similar to: Strange startup messages

Hi, I got this error when i tried to type for some of those. "sysctl: unknown oid...." any idea.. my server seems to be very lagged, where else the network connection seems fine, i think BSD itself as my other redhat box is fine. What else can i do to get optimum protection. Thanks. ----- Original Message ----- From: "Per Engelbrecht" <per@xterm.dk> To:

Hey Guys, today I upgraded to 4.8-RELEASE-p15. As usual I set IPFIREWALL to default accept in my kernel config file. Config & make weren't complaining so, installed the kernel, reboot and there it was: >IP packet filtering initialized, divert disabled, rule-based forwarding enabled, default to deny, logging disabled Another rebuild didn't work out so... I reviewed

550.ipfwlimit check in /etc/periodic/security takes into account only global/default verbosity limit and does not account for a specific logging limit set for a particular rule e.g.: $ ipfw -a l | fgrep log 65000 *521* 41764 deny log logamount *1000* ip from any to any $ sysctl -n net.inet.ip.fw.verbose_limit *100* >From security run output: ipfw log limit reached: 65000 519

root@vigilante /root cuaa1# man init |tail -n 130 |head -n 5 3 Network secure mode - same as highly secure mode, plus IP packet filter rules (see ipfw(8) and ipfirewall(4)) cannot be changed and dummynet(4) configuration cannot be adjusted. root@vigilante /root cuaa1# sysctl -a |grep secure kern.securelevel: 3 root@vigilante /root cuaa1# ipfw show 00100 0 0 allow

I have an Asus A8V-MX motherboard with an AMD Athlong 64 X2 3800+ CPU and I'm trying to run powerd to keep it cooler/quieter/greener. I'm running -STABLE (6.1-RC) cvsup'ed a couple of days ago, with a kernel config that consists of the SMP sample plus an atapicam device. I'm loading the cpufreq.ko module in /boot/loader.conf. I've attached my dmesg output and sysctl -a

Hello! I am using since yesterday ESFQ instead of N HTB queues. It mostly works OK, but when somebody is using one single sesion (for example downloading file via FTP), it gets weird speed. For example it is 20 kilobytes pres second, then drops down to 9, then 20 again, and then slowly to 0 and stops. But when using download accelererator of some kind or bittorrent client which uses many

Hi all! After installing 5.3 I've noticed some change in firewall logging. Prior (on 5.2) rules gave me what I needed: trimed to 3 of the same connection. Every new connection on the same rule gave new log line up to 3. I have in kernel: FIREWALL FIREWALL_VERBOSE FIREWALL_VERBOSE_LIMIT=3 Now, all connections on the same rule are trimed to 3. Is it possib- le on 5.3 to have all

Almost forgot - diff need ot be appied only on FreeBSD 5 version of 550.ipfwlimit, but resulting file can be used on both 4 and 5 releases. On Wed, Feb 23, 2005 at 03:59:51PM +0100, Alexander Leidinger wrote: Better version then previos, it will not break order of rules. awk version, it will work on all 4 and 5 releases, at least those, where IPFW enabled ;-) Also i removed check for

Hi I'm having a problem with ipfw, I think. For some reason it denies packets randomly for example: PING 196.14.239.2 (196.14.239.2): 56 data bytes ping: sendto: Permission denied ping: sendto: Permission denied 64 bytes from 196.14.239.2: icmp_seq=2 ttl=63 time=0.258 ms 64 bytes from 196.14.239.2: icmp_seq=3 ttl=63 time=0.233 ms 64 bytes from 196.14.239.2: icmp_seq=4 ttl=63

Hi, Is there a security problem with ssh that I've missed??? Ik keep getting these hords of: Failed password for root from 69.242.5.195 port 39239 ssh2 with all kinds of different source addresses. They have a shot or 15 and then they are of again, but a little later on they're back and keep clogging my logs. Is there a "easy" way of getting these ip-numbers added to

I am trying to limit outgoing SMTP traffic to about 14 Mbps and these are the IPFW rules I am using. ${fwcmd} add pipe 1 tcp from 192.168.0.0/24 to any 25 out via dc0 ${fwcmd} pipe 1 config bw 14Mbit/s I've tried multiple tweaks to the pipe rule and I seem to be missing something. I only get about half the bandwidth I specify. Is this normal behavior? Is there something wrong

Trying to redirect to -user... On Tue, 7 Jul 2009, Bryant Zimmerman wrote: > Hey guys I posted this earlier and did not get any responses. You posted what appear[s|ed] to be a user question to the dev list. I did reply (on June 3), but I may have mis-understood. > I am working on some AGI development that requires control of audio file > playback. The control stream file is working

I've setup a lab to test the new tunneling options in the latest openssh. Things work well... for a while... then the tunnel goes unidirectional. openssh-SNAP-20060122.tar.gz lab1 config: # uname -a FreeBSD lab1 6.0-RELEASE FreeBSD 6.0-RELEASE #0: Fri Jan 13 13:01:17 EST 2006 root@:/usr/src/sys/i386/compile/SMP i386 # cat /etc/sysctl.conf | egrep -v '(^#|^$)'

[ -netters, please Cc me or security@ with replies. ] I'm running into trouble integrating dynamic racoon-based IPSec into a network with ipfw and natd. I need to be able to allow VPN access from any address from authenticated clients. I've got the dynamic VPN working, with racoon negotiating SAs and installing SPs, but the problem is that I can't tell whether an incoming packet on