FreeBSD
My case: arplookup 0.0.0.0 failed: host is not on local network
I got strange messages in log: kernel: arplookup 0.0.0.0 failed: host is not on local network. When I tried to resolve it for the first time different people in different blogs wrote that it’ok – don’t mind about it. Someone adviced turning off the arp logging but I didn’t want. I decided to inspect this […]
DHCP debugging with tcpdump
http://sysadmin.wikia.com/wiki/DHCP_debugging_with_tcpdump tcpdump filter to match DHCP packets including a specific Client MAC Address: tcpdump -i br0 -vvv -s 1500 ‘((port 67 or port 68) and (udp[38:4] = 0x3e0ccf08))’ tcpdump filter to capture packets sent by the client (DISCOVER, REQUEST, INFORM): tcpdump -i br0 -vvv -s 1500 ‘((port 67 or port 68) and (udp[8:1] = 0x1))’
PFSense + FreeBSD + Multicore = ISSUE
I installed FreeBSD 10 on a multicore server and got strange behavior – network connections were slow and I got many timeouts with 1 client only. The same situation with PFSense 2.2.1 on a multicore server (Atom 8 cores) – server even hangs without any loads. The cause: the maximum of mbclusters were riched – […]
PFSense + DHCP issues from provider
I met a strange issue with an internet channel from my provider: it doesn’t assign an IP (PFSense gets 0.0.0.0 and the provider blocks me) via DHCP or the channel stops working(IP is assigned). I suppose provider has got several DHCP-servers and they are configured with to much security. So, I wrote a script to […]
PFSense 2.2 + pkg_add issue
There is pkg_add was replaced by pkg. Just run “pkg” – you will be prompted to install it. Then type e.g.: pkg install mc
RRDTool script
Very usefull script for RRDTool. Was copy-pasted from someones blog (can’t recollect the link) – thanks to the author. #!/bin/bash # Путь к исполнимому файлу rrdtool RRDTOOL=/usr/bin/rrdtool # Путь к базе, в которой храниться температура DATABASE=/usr/local/rrd/space-temperature.rrd # Периодичность поступления данных в базу (сек) – соответственно должен быть настроен CRON PERIOD=60 # Команда для получения текущей […]
PFSense + Sarg reports
I met a strange behavior in PFSense Sarg module. Reports didn’t appear and sarg index.html didn’t generated. Work config for success report: Report Options /usr/pbi/sarg-amd64/etc/sarg/sarg.conf: user graphics remove temporary files generate the main index generate the index tree overwrite report use comma instead pint in reports report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date […]
Another script for temperature monitoring on PFSense
Just the script: #!/bin/sh cd /usr/local/etc S0=`/usr/local/etc/digitemp_DS9097 -t 0 -q -s /dev/cuau0 -o\%.C` #date=`date -j +”%Y-%m-%d %H:%M:%S` #echo “<tr><td align=center>Temperature for $date</td></tr></table></div>” >> /usr/local/www/temp/index.html tmp1=`cat /tmp/temp.tmp` flag=`expr $S0 – $tmp1` echo $S0 > /tmp/temp.tmp # Prepare a mail echo “To: admin@domain.com” > mail.txt echo “From: admin@domain.com” >> mail.txt echo “Subject: Server room = $S0” >> […]
FreeBSD + e-mail alert for ssh connection
Add this string to your /etc/pam.d/sshd: session optional pam_exec.so /etc/alert.sh where alert.sh is: #!/bin/sh echo ‘Shell Access on:’ `date` `who` | mail -s “Access from `who`” admin@local.com
IPSEC + FreeBSD tweaks
Some tweaks for IPSEC in kernel: sysctl -w net.key.preferred_oldsa=0 sysctl -w net.key.blockacq_count=0