From eweri at cunde.de Mon Jul 2 00:58:04 2007 From: eweri at cunde.de (Christoph Ewering) Date: Mon Jul 2 01:20:14 2007 Subject: off topic: Looking for X-ray solution for MacOS X Message-ID: <71874EBA-AFDC-4CB9-AEA3-518C82BB2A8E@cunde.de> Hello list! I know this is off topic for this list, but I do not know where to ask. I am looking for a x-ray solution for dentists for germany running on Mac OS X. My firm supports some dentists that like Mac and MacOS X very much but here in germany 99,99% solutions for dentists are Windows based. We have good experiences with a management solution for dentist running on Windows and Mac OS X (the ancestor of this solutions was based on NextStep/OpenStep) but we know only one x-ray solution for Mac OS X that is really bad. Because of this situation more and more dentists use Macs running Windows - and I get skin excursion when I administer Windows ;-). So we are very keen to get another x-ray solutions running on Mac OS X that could be used in germany. So if you could point me to a solution I would be very happy. Thanks for the help, bye Christoph -- Dipl. Ing. Christoph Ewering C & E Mediensysteme GmbH Systemhaus f?r die Medienbranche Mersinweg 26 Tel.: 05251 - 180 96 15 33100 Paderborn Fax.: 05251 - 180 96 16 eweri@cunde.de Mob.: 0173- 566 266 1 http://www.cunde.de Gesch?ftsf?hrung: Matthias Clemens, Dipl.-Ing. Christoph Ewering Sitz der Gesellschaft: Paderborn Amtsgericht Paderborn, HRB 4325 From jerry.levan at eku.edu Mon Jul 2 09:35:54 2007 From: jerry.levan at eku.edu (Jerry LeVan) Date: Mon Jul 2 09:36:09 2007 Subject: Trouble sending mail from cron on intel box Message-ID: <33FFD037-93F8-4335-B1B7-B6E8C3D4BAF6@eku.edu> I am have trouble sending mail from cron on my new intel macbook pro... I am trying to send mail to moi when the cron job runs. I get the mail but the contents are empty. Of course running from the command line works ;( Here is the contents of daily.local: [mbp:/var/log]$ cat /etc/daily.local #!/bin/sh /usr/bin/mail -s "Daily Cron Job" jerry < I'm having trouble with the boot drive on a MacBook Pro, and want to know if it's hosed or theres something more I can do with it. It's got Boot Camp on it and used to boot fine into Windows XP or OSX 10.4.10. Now it will only boot into XP, not OSX. When I try, the machine hangs on the light gray Apple screen with the little round tikmark thingy circling forever. So I get into single user mode and run fsck: localhost:/ root# /sbin/fsck -fy ** /dev/rdisk0s2 ** Root file system ** Checking HFS Plus volume. ** Checking Extents Overflow file. ** Checking Catalog file. Incorrect number of thread records (4, 220) ** Checking multi-linked files. ** Checking Catalog hierarchy. Invalid volume directory count (It should be 109046 instead of 109045) Invalid volume file count (It should be 487750 instead of 487736) ** Checking Extended Attributes file. ** Checking volume bitmap. ** Checking volume information. ** Repairing volume. ** Rechecking volume. This repeats three times, then it says: ** The volume Macintosh HD could not be repaired after 3 attempts. ***** FILE SYSTEM WAS MODIFIED ***** localhost:/ root # Jul 2 10:46:13 launchd: Bug: launchd.c:492:30: chown(ourdir, getuid(), getuid()) != -1 Jul 2 10:46:13 launchd: Bug: launchd.c:492:30: chown(ourdir, getuid (), getuid()) != -1 Okay so I boot off the OSX installation disk and run Disk Utility to reformat the drive. The utility spits out a gazillion "Invalid node structure" messages then a billion "Invalid directory item count" messages and then quit's with: Invalid directory item count Invalid volume directory count Invalid volume file count The volume Macintosh HD could not be repaired after 3 attempts. Is this thing savable? Is all the data lost? If the drive is physically hosed why does it boot into XP and run (seemingly) okay? Can I acces the OSX stuff from XP? Russ From lists at colorremedies.com Mon Jul 2 20:10:54 2007 From: lists at colorremedies.com (Chris Murphy) Date: Mon Jul 2 20:11:00 2007 Subject: Boot drive problems In-Reply-To: References: Message-ID: <324E5A0E-4DB5-43C0-8743-FB4D00597123@colorremedies.com> I'm a firm believer in DiskWarrior, by the guy who created HSF. I'd give that a shot. It should at least be able to mount a read only image of the volume so you can pull data off of it. If that doesn't work, try Data Rescue II It's possible there's a media defect where a crucial portion of the directory is located and thus can't be repaired. If you repartition and then erase with zeros, in theory the drive should find bad blocks and remove them from use. I want ZFS so bad I can taste it. Chris Murphy Color Remedies (TM) New York, NY ---------------------------------------------------------------------- Co-author "Real World Color Management, 2nd Ed" From jwelch at bynkii.com Mon Jul 2 20:26:43 2007 From: jwelch at bynkii.com (John Welch) Date: Mon Jul 2 20:26:59 2007 Subject: Boot drive problems In-Reply-To: <324E5A0E-4DB5-43C0-8743-FB4D00597123@colorremedies.com> Message-ID: On 7/2/07 22:10 PM, "Chris Murphy" wrote: > I'm a firm believer in DiskWarrior, by the guy who created HSF It's HFS, and Al didn't create it. Patrick Dirks and Bill Bruffey did. -- John C. Welch Writer/Analyst Bynkii.com Mac and other opinions jwelch@bynkii.com From lists at colorremedies.com Mon Jul 2 21:22:44 2007 From: lists at colorremedies.com (Chris Murphy) Date: Mon Jul 2 21:22:50 2007 Subject: Boot drive problems In-Reply-To: References: Message-ID: <7019B8A2-3BE2-40E6-B156-97229A685977@colorremedies.com> On Jul 2, 2007, at 11:26 PM, John Welch wrote: > On 7/2/07 22:10 PM, "Chris Murphy" wrote: > >> I'm a firm believer in DiskWarrior, by the guy who created HSF > > It's HFS, and Al didn't create it. Patrick Dirks and Bill Bruffey did. Obviously it was a typo. I guess he must've created HFS+ then. But whatever, I haven't found anything to repair a directory it can't. The ability to mount a read-only volume that uses the rebuilt directory before it's written to disk is still pretty cool. Chris Murphy Color Remedies (TM) New York, NY ---------------------------------------------------------------------- Co-author "Real World Color Management, 2nd Ed" From newslists at autonomy.caltech.edu Mon Jul 2 22:09:06 2007 From: newslists at autonomy.caltech.edu (R.L. Grigg) Date: Mon Jul 2 22:09:11 2007 Subject: Boot drive problems In-Reply-To: <324E5A0E-4DB5-43C0-8743-FB4D00597123@colorremedies.com> References: <324E5A0E-4DB5-43C0-8743-FB4D00597123@colorremedies.com> Message-ID: <786A6B73-4819-4D59-A902-D02F9BC4AF1D@autonomy.caltech.edu> On Jul 2, 2007, at 8:10 PM, Chris Murphy wrote: > I'm a firm believer in DiskWarrior, by the guy who created HSF. I'd > give that a shot. It should at least be able to mount a read only > image of the volume so you can pull data off of it. If that doesn't > work, try Data Rescue II > > It's possible there's a media defect where a crucial portion of the > directory is located and thus can't be repaired. If you repartition > and then erase with zeros, in theory the drive should find bad > blocks and remove them from use. > I forgot we had the Intel version of DiskWarrior! I ran it twice. The first time it found lots of stuff but still wouldn't boot, so I ran it again and it found nothing and still doesn't boot OSX, just XP. I guess it must be some bad physical problem with the drive. Ill look into Data Rescue II. Russ From lists at colorremedies.com Mon Jul 2 22:15:45 2007 From: lists at colorremedies.com (Chris Murphy) Date: Mon Jul 2 22:15:51 2007 Subject: Boot drive problems In-Reply-To: <786A6B73-4819-4D59-A902-D02F9BC4AF1D@autonomy.caltech.edu> References: <324E5A0E-4DB5-43C0-8743-FB4D00597123@colorremedies.com> <786A6B73-4819-4D59-A902-D02F9BC4AF1D@autonomy.caltech.edu> Message-ID: On Jul 3, 2007, at 1:09 AM, R.L. Grigg wrote: > > On Jul 2, 2007, at 8:10 PM, Chris Murphy wrote: > >> I'm a firm believer in DiskWarrior, by the guy who created HSF. >> I'd give that a shot. It should at least be able to mount a read >> only image of the volume so you can pull data off of it. If that >> doesn't work, try Data Rescue II >> >> It's possible there's a media defect where a crucial portion of >> the directory is located and thus can't be repaired. If you >> repartition and then erase with zeros, in theory the drive should >> find bad blocks and remove them from use. >> > > I forgot we had the Intel version of DiskWarrior! I ran it twice. > The first time it found lots of stuff but still wouldn't boot, so I > ran it again and it found nothing and still doesn't boot OSX, just > XP. I guess it must be some bad physical problem with the drive. > Ill look into Data Rescue II. It should still have the feature available where you can preview the drive. It will mount the drive on the desktop as a read only volume. Then you can extract stuff. If repartition/erasure isn't helping this drive, I wouldn't trust it. Call in the warranty or buy a new drive. Chris Murphy Color Remedies (TM) New York, NY ---------------------------------------------------------------------- Co-author "Real World Color Management, 2nd Ed" From lists at colorremedies.com Mon Jul 2 22:21:15 2007 From: lists at colorremedies.com (Chris Murphy) Date: Mon Jul 2 22:21:21 2007 Subject: Boot drive problems In-Reply-To: <786A6B73-4819-4D59-A902-D02F9BC4AF1D@autonomy.caltech.edu> References: <324E5A0E-4DB5-43C0-8743-FB4D00597123@colorremedies.com> <786A6B73-4819-4D59-A902-D02F9BC4AF1D@autonomy.caltech.edu> Message-ID: <3844DF89-2C8D-422C-9D74-24CC5B43B7B3@colorremedies.com> On Jul 3, 2007, at 1:09 AM, R.L. Grigg wrote: > I forgot we had the Intel version of DiskWarrior! I ran it twice. > The first time it found lots of stuff but still wouldn't boot, so I > ran it again and it found nothing and still doesn't boot OSX, just > XP. I guess it must be some bad physical problem with the drive. > Ill look into Data Rescue II. Actually, it may have fixed the directory problems, but you have a critical system file that's just jacked up, either corrupted or maybe on a bad sector. So it might still be worthwhile repartitioning and starting completely from scratch. But yeah if it gives you a hard time, don't trust it. Chris Murphy Color Remedies (TM) New York, NY ---------------------------------------------------------------------- Co-author "Real World Color Management, 2nd Ed" From arogers at fergflor.k12.mo.us Tue Jul 3 06:06:12 2007 From: arogers at fergflor.k12.mo.us (Andy Rogers) Date: Tue Jul 3 06:22:28 2007 Subject: off topic: Looking for X-ray solution for MacOS X In-Reply-To: <71874EBA-AFDC-4CB9-AEA3-518C82BB2A8E@cunde.de> References: <71874EBA-AFDC-4CB9-AEA3-518C82BB2A8E@cunde.de> Message-ID: Do they have intel based macs? Have you thought about using parrellels, with coherence turned on? Andy Rogers Technology Specialist Ferguson-Florissant School District 314-506-9123 From esaline at pen-tec.com Tue Jul 3 07:31:35 2007 From: esaline at pen-tec.com (Erik Saline) Date: Tue Jul 3 07:31:51 2007 Subject: Boot drive problems In-Reply-To: <3844DF89-2C8D-422C-9D74-24CC5B43B7B3@colorremedies.com> References: <324E5A0E-4DB5-43C0-8743-FB4D00597123@colorremedies.com> <786A6B73-4819-4D59-A902-D02F9BC4AF1D@autonomy.caltech.edu> <3844DF89-2C8D-422C-9D74-24CC5B43B7B3@colorremedies.com> Message-ID: <0515B592-8AA7-4011-85E4-A24683D854D0@pen-tec.com> On Jul 2, 2007, at 10:21 PM, Chris Murphy wrote: > > On Jul 3, 2007, at 1:09 AM, R.L. Grigg wrote: > >> I forgot we had the Intel version of DiskWarrior! I ran it twice. >> The first time it found lots of stuff but still wouldn't boot, so >> I ran it again and it found nothing and still doesn't boot OSX, >> just XP. I guess it must be some bad physical problem with the >> drive. Ill look into Data Rescue II. > > Actually, it may have fixed the directory problems, but you have a > critical system file that's just jacked up, either corrupted or > maybe on a bad sector. So it might still be worthwhile > repartitioning and starting completely from scratch. But yeah if it > gives you a hard time, don't trust it. > If you happen to have a 2nd Mac around you can boot up your Mac Book in Target Disk Mode. Connect your Mac Book to the 2nd Mac using Firewire and boot you Mac Book into Target Disk mode by holding down the T key during boot up. Your Mac book will show up as 2nd HD on the 2nd Mac. I have been luck sometime where I cannot boot the computer, but Target Disk mode will let me copy off of the bad drive. Erik > > Chris Murphy > Color Remedies (TM) > New York, NY > ---------------------------------------------------------------------- > Co-author "Real World Color Management, 2nd Ed" > > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin > From newslists at autonomy.caltech.edu Tue Jul 3 10:50:54 2007 From: newslists at autonomy.caltech.edu (R.L. Grigg) Date: Tue Jul 3 10:51:04 2007 Subject: Boot drive problems In-Reply-To: <0515B592-8AA7-4011-85E4-A24683D854D0@pen-tec.com> References: <324E5A0E-4DB5-43C0-8743-FB4D00597123@colorremedies.com> <786A6B73-4819-4D59-A902-D02F9BC4AF1D@autonomy.caltech.edu> <3844DF89-2C8D-422C-9D74-24CC5B43B7B3@colorremedies.com> <0515B592-8AA7-4011-85E4-A24683D854D0@pen-tec.com> Message-ID: <0DDFA15F-299C-4E26-9CFE-56970B06E27B@autonomy.caltech.edu> On Jul 3, 2007, at 7:31 AM, Erik Saline wrote: > > On Jul 2, 2007, at 10:21 PM, Chris Murphy wrote: >> >> On Jul 3, 2007, at 1:09 AM, R.L. Grigg wrote: >> >>> I forgot we had the Intel version of DiskWarrior! I ran it twice. >>> The first time it found lots of stuff but still wouldn't boot, so >>> I ran it again and it found nothing and still doesn't boot OSX, >>> just XP. I guess it must be some bad physical problem with the >>> drive. Ill look into Data Rescue II. >> >> Actually, it may have fixed the directory problems, but you have a >> critical system file that's just jacked up, either corrupted or >> maybe on a bad sector. So it might still be worthwhile >> repartitioning and starting completely from scratch. But yeah if >> it gives you a hard time, don't trust it. >> When I boot into Disk Utility to repartition the drive it just spins forever on 'modifying partition map'. I still cant tell if its hardware or software at fault. Win XP still boots fine. > If you happen to have a 2nd Mac around you can boot up your Mac > Book in Target Disk Mode. > > Connect your Mac Book to the 2nd Mac using Firewire and boot you > Mac Book into Target Disk mode by holding down the T key during > boot up. Your Mac book will show up as 2nd HD on the 2nd Mac. This procedure works except for the part about the drive showing up on the other Mac. The MacBook goes into TDM just fine, but no other Mac sees it as a drive when I connect them with a Firewire cable. I went to the Apple store 'genius' bar but was told to go home, they're full today. WTF? The things busted, its under warranty, fix it!! Can't I just drop it off? No you have to make an appointment. But the reservation system's down now so try again tomorrow. Oh but we're closed tomorrow, so try Friday. WTF? Don't I have a RIGHT to have this thing fixed? Doens't the @&$%^! warranty mean anything? Russ From lists at colorremedies.com Tue Jul 3 19:36:40 2007 From: lists at colorremedies.com (Chris Murphy) Date: Tue Jul 3 19:36:52 2007 Subject: G4 XServe hangs when hot swapping drives Message-ID: <0D7E96B5-4793-4B4E-B6F5-D79EEA6ED346@colorremedies.com> Whenever removing these drives (drag icon to trash, wait, push handle, wait for drive to spin down, pull drive), shortly thereafter the machine is unresponsive. It's not possible to even ssh into the machine. This occurs the vast majority of the time, at least 8 in 10 attempts. To prepare them, they're inserted, and initialized using Disk Utility. The drives are Apple drives, in Apple sleds. We've gone through a dozen drives, and have used three different bays and the problem is the same. Clearly the machine doesn't like what we're doing. Is there something else that should be done when hot swapping these drives? Capacity: 465.76 GB Model: Hitachi HDS725050KLAT80 Revision: K2ABA20A Machine Name: Xserve Machine Model: RackMac1,2 CPU Type: PowerPC G4 (3.3) Number Of CPUs: 2 CPU Speed: 1.33 GHz Memory: 512 MB Boot ROM Version: 4.6.5f3 Mac OS X: 10.4.8 Chris Murphy Color Remedies (TM) New York, NY ---------------------------------------------------------------------- Co-author "Real World Color Management, 2nd Ed" From lists at colorremedies.com Tue Jul 3 21:23:27 2007 From: lists at colorremedies.com (Chris Murphy) Date: Tue Jul 3 21:23:47 2007 Subject: Boot drive problems In-Reply-To: <0DDFA15F-299C-4E26-9CFE-56970B06E27B@autonomy.caltech.edu> References: <324E5A0E-4DB5-43C0-8743-FB4D00597123@colorremedies.com> <786A6B73-4819-4D59-A902-D02F9BC4AF1D@autonomy.caltech.edu> <3844DF89-2C8D-422C-9D74-24CC5B43B7B3@colorremedies.com> <0515B592-8AA7-4011-85E4-A24683D854D0@pen-tec.com> <0DDFA15F-299C-4E26-9CFE-56970B06E27B@autonomy.caltech.edu> Message-ID: <7D6BA543-3881-419E-A114-59E9548A8C9A@colorremedies.com> On Jul 3, 2007, at 1:50 PM, R.L. Grigg wrote: > > When I boot into Disk Utility to repartition the drive it just > spins forever on 'modifying partition map'. I still cant tell if > its hardware or software at fault. Win XP still boots fine. Hmm. Well, repartitioning, if successful, would effectively wipe the drive. So use Data Rescue to try and get stuff off the drive. Since it's under warranty, at this point I'd just get the drive replaced. That failing is just screwy enough to not make it worthwhile to try anything else, in order to compel the thing to work. I just wouldn't really trust it. Chris Murphy Color Remedies (TM) New York, NY ---------------------------------------------------------------------- Co-author "Real World Color Management, 2nd Ed" From g.lee at ed.ac.uk Wed Jul 4 08:04:38 2007 From: g.lee at ed.ac.uk (Geoff Lee) Date: Wed Jul 4 08:05:47 2007 Subject: G4 XServe hangs when hot swapping drives In-Reply-To: <0D7E96B5-4793-4B4E-B6F5-D79EEA6ED346@colorremedies.com> References: <0D7E96B5-4793-4B4E-B6F5-D79EEA6ED346@colorremedies.com> Message-ID: <468BB706.6060702@ed.ac.uk> Chris Murphy wrote: > Whenever removing these drives (drag icon to trash, wait, push handle, > wait for drive to spin down, pull drive), shortly thereafter the machine > is unresponsive. It's not possible to even ssh into the machine. This > occurs the vast majority of the time, at least 8 in 10 attempts. What's in the system log? Does df report that the drives have really been unmounted? What happens if you use "diskutil unmountdisk" instead of dragging it to the trash? Cheers, -geoff > > To prepare them, they're inserted, and initialized using Disk Utility. > The drives are Apple drives, in Apple sleds. We've gone through a dozen > drives, and have used three different bays and the problem is the same. > > Clearly the machine doesn't like what we're doing. Is there something > else that should be done when hot swapping these drives? > > Capacity: 465.76 GB > Model: Hitachi HDS725050KLAT80 > Revision: K2ABA20A > > Machine Name: Xserve > Machine Model: RackMac1,2 > CPU Type: PowerPC G4 (3.3) > Number Of CPUs: 2 > CPU Speed: 1.33 GHz > Memory: 512 MB > Boot ROM Version: 4.6.5f3 > Mac OS X: 10.4.8 > > > Chris Murphy > Color Remedies (TM) > New York, NY > ---------------------------------------------------------------------- > Co-author "Real World Color Management, 2nd Ed" > > > _______________________________________________ > MacOSX-admin mailing list > MacOSX-admin@omnigroup.com > http://www.omnigroup.com/mailman/listinfo/macosx-admin > > -- ______________________________________ Geoff Lee Computing Support School of Arts, Culture and Environment University of Edinburgh 20 Chambers St, Edinburgh, Scotland, EH1 1JZ Tel: +44 (0)131 650 2341 ______________________________________ From lists at colorremedies.com Wed Jul 4 14:21:00 2007 From: lists at colorremedies.com (Chris Murphy) Date: Wed Jul 4 14:21:29 2007 Subject: G4 XServe hangs when hot swapping drives In-Reply-To: <468BB706.6060702@ed.ac.uk> References: <0D7E96B5-4793-4B4E-B6F5-D79EEA6ED346@colorremedies.com> <468BB706.6060702@ed.ac.uk> Message-ID: <24B5E462-9CB4-4944-853B-8F5D5074268A@colorremedies.com> On Jul 4, 2007, at 11:04 AM, Geoff Lee wrote: > What's in the system log? Nothing, last entries depend on other things (if any) that were going on prior to the unmounting. > Does df report that the drives have really been unmounted? Machine has completely hanged. Can't ssh into it to run df or any other tools. > What happens if you use "diskutil unmountdisk" instead of dragging > it to the trash? Don't know, I'll have to try that. Do you know what Disk Utility's unmount command does? We've tried that also and it still hangs the machine. Chris Murphy Color Remedies (TM) New York, NY ---------------------------------------------------------------------- Co-author "Real World Color Management, 2nd Ed" From g.lee at ed.ac.uk Wed Jul 4 15:17:30 2007 From: g.lee at ed.ac.uk (Geoff Lee) Date: Wed Jul 4 15:17:42 2007 Subject: G4 XServe hangs when hot swapping drives In-Reply-To: <24B5E462-9CB4-4944-853B-8F5D5074268A@colorremedies.com> References: <0D7E96B5-4793-4B4E-B6F5-D79EEA6ED346@colorremedies.com> <468BB706.6060702@ed.ac.uk> <24B5E462-9CB4-4944-853B-8F5D5074268A@colorremedies.com> Message-ID: <3106B6C5-64E2-45A5-B351-921DE6CB6E8A@ed.ac.uk> On 4 Jul 2007, at 22:21, Chris Murphy wrote: > > On Jul 4, 2007, at 11:04 AM, Geoff Lee wrote: > >> What's in the system log? > > Nothing, last entries depend on other things (if any) that were > going on prior to the unmounting. > >> Does df report that the drives have really been unmounted? > > Machine has completely hanged. Can't ssh into it to run df or any > other tools. Sorry, I meant after you've put it in the trash but before you've physically removed it. > >> What happens if you use "diskutil unmountdisk" instead of dragging >> it to the trash? > > Don't know, I'll have to try that. Do you know what Disk Utility's > unmount command does? We've tried that also and it still hangs the > machine. Hmm.. that should be exactly the same as the diskutil comandline as far as I'm aware. -geoff From lists at colorremedies.com Wed Jul 4 15:42:19 2007 From: lists at colorremedies.com (Chris Murphy) Date: Wed Jul 4 15:42:25 2007 Subject: G4 XServe hangs when hot swapping drives In-Reply-To: <3106B6C5-64E2-45A5-B351-921DE6CB6E8A@ed.ac.uk> References: <0D7E96B5-4793-4B4E-B6F5-D79EEA6ED346@colorremedies.com> <468BB706.6060702@ed.ac.uk> <24B5E462-9CB4-4944-853B-8F5D5074268A@colorremedies.com> <3106B6C5-64E2-45A5-B351-921DE6CB6E8A@ed.ac.uk> Message-ID: On Jul 4, 2007, at 6:17 PM, Geoff Lee wrote: >> Machine has completely hanged. Can't ssh into it to run df or any >> other tools. > > Sorry, I meant after you've put it in the trash but before you've > physically removed it. I'm not sure. I'll have to try it and collect more info. But that will take a while since I'm remote and there isn't anyone available in the short term with physical access to the machine. In the meantime, speculating: If it's still mounted, why might it not be unmounting? If it's not mounted? Chris Murphy Color Remedies (TM) New York, NY ---------------------------------------------------------------------- Co-author "Real World Color Management, 2nd Ed" From bsilver at chrononomicon.com Thu Jul 5 06:29:15 2007 From: bsilver at chrononomicon.com (Bart Silverstrim) Date: Thu Jul 5 06:29:26 2007 Subject: Question about bootup Message-ID: <468CF22B.2070403@chrononomicon.com> I have a relative with an older Mac (running MacOS, not OSX) and when they try to boot up the system it "locks" with a dialog box that is blank. If they reboot and hold "apple-shift-control", the system boots up and gives some errors about open transport not starting and some quicktime server extensions not working because open transport isn't loaded up. What exactly does that key combination do? At first I thought they were disabling extensions, but the startup icons for extensions appear one by one despite those keys being held down. Any help here? Googling for keyboard shortcuts now keeps giving me references to OS X and I don't see the key combination in the lists that I wrote above. From saigon at ufl.edu Thu Jul 5 07:16:37 2007 From: saigon at ufl.edu (Trang Le) Date: Thu Jul 5 07:16:57 2007 Subject: Intel Mac and Windows Message-ID: <71EB15AB-5AF5-4B66-98CD-B8A02035F96A@ufl.edu> I plan to have my Intel macs deployed with OS X and Windows system in January 2008. I plan to use Boot Camp to install Vista Windows. If you do the dual boot (OS X and Windows), what application do you use for maintenance? and how to deploy them? I use Radmind application to do the nightly maintenance and Netboot with NetRestore for rebuilding the macs for over three years. Any suggestions would be appreciated. Thanks, Trang Le Academic Technology University of Florida From mah at jump-ing.de Thu Jul 5 08:55:48 2007 From: mah at jump-ing.de (Markus Hitter) Date: Thu Jul 5 09:02:41 2007 Subject: Question about bootup In-Reply-To: <468CF22B.2070403@chrononomicon.com> References: <468CF22B.2070403@chrononomicon.com> Message-ID: Am 05.07.2007 um 15:29 schrieb Bart Silverstrim: > I have a relative with an older Mac (running MacOS, not OSX) and > when they try to boot up the system it "locks" with a dialog box > that is blank. The usual fixing sequence is to remove all extensions, then add them one by one (or in small groups), until the odd behaviour shows up again. Extensions Manager is helpful here, hold down space to get there early in the boot sequence. > If they reboot and hold "apple-shift-control", [...] What exactly > does that key combination do? I don't know either, but one of the extensions possibly picks the keys up and changes it's behaviour accordingly. Booting with extensions off would be shift key only. Markus - - - - - - - - - - - - - - - - - - - Dipl. Ing. Markus Hitter http://www.jump-ing.de/ From paul at subsignal.org Fri Jul 6 02:30:44 2007 From: paul at subsignal.org (paul) Date: Fri Jul 6 02:31:11 2007 Subject: setting up routed and automated startup Message-ID: Hi list, I'd like to use RIPv2 on OS X server. It seems like routed(8) is able to do this but I'm unsure how to configure it. Is there a GUI for this, or do I have to edit /etc/gateways and write the startup stuff (plist and script) myself? I did this for openvpn and put the files under /System/StartupItems, "SystemStarter start OpenVPN" works but it's not run on startup, since I expect the same problem with routed I'd greatly appreciate troubleshooting tips here as well. thanks Paul From aburgh at mac.com Fri Jul 6 12:45:10 2007 From: aburgh at mac.com (Aaron Burghardt) Date: Fri Jul 6 12:45:26 2007 Subject: Mac Sys Admin Job Posting References: Message-ID: <8394D27F-485C-434F-BFB9-5FD3253CD81D@mac.com> We are seeking an experienced professional Apple Macintosh system administrator to provide technical support and administration to a large media production center. The equipment/software support includes: network workstations running Mac OS X, Windows OS and UNIX/LINUX, servers running Mac OS X, Windows and UNIX/LINUX, Storage Area Networks (SANs), tape-backup, video encoding/transcoding, Ethernet, scanners, and tablets. The successful candidate will: - interact daily with end-users (~ 60) providing the highest degree of technical, graphical, and video services ensuring that media services personnel can complete customer requests on time or exceed prescribed deadlines. - support Operations & Maintenance changes, including activities to help coordinate changes in the Media Services Network Infrastructure. - work to define, document, and maintain the system and network architectures within the organization. - identify and recommend future technology and architectural advancements to support the organization's architectural strategy, technology migration, integration, and evolution. - administer Apple, Windows, UNIX and LINUX systems supported as part of the media center's infrastructure. - provide as-needed O&M/infrastructure surge support for stand-alone systems outside of the media services center. The position requires US citizenship, and applicants selected will be subject to a security investigation and must meet eligibility requirements for access to classified information. I am sending this on behalf of another team, so I can only offer to forward inquiries and resumes, but please contact me if you are interested. ----- Aaron Burghardt Booz Allen Hamilton 13200 Woodland Park Drive Suite 5035 Herndon, VA 20171 703-984-3112 From shoop at iwiring.net Sat Jul 7 13:26:52 2007 From: shoop at iwiring.net (Dan Shoop) Date: Sat Jul 7 13:26:44 2007 Subject: Mac Sys Admin Job Posting In-Reply-To: <8394D27F-485C-434F-BFB9-5FD3253CD81D@mac.com> References: <8394D27F-485C-434F-BFB9-5FD3253CD81D@mac.com> Message-ID: At 3:45 PM -0400 7/6/07, Aaron Burghardt wrote: >Content-Type: multipart/signed; boundary=Apple-Mail-2--714519483; micalg=sha1; > protocol="application/pkcs7-signature" > >We are seeking an experienced professional Apple Macintosh system >administrator to provide technical support and administration to a large >media production center. The equipment/software support includes: >network workstations running Mac OS X, Windows OS and UNIX/LINUX, >servers running Mac OS X, Windows and UNIX/LINUX, Storage Area Networks >(SANs), tape-backup, video encoding/transcoding, Ethernet, scanners, and >tablets. The successful candidate will: > >- interact daily with end-users (~ 60) providing the highest degree of >technical, graphical, and video services ensuring that media services >personnel can complete customer requests on time or exceed prescribed >deadlines. >- support Operations & Maintenance changes, including activities to >help coordinate changes in the Media Services Network Infrastructure. >- work to define, document, and maintain the system and network >architectures within the organization. >- identify and recommend future technology and architectural >advancements to support the organization's architectural strategy, >technology migration, integration, and evolution. >- administer Apple, Windows, UNIX and LINUX systems supported as part >of the media center's infrastructure. >- provide as-needed O&M/infrastructure surge support for stand-alone >systems outside of the media services center. > >The position requires US citizenship, and applicants selected will be >subject to a security investigation and must meet eligibility >requirements for access to classified information. > >I am sending this on behalf of another team, so I can only offer to >forward inquiries and resumes, but please contact me if you are >interested. You might wish to post *where* this position is located ;) -- -dhan ------------------------------------------------------------------------ Dan Shoop AIM: iWiring Systems & Networks Architect http://www.ustsvs.com/ shoop@iwiring.net http://www.iwiring.net/ 1-714-363-1174 From charles.dyer at gmail.com Sat Jul 7 13:33:52 2007 From: charles.dyer at gmail.com (Charles Dyer) Date: Sat Jul 7 13:34:00 2007 Subject: Mac Sys Admin Job Posting In-Reply-To: References: <8394D27F-485C-434F-BFB9-5FD3253CD81D@mac.com> Message-ID: <8316B06B-917B-4127-AA74-BE6F3421FD16@gmail.com> On 07 Jul 2007, at 16:26:52, Dan Shoop wrote: > At 3:45 PM -0400 7/6/07, Aaron Burghardt wrote: >> Content-Type: multipart/signed; boundary=Apple-Mail-2--714519483; >> micalg=sha1; >> protocol="application/pkcs7-signature" >> >> We are seeking an experienced professional Apple Macintosh system >> administrator to provide technical support and administration to a >> large >> media production center. The equipment/software support includes: >> network workstations running Mac OS X, Windows OS and UNIX/LINUX, >> servers running Mac OS X, Windows and UNIX/LINUX, Storage Area >> Networks >> (SANs), tape-backup, video encoding/transcoding, Ethernet, >> scanners, and >> tablets. The successful candidate will: >> >> - interact daily with end-users (~ 60) providing the highest >> degree of >> technical, graphical, and video services ensuring that media services >> personnel can complete customer requests on time or exceed prescribed >> deadlines. >> - support Operations & Maintenance changes, including activities to >> help coordinate changes in the Media Services Network Infrastructure. >> - work to define, document, and maintain the system and network >> architectures within the organization. >> - identify and recommend future technology and architectural >> advancements to support the organization's architectural strategy, >> technology migration, integration, and evolution. >> - administer Apple, Windows, UNIX and LINUX systems supported as >> part >> of the media center's infrastructure. >> - provide as-needed O&M/infrastructure surge support for stand-alone >> systems outside of the media services center. >> >> The position requires US citizenship, and applicants selected will be >> subject to a security investigation and must meet eligibility >> requirements for access to classified information. >> >> I am sending this on behalf of another team, so I can only offer >> to forward inquiries and resumes, but please contact me if you are >> interested. > > You might wish to post *where* this position is located ;) Herndon, VA 20171, seems a good bet. From shoop at iwiring.net Sat Jul 7 13:39:23 2007 From: shoop at iwiring.net (Dan Shoop) Date: Sat Jul 7 13:39:08 2007 Subject: setting up routed and automated startup In-Reply-To: References: Message-ID: At 11:30 AM +0200 7/6/07, paul wrote: >Hi list, > >I'd like to use RIPv2 on OS X server. It seems like routed(8) is >able to do this but I'm unsure how to configure it. There's a man page for routed. Have you read it? If so what questions do you have? > Is there a GUI for this, For routing? Kinda. Ordering changes route priorities in the Network Preferences Pane. But this really isn't what you're implying you're trying to do, which begs the question... > or do I have to edit /etc/gateways and write the startup stuff >(plist and script) myself? The bigger question I'd have is why you feel you need to be implementing something like this at all? Do you have a multi-homed network architecture? How many NI do you have in your Mac OS X Server? >I did this for openvpn and put the files under /System/StartupItems, >"SystemStarter start OpenVPN" works but it's not run on startup, >since I expect the same problem with routed I'd greatly appreciate >troubleshooting tips here as well. You *NEVER* put anything in /System. Ever. As for why it doesn't run on startup, you obviously don't have it properly configured. However you'd want to use launchd, not StartupItems for anything you roll on your own. (Post-Panther) -- -dhan ------------------------------------------------------------------------ Dan Shoop AIM: iWiring Systems & Networks Architect http://www.ustsvs.com/ shoop@iwiring.net http://www.iwiring.net/ 1-714-363-1174 From shoop at iwiring.net Sat Jul 7 13:48:56 2007 From: shoop at iwiring.net (Dan Shoop) Date: Sat Jul 7 13:48:42 2007 Subject: Mac Sys Admin Job Posting In-Reply-To: <8316B06B-917B-4127-AA74-BE6F3421FD16@gmail.com> References: <8394D27F-485C-434F-BFB9-5FD3253CD81D@mac.com> <8316B06B-917B-4127-AA74-BE6F3421FD16@gmail.com> Message-ID: At 4:33 PM -0400 7/7/07, Charles Dyer wrote: >On 07 Jul 2007, at 16:26:52, Dan Shoop wrote: > >>At 3:45 PM -0400 7/6/07, Aaron Burghardt wrote: >>>I am sending this on behalf of another team, so I can only offer >>>to forward inquiries and resumes, but please contact me if you are >>>interested. >> >>You might wish to post *where* this position is located ;) > >Herndon, VA 20171, seems a good bet. It's not clear the position is actually with Booz Allen Hamilton yet alone if it was, and since this is with "another team", where it might be. -- -dhan ------------------------------------------------------------------------ Dan Shoop AIM: iWiring Systems & Networks Architect http://www.ustsvs.com/ shoop@iwiring.net http://www.iwiring.net/ 1-714-363-1174 From paul at subsignal.org Sat Jul 7 14:59:37 2007 From: paul at subsignal.org (paul) Date: Sat Jul 7 15:00:25 2007 Subject: setting up routed and automated startup In-Reply-To: References: Message-ID: Dan Shoop schrieb: > At 11:30 AM +0200 7/6/07, paul wrote: >> Hi list, >> >> I'd like to use RIPv2 on OS X server. It seems like routed(8) is able >> to do this but I'm unsure how to configure it. > > There's a man page for routed. Have you read it? If so what questions do > you have? Sure, I have no questions regarding routed or RIPv2 but rather about it's integration in the "mac experience" ;) > >> Is there a GUI for this, > > For routing? Kinda. Ordering changes route priorities in the Network > Preferences Pane. But this really isn't what you're implying you're > trying to do, which begs the question... Nope. > >> or do I have to edit /etc/gateways and write the startup stuff (plist >> and script) myself? > > The bigger question I'd have is why you feel you need to be implementing > something like this at all? > > Do you have a multi-homed network architecture? Yes, I got 2 NICs (one is openvpn) and three tiny networks behind which are not alway up. Managing static routes gets a bit annoying so... > You *NEVER* put anything in /System. Ever. Ah, I got that from a quite respected magazine but they were wrong on other points too, never trust printet paper... > > As for why it doesn't run on startup, you obviously don't have it > properly configured. Seem so. > > However you'd want to use launchd, not StartupItems for anything you > roll on your own. (Post-Panther) This is tiger, I'll ask google for integrating with launchd. Do you have any good resouces I could look at? thanks Paul From norman at astro.gla.ac.uk Sun Jul 8 05:43:15 2007 From: norman at astro.gla.ac.uk (Norman Gray) Date: Sun Jul 8 05:43:25 2007 Subject: Mac Sys Admin Job Posting In-Reply-To: <8316B06B-917B-4127-AA74-BE6F3421FD16@gmail.com> References: <8394D27F-485C-434F-BFB9-5FD3253CD81D@mac.com> <8316B06B-917B-4127-AA74-BE6F3421FD16@gmail.com> Message-ID: <8F1628AD-A5E4-4085-802E-50F3A1EBE43E@astro.gla.ac.uk> On 7 Jul 2007, at 21:33, Charles Dyer wrote: > On 07 Jul 2007, at 16:26:52, Dan Shoop wrote: > >> At 3:45 PM -0400 7/6/07, Aaron Burghardt wrote: >>> I am sending this on behalf of another team, so I can only offer >>> to forward inquiries and resumes, but please contact me if you >>> are interested. >> >> You might wish to post *where* this position is located ;) > > Herndon, VA 20171, seems a good bet. So... North America, then? -- ------------------------------------------------------------ Norman Gray : http://nxg.me.uk eurovotech.org : University of Leicester, UK From jmaymailing at pointinspace.com Sun Jul 8 06:15:09 2007 From: jmaymailing at pointinspace.com (John May) Date: Sun Jul 8 06:15:20 2007 Subject: VNC with Windows Mobile? Message-ID: macos-x-server.lists.apple.com -- ------------------------------------------------------------------- John May : President Point In Space Internet Solutions jmay@pointinspace.com Professional FileMaker Pro, MySQL, Lasso & PHP Hosting From shoop at iwiring.net Sun Jul 8 14:58:09 2007 From: shoop at iwiring.net (Dan Shoop) Date: Sun Jul 8 14:58:26 2007 Subject: setting up routed and automated startup In-Reply-To: References: Message-ID: At 11:59 PM +0200 7/7/07, paul wrote: >Dan Shoop schrieb: >>At 11:30 AM +0200 7/6/07, paul wrote: >>>Hi list, >>> >>>I'd like to use RIPv2 on OS X server. It seems like routed(8) is >>>able to do this but I'm unsure how to configure it. >> >>There's a man page for routed. Have you read it? If so what >>questions do you have? >Sure, I have no questions regarding routed or RIPv2 but rather about >it's integration in the "mac experience" ;) That's even more vague, so with all the goats out in the meadow it makes the augury a bit hard to devine what you mean. >>But this really isn't what you're implying you're trying to do, >>which begs the question... >Nope. OK, responses like this are going to get you even less further than the one above. >>> or do I have to edit /etc/gateways and write the startup stuff >>>(plist and script) myself? >> >>The bigger question I'd have is why you feel you need to be >>implementing something like this at all? >> >>Do you have a multi-homed network architecture? >Yes, I got 2 NICs (one is openvpn) and three tiny networks behind >which are not alway up. Managing static routes gets a bit annoying >so... But is automatically handled when you add the new operating NI so again this begs the question of WTF you're looking to really do here. You don't need to do anything special if you have multiple NIs, you only need to do something special if you have one NI and a multi-homed network, but then that should be handled by your local networks router, so again the question... >>You *NEVER* put anything in /System. Ever. >Ah, I got that from a quite respected magazine but they were wrong >on other points too, never trust printet paper... Obviously they are not respected or more likely you read it wrong. >>However you'd want to use launchd, not StartupItems for anything >>you roll on your own. (Post-Panther) >This is tiger, I'll ask google for integrating with launchd. Do you >have any good resouces I could look at? Presumbly you've not read the developer docs like you should, so I'd suggest starting there and maybe also looking at AFP548. -- -dhan ------------------------------------------------------------------------ Dan Shoop AIM: iWiring Systems & Networks Architect http://www.ustsvs.com/ shoop@iwiring.net http://www.iwiring.net/ 1-714-363-1174 From hexstar at gmail.com Sun Jul 8 20:39:45 2007 From: hexstar at gmail.com (Hex Star) Date: Sun Jul 8 20:39:54 2007 Subject: setting up routed and automated startup In-Reply-To: References: Message-ID: <5dc6fd9e0707082039r2b3a1660qa2214a78a2f6ae91@mail.gmail.com> *ROUTED(8) * BSD System Manager's Manual *ROUTED(8) * NAME *routed* -- network RIP and router discovery routing daemon SYNOPSIS *routed* [*-sqdghmpAt*] [*-T* *tracefile*] [*-F* *net*[/mask[,metric]]] DESCRIPTION *Routed* is a daemon invoked at boot time to manage the network routing tables. It uses Routing Information Protocol, RIPv1 (RFC 1058), RIPv2 (RFC 1723), and Internet Router Discovery Protocol (RFC 1256) to maintain the kernel routing table. The RIPv1 protocol is based on the reference 4.3BSD daemon. It listens on the *udp(4) * socket for the *route(8) * service (see *services(5) *) for Routing Information Protocol packets. It also sends and receives multicast Router Discovery ICMP messages. If the host is a router, *routed* periodically supplies copies of its routing tables to any directly connected hosts and networks. It also advertise or solicits default routes using Router Discovery ICMP messages. When started (or when a network interface is later turned on), *routed* uses an AF_ROUTE address family facility to find those directly connected interfaces configured into the system and marked "up". It adds necessary routes for the interfaces to the kernel routing table. Soon after being first started, and provided there is at least one interface on which RIP has not been disabled, *routed* deletes all pre-existing non-static routes in kernel table. Static routes in the kernel table are preserved and included in RIP responses if they have a valid RIP metric (see *route(8) * ). If more than one interface is present (not counting the loopback inter- face), it is assumed that the host should forward packets among the con- nected networks. After transmitting a RIP *request* and Router Discovery Advertisements or Solicitations on a new interface, the daemon enters a loop, listening for RIP request and response and Router Discover packets from other hosts. When a *request* packet is received, *routed* formulates a reply based on the information maintained in its internal tables. The *response* packet gen- erated contains a list of known routes, each marked with a "hop count" metric (a count of 16 or greater is considered "infinite"). Advertised metrics reflect the metric associated with interface (see *ifconfig(8) * ), so setting the metric on an interface is an effective way to steer traf- fic. Responses do not contain routes with a first hop on the requesting net- work to implement in part *split-horizon*. The routing table maintained by the daemon includes space for several gateways for each destination to speed recovery from a failing router. RIP *response* packets received are used to update the routing tables pro- vided they are from one of the several currently recognized gateways or advertise a better metric than at least one of the existing gateways. When an update is applied, *routed* records the change in its own tables and updates the kernel routing table if the best route to the destination changes. The change in the kernel routing table is reflected in the next batch of *response* packets sent. If the next response is not scheduled for a while, a *flash* *update* response containing only recently changed routes is sent. In addition to processing incoming packets, *routed* also periodically checks the routing table entries. If an entry has not been updated for 3 minutes, the entry's metric is set to infinity and marked for deletion. Deletions are delayed until the route has been advertised with an infi- nite metric to insure the invalidation is propagated throughout the local internet. This is a form of *poison* *reverse*. Routes in the kernel table that are added or changed as a result of ICMP Redirect messages are deleted after a while to minimize *black-holes*. When a TCP connection suffers a timeout, the kernel tells *routed*, which deletes all redirected routes through the gateway involved, advances the age of all RIP routes through the gateway to allow an alternate to be chosen, and advances of the age of any relevant Router Discovery Protocol default routes. Hosts acting as internetwork routers gratuitously supply their routing tables every 30 seconds to all directly connected hosts and networks. These RIP responses are sent to the broadcast address on nets that sup- port broadcasting, to the destination address on point-to-point links, and to the router's own address on other networks. If RIPv2 is enabled, multicast packets are sent on interfaces that support multicasting. If no response is received on a remote interface, if there are errors while sending responses, or if there are more errors than input or output (see *netstat(8)* ), then the cable or some other part of the interface is assumed to be disconnected or broken, and routes are adjusted appropri- ately. The *Internet* *Router* *Discovery* *Protocol* is handled similarly. When the daemon is supplying RIP routes, it also listens for Router Discovery Solicitations and sends Advertisements. When it is quiet and only lis- tening to other RIP routers, it sends Solicitations and listens for Advertisements. If it receives a good Advertisement, it stops listening for broadcast or multicast RIP responses. It tracks several advertising routers to speed recovery when the currently chosen router dies. If all discovered routers disappear, the daemon resumes listening to RIP responses. While using Router Discovery (which happens by default when the system has a single network interface and a Router Discover Advertisement is received), there is a single default route and a variable number of redi- rected host routes in the kernel table. The Router Discover standard requires that advertisements have a default "lifetime" of 30 minutes. That means should something happen, a client can be without a good route for 30 minutes. It is a good idea to reduce the default to 45 seconds using *-P* *rdisc_interval=45* on the command line or *rdisc_interval=45* in the */etc/gateways* file. See the *pm_rdisc* facility described below to support "legacy" systems that can handle neither RIPv2 nor Router Discovery. By default, neither Router Discovery advertisements nor solicitations are sent over point to point links (e.g. PPP). Options supported by *routed*: *-s* this option forces *routed* to supply routing information. This is the default if multiple network interfaces are present on which RIP or Router Discovery have not been disabled, and if the kernel switch ipforwarding=1. *-q* is the opposite of the *-s* option. *-d* Do not run in the background. This option is meant for interac- tive use. *-g* This flag is used on internetwork routers to offer a route to the "default" destination. It is equivalent to *-F* *0/0,1* and is present mostly for historical reasons. A better choice is *-P* *pm_rdisc* on the command line or *pm_rdisc* *in* *the* */etc/gateways* file. since a larger metric will be used, reducing the spread of the potentially dangerous default route. This is typically used on a gateway to the Internet, or on a gateway that uses another routing protocol whose routes are not reported to other local routers. Notice that because a metric of 1 is used, this feature is dangerous. It is more commonly accidently used to create chaos with routing loop than to solve problems. *-h* This causes host or point-to-point routes to not be advertised, provided there is a network route going the same direction. That is a limited kind of aggregation. This option is useful on gate- ways to ethernets that have other gateway machines connected with point-to-point links such as SLIP. *-m* This causes the machine to advertise a host or point-to-point route to its primary interface. It is useful on multi-homed machines such as NFS servers. This option should not be used except when the cost of the host routes it generates is justified by the popularity of the server. It is effective only when the machine is supplying routing information, because there is more than one interface. The *-m* option overrides the *-q* option to the limited extent of advertising the host route. *-A* do not ignore RIPv2 authentication if we do not care about RIPv2 authentication. This option is required for conformance with RFC 1723. However, it makes no sense and breaks using RIP as a dis- covery protocol to ignore all RIPv2 packets that carry authenti- cation when this machine does not care about authentication. *-T* *tracefile* increases the debugging level to at least 1 and causes debugging information to be appended to the trace file. Note that because of security concerns, it is wisest to not run *routed* routinely with tracing directed to a file. *-t* increases the debugging level, which causes more information to be logged on the tracefile specified with *-T* or standard out. The debugging level can be increased or decreased with the *SIGUSR1* or *SIGUSR2* signals. *-F* *net[/mask][,metric]* minimize routes in transmissions via interfaces with addresses that match *net/mask*, and synthesizes a default route to this machine with the *metric*. The intent is to reduce RIP traffic on slow, point-to-point links such as PPP links by replacing many large UDP packets of RIP information with a single, small packet containing a "fake" default route. If *metric* is absent, a value of 14 is assumed to limit the spread of the "fake" default route. This is a dangerous feature that when used carelessly can cause routing loops. Notice also that more than one interface can match the specified network number and mask. See also *-g*. *-P* *parms* is equivalent to adding the parameter line *parms* to the */etc/gateways* file. Any other argument supplied is interpreted as the name of a file in which the actions of *routed* should be logged. It is better to use *-T* instead of appending the name of the trace file to the command. *routed* also supports the notion of "distant" *passive* or *active* gateways. When *routed* is started, it reads the file */etc/gateways* to find such dis- tant gateways which may not be located using only information from a routing socket, to discover if some of the local gateways are *passive*, and to obtain other parameters. Gateways specified in this manner should be marked passive if they are not expected to exchange routing informa- tion, while gateways marked active should be willing to exchange RIP packets. Routes through *passive* gateways are installed in the kernel's routing tables once upon startup and are not included in transmitted RIP responses. Distant active gateways are treated like network interfaces. RIP responses are sent to the distant *active* gateway. If no responses are received, the associated route is deleted from the kernel table and RIP responses advertised via other interfaces. If the distant gateway resumes sending RIP responses, the associated route is restored. Such gateways can be useful on media that do not support broadcasts or multicasts but otherwise act like classic shared media like Ethernets such as some ATM networks. One can list all RIP routers reachable on the ATM network in */etc/gateways* with a series of "host" lines. Gateways marked *external* are also passive, but are not placed in the ker- nel routing table nor are they included in routing updates. The function of external entries is to indicate that another routing process will install such a route if necessary, and that alternate routes to that des- tination should not be installed by *routed*. Such entries are only required when both routers may learn of routes to the same destination. The */etc/gateways* file is comprised of a series of lines, each in one of the following formats or consist of parameters described below: *net* *Nname[/mask]* *gateway* *Gname* *metric* *value* <*passive* | *active* | *extern*> *host* *Hname* *gateway* *Gname* *metric* *value* <*passive* | *active* | *extern*> *Nname* or *Hname* is the name of the destination network or host. It may be a symbolic network name or an Internet address specified in "dot" nota- tion (see *inet(3) * ). (If it is a name, then it must either be defined in */etc/networks* or */etc/hosts*, or *named(8) *, must have been started before *routed*.) *mask* is an optional number between 1 and 32 indicating the netmask asso- ciated with *Nname*. *Gname* is the name or address of the gateway to which RIP responses should be forwarded. *Value* is the hop count to the destination host or network. *host* *hname* is equivalent to *net* *nname/32* . One of the keywords *passive*, *active* or *external* must be present to indi- cate whether the gateway should be treated as *passive* or *active* (as described above), or whether the gateway is *external* to the scope of the RIP protocol. Lines that start with neither "net" nor "host" must consist of one or more of the following parameter settings, separated by commas or blanks: *if*=*ifname* indicates that the other parameters on the line apply to the interface name *ifname*. *subnet*=*nname[/mask][,metric]* advertises a route to network *nname* with mask *mask* and the sup- plied metric (default 1). This is useful for filling "holes" in CIDR allocations. This parameter must appear by itself on a line. Do not use this feature unless necessary. It is dangerous. *passwd*=*XXX* specifies a RIPv2 password that will be included on all RIPv2 responses sent and checked on all RIPv2 responses received. The password must not contain any blanks, tab characters, commas or '#' characters. *no_ag* turns off aggregation of subnets in RIPv1 and RIPv2 responses. *no_super_ag* turns off aggregation of networks into supernets in RIPv2 responses. *passive* is equivalent *no_rip* *no_rdisc*. *no_rip* disables all RIP processing on the specified interface. If no interfaces are allowed to process RIP packets, *routed* acts purely as a router discovery daemon. *No_rip* is equivalent to *no_ripv1_in* *no_ripv2_in* *no_ripv1_out* *no_ripv2_out*. Note that turning off RIP without explicitly turning on router discovery advertisements with *rdisc_adv* or *-s* causes *routed* to act as a client router discovery daemon, not advertising. *no_ripv1_in* causes RIPv1 received responses to be ignored. *no_ripv2_in* causes RIPv2 received responses to be ignored. *ripv2_out* turns off RIPv1 output and causes RIPv2 advertisements to be mul- ticast when possible. *no_rdisc* disables the Internet Router Discovery Protocol. *no_solicit* disables the transmission of Router Discovery Solicitations. *send_solicit* specifies that Router Discovery solicitations should be sent, even on point-to-point links, which by default only listen to Router Discovery messages. *no_rdisc_adv* disables the transmission of Router Discovery Advertisements *rdisc_adv* specifies that Router Discovery advertisements should be sent, even on point-to-point links, which by default only listen to Router Discovery messages *bcast_rdisc* specifies that Router Discovery packets should be broadcast instead of multicast. *rdisc_pref*=*N* sets the preference in Router Discovery Advertisements to the integer *N*. *rdisc_interval*=*N* sets the nominal interval with which Router Discovery Advertise- ments are transmitted to N seconds and their lifetime to 3*N. *fake_default*=*metric* has an identical effect to *-F* *net[/mask][,metric]* with the net- work and mask coming from the specified interface. *pm_rdisc* is similar to *fake_default*. When RIPv2 routes are multicast, so that RIPv1 listeners cannot receive them, this feature causes a RIPv1 default route to be broadcast to RIPv1 listeners. Unless modified with *fake_default*, the default route is broadcast with a metric of 14. That serves as a "poor man's router discovery" protocol. Note that the netmask associated with point-to-point links (such as SLIP or PPP, with the IFF_POINTOPOINT flag) is used by *routed* to infer the netmask used by the remote system when RIPv1 is used. FILES /etc/gateways for distant gateways SEE ALSO *udp(4) *, *icmp(4) *. *Internet* *Transport* *Protocols*, XSIS 028112, Xerox System Integration Standard. BUGS It does not always detect unidirectional failures in network interfaces (e.g., when the output side fails). HISTORY The *routed* command appeared in 4.2BSD. 4.4BSD June 1, 1996 4.4BSD ------------------------------ Mac OS X 10.4 - Generated Fri Apr 29 08:12:55 CDT 2005 From hexstar at gmail.com Sun Jul 8 20:47:34 2007 From: hexstar at gmail.com (Hex Star) Date: Sun Jul 8 20:47:37 2007 Subject: Mac Sys Admin Job Posting In-Reply-To: <8F1628AD-A5E4-4085-802E-50F3A1EBE43E@astro.gla.ac.uk> References: <8394D27F-485C-434F-BFB9-5FD3253CD81D@mac.com> <8316B06B-917B-4127-AA74-BE6F3421FD16@gmail.com> <8F1628AD-A5E4-4085-802E-50F3A1EBE43E@astro.gla.ac.uk> Message-ID: <5dc6fd9e0707082047o5f3fc022if67389b70b55eea0@mail.gmail.com> On 7/8/07, Norman Gray wrote: > > > So... North America, then? > > Bangalor India :D From aburgh at mac.com Sun Jul 8 20:53:55 2007 From: aburgh at mac.com (Aaron Burghardt) Date: Sun Jul 8 20:53:35 2007 Subject: DC Metro Mac Sys Admin Job Posting In-Reply-To: <8394D27F-485C-434F-BFB9-5FD3253CD81D@mac.com> References: <8394D27F-485C-434F-BFB9-5FD3253CD81D@mac.com> Message-ID: <3694023D-45CE-423C-9125-B3079DA5D8CA@mac.com> Forgive the double-post--it was pointed out to me that I forgot to include the location. I believe the position is in Chantilly, VA (west of Washington, DC, but part of the metro area). Regards, Aaron On Jul 6, 2007, at 3:45 PM, Aaron Burghardt wrote: > We are seeking an experienced professional Apple Macintosh system > administrator to provide technical support and administration to a > large > media production center. The equipment/software support includes: > network workstations running Mac OS X, Windows OS and UNIX/LINUX, > servers running Mac OS X, Windows and UNIX/LINUX, Storage Area > Networks > (SANs), tape-backup, video encoding/transcoding, Ethernet, scanners, > and > tablets. The successful candidate will: > > - interact daily with end-users (~ 60) providing the highest degree > of > technical, graphical, and video services ensuring that media services > personnel can complete customer requests on time or exceed prescribed > deadlines. > - support Operations & Maintenance changes, including activities to > help coordinate changes in the Media Services Network Infrastructure. > - work to define, document, and maintain the system and network > architectures within the organization. > - identify and recommend future technology and architectural > advancements to support the organization's architectural strategy, > technology migration, integration, and evolution. > - administer Apple, Windows, UNIX and LINUX systems supported as part > of the media center's infrastructure. > - provide as-needed O&M/infrastructure surge support for stand-alone > systems outside of the media services center. > > The position requires US citizenship, and applicants selected will be > subject to a security investigation and must meet eligibility > requirements for access to classified information. > > I am sending this on behalf of another team, so I can only offer to > forward inquiries and resumes, but please contact me if you are > interested. > > ----- > Aaron Burghardt > Booz Allen Hamilton > 13200 Woodland Park Drive > Suite 5035 > Herndon, VA 20171 > 703-984-3112 > From paul at subsignal.org Mon Jul 9 01:24:31 2007 From: paul at subsignal.org (paul) Date: Mon Jul 9 01:25:12 2007 Subject: setting up routed and automated startup In-Reply-To: References: Message-ID: Dan Shoop schrieb: >>> Do you have a multi-homed network architecture? >> Yes, I got 2 NICs (one is openvpn) and three tiny networks behind >> which are not alway up. Managing static routes gets a bit annoying so... > > But is automatically handled when you add the new operating NI so again > this begs the question of WTF you're looking to really do here. No. If tap0 is configured with 10.111.198.100 and a peer connects which has two networks behind it, those networks will not automagically show up in the routing table. don't bother to answer, thanks anyway Paul From daniel at highdesertchurch.com Wed Jul 11 16:24:51 2007 From: daniel at highdesertchurch.com (Daniel Hazelbaker) Date: Wed Jul 11 16:25:46 2007 Subject: Copy from Read-Only server Message-ID: <96CD3D25-3F10-4013-BCE9-F32F69CE02BA@highdesertchurch.com> In Mac OS X, for as long as I can remember, when you connect to a read-only server AFP share it and then copy a file from the server to your Desktop, it makes your local copy of the file read-only (even though you can get-info on it and make it read-write). Is there a way to change this behavior to make it read-write by default when you make a local copy? I generally understand the reason for preserving file permissions, but in our case we have a lot of files that are on a read-only server as templates and it is annoying to have to tell people to open the read-only file and do a save-as to make it work (the whole get-info thing is even more confusing for them). Daniel Hazelbaker From lists.fabian at e-lumo.com Thu Jul 12 12:42:23 2007 From: lists.fabian at e-lumo.com (Fabian Peters) Date: Thu Jul 12 12:47:55 2007 Subject: localhost routing issue with new OpenVPN install In-Reply-To: References: Message-ID: <1362EB3D-839F-4C6E-A658-C9025A4804F9@e-lumo.com> Hi all, I'm facing a strange issue here, after having decommissioned an old OpenVPN setup and replaced it with a new one. The old one was at home in the 10.100.100.x range, the new one is in 10.10.10.x. My machine (running OS X 10.4.10) is placed in a small LAN using 10.0.0.x, with its primary IP being 10.0.0.6 and the router placed at 10.0.0.1. While OpenVPN is not running, everything's fine. "netstat -rn" shows: Destination Gateway Flags Refs Use Netif Expire default 10.0.0.1 UGSc 40 8 en0 10/24 link#4 UCS 3 0 en0 10.0.0.1 XX:XX:XX:XX:X:X UHLW 38 33 en0 1154 10.0.0.6 127.0.0.1 UHS 0 0 lo0 10.0.0.7 XX:XX:XX:XX:X:X UHLW 1 5001 en0 507 10.0.0.255 ff:ff:ff:ff:ff:ff UHLWb 0 3 en0 127 127.0.0.1 UCS 0 0 lo0 127.0.0.1 127.0.0.1 UH 10 5865 lo0 169.254 link#7 UC 0 0 fw0 Internet6: Destination Gateway Flags Netif Expire ::1 link#1 UHL lo0 fe80::%lo0/64 fe80::1%lo0 Uc lo0 fe80::1%lo0 link#1 UHL lo0 fe80::%en1/64 link#5 UC en1 ff01::/32 ::1 U lo0 ff02::/32 ::1 UC lo0 ff02::/32 link#5 UC en1 On connecting, OpenVPN issues the following commands: ifconfig tun0 10.10.10.10 127.0.0.1 mtu 1500 netmask 255.255.255.255 up route add -net 10.10.10.0 127.0.0.1 255.255.255.0 Which look fine to me and do succeed. "netstat -rn" then shows: Destination Gateway Flags Refs Use Netif Expire default 10.0.0.1 UGSc 40 9 en0 10/24 link#4 UCS 2 0 en0 10.0.0.1 XX:XX:XX:XX:X:X UHLW 38 33 en0 936 10.0.0.6 127.0.0.1 UHS 0 0 lo0 10.0.0.7 XX:XX:XX:XX:X:X UHLW 1 408 en0 289 10.10.10/24 127.0.0.1 UGSc 1 8 tun0 127 127.0.0.1 UCS 0 0 lo0 127.0.0.1 127.0.0.1 UH 14 182 lo0 169.254 link#7 UC 0 0 fw0 Internet6: Destination Gateway Flags Netif Expire ::1 link#1 UHL lo0 fe80::%lo0/64 fe80::1%lo0 Uc lo0 fe80::1%lo0 link#1 UHL lo0 fe80::%en1/64 link#5 UC en1 ff01::/32 ::1 U lo0 ff02::/32 ::1 UC lo0 ff02::/32 link#5 UC en1 Connections to the VPN are working flawlessly. But, connections to 127.0.0.1 are now established from the VPN IP. "lsof -i" shows the following for a telnet-instance connecting to 127.0.0.1: telnet 16347 502 3u IPv4 0x4f6da8c 0t0 TCP 10.10.10.10:54293->127.0.0.1:telnet (SYN_SENT) There's no telnetd running on my host, so this should immediately return: telnet: connect to address 127.0.0.1: Connection refused telnet: Unable to connect to remote host But instead after some 30 seconds or so: Trying 127.0.0.1... telnet: connect to address 127.0.0.1: Operation timed out telnet: Unable to connect to remote host Why is this and how can I prevent this? This never occurred with my old VPN installation. I even tried to put a metric on the tun interface and a lower one on lo0, but to no avail. Any hints greatly appreciated! Fabian From shoop at iwiring.net Thu Jul 12 14:18:46 2007 From: shoop at iwiring.net (Dan Shoop) Date: Thu Jul 12 14:19:09 2007 Subject: localhost routing issue with new OpenVPN install In-Reply-To: <1362EB3D-839F-4C6E-A658-C9025A4804F9@e-lumo.com> References: <1362EB3D-839F-4C6E-A658-C9025A4804F9@e-lumo.com> Message-ID: At 9:42 PM +0200 7/12/07, Fabian Peters wrote: >Hi all, > >I'm facing a strange issue here, after having decommissioned an old >OpenVPN setup and replaced it with a new one. The old one was at home >in the 10.100.100.x range, the new one is in 10.10.10.x. My machine >(running OS X 10.4.10) is placed in a small LAN using 10.0.0.x, with >its primary IP being 10.0.0.6 and the router placed at 10.0.0.1. > >While OpenVPN is not running, everything's fine. "netstat -rn" shows: > >Destination Gateway Flags Refs Use Netif Expire >default 10.0.0.1 UGSc 40 8 en0 >10/24 link#4 UCS 3 0 en0 >10.0.0.1 XX:XX:XX:XX:X:X UHLW 38 33 en0 1154 >10.0.0.6 127.0.0.1 UHS 0 0 lo0 >10.0.0.7 XX:XX:XX:XX:X:X UHLW 1 5001 en0 507 >10.0.0.255 ff:ff:ff:ff:ff:ff UHLWb 0 3 en0 >127 127.0.0.1 UCS 0 0 lo0 >127.0.0.1 127.0.0.1 UH 10 5865 lo0 >169.254 link#7 UC 0 0 fw0 > >Internet6: >Destination Gateway Flags Netif Expire >::1 link#1 UHL lo0 >fe80::%lo0/64 fe80::1%lo0 Uc lo0 >fe80::1%lo0 link#1 UHL lo0 >fe80::%en1/64 link#5 UC en1 >ff01::/32 ::1 U lo0 >ff02::/32 ::1 UC lo0 >ff02::/32 link#5 UC en1 > >On connecting, OpenVPN issues the following commands: > >ifconfig tun0 10.10.10.10 127.0.0.1 mtu 1500 netmask 255.255.255.255 up >route add -net 10.10.10.0 127.0.0.1 255.255.255.0 > >Which look fine to me and do succeed. "netstat -rn" then shows: > >Destination Gateway Flags Refs Use Netif Expire >default 10.0.0.1 UGSc 40 9 en0 >10/24 link#4 UCS 2 0 en0 >10.0.0.1 XX:XX:XX:XX:X:X UHLW 38 33 en0 936 >10.0.0.6 127.0.0.1 UHS 0 0 lo0 >10.0.0.7 XX:XX:XX:XX:X:X UHLW 1 408 en0 289 >10.10.10/24 127.0.0.1 UGSc 1 8 tun0 >127 127.0.0.1 UCS 0 0 lo0 >127.0.0.1 127.0.0.1 UH 14 182 lo0 >169.254 link#7 UC 0 0 fw0 > >Internet6: >Destination Gateway Flags Netif Expire >::1 link#1 UHL lo0 >fe80::%lo0/64 fe80::1%lo0 Uc lo0 >fe80::1%lo0 link#1 UHL lo0 >fe80::%en1/64 link#5 UC en1 >ff01::/32 ::1 U lo0 >ff02::/32 ::1 UC lo0 >ff02::/32 link#5 UC en1 > >Connections to the VPN are working flawlessly. But, connections to >127.0.0.1 are now established from the VPN IP. "lsof -i" shows the >following for a telnet-instance connecting to 127.0.0.1: > >telnet 16347 502 3u IPv4 0x4f6da8c 0t0 TCP >10.10.10.10:54293->127.0.0.1:telnet (SYN_SENT) > >There's no telnetd running on my host, so this should immediately return: > >telnet: connect to address 127.0.0.1: Connection refused >telnet: Unable to connect to remote host > >But instead after some 30 seconds or so: > >Trying 127.0.0.1... >telnet: connect to address 127.0.0.1: Operation timed out >telnet: Unable to connect to remote host > >Why is this and how can I prevent this? This never occurred with my >old VPN installation. I even tried to put a metric on the tun >interface and a lower one on lo0, but to no avail. > >Any hints greatly appreciated! Your primary IP address is now in 10.10.10.* so that is what the telnet comes from so this is as would be expected in lsof -- -dhan ------------------------------------------------------------------------ Dan Shoop AIM: iWiring Systems & Networks Architect http://www.ustsvs.com/ shoop@iwiring.net http://www.iwiring.net/ 1-714-363-1174 From lists.fabian at e-lumo.com Thu Jul 12 15:26:11 2007 From: lists.fabian at e-lumo.com (Fabian Peters) Date: Thu Jul 12 15:26:38 2007 Subject: localhost routing issue with new OpenVPN install In-Reply-To: References: <1362EB3D-839F-4C6E-A658-C9025A4804F9@e-lumo.com> Message-ID: <603331E2-780F-497A-8C79-0E35EC88081C@e-lumo.com> Am 12.07.2007 um 23:18 schrieb Dan Shoop: > At 9:42 PM +0200 7/12/07, Fabian Peters wrote: >> Hi all, >> >> I'm facing a strange issue here, after having decommissioned an old >> OpenVPN setup and replaced it with a new one. The old one was at home >> in the 10.100.100.x range, the new one is in 10.10.10.x. My machine >> (running OS X 10.4.10) is placed in a small LAN using 10.0.0.x, with >> its primary IP being 10.0.0.6 and the router placed at 10.0.0.1. >> >> While OpenVPN is not running, everything's fine. "netstat -rn" shows: >> >> Destination Gateway Flags Refs Use Netif Expire >> default 10.0.0.1 UGSc 40 8 en0 >> 10/24 link#4 UCS 3 0 en0 >> 10.0.0.1 XX:XX:XX:XX:X:X UHLW 38 33 en0 1154 >> 10.0.0.6 127.0.0.1 UHS 0 0 lo0 >> 10.0.0.7 XX:XX:XX:XX:X:X UHLW 1 5001 en0 507 >> 10.0.0.255 ff:ff:ff:ff:ff:ff UHLWb 0 3 en0 >> 127 127.0.0.1 UCS 0 0 lo0 >> 127.0.0.1 127.0.0.1 UH 10 5865 lo0 >> 169.254 link#7 UC 0 0 fw0 >> >> Internet6: >> Destination Gateway Flags Netif Expire >> ::1 link#1 UHL lo0 >> fe80::%lo0/64 fe80::1%lo0 Uc lo0 >> fe80::1%lo0 link#1 UHL lo0 >> fe80::%en1/64 link#5 UC en1 >> ff01::/32 ::1 U lo0 >> ff02::/32 ::1 UC lo0 >> ff02::/32 link#5 UC en1 >> >> On connecting, OpenVPN issues the following commands: >> >> ifconfig tun0 10.10.10.10 127.0.0.1 mtu 1500 netmask >> 255.255.255.255 up >> route add -net 10.10.10.0 127.0.0.1 255.255.255.0 >> >> Which look fine to me and do succeed. "netstat -rn" then shows: >> >> Destination Gateway Flags Refs Use Netif Expire >> default 10.0.0.1 UGSc 40 9 en0 >> 10/24 link#4 UCS 2 0 en0 >> 10.0.0.1 XX:XX:XX:XX:X:X UHLW 38 33 en0 936 >> 10.0.0.6 127.0.0.1 UHS 0 0 lo0 >> 10.0.0.7 XX:XX:XX:XX:X:X UHLW 1 408 en0 289 >> 10.10.10/24 127.0.0.1 UGSc 1 8 tun0 >> 127 127.0.0.1 UCS 0 0 lo0 >> 127.0.0.1 127.0.0.1 UH 14 182 lo0 >> 169.254 link#7 UC 0 0 fw0 >> >> Internet6: >> Destination Gateway Flags Netif Expire >> ::1 link#1 UHL lo0 >> fe80::%lo0/64 fe80::1%lo0 Uc lo0 >> fe80::1%lo0 link#1 UHL lo0 >> fe80::%en1/64 link#5 UC en1 >> ff01::/32 ::1 U lo0 >> ff02::/32 ::1 UC lo0 >> ff02::/32 link#5 UC en1 >> >> Connections to the VPN are working flawlessly. But, connections to >> 127.0.0.1 are now established from the VPN IP. "lsof -i" shows the >> following for a telnet-instance connecting to 127.0.0.1: >> >> telnet 16347 502 3u IPv4 0x4f6da8c 0t0 TCP >> 10.10.10.10:54293->127.0.0.1:telnet (SYN_SENT) >> >> There's no telnetd running on my host, so this should immediately >> return: >> >> telnet: connect to address 127.0.0.1: Connection refused >> telnet: Unable to connect to remote host >> >> But instead after some 30 seconds or so: >> >> Trying 127.0.0.1... >> telnet: connect to address 127.0.0.1: Operation timed out >> telnet: Unable to connect to remote host >> >> Why is this and how can I prevent this? This never occurred with my >> old VPN installation. I even tried to put a metric on the tun >> interface and a lower one on lo0, but to no avail. >> >> Any hints greatly appreciated! > > Your primary IP address is now in 10.10.10.* so that is what the > telnet comes from so this is as would be expected in lsof Hhmm, okay, but why does it become my new "primary" IP? This is of course not intended, I want my LAN IP to remain the primary IP. How can I keep 10.0.0.6 as my primary IP then? The openvpn config did not change AFAIK, compared to the earlier one, so what would trigger this new behaviour? cheers, Fabian From shoop at iwiring.net Fri Jul 13 13:14:04 2007 From: shoop at iwiring.net (Dan Shoop) Date: Fri Jul 13 13:14:22 2007 Subject: localhost routing issue with new OpenVPN install In-Reply-To: <603331E2-780F-497A-8C79-0E35EC88081C@e-lumo.com> References: <1362EB3D-839F-4C6E-A658-C9025A4804F9@e-lumo.com> <603331E2-780F-497A-8C79-0E35EC88081C@e-lumo.com> Message-ID: At 12:26 AM +0200 7/13/07, Fabian Peters wrote: >Am 12.07.2007 um 23:18 schrieb Dan Shoop: > >>At 9:42 PM +0200 7/12/07, Fabian Peters wrote: >>>Hi all, >>> >>>I'm facing a strange issue here, after having decommissioned an old >>>OpenVPN setup and replaced it with a new one. The old one was at home >>>in the 10.100.100.x range, the new one is in 10.10.10.x. My machine >>>(running OS X 10.4.10) is placed in a small LAN using 10.0.0.x, with >>>its primary IP being 10.0.0.6 and the router placed at 10.0.0.1. >>> >>>While OpenVPN is not running, everything's fine. "netstat -rn" shows: >>> >>>Destination Gateway Flags Refs Use Netif Expire >>>default 10.0.0.1 UGSc 40 8 en0 >>>10/24 link#4 UCS 3 0 en0 >>>10.0.0.1 XX:XX:XX:XX:X:X UHLW 38 33 en0 1154 >>>10.0.0.6 127.0.0.1 UHS 0 0 lo0 >>>10.0.0.7 XX:XX:XX:XX:X:X UHLW 1 5001 en0 507 >>>10.0.0.255 ff:ff:ff:ff:ff:ff UHLWb 0 3 en0 >>>127 127.0.0.1 UCS 0 0 lo0 >>>127.0.0.1 127.0.0.1 UH 10 5865 lo0 >>>169.254 link#7 UC 0 0 fw0 >>> >>>Internet6: >>>Destination Gateway Flags Netif Expire >>>::1 link#1 UHL lo0 >>>fe80::%lo0/64 fe80::1%lo0 Uc lo0 >>>fe80::1%lo0 link#1 UHL lo0 >>>fe80::%en1/64 link#5 UC en1 >>>ff01::/32 ::1 U lo0 >>>ff02::/32 ::1 UC lo0 >>>ff02::/32 link#5 UC en1 >>> >>>On connecting, OpenVPN issues the following commands: >>> >>>ifconfig tun0 10.10.10.10 127.0.0.1 mtu 1500 netmask 255.255.255.255 up >>>route add -net 10.10.10.0 127.0.0.1 255.255.255.0 >>> >>>Which look fine to me and do succeed. "netstat -rn" then shows: >>> >>>Destination Gateway Flags Refs Use Netif Expire >>>default 10.0.0.1 UGSc 40 9 en0 >>>10/24 link#4 UCS 2 0 en0 >>>10.0.0.1 XX:XX:XX:XX:X:X UHLW 38 33 en0 936 >>>10.0.0.6 127.0.0.1 UHS 0 0 lo0 >>>10.0.0.7 XX:XX:XX:XX:X:X UHLW 1 408 en0 289 >>>10.10.10/24 127.0.0.1 UGSc 1 8 tun0 >>>127 127.0.0.1 UCS 0 0 lo0 >>>127.0.0.1 127.0.0.1 UH 14 182 lo0 >>>169.254 link#7 UC 0 0 fw0 >>> >>>Internet6: >>>Destination Gateway Flags Netif Expire >>>::1 link#1 UHL lo0 >>>fe80::%lo0/64 fe80::1%lo0 Uc lo0 >>>fe80::1%lo0 link#1 UHL lo0 >>>fe80::%en1/64 link#5 UC en1 >>>ff01::/32 ::1 U lo0 >>>ff02::/32 ::1 UC lo0 >>>ff02::/32 link#5 UC en1 >>> >>>Connections to the VPN are working flawlessly. But, connections to >>>127.0.0.1 are now established from the VPN IP. "lsof -i" shows the >>>following for a telnet-instance connecting to 127.0.0.1: >>> >>>telnet 16347 502 3u IPv4 0x4f6da8c 0t0 TCP >>>10.10.10.10:54293->127.0.0.1:telnet (SYN_SENT) >>> >>>There's no telnetd running on my host, so this should immediately return: >>> >>>telnet: connect to address 127.0.0.1: Connection refused >>>telnet: Unable to connect to remote host >>> >>>But instead after some 30 seconds or so: >>> >>>Trying 127.0.0.1... >>>telnet: connect to address 127.0.0.1: Operation timed out >>>telnet: Unable to connect to remote host >>> >>>Why is this and how can I prevent this? This never occurred with my >>>old VPN installation. I even tried to put a metric on the tun >>>interface and a lower one on lo0, but to no avail. >>> >>>Any hints greatly appreciated! >> >>Your primary IP address is now in 10.10.10.* so that is what the >>telnet comes from so this is as would be expected in lsof > >Hhmm, okay, but why does it become my new "primary" IP? This is of >course not intended, I want my LAN IP to remain the primary IP. How >can I keep 10.0.0.6 as my primary IP then? The openvpn config did >not change AFAIK, compared to the earlier one, so what would trigger >this new behaviour? The whole point of most VPN is that you don't want to be on your current LAN but want to be on the remote/VPN LAN. That is you want to appear as if your current and local network is the VPN, not the LAN physically attached too (say the hotel's). -- -dhan ------------------------------------------------------------------------ Dan Shoop AIM: iWiring Systems & Networks Architect http://www.ustsvs.com/ shoop@iwiring.net http://www.iwiring.net/ 1-714-363-1174 From lists.fabian at e-lumo.com Fri Jul 13 15:18:11 2007 From: lists.fabian at e-lumo.com (Fabian Peters) Date: Fri Jul 13 15:18:25 2007 Subject: localhost routing issue with new OpenVPN install In-Reply-To: References: <1362EB3D-839F-4C6E-A658-C9025A4804F9@e-lumo.com> <603331E2-780F-497A-8C79-0E35EC88081C@e-lumo.com> Message-ID: <552500FB-7030-48BF-AF8A-FCD552BCFA63@e-lumo.com> Am 13.07.2007 um 22:14 schrieb Dan Shoop: > At 12:26 AM +0200 7/13/07, Fabian Peters wrote: >> Am 12.07.2007 um 23:18 schrieb Dan Shoop: >> >>> At 9:42 PM +0200 7/12/07, Fabian Peters wrote: >>>> Hi all, >>>> >>>> I'm facing a strange issue here, after having decommissioned an old >>>> OpenVPN setup and replaced it with a new one. The old one was at >>>> home >>>> in the 10.100.100.x range, the new one is in 10.10.10.x. My machine >>>> (running OS X 10.4.10) is placed in a small LAN using 10.0.0.x, >>>> with >>>> its primary IP being 10.0.0.6 and the router placed at 10.0.0.1. >>>> >>>> While OpenVPN is not running, everything's fine. "netstat -rn" >>>> shows: >>>> >>>> Destination Gateway Flags Refs Use Netif Expire >>>> default 10.0.0.1 UGSc 40 8 en0 >>>> 10/24 link#4 UCS 3 0 en0 >>>> 10.0.0.1 XX:XX:XX:XX:X:X UHLW 38 33 en0 1154 >>>> 10.0.0.6 127.0.0.1 UHS 0 0 lo0 >>>> 10.0.0.7 XX:XX:XX:XX:X:X UHLW 1 5001 en0 507 >>>> 10.0.0.255 ff:ff:ff:ff:ff:ff UHLWb 0 3 en0 >>>> 127 127.0.0.1 UCS 0 0 lo0 >>>> 127.0.0.1 127.0.0.1 UH 10 5865 lo0 >>>> 169.254 link#7 UC 0 0 fw0 >>>> >>>> Internet6: >>>> Destination Gateway Flags Netif Expire >>>> ::1 link#1 UHL lo0 >>>> fe80::%lo0/64 fe80::1%lo0 Uc lo0 >>>> fe80::1%lo0 link#1 UHL lo0 >>>> fe80::%en1/64 link#5 UC en1 >>>> ff01::/32 ::1 U lo0 >>>> ff02::/32 ::1 UC lo0 >>>> ff02::/32 link#5 UC en1 >>>> >>>> On connecting, OpenVPN issues the following commands: >>>> >>>> ifconfig tun0 10.10.10.10 127.0.0.1 mtu 1500 netmask >>>> 255.255.255.255 up >>>> route add -net 10.10.10.0 127.0.0.1 255.255.255.0 >>>> >>>> Which look fine to me and do succeed. "netstat -rn" then shows: >>>> >>>> Destination Gateway Flags Refs Use Netif Expire >>>> default 10.0.0.1 UGSc 40 9 en0 >>>> 10/24 link#4 UCS 2 0 en0 >>>> 10.0.0.1 XX:XX:XX:XX:X:X UHLW 38 33 en0 936 >>>> 10.0.0.6 127.0.0.1 UHS 0 0 lo0 >>>> 10.0.0.7 XX:XX:XX:XX:X:X UHLW 1 408 en0 289 >>>> 10.10.10/24 127.0.0.1 UGSc 1 8 tun0 >>>> 127 127.0.0.1 UCS 0 0 lo0 >>>> 127.0.0.1 127.0.0.1 UH 14 182 lo0 >>>> 169.254 link#7 UC 0 0 fw0 >>>> >>>> Internet6: >>>> Destination Gateway Flags Netif Expire >>>> ::1 link#1 UHL lo0 >>>> fe80::%lo0/64 fe80::1%lo0 Uc lo0 >>>> fe80::1%lo0 link#1 UHL lo0 >>>> fe80::%en1/64 link#5 UC en1 >>>> ff01::/32 ::1 U lo0 >>>> ff02::/32 ::1 UC lo0 >>>> ff02::/32 link#5 UC en1 >>>> >>>> Connections to the VPN are working flawlessly. But, connections to >>>> 127.0.0.1 are now established from the VPN IP. "lsof -i" shows the >>>> following for a telnet-instance connecting to 127.0.0.1: >>>> >>>> telnet 16347 502 3u IPv4 0x4f6da8c 0t0 TCP >>>> 10.10.10.10:54293->127.0.0.1:telnet (SYN_SENT) >>>> >>>> There's no telnetd running on my host, so this should >>>> immediately return: >>>> >>>> telnet: connect to address 127.0.0.1: Connection refused >>>> telnet: Unable to connect to remote host >>>> >>>> But instead after some 30 seconds or so: >>>> >>>> Trying 127.0.0.1... >>>> telnet: connect to address 127.0.0.1: Operation timed out >>>> telnet: Unable to connect to remote host >>>> >>>> Why is this and how can I prevent this? This never occurred with my >>>> old VPN installation. I even tried to put a metric on the tun >>>> interface and a lower one on lo0, but to no avail. >>>> >>>> Any hints greatly appreciated! >>> >>> Your primary IP address is now in 10.10.10.* so that is what the >>> telnet comes from so this is as would be expected in lsof >> >> Hhmm, okay, but why does it become my new "primary" IP? This is of >> course not intended, I want my LAN IP to remain the primary IP. >> How can I keep 10.0.0.6 as my primary IP then? The openvpn config >> did not change AFAIK, compared to the earlier one, so what would >> trigger this new behaviour? > > The whole point of most VPN is that you don't want to be on your > current LAN but want to be on the remote/VPN LAN. That is you want > to appear as if your current and local network is the VPN, not the > LAN physically attached too (say the hotel's). Dan, thanks. However, for me this is neither what I want nor what's happening. My default gateway is still the router in my LAN and traffic to all servers outside my LAN or VPN is routed via this gateway, using 10.0.0.6 as the source address. Only connections to 127.0.0.1 are using the VPN IP as their source IP. I'm still clueless as to how to change this unwanted behaviour, so any hints are still most welcome. cheers Fabian From shoop at iwiring.net Fri Jul 13 15:42:06 2007 From: shoop at iwiring.net (Dan Shoop) Date: Fri Jul 13 15:42:21 2007 Subject: localhost routing issue with new OpenVPN install In-Reply-To: <552500FB-7030-48BF-AF8A-FCD552BCFA63@e-lumo.com> References: <1362EB3D-839F-4C6E-A658-C9025A4804F9@e-lumo.com> <603331E2-780F-497A-8C79-0E35EC88081C@e-lumo.com> <552500FB-7030-48BF-AF8A-FCD552BCFA63@e-lumo.com> Message-ID: At 12:18 AM +0200 7/14/07, Fabian Peters wrote: >I'm still clueless as to how to change this unwanted behaviour, so >any hints are still most welcome. man route -- -dhan ------------------------------------------------------------------------ Dan Shoop AIM: iWiring Systems & Networks Architect http://www.ustsvs.com/ shoop@iwiring.net http://www.iwiring.net/ 1-714-363-1174 From mathias.conradt at gmail.com Fri Jul 13 19:41:56 2007 From: mathias.conradt at gmail.com (Mathias Conradt) Date: Fri Jul 13 19:42:07 2007 Subject: Fink cannot be installed on this computer (Fink on Mac Mini) In-Reply-To: <11275794.post@talk.nabble.com> References: <11275794.post@talk.nabble.com> Message-ID: <11590500.post@talk.nabble.com> The problem was a bug in the Fink installer, which assumes that there's a minor version such as 10.4.0, so it expects a second '.' in the version number of the OS. This can be fixed by modifying the installer script of Fink (or updating the OS X version should help as well, because all newer version numbers have a second '.' in it). Mathias Conradt wrote: > > I try to install Fink 0.8.1 for OS X 10.4 PPC on my MacMini, which runs on > OS X 10.4. > > Strangely, when I run the dmg the installation routine gives me the > message "Fink cannot be installed on this computer. This installer is for > OS X 10.4 only. Please visit ..." > > Anyone experienced similar problem? Any idea what's wrong? > > Thanks. > Mathias > -- View this message in context: http://www.nabble.com/Fink-cannot-be-installed-on-this-computer-%28Fink-on-Mac-Mini%29-tf3972474.html#a11590500 Sent from the OmniGroup - MacOSX-Admin mailing list archive at Nabble.com. From mathias.conradt at gmail.com Fri Jul 13 19:43:09 2007 From: mathias.conradt at gmail.com (Mathias Conradt) Date: Fri Jul 13 19:43:12 2007 Subject: OpenOffice 2.2 not starting (MacMini, Tiger) In-Reply-To: <11275818.post@talk.nabble.com> References: <11275818.post@talk.nabble.com> Message-ID: <11590507.post@talk.nabble.com> After updating OS X from 10.4 to 10.4.10 it works fine now. Mathias Conradt wrote: > > I'm trying to install OpenOffice 2.2 on MacMini OS X 10.4. > > X11 is installed and the preferences are set like in the OpenOffice doc: > output to million colors, full screen mode off. > > Nevertheless, when clicking on the OpenOffice icon in the Applications > folder, nothing happens; only the X11 terminal comes up. OpenOffice though > doesn't start. > Only once during my several times of trying and restart I had the OO > splash screen coming up, but nothing else - was frozen forever then. > Cannot reproduce to even see the splash screen again. > > Does anyone know this problem / how to get OO started properly? Thanks. > > Mathias > -- View this message in context: http://www.nabble.com/OpenOffice-2.2-not-starting-%28MacMini%2C-Tiger%29-tf3972480.html#a11590507 Sent from the OmniGroup - MacOSX-Admin mailing list archive at Nabble.com. From paul at subsignal.org Sat Jul 14 01:56:02 2007 From: paul at subsignal.org (paul) Date: Sat Jul 14 01:56:38 2007 Subject: localhost routing issue with new OpenVPN install In-Reply-To: <1362EB3D-839F-4C6E-A658-C9025A4804F9@e-lumo.com> References: <1362EB3D-839F-4C6E-A658-C9025A4804F9@e-lumo.com> Message-ID: Fabian Peters schrieb: > Hi all, > > I'm facing a strange issue here, after having decommissioned an old > OpenVPN setup and replaced it with a new one. The old one was at home > in the 10.100.100.x range, the new one is in 10.10.10.x. My machine > (running OS X 10.4.10) is placed in a small LAN using 10.0.0.x, with > its primary IP being 10.0.0.6 and the router placed at 10.0.0.1. > > While OpenVPN is not running, everything's fine. "netstat -rn" shows: > > Destination Gateway Flags Refs Use Netif Expire > default 10.0.0.1 UGSc 40 8 en0 > 10/24 link#4 UCS 3 0 en0 > 10.0.0.1 XX:XX:XX:XX:X:X UHLW 38 33 en0 1154 > 10.0.0.6 127.0.0.1 UHS 0 0 lo0 > 10.0.0.7 XX:XX:XX:XX:X:X UHLW 1 5001 en0 507 > 10.0.0.255 ff:ff:ff:ff:ff:ff UHLWb 0 3 en0 > 127 127.0.0.1 UCS 0 0 lo0 > 127.0.0.1 127.0.0.1 UH 10 5865 lo0 > 169.254 link#7 UC 0 0 fw0 > > Internet6: > Destination Gateway Flags Netif Expire > ::1 link#1 UHL lo0 > fe80::%lo0/64 fe80::1%lo0 Uc lo0 > fe80::1%lo0 link#1 UHL lo0 > fe80::%en1/64 link#5 UC en1 > ff01::/32 ::1 U lo0 > ff02::/32 ::1 UC lo0 > ff02::/32 link#5 UC en1 > > On connecting, OpenVPN issues the following commands: > > ifconfig tun0 10.10.10.10 127.0.0.1 mtu 1500 netmask 255.255.255.255 up > route add -net 10.10.10.0 127.0.0.1 255.255.255.0 > > Which look fine to me and do succeed. "netstat -rn" then shows: Why is the gateway for your VPN route (presumably the VPN server) 127.0.0.1? I'm assuming you're the VPN client so the route command should be something like: route add -net 10.10.10.0 255.255.255.0 cheers Paul From hmag at ozemail.com.au Sat Jul 14 02:49:44 2007 From: hmag at ozemail.com.au (Terry Allen) Date: Sat Jul 14 02:50:02 2007 Subject: Automatic Synchronisation of FTP directory Message-ID: Hi again, I have a slightly unusual taks to get done as a temporary backup solution for a client - they have 3 separate sites, all with hardware based NAS, which have Windows file sharing & FTP. We need to set up an automated system, with an OSX machine doing a directory sync every day for a few weeks from the FTP server running on the NAS (no, rsync or other options aren't available - must be FTP). Can anyone suggest say a command line I can add as a cronjob, or some open source software which might allow us to do this? It basically needs to log into the FTP server as the username/password, check the list of files (& any changes to those files) & back up those which have changed, then log back out once the job is completed. Any assistance would be appreciated on this. -- Bye for now, Terry Allen ___________________________________________________________________ hEARd Postal Address: hEARd, 26B Glenning Rd, Glenning Valley, NSW 2261, Australia Internet - WWW: http://heard.com.au http://itavservices.com EMAIL: hmag@ozemail.com.au Phone: Australia - 02 4388 1400 / International - + 61 2 43881400 Mobile: Australia - 04 28881400 / International - 61 4 28881400 ----------------------------------------------- Non profit promotion for new music - since 1994 ----------------------------------------------- From lists.fabian at e-lumo.com Sat Jul 14 03:48:20 2007 From: lists.fabian at e-lumo.com (Fabian Peters) Date: Sat Jul 14 03:48:38 2007 Subject: localhost routing issue with new OpenVPN install In-Reply-To: References: <1362EB3D-839F-4C6E-A658-C9025A4804F9@e-lumo.com> Message-ID: <99DC6D36-8CC7-4EE9-9B9E-47F76B6D8AA5@e-lumo.com> Am 14.07.2007 um 10:56 schrieb paul: > Fabian Peters schrieb: >> Hi all, >> I'm facing a strange issue here, after having decommissioned an old >> OpenVPN setup and replaced it with a new one. The old one was at home >> in the 10.100.100.x range, the new one is in 10.10.10.x. My machine >> (running OS X 10.4.10) is placed in a small LAN using 10.0.0.x, with >> its primary IP being 10.0.0.6 and the router placed at 10.0.0.1. >> While OpenVPN is not running, everything's fine. "netstat -rn" shows: >> Destination Gateway Flags Refs Use Netif Expire >> default 10.0.0.1 UGSc 40 8 en0 >> 10/24 link#4 UCS 3 0 en0 >> 10.0.0.1 XX:XX:XX:XX:X:X UHLW 38 33 en0 1154 >> 10.0.0.6 127.0.0.1 UHS 0 0 lo0 >> 10.0.0.7 XX:XX:XX:XX:X:X UHLW 1 5001 en0 507 >> 10.0.0.255 ff:ff:ff:ff:ff:ff UHLWb 0 3 en0 >> 127 127.0.0.1 UCS 0 0 lo0 >> 127.0.0.1 127.0.0.1 UH 10 5865 lo0 >> 169.254 link#7 UC 0 0 fw0 >> Internet6: >> Destination Gateway Flags Netif Expire >> ::1 link#1 UHL lo0 >> fe80::%lo0/64 fe80::1%lo0 Uc lo0 >> fe80::1%lo0 link#1 UHL lo0 >> fe80::%en1/64 link#5 UC en1 >> ff01::/32 ::1 U lo0 >> ff02::/32 ::1 UC lo0 >> ff02::/32 link#5 UC en1 >> On connecting, OpenVPN issues the following commands: >> ifconfig tun0 10.10.10.10 127.0.0.1 mtu 1500 netmask >> 255.255.255.255 up >> route add -net 10.10.10.0 127.0.0.1 255.255.255.0 >> Which look fine to me and do succeed. "netstat -rn" then shows: > Why is the gateway for your VPN route (presumably the VPN server) > 127.0.0.1? I'm assuming you're the VPN client so the route command > should be something like: > route add -net 10.10.10.0 255.255.255.0 This is the way it should be for openvpn, AFAIK. A netstat -rn on a FreeBSD client on the same VPN shows the same line, except for the "c" flag (RTF_PRCLONING): 10.10.10/24 127.0.0.1 UGS 0 1005872 tun1 I don't think the "c" flag causes my problem, but I might be mistaken...? cheers Fabian From paul at subsignal.org Sat Jul 14 04:22:55 2007 From: paul at subsignal.org (paul) Date: Sat Jul 14 04:23:14 2007 Subject: localhost routing issue with new OpenVPN install In-Reply-To: <99DC6D36-8CC7-4EE9-9B9E-47F76B6D8AA5@e-lumo.com> References: <1362EB3D-839F-4C6E-A658-C9025A4804F9@e-lumo.com> <99DC6D36-8CC7-4EE9-9B9E-47F76B6D8AA5@e-lumo.com> Message-ID: Fabian Peters schrieb: > > Am 14.07.2007 um 10:56 schrieb paul: > >> Fabian Peters schrieb: [snipp] >>> On connecting, OpenVPN issues the following commands: >>> ifconfig tun0 10.10.10.10 127.0.0.1 mtu 1500 netmask 255.255.255.255 up >>> route add -net 10.10.10.0 127.0.0.1 255.255.255.0 >>> Which look fine to me and do succeed. "netstat -rn" then shows: >> Why is the gateway for your VPN route (presumably the VPN server) >> 127.0.0.1? I'm assuming you're the VPN client so the route command >> should be something like: >> route add -net 10.10.10.0 255.255.255.0 > > This is the way it should be for openvpn, AFAIK. A netstat -rn on a > FreeBSD client on the same VPN shows the same line, except for the "c" > flag (RTF_PRCLONING): > > 10.10.10/24 127.0.0.1 UGS 0 1005872 tun1 Why? For me it doesn't make sense from a routing point of view. xxx:/ xxxxx$ netstat -r Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 192.168.1.1 UGSc 476 80136 en0 10/24 10.111.198.81 UGSc 0 326883 tap0 10.111.198/24 link#6 UC 3 0 tap0 10.111.198.81 12:e0:57:8d:ad:ee UHLW 7 8780 tap0 This is the VPN server, 10.111.198.81 is the client which has a 10/24 network behind it. cheers Paul From shoop at iwiring.net Sat Jul 14 14:08:55 2007 From: shoop at iwiring.net (Dan Shoop) Date: Sat Jul 14 14:09:07 2007 Subject: Automatic Synchronisation of FTP directory In-Reply-To: References: Message-ID: At 7:49 PM +1000 7/14/07, Terry Allen wrote: >Hi again, > I have a slightly unusual taks to get done as a temporary >backup solution for a client - they have 3 separate sites, all with >hardware based NAS, which have Windows file sharing & FTP. We need >to set up an automated system, with an OSX machine doing a directory >sync every day for a few weeks from the FTP server running on the >NAS (no, rsync or other options aren't available - must be FTP). > Can anyone suggest say a command line I can add as a cronjob, >or some open source software which might allow us to do this? It >basically needs to log into the FTP server as the username/password, >check the list of files (& any changes to those files) & back up >those which have changed, then log back out once the job is >completed. > Any assistance would be appreciated on this. What you are describing is not so much a backup as data replication. Why must you use FTP if the NAS box has SMB? That would seem to be the way to go, and then just use rsync (with all its caveats.) Otherwise consider using `find` to locate files that have changed or been added, with again all the associated caveats about what that means, and ftp these files. You'd just need to keep track of when the last time you performed the replication. You also don't talk about deleting files that are no longer present on the source. You should consider this in your thinking. -- -dhan ------------------------------------------------------------------------ Dan Shoop AIM: iWiring Systems & Networks Architect http://www.ustsvs.com/ shoop@iwiring.net http://www.iwiring.net/ 1-714-363-1174 From hmag at ozemail.com.au Sat Jul 14 14:42:43 2007 From: hmag at ozemail.com.au (Terry Allen) Date: Sat Jul 14 14:42:55 2007 Subject: Automatic Synchronisation of FTP directory In-Reply-To: References: Message-ID: >At 7:49 PM +1000 7/14/07, Terry Allen wrote: >>Hi again, >> I have a slightly unusual taks to get done as a temporary >>backup solution for a client - they have 3 separate sites, all with >>hardware based NAS, which have Windows file sharing & FTP. We need >>to set up an automated system, with an OSX machine doing a >>directory sync every day for a few weeks from the FTP server >>running on the NAS (no, rsync or other options aren't available - >>must be FTP). >> Can anyone suggest say a command line I can add as a cronjob, >>or some open source software which might allow us to do this? It >>basically needs to log into the FTP server as the >>username/password, check the list of files (& any changes to those >>files) & back up those which have changed, then log back out once >>the job is completed. >> Any assistance would be appreciated on this. > >What you are describing is not so much a backup as data replication. > >Why must you use FTP if the NAS box has SMB? That would seem to be >the way to go, and then just use rsync (with all its caveats.) > >Otherwise consider using `find` to locate files that have changed or >been added, with again all the associated caveats about what that >means, and ftp these files. You'd just need to keep track of when >the last time you performed the replication. > >You also don't talk about deleting files that are no longer present >on the source. You should consider this in your thinking. >-- > >-dhan > Hi again, Yes, data replication is what we need to do & yes, we do need to delete files which are no longer there (I had thought synchronisation would cover that, but in any case, yes, that is true). The reason we didn't want to use SMB in this case is that the port on their network for this is not open to the Internet as their SMB network is otherwise unsecured, though I guess it would be as simple as directing inward enquiries for that port to the NAS. I'm not sure I understand how I could use rsync for such a purpose - I thought rsync required an rsync client & server - could you please elaborate on how we would use rsync for such an exercise using SMB. -- Bye for now, Terry Allen ___________________________________________________________________ hEARd Postal Address: hEARd, 26B Glenning Rd, Glenning Valley, NSW 2261, Australia Internet - WWW: http://heard.com.au http://itavservices.com EMAIL: hmag@ozemail.com.au Phone: Australia - 02 4388 1400 / International - + 61 2 43881400 Mobile: Australia - 04 28881400 / International - 61 4 28881400 ----------------------------------------------- Non profit promotion for new music - since 1994 ----------------------------------------------- From hmag at ozemail.com.au Sat Jul 14 23:57:22 2007 From: hmag at ozemail.com.au (Terry Allen) Date: Sat Jul 14 23:57:38 2007 Subject: Automatic Synchronisation of FTP directory In-Reply-To: References: Message-ID: >Have you tried lftp? (http://lftp.yar.ru/) You >can install it with DarwinPorts (perhaps fink >also). > >I use it daily to sync data from and to ftp >servers. The options are endless, but for you >needs the following syntax might do the job: > >lftp -e "o -u username,password >ftpsite.com/address && mirror --delete --verbose >&& quit" > >Stephan > >Le 14 juil. 07 ? 11:49, Terry Allen a ?crit : > >>Hi again, >> I have a slightly unusual taks to get >>done as a temporary backup solution for a >>client - they have 3 separate sites, all with >>hardware based NAS, which have Windows file >>sharing & FTP. We need to set up an automated >>system, with an OSX machine doing a directory >>sync every day for a few weeks from the FTP >>server running on the NAS (no, rsync or other >>options aren't available - must be FTP). >> Can anyone suggest say a command line I >>can add as a cronjob, or some open source >>software which might allow us to do this? It >>basically needs to log into the FTP server as >>the username/password, check the list of files >>(& any changes to those files) & back up those >>which have changed, then log back out once the >>job is completed. >> Any assistance would be appreciated on this. Hi again, Many thanks for that Stephan - I don't have Fink installed & have no plans to, but I may be able to compile it from source to test if it will do what we need to do. -- Bye for now, Terry Allen ___________________________________________________________________ hEARd Postal Address: hEARd, 26B Glenning Rd, Glenning Valley, NSW 2261, Australia Internet - WWW: http://heard.com.au http://itavservices.com EMAIL: hmag@ozemail.com.au Phone: Australia - 02 4388 1400 / International - + 61 2 43881400 Mobile: Australia - 04 28881400 / International - 61 4 28881400 ----------------------------------------------- Non profit promotion for new music - since 1994 ----------------------------------------------- From hmag at ozemail.com.au Sun Jul 15 01:46:38 2007 From: hmag at ozemail.com.au (Terry Allen) Date: Sun Jul 15 01:46:54 2007 Subject: Automatic Synchronisation of FTP directory In-Reply-To: References: Message-ID: >Have you tried lftp? (http://lftp.yar.ru/) You can install it with >DarwinPorts (perhaps fink also). > >I use it daily to sync data from and to ftp servers. The options are >endless, but for you needs the following syntax might do the job: > >lftp -e "o -u username,password ftpsite.com/address && mirror >--delete --verbose && quit" > >Stephan > >Le 14 juil. 07 ? 11:49, Terry Allen a ?crit : > Hi again, Further to my last email, I downloaded & compiled the source without modification - I haven't got the synbtax sorted out yet, but it works as expected - hopefully this will do the job in any case. -- Bye for now, Terry Allen ___________________________________________________________________ hEARd Postal Address: hEARd, 26B Glenning Rd, Glenning Valley, NSW 2261, Australia Internet - WWW: http://heard.com.au http://itavservices.com EMAIL: hmag@ozemail.com.au Phone: Australia - 02 4388 1400 / International - + 61 2 43881400 Mobile: Australia - 04 28881400 / International - 61 4 28881400 ----------------------------------------------- Non profit promotion for new music - since 1994 ----------------------------------------------- From lists.fabian at e-lumo.com Sun Jul 15 02:03:09 2007 From: lists.fabian at e-lumo.com (Fabian Peters) Date: Sun Jul 15 02:03:23 2007 Subject: [SOLVED] Re: localhost routing issue with new OpenVPN install In-Reply-To: References: <1362EB3D-839F-4C6E-A658-C9025A4804F9@e-lumo.com> <99DC6D36-8CC7-4EE9-9B9E-47F76B6D8AA5@e-lumo.com> Message-ID: <882CA650-2A47-44FA-8207-92D7EE32B6BF@e-lumo.com> Am 14.07.2007 um 13:22 schrieb paul: > Fabian Peters schrieb: >> Am 14.07.2007 um 10:56 schrieb paul: >>> Fabian Peters schrieb: > [snipp] > >>>> On connecting, OpenVPN issues the following commands: >>>> ifconfig tun0 10.10.10.10 127.0.0.1 mtu 1500 netmask >>>> 255.255.255.255 up >>>> route add -net 10.10.10.0 127.0.0.1 255.255.255.0 >>>> Which look fine to me and do succeed. "netstat -rn" then shows: >>> Why is the gateway for your VPN route (presumably the VPN server) >>> 127.0.0.1? I'm assuming you're the VPN client so the route >>> command should be something like: >>> route add -net 10.10.10.0 255.255.255.0 >> This is the way it should be for openvpn, AFAIK. A netstat -rn on >> a FreeBSD client on the same VPN shows the same line, except for >> the "c" flag (RTF_PRCLONING): >> 10.10.10/24 127.0.0.1 UGS 0 1005872 tun1 > > Why? For me it doesn't make sense from a routing point of view. > > xxx:/ xxxxx$ netstat -r > Routing tables > > Internet: > Destination Gateway Flags Refs Use Netif > Expire > default 192.168.1.1 UGSc 476 80136 en0 > 10/24 10.111.198.81 UGSc 0 326883 tap0 > 10.111.198/24 link#6 UC 3 0 tap0 > 10.111.198.81 12:e0:57:8d:ad:ee UHLW 7 8780 tap0 > > This is the VPN server, 10.111.198.81 is the client which has a > 10/24 network behind it. You were completely right, Paul. I'm using config files via OpenVPN's ccd directive, to make IPs static. Instead of the server's IP, the VPN-hostname was placed in the client config files. Alas, on the new server, I had set this hostname to be an alias of localhost. Thanks for the hints! Fabian From kremels at kreme.com Sun Jul 15 05:52:55 2007 From: kremels at kreme.com (LuKreme) Date: Sun Jul 15 05:53:10 2007 Subject: Automatic Synchronisation of FTP directory In-Reply-To: References: Message-ID: On 14-Jul-2007, at 15:42, Terry Allen wrote: > I'm not sure I understand how I could use rsync for such a purpose > - I thought rsync required an rsync client & server - could you > please elaborate on how we would use rsync for such an exercise > using SMB. Rsync can go between any tow directories, be they rsync server, ssh logins, smb mounts, nfs mounts, or even directories on the same local volume. If you really really can't use rsync, you are going to be spending a ton of time trying, and failing, to replicate rsync capabilities for your ftp. -- Growing up leads to growing old, and then to dying/And dying to me don't sound like all that much fun. From shoop at iWiring.net Sun Jul 15 12:45:25 2007 From: shoop at iWiring.net (Dan Shoop) Date: Sun Jul 15 12:46:04 2007 Subject: Automatic Synchronisation of FTP directory In-Reply-To: References: Message-ID: <5D761D89-B94D-4BDD-975A-76F7F40A3176@iWiring.net> On Jul 14, 2007, at 5:42 PM, Terry Allen wrote: >> At 7:49 PM +1000 7/14/07, Terry Allen wrote: >>> Hi again, >>> I have a slightly unusual taks to get done as a temporary >>> backup solution for a client - they have 3 separate sites, all >>> with hardware based NAS, which have Windows file sharing & FTP. We >>> need to set up an automated system, with an OSX machine doing a >>> directory sync every day for a few weeks from the FTP server >>> running on the NAS (no, rsync or other options aren't available - >>> must be FTP). >>> Can anyone suggest say a command line I can add as a cronjob, >>> or some open source software which might allow us to do this? It >>> basically needs to log into the FTP server as the username/ >>> password, check the list of files (& any changes to those files) & >>> back up those which have changed, then log back out once the job >>> is completed. >>> Any assistance would be appreciated on this. >> >> What you are describing is not so much a backup as data replication. >> >> Why must you use FTP if the NAS box has SMB? That would seem to be >> the way to go, and then just use rsync (with all its caveats.) >> >> Otherwise consider using `find` to locate files that have changed >> or been added, with again all the associated caveats about what >> that means, and ftp these files. You'd just need to keep track of >> when the last time you performed the replication. >> >> You also don't talk about deleting files that are no longer present >> on the source. You should consider this in your thinking. >> -- >> >> -dhan >> > Hi again, > Yes, data replication is what we need to do & yes, we do need to > delete files which are no longer there (I had thought > synchronisation would cover that, but in any case, yes, that is true). Replication is not synchronization. And neither by themselves imply deleting files or handling files that move. > > The reason we didn't want to use SMB in this case is that the > port on their network for this is not open to the Internet as their > SMB network is otherwise unsecured, though I guess it would be as > simple as directing inward enquiries for that port to the NAS. "Port on there network"? This suggests that this is behind a firewall on another network. I must have missed this additional criteria in your above request. You'd need to open both the port *and* IP address. Unless this is made further henious by NAPT. In which case FTP is going to be a disaster since it basically doesn't work behind NATP 'firewalls'. FTP belongs at the least on a DMZ for good operations. > > I'm not sure I understand how I could use rsync for such a > purpose - I thought rsync required an rsync client & server - could > you please elaborate on how we would use rsync for such an exercise > using SMB. If you don't understand how rsync works then you should read it's man page rather than asking to have is waste our time explaining what it already says. If FTP is not and option install a FTP based fikesystem, like one from FUSE, and use rysnc (careful of it's metadata caveats). From hmag at ozemail.com.au Sun Jul 15 14:58:04 2007 From: hmag at ozemail.com.au (Terry Allen) Date: Sun Jul 15 14:58:16 2007 Subject: Automatic Synchronisation of FTP directory In-Reply-To: References: Message-ID: >On 14-Jul-2007, at 15:42, Terry Allen wrote: >>I'm not sure I understand how I could use rsync for such a purpose >>- I thought rsync required an rsync client & server - could you >>please elaborate on how we would use rsync for such an exercise >>using SMB. > >Rsync can go between any tow directories, be they rsync server, ssh >logins, smb mounts, nfs mounts, or even directories on the same >local volume. > >If you really really can't use rsync, you are going to be spending a >ton of time trying, and failing, to replicate rsync capabilities for >your ftp. > Hi again, Thanks for the info - as mentioned in an earlier email, I wasn't aware that rsync could be used for anything other than an rsync client/server relationship - I will investigate this possibility. Would it be possible to use rsync with an ftp server or is this asking too much. Another suggesion also in this thread has mentioned lftp - it seems to offer what is needed with FTP, so I will check out both options here. -- Bye for now, Terry Allen ___________________________________________________________________ hEARd Postal Address: hEARd, 26B Glenning Rd, Glenning Valley, NSW 2261, Australia Internet - WWW: http://heard.com.au http://itavservices.com EMAIL: hmag@ozemail.com.au Phone: Australia - 02 4388 1400 / International - + 61 2 43881400 Mobile: Australia - 04 28881400 / International - 61 4 28881400 ----------------------------------------------- Non profit promotion for new music - since 1994 ----------------------------------------------- From hmag at ozemail.com.au Sun Jul 15 15:12:48 2007 From: hmag at ozemail.com.au (Terry Allen) Date: Sun Jul 15 15:12:59 2007 Subject: Automatic Synchronisation of FTP directory In-Reply-To: <5D761D89-B94D-4BDD-975A-76F7F40A3176@iWiring.net> References: <5D761D89-B94D-4BDD-975A-76F7F40A3176@iWiring.net> Message-ID: >On Jul 14, 2007, at 5:42 PM, Terry Allen wrote: > >>>At 7:49 PM +1000 7/14/07, Terry Allen wrote: >>>>Hi again, >>>> I have a slightly unusual taks to get done as a temporary >>>>backup solution for a client - they have 3 separate sites, all >>>>with hardware based NAS, which have Windows file sharing & FTP. >>>>We need to set up an automated system, with an OSX machine doing >>>>a directory sync every day for a few weeks from the FTP server >>>>running on the NAS (no, rsync or other options aren't available - >>>>must be FTP). >>>> Can anyone suggest say a command line I can add as a cronjob, >>>>or some open source software which might allow us to do this? It >>>>basically needs to log into the FTP server as the >>>>username/password, check the list of files (& any changes to >>>>those files) & back up those which have changed, then log back >>>>out once the job is completed. >>>> Any assistance would be appreciated on this. >>> >>>What you are describing is not so much a backup as data replication. >>> >>>Why must you use FTP if the NAS box has SMB? That would seem to be >>>the way to go, and then just use rsync (with all its caveats.) >>> >>>Otherwise consider using `find` to locate files that have changed >>>or been added, with again all the associated caveats about what >>>that means, and ftp these files. You'd just need to keep track of >>>when the last time you performed the replication. >>> >>>You also don't talk about deleting files that are no longer >>>present on the source. You should consider this in your thinking. >>>-- >>> >>>-dhan >>> >>Hi again, >> Yes, data replication is what we need to do & yes, we do need to >>delete files which are no longer there (I had thought >>synchronisation would cover that, but in any case, yes, that is >>true). > >Replication is not synchronization. And neither by themselves imply >deleting files or handling files that move. > >> >> The reason we didn't want to use SMB in this case is that the >>port on their network for this is not open to the Internet as their >>SMB network is otherwise unsecured, though I guess it would be as >>simple as directing inward enquiries for that port to the NAS. > >"Port on there network"? This suggests that this is behind a >firewall on another network. I must have missed this additional >criteria in your above request. You'd need to open both the port >*and* IP address. Unless this is made further henious by NAPT. In >which case FTP is going to be a disaster since it basically doesn't >work behind NATP 'firewalls'. FTP belongs at the least on a DMZ for >good operations. > >> >> I'm not sure I understand how I could use rsync for such a >>purpose - I thought rsync required an rsync client & server - could >>you please elaborate on how we would use rsync for such an exercise >>using SMB. > >If you don't understand how rsync works then you should read it's >man page rather than asking to have is waste our time explaining >what it already says. > >If FTP is not and option install a FTP based fikesystem, like one >from FUSE, and use rysnc (careful of it's metadata caveats). Hi again, My original post mentioned 'synchronisation' - "...with an OSX machine doing a directory sync every day for a few weeks from the FTP server running on the NAS...", so by definition (or at least in my dictionary), that would imply that it would delete the files, so my original term was in fact correct for the purpose. I didn't think I'd need to spell the entire thing out regarding networks, as the earlier post had discussed '3 separate sites'. In any case, the networks are all static IPs, not NAPT related. On a separate note though, I must say I have never ever had an issue using FTP servers that I have set up for clients behind NAPT routers - in general, it seems to be related to the quality of the routers & how they interpret outbound & inbound traffic. Unless the user has cheap & nasty equipment, then most routers these days handle FTP behind NAPT in an efficient manner using dynamic port allocation - I do agree that older equipment did cause much grief in this area. Finally, as outlined earlier, I didn't know that rsync could be used for anything other than an rsync client/server relationship. I'm not sure we could convince the client that opening up their SMB network to the Internet in general & the need for then passwording the entire SMB network, but I'll see what we can come up with - Stephan's mention of lftp seems like it will do exactly what we need, so I will further investigate this & also rsync's additional features. -- Bye for now, Terry Allen _______________________________________________________________