kernel: ipfw: install_state: Too many dynamic rules

Okay this sucks. I am running FreeBSD 7 on a few servers, and i get a load of ddos  everyday. At some point, the server would stop accepting connections, but the already established connections would work just fine.

If you have to get rid of that message and restore services availability, then have fun with /etc/sysctl.conf, where you setup : net.inet.ip.fw.dyn_max=16384.

Now – that value may not be the same for everybody, but you can keep tweaking until you reach the sweet spot.

Save the changes by : sysctl -w net.inet.ip.fw.dyn_max=16384 on FreeBSD 7

XSBackup

XSBackup.com offers remote backups, on servers running RAID 6 for maximum redundancy. We are not a reseller, we own our servers, and all equipment related.

We have a special promotion, and the details are below:

Coupon code – WHT25OFF

[====================]
25 % off any package
10GB Extra disk space on any package
[====================]

You can use the backup account to backup entire dedicated servers and/or VPS servers and/or individual hosting accounts.
Full SSH/RSYNC/FTP/SHELL support.
Web based control panel (custom created).
Reseller status comes as a bonus for every account. You can create as many accounts as you want.
Custom scripts available, for creating/removing RSA keys, activating new RSA keys, setting up cpanel backups.

[++++++++++++++++++++]

XSBlack
10 GB Disk space
Unmetered data transfer
5$/mo
click to order – don’t forget about the WHT25OFF coupon for the extra bonus in space, and lowered price

[++++++++++++++++++++]

XSCyan
50 GB Disk space
Unmetered Data transfer
10$/mo
click to order – don’t forget about the WHT25OFF coupon for the extra bonus in space, and lowered price

[++++++++++++++++++++]

XSBlue
100 GB Disk space
Unmetered Data transfer
20$/mo
click to order – don’t forget about the WHT25OFF coupon for the extra bonus in space, and lowered price

[++++++++++++++++++++]

XSGrey
250 GB Disk space
Unmetered Data transfer
50$/mo
click to order – don’t forget about the WHT25OFF coupon for the extra bonus in space, and lowered price

[++++++++++++++++++++]

XSGreen

500 GB Disk space
Unmetered data transfer
80 $/mo
click to order – don’t forget about the WHT25OFF coupon for the extra bonus in space, and lowered price

[++++++++++++++++++++]

XSRed
1000 GB Disk space
Unmetered data transfer
150 $/mo
click to order – don’t forget about the WHT25OFF coupon for the extra bonus in space, and lowered price

[++++++++++++++++++++]

If you have any questions, mail admin [at] xsbackup [dot] com.
Thank you and have a nice day.

Fatal error: Error: cannot open phar php-5.2.10

If you’re compiling php 5.2.10 and you get this error, you probably are trying to install pear also:

Fatal error: Error: cannot open phar “/root/kit/php-5.2.10/pear/install-pear-nozlib.phar” in /root/kit/php-5.2.10/pear/install-pear-nozlib.phar on line 795

There are 3 solutions for this:

1 – get the latest snapshot of php 5.2.10, from http://snaps.php.net/ which solves this bug,

2 – install php without pear and curlwrappers.

3 – downgrade back to php 5.2.9

I find solution 1 to be the best there is. Seems that upgrade is not always as easy as it should be.

libexpat.so: could not read symbols: File in wrong format

When you’re compiling apache 2.2 and upper versions, on 64 bit architectures, Fedora, Centos whatever, while running make will result in this error :

libexpat.so: could not read symbols: File in wrong format

If you got this, it’s simple: you’re compiling 32 bit native apache on 64 bit architecture, so it has issues finding the lib folder.

FIX: add the following 2 lines below to the ‘./configure’ line, then rerun ‘make’.

–enable-lib64
–libdir=/usr/lib64

configure: error: Cannot find OpenSSL’s – freebsd

configure: error: Cannot find OpenSSL’s <evp.h> freebsd

usually you get this error if openssl path is not specified when compiling php i got this error when compiling php-5.2.9.

solution:

cd /usr/ports/security/openssl

make install distclean

then add –with-ssl=/usr to the ./configure line for php.

should work like a charm

Error: Missing Dependency: perl(URI) >= 1.17 is needed by package subversion

Sometimes, when installing Subversion, you get this error:

root@tequila [~]# yum -y install subversion
Loading “fastestmirror” plugin
Loading mirror speeds from cached hostfile
* base: pubmirrors.reflected.net
* updates: mirrors.gigenet.com
* addons: yum.singlehop.com
* extras: mirror.steadfast.net
Excluding Packages in global exclude list
Finished
Setting up Install Process
Parsing package install arguments
Resolving Dependencies
–> Running transaction check
—> Package subversion.x86_64 0:1.4.2-4.el5 set to be updated
–> Processing Dependency: perl(URI) >= 1.17 for package: subversion
–> Processing Dependency: neon >= 0.25.5-6.el5 for package: subversion
—> Package subversion.i386 0:1.4.2-4.el5 set to be updated
–> Processing Dependency: perl(URI) >= 1.17 for package: subversion
–> Processing Dependency: libneon.so.25 for package: subversion
–> Processing Dependency: libapr-1.so.0 for package: subversion
–> Processing Dependency: libaprutil-1.so.0 for package: subversion
–> Running transaction check
—> Package neon.x86_64 0:0.25.5-10.el5 set to be updated
—> Package subversion.x86_64 0:1.4.2-4.el5 set to be updated
–> Processing Dependency: perl(URI) >= 1.17 for package: subversion
—> Package subversion.i386 0:1.4.2-4.el5 set to be updated
–> Processing Dependency: perl(URI) >= 1.17 for package: subversion
—> Package neon.i386 0:0.25.5-10.el5 set to be updated
—> Package apr.i386 0:1.2.7-11 set to be updated
—> Package apr-util.i386 0:1.2.7-7.el5 set to be updated
–> Processing Dependency: libpq.so.4 for package: apr-util
–> Running transaction check
—> Package subversion.x86_64 0:1.4.2-4.el5 set to be updated
–> Processing Dependency: perl(URI) >= 1.17 for package: subversion
—> Package postgresql-libs.i386 0:8.1.11-1.el5_1.1 set to be updated
—> Package subversion.i386 0:1.4.2-4.el5 set to be updated
–> Processing Dependency: perl(URI) >= 1.17 for package: subversion
–> Finished Dependency Resolution
Error: Missing Dependency: perl(URI) >= 1.17 is needed by package subversion

Quick Solution:

wget http://rpm.evopanel.net/rpms/perl-URI-1.35-3.noarch.rpm

rpm -ihv perl-URI-1.35-3.noarch.rpm

yum -y install subversion

done.

Lowest Number MX Record Points to Local Host Rejected RCPT Error

Last night i received a mail report from one of the servers, that one of the domains was removed from the Mailscanner db. I was a little bit skeptical, as i would never remove that domain from the server. Hopefully i think it was an error that would not repeat.

Anyway, the whole point here, is that i got the following error, showing up in my queues:

2008-11-09 04:20:53 H=mx175.activesoft.ro [194.88.148.175] Warning: Sender rate 2.2 / 1h
2008-11-09 04:20:53 lowest numbered MX record points to local host: bioget.com (while verifying <admin@bioget.com> from host mx175.activesoft.ro [194.88.148$
2008-11-09 04:20:53 H=mx175.activesoft.ro [194.88.148.175] F=<newsletter@comunicatemedia.ro> temporarily rejected RCPT <admin@bioget.com>: lowest numbered M$
2008-11-09 04:25:10 cwd=/etc/csf 2 args: /usr/sbin/exim -bpc
2008-11-09 04:25:10 cwd=/etc/csf 4 args: /usr/sbin/exim -C /etc/exim_outgoing.conf -bpc
2008-11-09 04:25:54 H=mx175.activesoft.ro [194.88.148.175] Warning: Sender rate 3.0 / 1h
2008-11-09 04:25:54 lowest numbered MX record points to local host: bioget.com (while verifying <admin@bioget.com> from host mx175.activesoft.ro [194.88.148$
2008-11-09 04:25:54 H=mx175.activesoft.ro [194.88.148.175] F=<newsletter@comunicatemedia.ro> temporarily rejected RCPT <admin@bioget.com>: lowest numbered M$
2008-11-09 04:30:10 cwd=/etc/csf 2 args: /usr/sbin/exim -bpc

Anyway this issue is has a quick fix :

pico /etc/localdomains

add the domain

restart exim / mailscanner

All should be working now.

LE: if you’re using Configserver MailScanner package, then you have to update also the db, by using:

perl /usr/mscpanel/mscpanel.pl

MailScanner : database is locked

MailScanner : database is locked

This error usually happens when the mailscanned spamassasin database is corrupt. It’s easy fix really.

Service MailScanner stop

cd /var/spool/MailScanner/incoming

rm -rf SpamAssassin.cache.db

restart exim and courier/dovecot

service MailScanner start

The error is gone :)

Enjoy!