:34:30 -0700
From: "Ted Mittelstaedt" <tedm at toybox.placo.com>
Subject: RE: spammers harvesting emaill address from this list
To: "Erik Trulsson" <ertr1013 at student.uu.se>, "fbsd2"
	<fbsd2 at a1poweruser.com>
Cc: "freebsd-questions at FreeBSD. ORG" <freebsd-questions at freebsd.org>
Message-ID: <BMEDLGAENEKCJFGODFOCCEEICAAA.tedm at toybox.placo.com>
Content-Type: text/plain;	charset="US-ASCII"



> -----Original Message-----
> From: owner-freebsd-questions at freebsd.org
> [mailto:owner-freebsd-questions at freebsd.org]On Behalf Of Erik Trulsson
> Sent: Thursday, August 23, 2007 6:52 AM
> To: fbsd2
> Cc: freebsd-questions at FreeBSD. ORG
> Subject: Re: spammers harvesting emaill address from this list
> 
> 
> For this list (freebsd-questions@) in particular it is intentionally and
> explicitly the case that one does not need to be subscribed to post here.
> This is because it is the main support forum for FreeBSD, and much
> documentation exists directing people to ask their questions here.
> 
> The list admins do have their priorities straight - they just 
> have different
> priorities than you do.
> 

Probably the list admins figure that anyone who posts here is an
advanced user type who understands how to setup spam filters that
work.

Ted


------------------------------

Message: 3
Date: Sat, 25 Aug 2007 11:52:30 +0330
From: "Bahman M." <b.movaqar at gmail.com>
Subject: Re: READ_DMA Error
To: "Tamouh H." <hakmi at rogers.com>
Cc: freebsd-questions at freebsd.org
Message-ID:
	<6d62f69a0708250122l1bf53d84p73d64f17837a535 at mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1

> > During FreeBSD 6.2 installation, the process failed because
> > of errors like the one below:
> > READ_DMA UDMA .... ICRC error LBA=37505132
> >
> > I managed to install by setting hw.ata.ata_dma=0 at boot time
> > but the same errors occur after installation and at boot time
> > so I had to put hw.ata.ata_dma=0 in loader.conf and now the
> > system is working.
> >
> > I checked my hard disk which a 80GB Western Digital+
> > thoroughly and there were no errors reported (using fsck in
> > single user mode). Also I used to install Fedora Linux on
> > this disk without any problems.
> >
> > It looks that disabling DMA caused my disk to work with lower
> > performance. Am I right? If yes, are there any solutions to
> > eliminate those READ_DMA errors while DMA is enabled?
> >
> > PS:
> > Motherboard: ASUS A7V8X-X
> > CPU: Athlon XP 2500 at 1833MHz
> > $ uname -ai
> > FreeBSD attila 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Fri Jan 12 10:40:27
> > UTC 2007     root at dessler.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC
> >  i386 GENERIC
>
> Typically, I've seen the READ_DMA error when a hard drive is going bad or
> something wrong with the hardware (power supply is failing). But it could
be
> as you've described.
I tested with another hard disk, the one on which I'd installed
FreeBSD in the past. I put it on another IDE channel but the same
things happened. Now I wonder if it's my IDE controller which has
problems.

Some information about the hardware:
# dmesg | grep -E "^ac?d[[:digit:]]"
ad0: 76319MB <WDC WD800BB-00CJA1 17.07W17> at ata0-master PIO4
ad1: 19540MB <Maxtor 32049H2 YAC614Y0> at ata0-slave PIO4
acd0: DVDR <DVD RW DRU-820A/1.0b> at ata1-master UDMA66
acd1: DVDROM <DVD-ROM DDU1632/VER BS23> at ata1-slave UDMA33

# sysctl -a | grep ata_dma
hw.ata.ata_dma: 0

# sysctl -a | grep atapi
hw.ata.atapi_dma: 1

Bahman


------------------------------

Message: 4
Date: Sat, 25 Aug 2007 10:41:42 +0200
From: Michel Talon <talon at lpthe.jussieu.fr>
Subject: Re: best way to keep track of new developments
To: freebsd-questions at freebsd.org
Message-ID: <20070825084142.GA5233 at lpthe.jussieu.fr>
Content-Type: text/plain; charset=us-ascii

> intel 3945 wireless
> ati x1300 graphics

I have the intel 3945 on my Sony laptop. Works for me with
Damien Bergamini driver 20070121-wpi-freebsd.tar.gz and
FreeBSD-6.2-RELEASE. There are a lot of error messages but it works
nonetheless. However i suspect that it produces memory corruption in
conjunction with the display card, which freezes from time to time
when the 3945 is activated and i am running X. I have never seen a crash
when the 3945 is shut down or i am running on console. The most recent
driver by B. Close is
20070715-wpi-freebsd-7.0-current.tgz
but it works only with FreeBSD-7 so i cannot test it. I have tested
other B. Close drivers, none worked.

As for the video, an Intel card is highly recommended, it works very
well on laptops and is sufficiently powerful to run things like compiz.
There are very good available video modes on console, contrary to many
other models. 

-- 

Michel TALON



------------------------------

Message: 5
Date: Sat, 25 Aug 2007 06:10:06 -0500
From: "Andrew Gould" <andrewlylegould at gmail.com>
Subject: Re: spammers harvesting emaill address from this list
To: "Ted Mittelstaedt" <tedm at toybox.placo.com>
Cc: "freebsd-questions at FreeBSD. ORG" <freebsd-questions at freebsd.org>
Message-ID:
	<d356c5630708250410l38fd104t61a00a1331a029c5 at mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1

On 8/25/07, Ted Mittelstaedt <tedm at toybox.placo.com> wrote:
>
>
> Probably the list admins figure that anyone who posts here is an
> advanced user type who understands how to setup spam filters that
> work.
>
> Ted
> _______________________________________________
>


Or doesn't; but wants to.

I tell people that if they "just want a Windows replacement", they should
stick with Windows or use a Mac because they want better service from the
computer without any growth in skills or responsibilities on their part.

A core strength of the *nix operating systems and communities is the
administrator/users' desire for control and acceptance of responsibilities
that come with that control.  System administration is not a spectator
sport.

Andrew


------------------------------

Message: 6
Date: Fri, 24 Aug 2007 20:20:16 -0600 (MDT)
From: rloefgren at forethought.net
Subject: Re: /var or /usr for data?
To: Wojciech Puchar <wojtek at wojtek.tensor.gdynia.pl>
Cc: Brad Waite <freebsd at wcubed.net>, freebsd-questions at freebsd.org
Message-ID: <20070824192101.Y36415 at auden.jmla.com>
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed

On Fri, 24 Aug 2007, Wojciech Puchar wrote:

>> It would appear that the "proper" allocation of filesystems on FreeBSD is
>> to put all data in /usr.  I'm used to this and have been doing it for
>> years.
>
> my favourite "proper" allocation is to make ONE partition (/) and nothing 
> more. and forget all problems about how to partition your drive right...
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"
>

I've made a quick look-see through my copies of "The Complete FreeBSD" and
"Absolute BSD" and can't find the reference, but I recall reading
somewhere in my 4.x days that FreeBSD used a different algorithm to write
to the /var directory, if it was on its own filesystem, because /var was
written to a lot (holding logs and all.) Because of this, and all the way
up to 6.2 today, I put /var on its own filesystem, after / and swap.
Where the old AIX wonks used to call the "outer middle" of the disk. Was
this different algorithm really the case? And, now with UFS2, is it still
the case? I still put pgsql/data on /var.

r


------------------------------

Message: 7
Date: Sat, 25 Aug 2007 15:05:16 +0330
From: "Bahman M." <b.movaqar at gmail.com>
Subject: Mouse suddenly gets detached and reattached
To: freebsd-questions at freebsd.org
Message-ID:
	<6d62f69a0708250435x3e1e56f0ne869556e373f23a5 at mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1

Hi all,

I just installed X (xorg 7.2) and am using FluxBox. It's working well
and there are no problems. However, the mouse gets suddenly detached
and immediately reattached. I can't say exactly how often this
happens, roughly about 6~7 times a day.

# dmesg | tail -n 4
ums0: at uhub0 port 1 (addr 2) disconnected
ums0: detached
ums0: vendor 0x05e3 USB Mouse, rev 1.10/1.00, addr 2, iclass 3/1
ums0: 5 buttons and Z dir.

# sudo sysctl -a | grep ums
dev.ums.0.%desc: vendor 0x05e3 USB Mouse, rev 1.10/1.00, addr 2, iclass 3/1
dev.ums.0.%driver: ums
dev.ums.0.%location: port=0 interface=0
dev.ums.0.%pnpinfo: vendor=0x05e3 product=0x1205 devclass=0x00
devsubclass=0x00 release=0x0100 sernum="" intclass=0x03
intsubclass=0x01
dev.ums.0.%parent: uhub0

# uname -ai
FreeBSD attila 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Fri Jan 12 10:40:27
UTC 2007     root at dessler.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC
 i386 GENERIC

Is it sign of a problem? In fact I don't care about the hardware as it
can be easily replaced, I'm afraid that there's something wrong with
software.

Thanks in advance for your help.

Bahman


------------------------------

_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"

End of freebsd-questions Digest, Vol 191, Issue 37
**************************************************

More information about the freebsd-questions mailing list