From owner-freebsd-net Sun Mar 23 8:31:37 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6509037B404 for ; Sun, 23 Mar 2003 08:31:36 -0800 (PST) Received: from gicco.homeip.net (dclient80-218-75-162.hispeed.ch [80.218.75.162]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9E77E43FAF for ; Sun, 23 Mar 2003 08:31:34 -0800 (PST) (envelope-from hampi@rootshell.be) Received: from localhost.here (idefix@gicco.homeip.net [127.0.0.1]) by gicco.homeip.net (8.12.6/8.12.6) with ESMTP id h2NGUMeO047412 for ; Sun, 23 Mar 2003 17:30:24 +0100 (CET) (envelope-from hampi@rootshell.be) Received: (from idefix@localhost) by localhost.here (8.12.6/8.12.6/Submit) id h2NGUL0f047411 for freebsd-net@freebsd.org; Sun, 23 Mar 2003 17:30:21 +0100 (CET) X-Authentication-Warning: localhost.here: idefix set sender to hampi@rootshell.be using -f Date: Sun, 23 Mar 2003 17:30:21 +0100 From: Hanspeter Roth To: freebsd-net@freebsd.org Subject: behind MS proxy/isa Message-ID: <20030323163021.GA40134@gicco.homeip.net> Reply-To: freebsd-net@freebsd.org Mail-Followup-To: freebsd-net@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, in the office I'm sitting behind MS proxy or isa. For windows I have some proxy-client setup. Is it possible for Unix to get across MS proxy or isa? Where can I get information? -Hanspeter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Mar 23 9: 7:28 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 82B5437B405 for ; Sun, 23 Mar 2003 09:07:25 -0800 (PST) Received: from samson.dc.luth.se (samson.dc.luth.se [130.240.112.30]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5260943F75 for ; Sun, 23 Mar 2003 09:07:23 -0800 (PST) (envelope-from bj@dc.luth.se) Received: from dc.luth.se (root@bompe.dc.luth.se [130.240.60.42]) by samson.dc.luth.se (8.12.5/8.12.5) with ESMTP id h2NH7LjY026649 for ; Sun, 23 Mar 2003 18:07:21 +0100 (MET) Received: from bompe.dc.luth.se (bj@localhost.dc.luth.se [127.0.0.1]) by dc.luth.se (8.12.6/8.11.3) with ESMTP id h2NH7LKl021437 for ; Sun, 23 Mar 2003 18:07:21 +0100 (CET) (envelope-from bj@bompe.dc.luth.se) Message-Id: <200303231707.h2NH7LKl021437@dc.luth.se> X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: freebsd-net@freebsd.org Reply-To: bj@dc.luth.se X-Disposition-notification-to: Borje.Josefsson@dc.luth.se X-Return-receipt-to: Borje.Josefsson@dc.luth.se Dcc: Subject: Does net.inet.tcp.inflight_enable work as expected? From: Borje Josefsson Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Date: Sun, 23 Mar 2003 18:07:21 +0100 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, I have been playing around with the TCP parameters to try to tune my = system for high BW long distance transfer. Sending host with -CURRENT (as of yesterday) GigE card (bge) and the = following parameters set: kern.ipc.maxsockbuf: 8388608 net.inet.tcp.sendspace: 3230781 net.inet.tcp.recvspace: 3230781 net.inet.tcp.rfc1323: 1 net.inet.tcp.inflight_enable: 0 net.inet.tcp.inflight_min: 16000 net.inet.tcp.slowstart_flightsize: 8 kern.ipc.nmbclusters: 9024 This gives (with ttcp) between a pair of hosts 80 km (50 miles) apart - = with a RTT of 1.6 ms: root@stinky 33# ttcp -s -t -f m -l 61440 -n 20345 dino = ttcp-t: buflen=3D61440, nbuf=3D20345, align=3D16384/0, port=3D5001 tcp = -> dino ttcp-t: socket ttcp-t: connect ttcp-t: 1249996800 bytes in 27.26 real seconds =3D 349.86 Mbit/sec +++ ttcp-t: 20345 I/O calls, msec/call =3D 1.37, calls/sec =3D 746.37 ttcp-t: 0.0user 15.9sys 0:27real 58% 15i+354d 416maxrss 0+0pf 0+45863csw During that time "netstat 1" shows: input (Total) output packets errs bytes packets errs bytes colls 14888 0 982608 26946 0 40793188 0 14956 0 987096 27116 0 41049856 0 14857 0 980562 26902 0 40728292 0 15025 0 991650 27201 0 41178314 0 14808 0 977328 26818 0 40601116 0 15100 0 996600 27327 0 41370238 0 14801 0 976866 26818 0 40600244 0 14877 0 981882 26903 0 40728982 0 14934 0 985644 26945 0 40792362 0 14985 0 989010 26947 0 40792598 0 14924 0 984984 26904 0 40729392 0 15033 0 992178 27032 0 40921424 0 --------------------> Then I do this: root@stinky 34# sysctl net.inet.tcp.inflight_enable=3D1 net.inet.tcp.inflight_enable: 0 -> 1 And get: root@stinky 35# ttcp -s -t -f m -l 61440 -n 20345 dino ttcp-t: buflen=3D61440, nbuf=3D20345, align=3D16384/0, port=3D5001 tcp = -> dino ttcp-t: socket ttcp-t: connect ttcp-t: 1249996800 bytes in 458.75 real seconds =3D 20.79 Mbit/sec +++ ttcp-t: 20345 I/O calls, msec/call =3D 23.09, calls/sec =3D 44.35 ttcp-t: 0.1user 408.5sys 7:38real 89% 15i+353d 416maxrss 0+0pf = 62662+100667csw During that time "netstat 1" shows: input (Total) output packets errs bytes packets errs bytes colls 1095 0 72270 2106 0 3185530 0 1093 0 72138 2123 0 3212886 0 978 0 64548 1919 0 2902774 0 946 0 62436 1857 0 2810162 0 1040 0 68640 2044 0 3092024 0 879 0 58014 1740 0 2633024 0 1008 0 66528 1994 0 3016324 0 937 0 61842 1867 0 2825302 0 1034 0 68244 2043 0 3090510 0 963 0 63558 1911 0 2891918 0 941 0 62106 1865 0 2821754 0 991 0 65406 1911 0 2891918 0 1007 0 66462 1910 0 2889132 0 1048 0 69168 1994 0 3017580 0 1062 0 70092 2041 0 3087466 0 998 0 65868 1912 0 2893432 0 1091 0 72006 2120 0 3207072 0 962 0 63492 1871 0 2831358 0 Either I have completely misunderstood the effect of inflight_enable, or = something is very wrong?!? Any ideas? --B=F6rje To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Mar 23 13:33:23 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4B32C37B407 for ; Sun, 23 Mar 2003 13:33:21 -0800 (PST) Received: from jfitz.com (adsl-63-194-217-126.dsl.snfc21.pacbell.net [63.194.217.126]) by mx1.FreeBSD.org (Postfix) with SMTP id C43E543F75 for ; Sun, 23 Mar 2003 13:33:19 -0800 (PST) (envelope-from fitz@jfitz.com) Received: (qmail 45409 invoked from network); 23 Mar 2003 21:33:17 -0000 Received: from localhost.jfitz.com (HELO fitzlt.jfitz.com) (127.0.0.1) by localhost.jfitz.com with SMTP; 23 Mar 2003 21:33:16 -0000 Content-Type: text/plain; charset="iso-8859-1" From: John Fitzgibbon To: Giorgos Keramidas Subject: Re: Repeated ACKs - possible DoS? Date: Sun, 23 Mar 2003 13:33:17 -0800 User-Agent: KMail/1.4.3 Cc: freebsd-questions@FreeBSD.ORG, freebsd-net@FreeBSD.ORG References: <200303201408.53238.fitz@jfitz.com> <200303201715.32293.fitz@jfitz.com> <20030321020253.GA3174@gothmog.gr> In-Reply-To: <20030321020253.GA3174@gothmog.gr> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-Id: <200303231333.17886.fitz@jfitz.com> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Note to "freebsd-net" readers: I'm cc'ing this email because this seems like a "net" issue - full thread is in freebsd-questions. I've been looking at the code in sys/netinet/tcp_input.c. The behavior seems consistent with inducing tcp_input() to jump to the "dropafterack" label for every incoming ACK. The most promising way to do this seems to be to set the T/TCP options when initializing the connection, then just stop using them on some subsequent ACK, (or give the wrong CC value). The code is around line 1420: /* * T/TCP mechanism * If T/TCP was negotiated and the segment doesn't have CC, * or if its CC is wrong then drop the segment. * RST segments do not have to comply with this. */ if ((tp->t_flags & (TF_REQ_CC|TF_RCVD_CC)) == (TF_REQ_CC|TF_RCVD_CC) && ((to.to_flags & TOF_CC) == 0 || tp->cc_recv != to.to_cc)) goto dropafterack; It may also be possible to cause the jump to "dropafterack" with the timestamp option, (RFC 1323 - the code is just above the previous T/TCP code). This would "jive" with the fact that the client connection seemed to be a Windows 98 machine, (from the Apache logs), and apparently the Windows 98 implementation of RFC 1323 is flawed. However, I'm less sure what kind of invalid options scenario would be required. In any case, I haven't done enough research to be 100% sure that either of these approaches can cause the behavior I observed. All I AM sure of is that I observed the repeated ACK situation, and it was a pretty darn effective DoS. I'm also sure that banging ACKs back and forth at full speed is NOT how TCP/IP is supposed to work. Hopefully this might be enough of a lead to get someone's thought processes going. Fitz. On Thursday 20 March 2003 06:02 pm, Giorgos Keramidas wrote: > On 2003-03-20 17:15, John Fitzgibbon wrote: > >On Thursday 20 March 2003 04:43 pm, Giorgos Keramidas wrote: > >>> X is remote. Y is server, (FreeBSD 4.7-STABLE, built 2003/01/06) > >>> > >>> tcpdump shows 2 remote connections repeatedly sending "ack 1": > >>> > >>> 09:16:10.236812 X.64670 > Y.http: . ack 1 win 32589 > >>> 09:16:10.236879 Y.http > X.64670: . ack 489 win 58400 (DF) > >> > >> Hmmm, is this repeatable? Can you try to grab the output of the > >> following command in a log file while it happens? > >> > >> # tcpdump -n -v -s 128 -XX port 80 > > > > I haven't seen this behavior before, and I don't know how to recreate it > > :( > > Damn :( > > If this is a bug that you've hit upon, please note that command and > run it if it ever happens to appear again. The log file is going to > be large, but I'll help a lot to have it around when trying to find > out what happens. > > - Giorgos To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Mar 23 15:50:59 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7A3A337B401; Sun, 23 Mar 2003 15:50:56 -0800 (PST) Received: from ms-smtp-02.nyroc.rr.com (ms-smtp-02.nyroc.rr.com [24.92.226.49]) by mx1.FreeBSD.org (Postfix) with ESMTP id A242C43F75; Sun, 23 Mar 2003 15:50:55 -0800 (PST) (envelope-from daubma@rpi.edu) Received: from grievous (alb-24-194-38-97.nycap.rr.com [24.194.38.97]) by ms-smtp-02.nyroc.rr.com (8.12.5/8.12.2) with ESMTP id h2NNo2b9013507; Sun, 23 Mar 2003 18:50:13 -0500 (EST) From: "Aaron Daubman" To: "'John Fitzgibbon'" , "'Giorgos Keramidas'" Cc: , Subject: AirportExtreme with FreeBSD HostAP Date: Sun, 23 Mar 2003 18:50:20 -0500 Message-ID: <000001c2f197$0bfa8b80$cd00a8c0@grievous> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4510 Importance: Normal In-Reply-To: <200303231333.17886.fitz@jfitz.com> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I have done a bit of research on the topic, and I've only been able to = find sporadic postings to several newsgroups (mostly Open/Net BSD related) hinting at the fact that Apple's AirportExtreme (talking 802.11b, not g here) drivers are incompatible with Free/Net/Open BSD HostAP mode APs = with WEP enabled...=20 From my experiences, I cannot get my PowerBook to connect to my FreeBSD 4-Stable (built 2 nights ago) HostAP, WinXP clients work fine. The PowerBook returns invalid password (128bit wep Key entered in Hex) supplied. Has anybody had experience getting an AirportExtreme client to work with = a FreeBSD HostAP? Any Pointers? (Must I disable WEP (as useless as it may be...)?) Thank you, ~Aaron -----Original Message----- From: owner-freebsd-net@FreeBSD.ORG = [mailto:owner-freebsd-net@FreeBSD.ORG] On Behalf Of John Fitzgibbon Sent: Sunday, March 23, 2003 4:33 PM To: Giorgos Keramidas Cc: freebsd-questions@FreeBSD.ORG; freebsd-net@FreeBSD.ORG Subject: Re: Repeated ACKs - possible DoS? Note to "freebsd-net" readers: I'm cc'ing this email because this seems = like a=20 "net" issue - full thread is in freebsd-questions. I've been looking at the code in sys/netinet/tcp_input.c. The behavior seems consistent with inducing tcp_input() to jump to the=20 "dropafterack" label for every incoming ACK. The most promising way to do this seems to be to set the T/TCP options = when=20 initializing the connection, then just stop using them on some = subsequent=20 ACK, (or give the wrong CC value). The code is around line 1420: /* * T/TCP mechanism * If T/TCP was negotiated and the segment doesn't have CC, * or if its CC is wrong then drop the segment. * RST segments do not have to comply with this. */ if ((tp->t_flags & (TF_REQ_CC|TF_RCVD_CC)) =3D=3D (TF_REQ_CC|TF_RCVD_CC) = && ((to.to_flags & TOF_CC) =3D=3D 0 || tp->cc_recv !=3D to.to_cc)) goto dropafterack; It may also be possible to cause the jump to "dropafterack" with the timestamp=20 option, (RFC 1323 - the code is just above the previous T/TCP code). = This=20 would "jive" with the fact that the client connection seemed to be a = Windows 98 machine, (from the Apache logs), and apparently the Windows 98=20 implementation of RFC 1323 is flawed. However, I'm less sure what kind = of=20 invalid options scenario would be required. In any case, I haven't done enough research to be 100% sure that either = of=20 these approaches can cause the behavior I observed. All I AM sure of is = that I observed the repeated ACK situation, and it was a pretty darn = effective=20 DoS. I'm also sure that banging ACKs back and forth at full speed is NOT = how TCP/IP is supposed to work. Hopefully this might be enough of a lead to get someone's thought = processes=20 going. Fitz. On Thursday 20 March 2003 06:02 pm, Giorgos Keramidas wrote: > On 2003-03-20 17:15, John Fitzgibbon wrote: > >On Thursday 20 March 2003 04:43 pm, Giorgos Keramidas wrote: > >>> X is remote. Y is server, (FreeBSD 4.7-STABLE, built 2003/01/06) > >>> > >>> tcpdump shows 2 remote connections repeatedly sending "ack 1": > >>> > >>> 09:16:10.236812 X.64670 > Y.http: . ack 1 win 32589 > >>> 09:16:10.236879 Y.http > X.64670: . ack 489 win 58400 (DF) > >> > >> Hmmm, is this repeatable? Can you try to grab the output of the > >> following command in a log file while it happens? > >> > >> # tcpdump -n -v -s 128 -XX port 80 > > > > I haven't seen this behavior before, and I don't know how to = recreate it > > :( > > Damn :( > > If this is a bug that you've hit upon, please note that command and > run it if it ever happens to appear again. The log file is going to > be large, but I'll help a lot to have it around when trying to find > out what happens. > > - Giorgos To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Mar 24 14:58:52 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9395937B401 for ; Mon, 24 Mar 2003 14:58:50 -0800 (PST) Received: from fubar.adept.org (fubar.adept.org [63.147.172.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id 334FF43FA3 for ; Mon, 24 Mar 2003 14:58:50 -0800 (PST) (envelope-from mike@adept.org) Received: by fubar.adept.org (Postfix, from userid 1001) id 79BD415227; Mon, 24 Mar 2003 14:58:13 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by fubar.adept.org (Postfix) with ESMTP id 78ED015226 for ; Mon, 24 Mar 2003 14:58:13 -0800 (PST) Date: Mon, 24 Mar 2003 14:58:13 -0800 (PST) From: Mike Hoskins To: freebsd-net@freebsd.org Subject: Re: behind MS proxy/isa In-Reply-To: <20030323163021.GA40134@gicco.homeip.net> Message-ID: <20030324145519.P15938-100000@fubar.adept.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Status: No, hits=-19.5 required=5.0 tests=EMAIL_ATTRIBUTION,IN_REP_TO,QUOTED_EMAIL_TEXT, REPLY_WITH_QUOTES autolearn=ham version=2.50 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sun, 23 Mar 2003, Hanspeter Roth wrote: > in the office I'm sitting behind MS proxy or isa. For windows I have > some proxy-client setup. > Is it possible for Unix to get across MS proxy or isa? > Where can I get information? ISA is a big piece of software, with a lot of features that can be disabled/enabled or tweaked differently from site to site. It could just be acting as a dumb proxy, but it may also require things like NTLM auth for web traffic or access to specific resources, etc. What specific problems are you encountering? (This would probably be more relevant to -questions than -net.) Your local Windoze guru should be able to help... Or the online ISA docs: http://www.microsoft.com/isaserver/techinfo/productdoc/default.asp -mrh To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Mar 24 15:20:58 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 734BE37B401 for ; Mon, 24 Mar 2003 15:20:53 -0800 (PST) Received: from fubar.adept.org (fubar.adept.org [63.147.172.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id C0DA043F85 for ; Mon, 24 Mar 2003 15:20:52 -0800 (PST) (envelope-from mike@adept.org) Received: by fubar.adept.org (Postfix, from userid 1001) id C4E2115227; Mon, 24 Mar 2003 15:20:15 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by fubar.adept.org (Postfix) with ESMTP id C249715226 for ; Mon, 24 Mar 2003 15:20:15 -0800 (PST) Date: Mon, 24 Mar 2003 15:20:15 -0800 (PST) From: Mike Hoskins To: net@freebsd.org Subject: Re: AirportExtreme with FreeBSD HostAP In-Reply-To: <000001c2f197$0bfa8b80$cd00a8c0@grievous> Message-ID: <20030324150614.P15938-100000@fubar.adept.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Status: No, hits=-19.5 required=5.0 tests=EMAIL_ATTRIBUTION,IN_REP_TO,QUOTED_EMAIL_TEXT, REPLY_WITH_QUOTES autolearn=ham version=2.50 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org (I removed the -questions CC, looks like this is moving to -net...) On Sun, 23 Mar 2003, Aaron Daubman wrote: > >From my experiences, I cannot get my PowerBook to connect to my FreeBSD > 4-Stable (built 2 nights ago) HostAP, WinXP clients work fine. I've only had experience with a couple APs in infastructure mode... However, I've seen this issue in the past. Actually, at the time, it was a XP client having the problem... So maybe it is just some config detail? > The PowerBook returns invalid password (128bit wep Key entered in Hex) > supplied. Of course you've re-checked for typos. Aren't 26-character hex keys fun? > Has anybody had experience getting an AirportExtreme client to work with a > FreeBSD HostAP? Any Pointers? (Must I disable WEP (as useless as it may > be...)?) At least with WEP you obscure the data for some reasonable amount of time. You can change the keys regularly to mitigate playback, and some APs and NICs have this built in. Granted, you don't verify or control connection attempts with WEP alone, but you do obtain some benefit. MAC filtering and the like in conjunction with WEP can provide reasonable security. IOW, I wouldn't jump to just turning WEP off unless you have no other alternative and know anything intended for transmission across the network in question is "cleartext-able"(sm). I actually just use a dumb 802.11b (Netgear) AP in infrastructure mode at home now. It dangles off a "DMZ" interface on my FreeBSD firewall. That interface only has Squid and dhcpd bound to it. DHCP listens for requests and only assigns IPs to MACs I know about. Transparent redirection forces all web traffic to Squid, and Squid won't allow any access except from the manually-keyed IPs in dhcpd.conf. Pretty secure, and no "client" or driver issues. I've got 2k, XP, OS 9 and X clients. (House full of geeks.) I know that's not much help, but do you have to use HostAP? :) -mrh To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Mar 24 15:34:12 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4F0E137B401 for ; Mon, 24 Mar 2003 15:34:10 -0800 (PST) Received: from pursued-with.net (adsl-66-125-9-242.dsl.sndg02.pacbell.net [66.125.9.242]) by mx1.FreeBSD.org (Postfix) with ESMTP id 81F4F43F75 for ; Mon, 24 Mar 2003 15:34:09 -0800 (PST) (envelope-from Kevin_Stevens@pursued-with.net) Received: from pursued-with.net (localhost [127.0.0.1]) by pursued-with.net (8.12.6/8.12.8) with SMTP id h2ONY9s7013666 for ; Mon, 24 Mar 2003 15:34:09 -0800 (PST) (envelope-from Kevin_Stevens@pursued-with.net) Received: from 192.85.47.2 (SquirrelMail authenticated user imap) by new.host.name with HTTP; Mon, 24 Mar 2003 15:34:09 -0800 (PST) Message-ID: <45726.192.85.47.2.1048548849.squirrel@new.host.name> Date: Mon, 24 Mar 2003 15:34:09 -0800 (PST) Subject: Re: AirportExtreme with FreeBSD HostAP From: "Kevin Stevens" To: In-Reply-To: <20030324150614.P15938-100000@fubar.adept.org> References: <000001c2f197$0bfa8b80$cd00a8c0@grievous> <20030324150614.P15938-100000@fubar.adept.org> X-Priority: 3 Importance: Normal Reply-To: Kevin_Stevens@pursued-with.net X-Mailer: SquirrelMail (version 1.2.11) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Spam-Status: No, hits=-19.3 required=5.0 tests=IN_REP_TO,MSG_ID_ADDED_BY_MTA_3,QUOTED_EMAIL_TEXT, REFERENCES,REPLY_WITH_QUOTES autolearn=ham version=2.50 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >> The PowerBook returns invalid password (128bit wep Key entered in Hex) >> supplied. > > Of course you've re-checked for typos. Aren't 26-character hex keys > fun? Did you use the required $ prefix in the Airport client WEP requester? >> Has anybody had experience getting an AirportExtreme client to work >> with a FreeBSD HostAP? Any Pointers? (Must I disable WEP (as useless >> as it may be...)?) No, but I have my Airport Extreme client (17" PB) working fine with my Linksys AP. Ok, not FINE, it doesn't seem to work in g-only mode, but the WEP key isn't a problem. KeS To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net@FreeBSD.ORG Wed Mar 26 07:11:46 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 323A237B404 for ; Wed, 26 Mar 2003 07:11:46 -0800 (PST) Received: from almso2.proxy.att.com (almso2.att.com [192.128.166.71]) by mx1.FreeBSD.org (Postfix) with ESMTP id 363B443F75 for ; Wed, 26 Mar 2003 07:11:45 -0800 (PST) (envelope-from jwb@homer.att.com) Received: from ulysses.homer.att.com ([135.205.193.8])h2QFBWWx022032; Wed, 26 Mar 2003 10:11:33 -0500 (EST) Received: from akiva.homer.att.com (akiva.homer.att.com [135.205.212.39]) by ulysses.homer.att.com (8.9.3/8.9.3) with ESMTP id KAA05923; Wed, 26 Mar 2003 10:11:31 -0500 (EST) Received: from akiva.homer.att.com (localhost [127.0.0.1]) by akiva.homer.att.com (8.11.6+Sun/8.9.3) with ESMTP id h2QFBVl28331; Wed, 26 Mar 2003 10:11:31 -0500 (EST) Message-Id: <200303261511.h2QFBVl28331@akiva.homer.att.com> X-Mailer: exmh version 2.6.2 03/12/2003 with nmh-1.0.4 To: freebsd-net@FreeBSD.ORG Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 26 Mar 2003 10:11:31 -0500 From: "J. W. Ballantine" X-Spam-Status: No, hits=0.0 required=5.0 tests=none version=2.50 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) cc: arantius@yahoo.com Subject: Solution: route pointing to a gateway that's not on net X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Mar 2003 15:11:49 -0000 My situation is: 1) Local LAN 10.0.0.0/8 2) gateway assigned by dhcp on that LAN: 10.x.y.a 3) Host X on the LAN has assigned 209.122.66.XXX IP address by ISP DCHP. After much patience and advice from Guido van Rooij on how this can be made to work. The first step was to manually set-up the network via: ifconfig xl0 with that ip address route add -net 10.0.0.0 -iface NIC_device route add default 10.x.y.a After this was shown to work, the last step was to have dhclient do the setup. This was done by: Add the following line to /etc/dhclient.conf script "/etc/dhclient-script"; Note that this is the only line in my /etc/dhclient.conf Copy over /sbin/dhclient-script to /etc. Edit the /etc/dhclient-script. Look for this line: route add $new_ip_address 127.1 >/dev/null 2>&1 and put the following line after it: route add -net 10.0.0.0 -iface xl0 This happens a couple of times. After the following line: route delete $old_ip_address 127.1 >/dev/null 2>&1 Also add: route delete -net 10.0.0.0 -iface xl0 Again, this happens in a couple of places. Then reboot the system and everything should work. Again much thanks to the information, patience and assistance of Guido van Rooij. Jim Ballantine From owner-freebsd-net@FreeBSD.ORG Wed Mar 26 08:29:43 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 72A3737B404 for ; Wed, 26 Mar 2003 08:29:43 -0800 (PST) Received: from web10706.mail.yahoo.com (web10706.mail.yahoo.com [216.136.130.214]) by mx1.FreeBSD.org (Postfix) with SMTP id C57BD43FBD for ; Wed, 26 Mar 2003 08:29:42 -0800 (PST) (envelope-from bhatt_manas@yahoo.com) Message-ID: <20030326162939.97028.qmail@web10706.mail.yahoo.com> Received: from [216.145.54.158] by web10706.mail.yahoo.com via HTTP; Wed, 26 Mar 2003 08:29:39 PST Date: Wed, 26 Mar 2003 08:29:39 -0800 (PST) From: Manas To: freebsd-question@FreeBSD.org, freebsd-net@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Spam-Status: No, hits=0.0 required=5.0 tests=none version=2.50 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) cc: sabhinai@yahoo.com Subject: Query regarding thread safe socket/networking library X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Mar 2003 16:29:46 -0000 Hello All, I am currently stuck with the problem that the c socket library doesnt seem to be thread safe. I am trying to create multiple threads, where each thread connects to a different server using socket/connect system call. Problem is the program hangs and none of the threads seem to do anything. I tried correcting that i cud suspect was responsible for this, but it simply doesnt work after which i concluded that probably socket implementation is not thread safe. This is also supported by the fact that when my program has only two threads, it works sometimes while hangs at other times. Having more threads hangs it everytime. Is there something i might be doing wrong ? Or if i am correct then is there a thread safe sockets library lying somewhere ? Someone told me libc_r is a complete thread safe library for C. I do not know much about libc_r and there doesnt seem to be much help available online too. Do you guys know some good doc for the same ? Thanks, Manas __________________________________________________ Do you Yahoo!? Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop! http://platinum.yahoo.com From owner-freebsd-net@FreeBSD.ORG Wed Mar 26 09:56:22 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 529B737B404 for ; Wed, 26 Mar 2003 09:56:22 -0800 (PST) Received: from mail01.stbernard.com (mail01.stbernard.com [64.154.93.162]) by mx1.FreeBSD.org (Postfix) with ESMTP id AD50F43FCB for ; Wed, 26 Mar 2003 09:56:21 -0800 (PST) (envelope-from wes@softweyr.com) Received: from salty.rapid.stbernard.com ([192.168.4.61]) by mail01.stbernard.com with Microsoft SMTPSVC(5.0.2195.5329); Wed, 26 Mar 2003 09:56:21 -0800 From: Wes Peters Organization: Softweyr.com To: Mike Hoskins , net@freebsd.org Date: Wed, 26 Mar 2003 09:56:21 -0800 User-Agent: KMail/1.5 References: <20030324150614.P15938-100000@fubar.adept.org> In-Reply-To: <20030324150614.P15938-100000@fubar.adept.org> X-Habeas-SWE-1: winter into spring X-Habeas-SWE-2: brightly anticipated X-Habeas-SWE-3: like Habeas SWE (tm) X-Habeas-SWE-4: Copyright 2002 Habeas (tm) X-Habeas-SWE-5: Sender Warranted Email (SWE) (tm). The sender of this X-Habeas-SWE-6: email in exchange for a license for this Habeas X-Habeas-SWE-7: warrant mark warrants that this is a Habeas Compliant X-Habeas-SWE-8: Message (HCM) and not spam. Please report use of this X-Habeas-SWE-9: mark in spam to . MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200303260956.21266.wes@softweyr.com> X-OriginalArrivalTime: 26 Mar 2003 17:56:21.0471 (UTC) FILETIME=[026CAEF0:01C2F3C1] X-Spam-Status: No, hits=-25.4 required=5.0 tests=EMAIL_ATTRIBUTION,IN_REP_TO,QUOTED_EMAIL_TEXT, RCVD_IN_UNCONFIRMED_DSBL,REFERENCES,REPLY_WITH_QUOTES, USER_AGENT autolearn=ham version=2.50 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) Subject: Re: AirportExtreme with FreeBSD HostAP X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Mar 2003 17:56:23 -0000 On Monday 24 March 2003 15:20, Mike Hoskins wrote: > > I actually just use a dumb 802.11b (Netgear) AP in infrastructure > mode at home now. It dangles off a "DMZ" interface on my FreeBSD > firewall. That interface only has Squid and dhcpd bound to it. DHCP > listens for requests and only assigns IPs to MACs I know about. WICONTROL(8) FreeBSD System Manager's Manual WICONTROL(8) NAME wicontrol - configure WaveLAN/IEEE devices ... [-i] iface -m mac_address Set the station address for the specified interface. The mac_address is specified as a series of six hexadecimal values separated by colons, e.g., ``00:60:1d:12:34:56''. This programs the new address into the card and updates the interface as well. Yup, mac address filtering is even less useful than WEP. At least WEP takes *some* effort to crack. ;^) /me wanders off whistling the 'end to end encryption' theme song... -- "Where am I, and what am I doing in this handbasket?" Wes Peters wes@softweyr.com From owner-freebsd-net@FreeBSD.ORG Wed Mar 26 10:48:26 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 641B237B404 for ; Wed, 26 Mar 2003 10:48:25 -0800 (PST) Received: from seraph2.grc.nasa.gov (seraph2.grc.nasa.gov [128.156.10.11]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9165143FA3 for ; Wed, 26 Mar 2003 10:48:24 -0800 (PST) (envelope-from fmfran@jamaica.lerc.nasa.gov) Received: from lombok-fi.lerc.nasa.gov (lombok-fi.lerc.nasa.gov [139.88.112.33]) by seraph2.grc.nasa.gov (Postfix) with ESMTP id D13D5689CB for ; Wed, 26 Mar 2003 13:48:23 -0500 (EST) Received: from jamaica.lerc.nasa.gov (IDENT:TaD8aZDbJkGicYImVc9JXJ+7rKNUsS76@jamaica.lerc.nasa.gov [139.88.38.84]) h2QImN7h007773; Wed, 26 Mar 2003 13:48:23 -0500 (EST) Received: (from fmfran@localhost) by jamaica.lerc.nasa.gov (8.11.6/8.11.6) id h2QImNI07182; Wed, 26 Mar 2003 13:48:23 -0500 Date: Wed, 26 Mar 2003 13:48:23 -0500 From: Fran Lawas-Grodek To: freebsd-net@freebsd.org Message-ID: <20030326134823.A7029@jamaica.grc.nasa.gov> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i X-Spam-Status: No, hits=-6.4 required=5.0 tests=USER_AGENT_MUTT autolearn=ham version=2.50 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) cc: Diechi.T.Tran@nasa.gov Subject: persistent tcp connection? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Fran.Lawas-Grodek@nasa.gov List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Mar 2003 18:48:27 -0000 Hello, Hopefully someone has some advice for us. We are planning to test a modified version of the tcp stack under a high delay link with a specified bottleneck of 5Mbps, but first, we are trying to see how the normal tcp stack performs under the same conditions. When we send ttcp transfer tests back-to-back with a 5 minute wait in between, the first transfer gives us the expected throughput with the expected retransmissions. However, the subsequent transfers do not show any retransmissions and the throughput is much slower, as if something is compensating for the previous retransmissions. We would like to see a performance in the following transfers similar to the first transfer. If we wait 2.5 hours between transfers or even if we reboot the ttcp systems between each transfer, then we would see a similar throughput complete with the expected retransmissions, but we'd prefer to do neither for in favor of a more timely solution. Does anyone know if there a sysctl parameter or kernel option that would "clear out" any memory of a previous tcp connection? We've played with the following sysctl parameters, and these are what they are currently set -- net.inet.tcp.keepidle: 14400 net.inet.tcp.keepintvl: 150 net.inet.tcp.always_keepalive: 1 Any other thoughts? This is on a pc running FreeBSD 4.1 Your advice would be greatly appreciated. Fran Lawas-Grodek -- ________________________________________________________________ Frances J. Lawas-Grodek | NASA Glenn Research Center | Fran.Lawas-Grodek@nasa.gov 21000 Brookpark Rd, MS 142-4 | phone: (216) 433-5052 Cleveland, Ohio 44135 | fax : (216) 433-8000 ________________________________________________________________ From owner-freebsd-net@FreeBSD.ORG Wed Mar 26 11:05:38 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4623B37B404 for ; Wed, 26 Mar 2003 11:05:38 -0800 (PST) Received: from relay.pair.com (relay.pair.com [209.68.1.20]) by mx1.FreeBSD.org (Postfix) with SMTP id 6AE2B43F93 for ; Wed, 26 Mar 2003 11:05:37 -0800 (PST) (envelope-from silby@silby.com) Received: (qmail 96719 invoked from network); 26 Mar 2003 19:05:36 -0000 Received: from niwun.pair.com (HELO localhost) (209.68.2.70) by relay.pair.com with SMTP; 26 Mar 2003 19:05:36 -0000 X-pair-Authenticated: 209.68.2.70 Date: Wed, 26 Mar 2003 13:02:10 -0600 (CST) From: Mike Silbersack To: Fran Lawas-Grodek In-Reply-To: <20030326134823.A7029@jamaica.grc.nasa.gov> Message-ID: <20030326130005.A2075@odysseus.silby.com> References: <20030326134823.A7029@jamaica.grc.nasa.gov> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Status: No, hits=-25.9 required=5.0 tests=AWL,EMAIL_ATTRIBUTION,IN_REP_TO,QUOTED_EMAIL_TEXT, REFERENCES,REPLY_WITH_QUOTES autolearn=ham version=2.50 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) cc: freebsd-net@freebsd.org cc: Diechi.T.Tran@nasa.gov Subject: Re: persistent tcp connection? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Mar 2003 19:05:39 -0000 On Wed, 26 Mar 2003, Fran Lawas-Grodek wrote: > Does anyone know if there a sysctl parameter or kernel option that > would "clear out" any memory of a previous tcp connection? We've > played with the following sysctl parameters, and these are what > they are currently set -- What you're looking for are the route metrics, stored in the routing table. Use "netstat -nar" to see which routes have been cached. You should be able to delete the metrics associated with a cloned route by doing "route delete ipaddress". > net.inet.tcp.keepidle: 14400 > net.inet.tcp.keepintvl: 150 > net.inet.tcp.always_keepalive: 1 These would have nothing to do with what you're seeing. Keepalive only applies to established connections which are sitting idle. As you are disconnecting and reconnecting, only the route metrics are relevant. Mike "Silby" Silbersack From owner-freebsd-net@FreeBSD.ORG Wed Mar 26 14:00:15 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4810337B404 for ; Wed, 26 Mar 2003 14:00:15 -0800 (PST) Received: from fubar.adept.org (fubar.adept.org [63.147.172.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id E57E643F93 for ; Wed, 26 Mar 2003 14:00:14 -0800 (PST) (envelope-from mike@adept.org) Received: by fubar.adept.org (Postfix, from userid 1001) id C45E01522A; Wed, 26 Mar 2003 14:00:03 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by fubar.adept.org (Postfix) with ESMTP id C39F315227 for ; Wed, 26 Mar 2003 14:00:03 -0800 (PST) Date: Wed, 26 Mar 2003 14:00:03 -0800 (PST) From: Mike Hoskins To: net@freebsd.org In-Reply-To: <200303260956.21266.wes@softweyr.com> Message-ID: <20030326135337.R4957-100000@fubar.adept.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Status: No, hits=-19.5 required=5.0 tests=EMAIL_ATTRIBUTION,IN_REP_TO,QUOTED_EMAIL_TEXT, REPLY_WITH_QUOTES autolearn=ham version=2.50 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) Subject: Re: AirportExtreme with FreeBSD HostAP X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Mar 2003 22:00:18 -0000 On Wed, 26 Mar 2003, Wes Peters wrote: > Yup, mac address filtering is even less useful than WEP. At least WEP > takes *some* effort to crack. ;^) It all takes ``some'' effort. That's the point, sort of like car alarms that are easily bypassed... The burgler will usually choose to hit the car parked beside yours without an alarm. I never argued wireless was secure, but using a blend of available options to lock things down as much as possible never hurt. Although I freely admit 802.11 has a long way to go. Besides, rad_auth is overkill for a home proxy. ;) -mrh From owner-freebsd-net@FreeBSD.ORG Thu Mar 27 07:46:52 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 764EB37B401 for ; Thu, 27 Mar 2003 07:46:52 -0800 (PST) Received: from seraph3.grc.nasa.gov (seraph3.grc.nasa.gov [128.156.10.12]) by mx1.FreeBSD.org (Postfix) with ESMTP id BB53943F85 for ; Thu, 27 Mar 2003 07:46:51 -0800 (PST) (envelope-from fmfran@jamaica.lerc.nasa.gov) Received: from lombok-fi.lerc.nasa.gov (lombok-fi.lerc.nasa.gov [139.88.112.33]) by seraph3.grc.nasa.gov (Postfix) with ESMTP id 01D456BA4E for ; Thu, 27 Mar 2003 10:46:50 -0500 (EST) Received: from jamaica.lerc.nasa.gov (IDENT:z7//p1atBNez4LPn76b6trjVqNmddK+j@jamaica.lerc.nasa.gov [139.88.38.84]) h2RFko7h012329; Thu, 27 Mar 2003 10:46:50 -0500 (EST) Received: (from fmfran@localhost) by jamaica.lerc.nasa.gov (8.11.6/8.11.6) id h2RFkok18700; Thu, 27 Mar 2003 10:46:50 -0500 Date: Thu, 27 Mar 2003 10:46:49 -0500 From: Fran Lawas-Grodek To: Mike Silbersack Message-ID: <20030327104649.B18679@jamaica.grc.nasa.gov> References: <20030326134823.A7029@jamaica.grc.nasa.gov> <20030326130005.A2075@odysseus.silby.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20030326130005.A2075@odysseus.silby.com>; from silby@silby.com on Wed, Mar 26, 2003 at 01:02:10PM -0600 X-Spam-Status: No, hits=-19.4 required=5.0 tests=AWL,EMAIL_ATTRIBUTION,IN_REP_TO,QUOTED_EMAIL_TEXT, REFERENCES,REPLY_WITH_QUOTES,USER_AGENT_MUTT autolearn=ham version=2.50 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) cc: freebsd-net@freebsd.org cc: Diepchi.T.Tran@nasa.gov Subject: Re: persistent tcp connection? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Fran.Lawas-Grodek@nasa.gov List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Mar 2003 15:46:53 -0000 Silby, The "route delete" command did the trick. Thank you very much! Fran Lawas-Grodek ________________________________________________________________ Frances J. Lawas-Grodek | NASA Glenn Research Center | Fran.Lawas-Grodek@nasa.gov 21000 Brookpark Rd, MS 142-4 | phone: (216) 433-5052 Cleveland, Ohio 44135 | fax : (216) 433-8000 ________________________________________________________________ On Wed, Mar 26, 2003 at 01:02:10PM -0600, Mike Silbersack wrote: > > On Wed, 26 Mar 2003, Fran Lawas-Grodek wrote: > > > Does anyone know if there a sysctl parameter or kernel option that > > would "clear out" any memory of a previous tcp connection? We've > > played with the following sysctl parameters, and these are what > > they are currently set -- > > What you're looking for are the route metrics, stored in the routing > table. Use "netstat -nar" to see which routes have been cached. You > should be able to delete the metrics associated with a cloned route by > doing "route delete ipaddress". > > > net.inet.tcp.keepidle: 14400 > > net.inet.tcp.keepintvl: 150 > > net.inet.tcp.always_keepalive: 1 > > These would have nothing to do with what you're seeing. Keepalive only > applies to established connections which are sitting idle. As you are > disconnecting and reconnecting, only the route metrics are relevant. > > Mike "Silby" Silbersack From owner-freebsd-net@FreeBSD.ORG Thu Mar 27 15:21:43 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8034637B401 for ; Thu, 27 Mar 2003 15:21:43 -0800 (PST) Received: from basie.internet2.edu (basie.internet2.edu [207.75.164.22]) by mx1.FreeBSD.org (Postfix) with ESMTP id EA2F643FE9 for ; Thu, 27 Mar 2003 15:21:42 -0800 (PST) (envelope-from boote@internet2.edu) Received: from localhost (localhost.localdomain [127.0.0.1]) by basie.internet2.edu (Postfix) with ESMTP id 670857B488; Thu, 27 Mar 2003 18:21:42 -0500 (EST) Received: from internet2.edu (localhost [127.0.0.1]) by basie.internet2.edu (Postfix) with ESMTP id 243A17B47D; Thu, 27 Mar 2003 18:21:41 -0500 (EST) Message-ID: <3E838784.F2F4E330@internet2.edu> Date: Thu, 27 Mar 2003 16:21:40 -0700 From: "Jeff W. Boote" X-Mailer: Mozilla 4.79 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-net@freebsd.org References: <20030326134823.A7029@jamaica.grc.nasa.gov> <20030327104649.B18679@jamaica.grc.nasa.gov> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Virus-Scanned: by AMaViS 0.3.12pre8 X-Spam-Status: No, hits=-6.6 required=5.0 tests=REFERENCES autolearn=ham version=2.50 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) Subject: FreeBSD 5.0 dual-stack server X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Mar 2003 23:21:44 -0000 Hi, I have some server code that I've been developing using FreeBSD 4.6 and 4.7. I want this code to run with both IPv4 and IPv6. I have been using getaddrinfo with AF_UNSPEC to bind a wildcard server socket. (This is the method recommended in Stevens UNP.) In any case - my server code works fine on 4.6 and 4.7 binding to both address families. However, I have just received a report of it only binding the v6 address on a FreeBSD 5.0 system. (As reported from "netstat -a -p tcp" - and by the fact that clients that try and use the v4 address are unable to get a connection.) It is behaving as if the IPV6_BINDV6ONLY sockopt is set... Has the "default" value for this changed? Is it recommended that any server that wants to bind to the dual-stack needs to make sure this sockopt is unset? I am not doing that... I just found the net.inet6.ip6.bindv6only sysctl variable doing a web search... What is the default value for this sysctl on 5.0? (I guess I may need to install 5.0 on a box, and stop bothering others...) Thanks, jeff From owner-freebsd-net@FreeBSD.ORG Fri Mar 28 02:41:09 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4B85037B401 for ; Fri, 28 Mar 2003 02:41:09 -0800 (PST) Received: from mailhost.stack.nl (vaak.stack.nl [131.155.140.140]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1BE7543F93 for ; Fri, 28 Mar 2003 02:41:08 -0800 (PST) (envelope-from marcolz@stack.nl) Received: by mailhost.stack.nl (Postfix, from userid 65534) id 032721F10B; Fri, 28 Mar 2003 11:41:06 +0100 (CET) Received: from turtle.stack.nl (turtle.stack.nl [2001:610:1108:5010:2e0:81ff:fe22:51d8]) by mailhost.stack.nl (Postfix) with ESMTP id 071BE1F0FC; Fri, 28 Mar 2003 11:41:00 +0100 (CET) Received: by turtle.stack.nl (Postfix, from userid 333) id F37441CC5C; Fri, 28 Mar 2003 11:40:59 +0100 (CET) Date: Fri, 28 Mar 2003 11:40:59 +0100 From: Marc Olzheim To: "Jeff W. Boote" Message-ID: <20030328104059.GA61434@stack.nl> References: <20030326134823.A7029@jamaica.grc.nasa.gov> <20030327104649.B18679@jamaica.grc.nasa.gov> <3E838784.F2F4E330@internet2.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3E838784.F2F4E330@internet2.edu> X-Operating-System: FreeBSD turtle.stack.nl 5.0-CURRENT FreeBSD 5.0-CURRENT X-URL: http://www.stack.nl/~marcolz/ User-Agent: Mutt/1.5.4i X-Spam-Status: No, hits=-32.5 required=5.0 tests=EMAIL_ATTRIBUTION,IN_REP_TO,QUOTED_EMAIL_TEXT,REFERENCES, REPLY_WITH_QUOTES,USER_AGENT_MUTT autolearn=ham version=2.50 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) cc: freebsd-net@freebsd.org Subject: Re: FreeBSD 5.0 dual-stack server X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Mar 2003 10:41:14 -0000 On Thu, Mar 27, 2003 at 04:21:40PM -0700, Jeff W. Boote wrote: > I just found the net.inet6.ip6.bindv6only sysctl variable doing a web > search... What is the default value for this sysctl on 5.0? office-install1:/#sysctl -A net.inet6.ip6 | grep only net.inet6.ip6.v6only: 1 office-install1:/#uname -a FreeBSD office-install1.ilse.net 5.0-CURRENT FreeBSD 5.0-CURRENT #7: Mon Mar 10 11:50:08 CET 2003 root@office-install1.ilse.net:/usr/obj/usr/src/sys/SMP i386 office-install1:/# > (I guess I may need to install 5.0 on a box, and stop bothering > others...) ;-) Zlo From owner-freebsd-net@FreeBSD.ORG Sat Mar 29 05:56:41 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9683337B401 for ; Sat, 29 Mar 2003 05:56:41 -0800 (PST) Received: from web14101.mail.yahoo.com (web14101.mail.yahoo.com [216.136.172.131]) by mx1.FreeBSD.org (Postfix) with SMTP id 094E043F93 for ; Sat, 29 Mar 2003 05:56:41 -0800 (PST) (envelope-from haifa_t@yahoo.fr) Message-ID: <20030329135640.42171.qmail@web14101.mail.yahoo.com> Received: from [193.95.81.141] by web14101.mail.yahoo.com via HTTP; Sat, 29 Mar 2003 14:56:40 CET Date: Sat, 29 Mar 2003 14:56:40 +0100 (CET) From: =?iso-8859-1?q?haifa=20touati?= To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: TCP version In FreeBSD 4.5 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Mar 2003 13:56:42 -0000 Hi, I've installed FreeBSD version 4.5. I wonder if there is a way to know the default TCP version used in FreeBSD (Reno, News Reno...). I've Installed a new version of TCP. I've a new compiled file Kernel and a new directory "Modules" and I ask if there a way to confirm that FreeBSD is using the new TCP version and not his default one. Many thanks, Best Regards, Haïfa. --------------------------------- Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français ! Testez le nouveau Yahoo! Mail From owner-freebsd-net@FreeBSD.ORG Sat Mar 29 03:07:19 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 497E337B401 for ; Sat, 29 Mar 2003 03:07:19 -0800 (PST) Received: from web14104.mail.yahoo.com (web14104.mail.yahoo.com [216.136.172.134]) by mx1.FreeBSD.org (Postfix) with SMTP id D0F2A43F3F for ; Sat, 29 Mar 2003 03:07:18 -0800 (PST) (envelope-from haifa_t@yahoo.fr) Message-ID: <20030329110718.2604.qmail@web14104.mail.yahoo.com> Received: from [193.95.81.141] by web14104.mail.yahoo.com via HTTP; Sat, 29 Mar 2003 12:07:18 CET Date: Sat, 29 Mar 2003 12:07:18 +0100 (CET) From: =?iso-8859-1?q?haifa=20touati?= To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: Version de TCP dans FreeBSD 4.5 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Mar 2003 22:07:44 -0000 Bonjour, J'ai installé la version 4.5 de FreeBSD. Je voulais savoir s'il ya une façon de savoir la version par défaut de TCP dans Free BSD (Reno, New Reno...). J'ai installé une nouvelle version de TCP, j'ai un nouveau fichier 'Kernel' compilé et un répertoire "modules" et je me demande s'il ya une façon de s'assurer que Free Bsd est en train d'utiliser la nouvelle version de TCP et non pas sa version par défaut. Merci en avance. Salutations. --------------------------------- Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français ! Testez le nouveau Yahoo! Mail From owner-freebsd-net@FreeBSD.ORG Sat Mar 29 18:52:21 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 04F6B37B401 for ; Sat, 29 Mar 2003 18:52:21 -0800 (PST) Received: from harmony.village.org (rover.bsdimp.com [204.144.255.66]) by mx1.FreeBSD.org (Postfix) with ESMTP id 146E743FDF for ; Sat, 29 Mar 2003 18:52:20 -0800 (PST) (envelope-from imp@bsdimp.com) Received: from localhost (warner@rover2.village.org [10.0.0.1]) by harmony.village.org (8.12.8/8.12.3) with ESMTP id h2U2qIA7017230 for ; Sat, 29 Mar 2003 19:52:19 -0700 (MST) (envelope-from imp@bsdimp.com) Date: Sat, 29 Mar 2003 19:51:08 -0700 (MST) Message-Id: <20030329.195108.133248709.imp@bsdimp.com> To: net@freebsd.org From: "M. Warner Losh" X-Mailer: Mew version 2.1 on Emacs 21.2 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Subject: ifconfig question X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 Mar 2003 02:52:22 -0000 The code that prints out the keys for the 802.11 wireless stuff has the following it it: void ieee80211_status (int s, struct rt_addrinfo *info __unused) { ... if (ireq.i_len == 0 || ireq.i_len > 13) continue; ... } Should that check really be there? Newer wep does 256bits.... Not that the rest of the code supports that, but I was just curious. Second, should ifconfig report the wep key if run as root? wicontrol does if it is run as root, for example. Any objections for fixing this? Warner