From owner-freebsd-net Mon Jul 23 1:30:56 2001 Delivered-To: freebsd-net@freebsd.org Received: from hanoi.cronyx.ru (hanoi.cronyx.ru [144.206.181.53]) by hub.freebsd.org (Postfix) with ESMTP id 2B1F737B407 for ; Mon, 23 Jul 2001 01:30:52 -0700 (PDT) (envelope-from rik@cronyx.ru) Received: from cronyx.ru by hanoi.cronyx.ru with ESMTP id MAA01389; (8.9.3/vak/2.1) Mon, 23 Jul 2001 12:38:26 +0400 (MSD) Message-ID: <3B5BF165.2090804@cronyx.ru> Date: Mon, 23 Jul 2001 13:41:57 +0400 From: Kurakin Roman User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; m18) Gecko/20010131 Netscape6/6.01 X-Accept-Language: ru, en MIME-Version: 1.0 To: Christophe =?ISO-8859-1?Q?Pr=E9votaux?= Cc: net@FreeBSD.ORG Subject: Re: G703 PCI Card References: <20010719201800.5a80a1a3.c.prevotaux@hexanet.fr> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, May be such cards could suit for your needs: http://www.cronyx.ru/hardware/taupe1.html http://www.cronyx.ru/hardware/taupg703.html Best regards, Roman Kurakin Christophe Pr?votaux wrote: > I am looking for a G703 capable PCI interface card supported by FreeBSD > does such a thing exists ? > > -- > =================================================================== > Christophe Prevotaux Email: c.prevotaux@hexanet.fr > HEXANET SARL URL: http://www.hexanet.fr/ > Z.A Farman Sud Tel: +33 (0)3 26 79 30 05 > 9 rue Roland Coffignot Direct: +33 (0)3 26 79 08 02 > BP415 Fax: +33 (0)3 26 79 30 06 > 51689 Reims Cedex 2 > FRANCE > =================================================================== > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jul 23 2:19:23 2001 Delivered-To: freebsd-net@freebsd.org Received: from mailguard.fgan.de (mailguard.fgan.de [128.7.3.5]) by hub.freebsd.org (Postfix) with ESMTP id 9FBEE37B403 for ; Mon, 23 Jul 2001 02:19:19 -0700 (PDT) (envelope-from leventi@fgan.de) Received: from rufsun5.ffm.fgan.de ([128.7.2.5]) by mailguard.fgan.de (8.11.2/8.11.2) with ESMTP id f6N9J3Y12854; Mon, 23 Jul 2001 11:19:05 +0200 Received: from melle.fkie.fgan.de (melle.ffm.fgan.de [128.7.5.11]) by rufsun5.ffm.fgan.de (8.8.6/8.8.8) with ESMTP id LAA06906; Mon, 23 Jul 2001 11:19:03 +0200 (MET DST) Received: (from lev@localhost) by melle.fkie.fgan.de (8.10.2+Sun/8.10.2) id f6N9J0c00572; Mon, 23 Jul 2001 11:19:00 +0200 (MEST) Date: Mon, 23 Jul 2001 11:19:00 +0200 (MEST) Message-Id: <200107230919.f6N9J0c00572@melle.fkie.fgan.de> From: Anastasia Leventi-Peetz To: ume@mahoroba.org Cc: leventi@fgan.de, freebsd-net@freebsd.org In-reply-to: <20010720.235208.101781550.ume@mahoroba.org> (message from Hajimu UMEMOTO on Fri, 20 Jul 2001 23:52:08 +0900 (JST)) Subject: Re: address autoconfiguration and Generic Kernel Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >It seems you specified as NetBSD manner. Please put ipv6_enable="YES" >and ipv6_network_interfaces="sm1" in your rc.conf. Hello Hajimu UMEMOTO, thanks a lot for your hint. I have looked up in the documentation /usr/share/doc/handbook/book.html and searched for autoconfiguration. Finally I landed on paragraph 24.4.1.4.2, under the Capital Stateless Address Autoconfiguration, to see how one can switch an accepting router advertisements kernel. Can you please tell me where did you get your Info from? "ipv6_network_interfaces" appears in /etc/rc.network6 otherwise.. best regards:Anastasia To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jul 23 4:48:47 2001 Delivered-To: freebsd-net@freebsd.org Received: from vbook.express.ru (vbook.express.ru [212.24.37.106]) by hub.freebsd.org (Postfix) with ESMTP id 34D9C37B401 for ; Mon, 23 Jul 2001 04:48:45 -0700 (PDT) (envelope-from vova@express.ru) Received: from vova by vbook.express.ru with local (Exim 3.31 #2) id 15OGQw-0000CP-00; Sun, 22 Jul 2001 14:25:58 +0400 From: "Vladimir B. Grebenschikov" MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <15194.43573.236252.134077@vbook.express.ru> Date: Sun, 22 Jul 2001 14:25:57 +0400 (MSD) To: "C. Stephen Gunn" Cc: Brooks Davis , net@FreeBSD.ORG Subject: Re: sysctl net.link.vlan.link.proto In-Reply-To: <20010719085727.A41774@progeny.com> References: <20010713171342.A18472@Odin.AC.HMC.Edu> <20010719085727.A41774@progeny.com> X-Mailer: VM 6.72 under 21.1 (patch 12) "Channel Islands" XEmacs Lucid Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org C. Stephen Gunn writes: > > I'm working on modernizing the vlan device (making it loadable, > > unloadable, and clonable) and I've run into this sysctl. > > This shoud allow you to move the check for 802.1q packets down into > the normal ether_demux() which classifies packets based on ethertype. > > The former code was a check right above the main switch statement in > ether_demux() because it was a sysctl, not a constant. > > I have some other patches around that ease the interrupt-time requirements > by scheduling a NETISR for vlan traffic. I wasn't ever sure if that was > a true win, so I didn't contrib them. I could dig them up if you're > really interested in spiffing up the VLAN code. ;-) May be most right way to handle VLANs is netgraph mechanism ? I've dig a bit into code and found that to get such mechanism working it need to add ng_iface node hook to inject not demuxed frames. And fix a bit code related to ARP. > - Steve -- TSB Russian Express, Moscow Vladimir B. Grebenschikov, vova@express.ru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jul 23 9:47: 9 2001 Delivered-To: freebsd-net@freebsd.org Received: from peace.mahoroba.org (peace.calm.imasy.or.jp [202.227.26.34]) by hub.freebsd.org (Postfix) with ESMTP id 2434637B407 for ; Mon, 23 Jul 2001 09:46:59 -0700 (PDT) (envelope-from ume@mahoroba.org) Received: from localhost (IDENT:tagEwllkSjwJLwbiQTXQVfFmVfPnEVLw+XP20ubYwKRAIsb1SO4espZ8J9P7OoP9@localhost [::1]) (authenticated as ume with CRAM-MD5) by peace.mahoroba.org (8.11.4/8.11.4/peace) with ESMTP/inet6 id f6NGkdY78152; Tue, 24 Jul 2001 01:46:39 +0900 (JST) (envelope-from ume@mahoroba.org) Date: Tue, 24 Jul 2001 01:46:39 +0900 (JST) Message-Id: <20010724.014639.108796992.ume@mahoroba.org> To: leventi@fgan.de Cc: freebsd-net@freebsd.org Subject: Re: address autoconfiguration and Generic Kernel From: Hajimu UMEMOTO In-Reply-To: <200107230919.f6N9J0c00572@melle.fkie.fgan.de> References: <20010720.235208.101781550.ume@mahoroba.org> <200107230919.f6N9J0c00572@melle.fkie.fgan.de> X-Mailer: xcite1.38> Mew version 1.95b119 on Emacs 20.7 / Mule 4.0 =?iso-2022-jp?B?KBskQjJWMWMbKEIp?= X-PGP-Public-Key: http://www.imasy.org/~ume/publickey.asc X-PGP-Fingerprint: 6B 0C 53 FC 5D D0 37 91 05 D0 B3 EF 36 9B 6A BC X-URL: http://www.imasy.org/~ume/ X-Operating-System: FreeBSD 5.0-CURRENT Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >>>>> On Mon, 23 Jul 2001 11:19:00 +0200 (MEST) >>>>> Anastasia Leventi-Peetz said: leventi> Finally I landed on paragraph 24.4.1.4.2, under the Capital Stateless Address leventi> Autoconfiguration, to see how one can switch an accepting router advertisements leventi> kernel. Can you please tell me where did you get your Info from? leventi> "ipv6_network_interfaces" appears in /etc/rc.network6 otherwise.. Because, I'm maintaining it. ;-) You can find more info from the comment in /etc/default/rc.conf. -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan ume@mahoroba.org ume@bisd.hitachi.co.jp ume@{,jp.}FreeBSD.org http://www.imasy.org/~ume/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jul 23 10:45:11 2001 Delivered-To: freebsd-net@freebsd.org Received: from femail1.sdc1.sfba.home.com (femail1.sdc1.sfba.home.com [24.0.95.81]) by hub.freebsd.org (Postfix) with ESMTP id BF4E137B406 for ; Mon, 23 Jul 2001 10:44:58 -0700 (PDT) (envelope-from bmah@employees.org) Received: from intruder.bmah.org ([24.176.204.87]) by femail1.sdc1.sfba.home.com (InterMail vM.4.01.03.20 201-229-121-120-20010223) with ESMTP id <20010723174457.GMHJ838.femail1.sdc1.sfba.home.com@intruder.bmah.org>; Mon, 23 Jul 2001 10:44:57 -0700 Received: (from bmah@localhost) by intruder.bmah.org (8.11.4/8.11.3) id f6NHivm76878; Mon, 23 Jul 2001 10:44:57 -0700 (PDT) (envelope-from bmah) Message-Id: <200107231744.f6NHivm76878@intruder.bmah.org> X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= Cc: freebsd-net@FreeBSD.ORG Subject: Re: avoiding unnecessary route deletion in rt_fixchange() In-Reply-To: References: Comments: In-reply-to JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= message dated "Wed, 18 Jul 2001 15:43:41 +0900." From: "Bruce A. Mah" Reply-To: bmah@FreeBSD.ORG X-Face: g~c`.{#4q0"(V*b#g[i~rXgm*w;:nMfz%_RZLma)UgGN&=j`5vXoU^@n5v4:OO)c["!w)nD/!!~e4Sj7LiT'6*wZ83454H""lb{CC%T37O!!'S$S&D}sem7I[A 2V%N&+ X-Image-Url: http://www.employees.org/~bmah/Images/bmah-cisco-small.gif X-Url: http://www.employees.org/~bmah/ Mime-Version: 1.0 Content-Type: multipart/signed; boundary="==_Exmh_-890265232P"; micalg=pgp-sha1; protocol="application/pgp-signature" Content-Transfer-Encoding: 7bit Date: Mon, 23 Jul 2001 10:44:57 -0700 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --==_Exmh_-890265232P Content-Type: text/plain; charset=us-ascii If memory serves me right, JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI= ?= wrote: > As suggested in the comments to rt_fixchange(), we need stricter check > in the function, to prevent unintentional route deletion. The > attached is a proposed fix to this problem (for FreeBSD4-STABLE). > Please review it, and merge it to the repository if acceptable. > > This fix will also solve the "IPV6 panic?" problem which was recently > reported in this list. FYI, I've been running with this patch installed on my 4-STABLE box for almost four days now (would have been longer except for a power outage). This is much longer than any of my previous uptimes since this problem started occurring (which were generally on the order of a day or so), so I have at least a warm fuzzy feeling about the code now. Bruce. --==_Exmh_-890265232P Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: Exmh version 2.3.1+ 05/14/2001 iD8DBQE7XGKY2MoxcVugUsMRAokJAJ9Wdb2Voa3Ie3xRCj68urgSC75J0wCeMuNn wSQJc9hzdavRFS3B5EInWRY= =w8bQ -----END PGP SIGNATURE----- --==_Exmh_-890265232P-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jul 23 12:22:42 2001 Delivered-To: freebsd-net@freebsd.org Received: from altrade.nijmegen.inter.nl.net (altrade.nijmegen.inter.nl.net [193.67.237.6]) by hub.freebsd.org (Postfix) with ESMTP id 128FD37B407 for ; Mon, 23 Jul 2001 12:22:37 -0700 (PDT) (envelope-from Peter.Blok@inter.NL.net) Received: from ntpc by altrade.nijmegen.inter.nl.net via 1Cust11.tnt1.rtm1.nl.uu.net [213.116.96.11] with SMTP id VAA12101 (8.8.8/1.3); Mon, 23 Jul 2001 21:22:26 +0200 (MET DST) Reply-To: From: "Peter Blok" To: "'Vladimir B. Grebenschikov'" , "'C. Stephen Gunn'" Cc: "'Brooks Davis'" , Subject: RE: sysctl net.link.vlan.link.proto Date: Mon, 23 Jul 2001 21:18:28 +0200 Message-ID: <000f01c113ac$413ddb00$8a02a8c0@ntpc> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2911.0) In-Reply-To: <15194.43573.236252.134077@vbook.express.ru> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I fully agree with Steve. The netgraph code is ideal to handle the vlan stuff. Take a look at the port aggregation (etherchannel) Bill Paul has done as well -----Original Message----- From: owner-freebsd-net@FreeBSD.ORG [mailto:owner-freebsd-net@FreeBSD.ORG]On Behalf Of Vladimir B. Grebenschikov Sent: Sunday, July 22, 2001 12:26 To: C. Stephen Gunn Cc: Brooks Davis; net@FreeBSD.ORG Subject: Re: sysctl net.link.vlan.link.proto C. Stephen Gunn writes: > > I'm working on modernizing the vlan device (making it loadable, > > unloadable, and clonable) and I've run into this sysctl. > > This shoud allow you to move the check for 802.1q packets down into > the normal ether_demux() which classifies packets based on ethertype. > > The former code was a check right above the main switch statement in > ether_demux() because it was a sysctl, not a constant. > > I have some other patches around that ease the interrupt-time requirements > by scheduling a NETISR for vlan traffic. I wasn't ever sure if that was > a true win, so I didn't contrib them. I could dig them up if you're > really interested in spiffing up the VLAN code. ;-) May be most right way to handle VLANs is netgraph mechanism ? I've dig a bit into code and found that to get such mechanism working it need to add ng_iface node hook to inject not demuxed frames. And fix a bit code related to ARP. > - Steve -- TSB Russian Express, Moscow Vladimir B. Grebenschikov, vova@express.ru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jul 23 18:38:54 2001 Delivered-To: freebsd-net@freebsd.org Received: from shuttle.wide.toshiba.co.jp (shuttle.wide.toshiba.co.jp [202.249.10.124]) by hub.freebsd.org (Postfix) with ESMTP id 8E3BF37B407; Mon, 23 Jul 2001 18:38:50 -0700 (PDT) (envelope-from jinmei@isl.rdc.toshiba.co.jp) Received: from localhost ([3ffe:501:4819:abcd:1ddf:e9bf:fff1:4ffa]) by shuttle.wide.toshiba.co.jp (8.9.1+3.1W/8.9.1) with ESMTP id KAA19205; Tue, 24 Jul 2001 10:41:02 +0900 (JST) Date: Tue, 24 Jul 2001 10:38:39 +0900 Message-ID: From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= To: bmah@FreeBSD.ORG Cc: freebsd-net@FreeBSD.ORG Subject: Re: avoiding unnecessary route deletion in rt_fixchange() In-Reply-To: <200107231744.f6NHivm76878@intruder.bmah.org> References: <200107231744.f6NHivm76878@intruder.bmah.org> User-Agent: Wanderlust/2.5.8 (Smooth) Emacs/21.0 Mule/5.0 (SAKAKI) Organization: Research & Development Center, Toshiba Corp., Kawasaki, Japan. MIME-Version: 1.0 (generated by SEMI 1.13.7 - "Awazu") Content-Type: text/plain; charset=US-ASCII X-Dispatcher: imput version 980905(IM100) Lines: 23 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >>>>> On Mon, 23 Jul 2001 10:44:57 -0700, >>>>> "Bruce A. Mah" said: >> As suggested in the comments to rt_fixchange(), we need stricter check >> in the function, to prevent unintentional route deletion. The >> attached is a proposed fix to this problem (for FreeBSD4-STABLE). >> Please review it, and merge it to the repository if acceptable. >> >> This fix will also solve the "IPV6 panic?" problem which was recently >> reported in this list. > FYI, I've been running with this patch installed on my 4-STABLE box for > almost four days now (would have been longer except for a power outage). > This is much longer than any of my previous uptimes since this problem > started occurring (which were generally on the order of a day or so), so > I have at least a warm fuzzy feeling about the code now. I see, glad to hear that. JINMEI, Tatuya Communication Platform Lab. Corporate R&D Center, Toshiba Corp. jinmei@isl.rdc.toshiba.co.jp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jul 23 18:44:22 2001 Delivered-To: freebsd-net@freebsd.org Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by hub.freebsd.org (Postfix) with ESMTP id 8C63F37B401 for ; Mon, 23 Jul 2001 18:44:18 -0700 (PDT) (envelope-from brdavis@odin.ac.hmc.edu) Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.11.0/8.11.0) id f6O1iIF30148 for net@freebsd.org; Mon, 23 Jul 2001 18:44:18 -0700 Date: Mon, 23 Jul 2001 18:44:18 -0700 From: Brooks Davis To: net@freebsd.org Subject: error in ip_checkinterface code? Message-ID: <20010723184418.B28097@Odin.AC.HMC.Edu> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="Pd0ReVV5GZGQvF3a" Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --Pd0ReVV5GZGQvF3a Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I just ran into what appears to be a bug in the ip_checkinterface code. The problem is that is assumes m->m_pkthdr.rcvif is non-NULL. Apparently this is normally true, but I have some netgraph code that processes it's processes in such a way that they lose their interface pointer which means that when I stick them back into the ip_stack get a panic. A quick patch that fixes the problem is included below. Is this fix correct? -- Brooks Index: ip_input.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/sys/netinet/ip_input.c,v retrieving revision 1.174 diff -u -r1.174 ip_input.c --- ip_input.c 2001/06/23 17:17:58 1.174 +++ ip_input.c 2001/07/24 01:46:22 @@ -559,6 +559,7 @@ * the packets are received. */ checkif =3D ip_checkinterface && (ipforwarding =3D=3D 0) &&=20 + m->m_pkthdr.rcvif !=3D NULL && ((m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK) =3D=3D 0) && (ip_fw_fwd_addr =3D=3D NULL); =20 --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --Pd0ReVV5GZGQvF3a Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7XNLxXY6L6fI4GtQRAkiKAJsG0TyhrWZFKM5uhlwMHrzDmLw9+wCfW1Fx 4C4cU24YZsxwCVU9VEuLwOo= =Vsxn -----END PGP SIGNATURE----- --Pd0ReVV5GZGQvF3a-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jul 23 19:15:15 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail.cis.nctu.edu.tw (mail.cis.nctu.edu.tw [140.113.23.5]) by hub.freebsd.org (Postfix) with ESMTP id 55F1F37B401 for ; Mon, 23 Jul 2001 19:15:08 -0700 (PDT) (envelope-from yckuo.bbs@bbs.cis.nctu.edu.tw) Received: (from root@localhost) by mail.cis.nctu.edu.tw (8.11.4/8.11.4) id f6O2FtY01780 for freebsd-net@freebsd.org; Tue, 24 Jul 2001 10:15:55 +0800 (CST) (envelope-from yckuo.bbs@bbs.cis.nctu.edu.tw) Received: from bbs.cis.nctu.edu.tw (bbs.cis.nctu.edu.tw [140.113.23.3]) by mail.cis.nctu.edu.tw (8.11.4/8.11.4av) with SMTP id f6O2Fpe01748 for freebsd-net@freebsd.org; Tue, 24 Jul 2001 10:15:51 +0800 (CST) (envelope-from yckuo.bbs@bbs.cis.nctu.edu.tw) From: yckuo.bbs@bbs.cis.nctu.edu.tw Received: by bbs.cis.nctu.edu.tw (Apollo BBS 1.0) id AA17755; Tue, 24 Jul 2001 10:14:45 +0800 Date: Tue, 24 Jul 2001 10:14:45 +0800 Message-Id: <20010724010214.AA17755@bbs.cis.nctu.edu.tw> Subject: frequentl lost default route To: freebsd-net@freebsd.org X-Forwarded-By: yckuo (煩啦) X-Disclaimer: 交通大學資訊科學系 BBS 對本信內容恕不負責。 X-Virus-Scanned: by AMaViS perl Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org dear all i have 2 freebsd-20010710-stable box "A" & "B", all same hardware compaq-1600 + 3c905c-TX connect to switch, switch connect to router so the seting is easy all defaultroute is the router. it works great. But suddenly box "A" frequentl lost default route it happen less in 2 minute, and to keep on recurring.. i don't know how to solve this problem,so i write a script to write default route again and again temporary solve this problem. box "B" doesn't have this problem it works greate.. when i use tcodump on box "A" to monitor arp tcpdump -e -p arp i found a strange problem , box "A" doesn't know it self. 09:53:06.482174 Box_A_MAC Broadcast arp 60: arp who-has BOX_A_IP tell BOX_A_IP thanks for your help. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 24 1:26:11 2001 Delivered-To: freebsd-net@freebsd.org Received: from mailguard.fgan.de (mailguard.fgan.de [128.7.3.5]) by hub.freebsd.org (Postfix) with ESMTP id 454EB37B406 for ; Tue, 24 Jul 2001 01:26:08 -0700 (PDT) (envelope-from leventi@fgan.de) Received: from rufsun5.ffm.fgan.de ([128.7.2.5]) by mailguard.fgan.de (8.11.2/8.11.2) with ESMTP id f6O8PtY18137; Tue, 24 Jul 2001 10:25:59 +0200 Received: from melle.fkie.fgan.de (melle.ffm.fgan.de [128.7.5.11]) by rufsun5.ffm.fgan.de (8.8.6/8.8.8) with ESMTP id KAA09294; Tue, 24 Jul 2001 10:25:54 +0200 (MET DST) Received: (from lev@localhost) by melle.fkie.fgan.de (8.10.2+Sun/8.10.2) id f6O8Pp401067; Tue, 24 Jul 2001 10:25:51 +0200 (MEST) Date: Tue, 24 Jul 2001 10:25:51 +0200 (MEST) Message-Id: <200107240825.f6O8Pp401067@melle.fkie.fgan.de> From: Anastasia Leventi-Peetz To: ume@mahoroba.org Cc: leventi@fgan.de, freebsd-net@FreeBSD.ORG In-reply-to: <20010724.014639.108796992.ume@mahoroba.org> (message from Hajimu UMEMOTO on Tue, 24 Jul 2001 01:46:39 +0900 (JST)) Subject: Re: address autoconfiguration and Generic Kernel Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I have set ip6_gateway_enable="NO" so that net.inet6.ip6.accept_rtadv=1 and address autoconfiguration happens. Now autoconfiguration succeeds but I get the curious message nd6_options: unsupported option 7-option ignored anybody know an advise? thanks: Anastasia To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 24 2:17:10 2001 Delivered-To: freebsd-net@freebsd.org Received: from imo-m02.mx.aol.com (imo-m02.mx.aol.com [64.12.136.5]) by hub.freebsd.org (Postfix) with ESMTP id B192B37B405 for ; Tue, 24 Jul 2001 02:17:06 -0700 (PDT) (envelope-from raviprasad20@netscape.net) Received: from raviprasad20@netscape.net by imo-m02.mx.aol.com (mail_out_v31.9.) id n.c2.8a2c2f (16227) for ; Tue, 24 Jul 2001 05:17:03 -0400 (EDT) Received: from netscape.com (mow-m05.webmail.aol.com [64.12.184.133]) by air-in02.mail.aol.com (v79.27) with ESMTP id MAILININ23-0724051703; Tue, 24 Jul 2001 05:17:03 -0400 Date: Tue, 24 Jul 2001 05:17:03 -0400 From: raviprasad20@netscape.net To: freebsd-net@freebsd.org Subject: prefixes from the rr_prefix structure. Message-ID: <418EEE1F.179D1A54.9513E96F@netscape.net> X-Mailer: Atlas Mailer 1.0 Content-Type: text/plain; charset=iso-8859-1 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I gave a prefix . The prefix was fec0:1111:2222::. Then i tried to print the prefix from the ifprefix structure in the rr_prefix structure. It was some thing like this 00:00:00:00:00:00:fe:c0:11:11:22:22:00:00:00:00. Kindly mail me why zeros are stored at the start? Are there any other better way of accessing the prefixes than from the ifprefix structure. regards ravi prasad __________________________________________________________________ Your favorite stores, helpful shopping tools and great gift ideas. Experience the convenience of buying online with Shop@Netscape! http://shopnow.netscape.com/ Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 24 6:49:30 2001 Delivered-To: freebsd-net@freebsd.org Received: from gopostal.digi.com (gopostal.digi.com [204.221.110.15]) by hub.freebsd.org (Postfix) with ESMTP id A980837B401; Tue, 24 Jul 2001 06:49:23 -0700 (PDT) (envelope-from chaegle@mediaone.net) Received: from minx.dgii.com (minx.digi.com [204.221.110.36]) by gopostal.digi.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13) id PJLHCVXH; Tue, 24 Jul 2001 08:49:09 -0500 Received: from hlc02 (hlc02.digi.com) by minx.dgii.com (5.x/SMI-SVR4) id AA08341; Thu, 12 Aug 1999 12:15:52 -0500 Message-Id: <008901c11447$b192b560$420fbf8f@hlc02> From: "Cameron Haegle" To: , Subject: PPTPClient Setup Date: Tue, 24 Jul 2001 08:51:08 -0500 Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0086_01C1141D.C7FB8040" X-Priority: 3 X-Msmail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-Mimeole: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is a multi-part message in MIME format. ------=_NextPart_000_0086_01C1141D.C7FB8040 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I am trying to get the pptpclient working between my 4.2 server and my = companies Microsoft VPN server.=20 I have not found any really useful sites regarding the setup of this. Any suggestions? Thanks in advance. Cameron ------=_NextPart_000_0086_01C1141D.C7FB8040 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
I am trying to get the pptpclient = working between=20 my 4.2 server and my companies Microsoft VPN server.
 
I have not found any really useful = sites regarding=20 the setup of this.
 
Any suggestions?
 
Thanks in advance.
 
Cameron
------=_NextPart_000_0086_01C1141D.C7FB8040-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 24 8: 7:20 2001 Delivered-To: freebsd-net@freebsd.org Received: from clmboh1-smtp3.columbus.rr.com (clmboh1-smtp3.columbus.rr.com [65.24.0.112]) by hub.freebsd.org (Postfix) with ESMTP id D2F0B37B408; Tue, 24 Jul 2001 08:07:11 -0700 (PDT) (envelope-from wmoran@iowna.com) Received: from iowna.com (dhcp065-024-023-038.columbus.rr.com [65.24.23.38]) by clmboh1-smtp3.columbus.rr.com (8.11.2/8.11.2) with ESMTP id f6OF3cn07064; Tue, 24 Jul 2001 11:03:38 -0400 (EDT) Message-ID: <3B5D8F13.3B7DF799@iowna.com> Date: Tue, 24 Jul 2001 11:06:59 -0400 From: Bill Moran X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.3-STABLE i386) X-Accept-Language: en MIME-Version: 1.0 To: Cameron Haegle Cc: net@FreeBSD.ORG, questions@FreeBSD.ORG Subject: Re: PPTPClient Setup References: <008901c11447$b192b560$420fbf8f@hlc02> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Cameron Haegle wrote: > I am trying to get the pptpclient working between my 4.2 server > and my companies Microsoft VPN server. >I have not found any really useful sites regarding the setup of this. Are you using mpd? If not, that's probably the way to go. /usr/local/share/doc/mpd has HTML documents on how to make it work. -Bill -- It may be that true happiness is nothing more than the ability to *always* know the right thing to say at the right time, whereas true misery is the state of perpetually saying to oneself, "What I *should* have said was..." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 24 8:38:45 2001 Delivered-To: freebsd-net@freebsd.org Received: from gopostal.digi.com (gopostal.digi.com [204.221.110.15]) by hub.freebsd.org (Postfix) with ESMTP id 0302637B407; Tue, 24 Jul 2001 08:38:38 -0700 (PDT) (envelope-from chaegle@mediaone.net) Received: from minx.dgii.com (minx.digi.com [204.221.110.36]) by gopostal.digi.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13) id PJLHCWX8; Tue, 24 Jul 2001 10:38:37 -0500 Received: from hlc02 (hlc02.digi.com) by minx.dgii.com (5.x/SMI-SVR4) id AA08352; Thu, 12 Aug 1999 14:05:20 -0500 Message-Id: <009d01c11456$fc86f310$420fbf8f@hlc02> From: "Cameron Haegle" To: "Bill Moran" Cc: , References: <008901c11447$b192b560$420fbf8f@hlc02> <3B5D8F13.3B7DF799@iowna.com> Subject: Re: PPTPClient Setup Date: Tue, 24 Jul 2001 10:40:36 -0500 Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-Msmail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-Mimeole: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Bill, Thanks for the information. What I have is a FreeBSD server connected via cable modem. Is mpd still recommended? I have installed pptpclient, but the documentation is quite sparse. Cameron ----- Original Message ----- From: "Bill Moran" To: "Cameron Haegle" Cc: ; Sent: Tuesday, July 24, 2001 10:06 AM Subject: Re: PPTPClient Setup > Cameron Haegle wrote: > > I am trying to get the pptpclient working between my 4.2 server > > and my companies Microsoft VPN server. > > >I have not found any really useful sites regarding the setup of this. > > Are you using mpd? If not, that's probably the way to go. > /usr/local/share/doc/mpd has HTML documents on how to make it work. > > -Bill > > -- > It may be that true happiness is nothing more than the ability to *always* > know the right thing to say at the right time, whereas true misery is the > state of perpetually saying to oneself, "What I *should* have said was..." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 24 8:44:40 2001 Delivered-To: freebsd-net@freebsd.org Received: from brisefer.cediti.be (brisefer.cediti.be [193.190.156.67]) by hub.freebsd.org (Postfix) with ESMTP id 7FB2B37B40A; Tue, 24 Jul 2001 08:44:37 -0700 (PDT) (envelope-from Olivier.Cherrier@cediti.be) Received: by brisefer.cediti.be with Internet Mail Service (5.5.2650.21) id <3F8PMTSJ>; Tue, 24 Jul 2001 17:42:54 +0200 Message-ID: From: Olivier Cherrier To: 'Cameron Haegle' , Bill Moran Cc: net@FreeBSD.ORG, questions@FreeBSD.ORG Subject: RE: PPTPClient Setup Date: Tue, 24 Jul 2001 17:42:43 +0200 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Bill, > >Thanks for the information. > >What I have is a FreeBSD server connected via cable modem. Is mpd still >recommended? You spoke to do a pptp client! Now, you want a server? Read the mpd documentation. It should be useful. mpd is a powerful software. > >I have installed pptpclient, but the documentation is quite sparse. pptpclient is PopTop which is different than mpd. oc To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 24 12:53:42 2001 Delivered-To: freebsd-net@freebsd.org Received: from clmboh1-smtp3.columbus.rr.com (clmboh1-smtp3.columbus.rr.com [65.24.0.112]) by hub.freebsd.org (Postfix) with ESMTP id 797A037B403; Tue, 24 Jul 2001 12:53:36 -0700 (PDT) (envelope-from wmoran@iowna.com) Received: from iowna.com (dhcp065-024-023-038.columbus.rr.com [65.24.23.38]) by clmboh1-smtp3.columbus.rr.com (8.11.2/8.11.2) with ESMTP id f6OJntn17100; Tue, 24 Jul 2001 15:49:56 -0400 (EDT) Message-ID: <3B5DD22B.675A1225@iowna.com> Date: Tue, 24 Jul 2001 15:53:15 -0400 From: Bill Moran X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.3-STABLE i386) X-Accept-Language: en MIME-Version: 1.0 To: Cameron Haegle Cc: net@FreeBSD.ORG, questions@FreeBSD.ORG Subject: Re: PPTPClient Setup References: <008901c11447$b192b560$420fbf8f@hlc02> <3B5D8F13.3B7DF799@iowna.com> <009d01c11456$fc86f310$420fbf8f@hlc02> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Cameron Haegle wrote: > > Bill, > > Thanks for the information. > > What I have is a FreeBSD server connected via cable modem. Is mpd still > recommended? > > I have installed pptpclient, but the documentation is quite sparse. mpd supports both pptp client and server modes (as well as other stuff) and seems to be pretty well documented. -Bill > > Cameron > > ----- Original Message ----- > From: "Bill Moran" > To: "Cameron Haegle" > Cc: ; > Sent: Tuesday, July 24, 2001 10:06 AM > Subject: Re: PPTPClient Setup > > > Cameron Haegle wrote: > > > I am trying to get the pptpclient working between my 4.2 server > > > and my companies Microsoft VPN server. > > > > >I have not found any really useful sites regarding the setup of this. > > > > Are you using mpd? If not, that's probably the way to go. > > /usr/local/share/doc/mpd has HTML documents on how to make it work. > > > > -Bill > > > > -- > > It may be that true happiness is nothing more than the ability to *always* > > know the right thing to say at the right time, whereas true misery is the > > state of perpetually saying to oneself, "What I *should* have said was..." -- It may be that true happiness is nothing more than the ability to *always* know the right thing to say at the right time, whereas true misery is the state of perpetually saying to oneself, "What I *should* have said was..." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 24 14:38: 5 2001 Delivered-To: freebsd-net@freebsd.org Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by hub.freebsd.org (Postfix) with ESMTP id EE55537B407; Tue, 24 Jul 2001 14:37:34 -0700 (PDT) (envelope-from brdavis@odin.ac.hmc.edu) Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.11.0/8.11.0) id f6OLbYc02653; Tue, 24 Jul 2001 14:37:34 -0700 Date: Tue, 24 Jul 2001 14:37:34 -0700 From: Brooks Davis To: net@freebsd.org, hackers@freebsd.org Subject: review request: ng_split cleanup Message-ID: <20010724143734.A1412@Odin.AC.HMC.Edu> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="FL5UXtIhxfXey3p5" Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --FL5UXtIhxfXey3p5 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Please review the following diff for the ng_split netgraph node. It cleans up a number of style issues, removes some functions that just did that the default functions did, and renames the node to split from ng_split to follow the normal convention. In addition to this diff, I plan to commit a Makefile update to make this part of the modules build and a sys/conf/options entry to allow static compilation. Thanks, Brooks Index: ng_split.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/sys/netgraph/ng_split.c,v retrieving revision 1.1 diff -u -r1.1 ng_split.c --- ng_split.c 2001/02/22 17:14:34 1.1 +++ ng_split.c 2001/07/24 21:37:28 @@ -1,5 +1,4 @@ -/*- - * +/* * Copyright (c) 1999-2000, Vitaly V Belekhov * All rights reserved. * @@ -25,7 +24,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $FreeBSD: src/sys/netgraph/ng_split.c,v 1.1 2001/02/22 17:14:34 julian= Exp $ + * $FreeBSD: src/sys/netgraph/ng_split.c,v 1.1 2001/02/22 17:14:34 julian = Exp $ * */ =20 @@ -46,11 +45,9 @@ =20 /* Netgraph methods */ static ng_constructor_t ng_split_constructor; -static ng_rcvmsg_t ng_split_rcvmsg; -static ng_shutdown_t ng_split_rmnode; +static ng_shutdown_t ng_split_shutdown; static ng_newhook_t ng_split_newhook; static ng_rcvdata_t ng_split_rcvdata; -static ng_connect_t ng_split_connect; static ng_disconnect_t ng_split_disconnect; =20 /* Node type descriptor */ @@ -59,11 +56,11 @@ NG_SPLIT_NODE_TYPE, NULL, ng_split_constructor, - ng_split_rcvmsg, - ng_split_rmnode, + NULL, + ng_split_shutdown, ng_split_newhook, + NULL, NULL, - ng_split_connect, ng_split_rcvdata, ng_split_disconnect, NULL @@ -72,9 +69,9 @@ =20 /* Node private data */ struct ng_split_private { - hook_p outhook; - hook_p inhook; - hook_p mixed; + hook_p out; + hook_p in; + hook_p mixed; node_p node; /* Our netgraph node */ }; typedef struct ng_split_private *priv_p; @@ -89,7 +86,7 @@ static int ng_split_constructor(node_p node) { - priv_p priv; + priv_p priv; =20 /* Allocate node */ MALLOC(priv, priv_p, sizeof(*priv), M_NETGRAPH, M_ZERO | M_NOWAIT); @@ -111,42 +108,25 @@ static int ng_split_newhook(node_p node, hook_p hook, const char *name) { - priv_p priv =3D NG_NODE_PRIVATE(node); + priv_p priv =3D NG_NODE_PRIVATE(node); + hook_p *localhook; =20 - if (strcmp(name, NG_SPLIT_HOOK_MIXED)) { - if (strcmp(name, NG_SPLIT_HOOK_INHOOK)) { - if (strcmp(name, NG_SPLIT_HOOK_OUTHOOK)) - return (EPFNOSUPPORT); - else { - if (priv->outhook !=3D NULL) - return (EISCONN); - priv->outhook =3D hook; - NG_HOOK_SET_PRIVATE(hook, &(priv->outhook)); - } - } else { - if (priv->inhook !=3D NULL) - return (EISCONN); - priv->inhook =3D hook; - NG_HOOK_SET_PRIVATE(hook, &(priv->inhook)); - } + if (strcmp(name, NG_SPLIT_HOOK_MIXED) =3D=3D 0) { + localhook =3D &priv->mixed; + } else if (strcmp(name, NG_SPLIT_HOOK_IN) =3D=3D 0) { + localhook =3D &priv->in; + } else if (strcmp(name, NG_SPLIT_HOOK_OUT) =3D=3D 0) { + localhook =3D &priv->out; } else { - if (priv->mixed !=3D NULL) - return (EISCONN); - priv->mixed =3D hook; - NG_HOOK_SET_PRIVATE(hook, &(priv->mixed)); + return (EPFNOSUPPORT); } =20 - return (0); -} + if (*localhook !=3D NULL) + return (EISCONN); + *localhook =3D hook; + NG_HOOK_SET_PRIVATE(hook, localhook); =20 -/* - * Receive a control message - */ -static int -ng_split_rcvmsg(node_p node, item_p item, hook_p lasthook) -{ - NG_FREE_ITEM(item); - return (EINVAL); + return (0); } =20 /* @@ -155,39 +135,26 @@ static int ng_split_rcvdata(hook_p hook, item_p item) { - meta_p meta; - const priv_p priv =3D NG_NODE_PRIVATE(NG_HOOK_NODE(hook)); - int error =3D 0; + const priv_p priv =3D NG_NODE_PRIVATE(NG_HOOK_NODE(hook)); + int error =3D 0; =20 - if (hook =3D=3D priv->outhook) { - printf("ng_split: got packet from outhook!\n"); - NG_FREE_ITEM(item); - return (EINVAL); - } -#if 0 /* should never happen */ - if (NGI_M(item) =3D=3D NULL) { - printf("ng_split: mbuf is null.\n"); + if (hook =3D=3D priv->out) { + printf("ng_split: got packet from out hook!\n"); NG_FREE_ITEM(item); - return (EINVAL); - } -#endif - /*=20 - * XXX Really here we should just remove metadata we understand. - */ - NGI_GET_META(item, meta); - NG_FREE_META(meta); - if ((hook =3D=3D priv->inhook) && (priv->mixed)) { + error =3D EINVAL; + } else if ((hook =3D=3D priv->in) && (priv->mixed !=3D NULL)) { NG_FWD_ITEM_HOOK(error, item, priv->mixed); - } else if ((hook =3D=3D priv->mixed) && (priv->outhook)) { - NG_FWD_ITEM_HOOK(error, item, priv->outhook); + } else if ((hook =3D=3D priv->mixed) && (priv->out !=3D NULL)) { + NG_FWD_ITEM_HOOK(error, item, priv->out); } + return (error); } =20 static int -ng_split_rmnode(node_p node) +ng_split_shutdown(node_p node) { - const priv_p priv =3D NG_NODE_PRIVATE(node); + const priv_p priv =3D NG_NODE_PRIVATE(node); =20 NG_NODE_SET_PRIVATE(node, NULL); NG_NODE_UNREF(node); @@ -196,31 +163,19 @@ return (0); } =20 - -/* - * This is called once we've already connected a new hook to the other nod= e. - * It gives us a chance to balk at the last minute. - */ -static int -ng_split_connect(hook_p hook) -{ - /* be really amiable and just say "YUP that's OK by me! " */ - return (0); -} - /* * Hook disconnection */ static int ng_split_disconnect(hook_p hook) { - if (NG_HOOK_PRIVATE(hook)) { - *((hook_p *)NG_HOOK_PRIVATE(hook)) =3D (hook_p)0; - } - + hook_p *localhook =3D NG_HOOK_PRIVATE(hook); +=09 + KASSERT(localhook !=3D NULL, ("%s: null info", __FUNCTION__)); + *localhook =3D NULL; if ((NG_NODE_NUMHOOKS(NG_HOOK_NODE(hook)) =3D=3D 0) - && (NG_NODE_IS_VALID(NG_HOOK_NODE(hook)))) { - ng_rmnode_self(NG_HOOK_NODE(hook)); + && (NG_NODE_IS_VALID(NG_HOOK_NODE(hook)))) { + ng_rmnode_self(NG_HOOK_NODE(hook)); } =20 return (0); Index: ng_split.h =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/sys/netgraph/ng_split.h,v retrieving revision 1.1 diff -u -r1.1 ng_split.h --- ng_split.h 2001/02/22 17:14:34 1.1 +++ ng_split.h 2001/07/24 21:09:57 @@ -25,7 +25,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $FreeBSD: src/sys/netgraph/ng_split.h,v 1.1 2001/02/22 17:14:34 julian= Exp $ + * $FreeBSD: src/sys/netgraph/ng_split.h,v 1.1 2001/02/22 17:14:34 julian = Exp $ * */ =20 @@ -34,12 +34,12 @@ #define _NG_SPLIT_H =20 /* Node type name and magic cookie */ -#define NG_SPLIT_NODE_TYPE "ng_split" -#define NGM_NG_SPLIT_COOKIE 949409402 +#define NG_SPLIT_NODE_TYPE "split" +#define NGM_NG_SPLIT_COOKIE 949409402 =20 /* My hook names */ -#define NG_SPLIT_HOOK_MIXED "mixed" /* Mixed stream (in/out) */ -#define NG_SPLIT_HOOK_OUTHOOK "out" /* Output to outhook (sending ou= t) */ -#define NG_SPLIT_HOOK_INHOOK "in" /* Input from inhook (recieving) = */ +#define NG_SPLIT_HOOK_MIXED "mixed" /* Mixed stream (in/out) */ +#define NG_SPLIT_HOOK_OUT "out" /* Output to outhook (sending out) */ +#define NG_SPLIT_HOOK_IN "in" /* Input from inhook (recieving) */ =20 #endif /* _NG_SPLIT_H */ --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --FL5UXtIhxfXey3p5 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7XeqdXY6L6fI4GtQRAu7xAKDDzx1etCgqGl+gelUPnFebIotBZgCeL3Zf jduBvdjDp4xCEMPe1Hh8WIQ= =fQnk -----END PGP SIGNATURE----- --FL5UXtIhxfXey3p5-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 24 14:43: 4 2001 Delivered-To: freebsd-net@freebsd.org Received: from meow.osd.bsdi.com (meow.osd.bsdi.com [204.216.28.88]) by hub.freebsd.org (Postfix) with ESMTP id 354CA37B405; Tue, 24 Jul 2001 14:43:00 -0700 (PDT) (envelope-from jhb@FreeBSD.org) Received: from laptop.baldwin.cx (john@jhb-laptop.osd.bsdi.com [204.216.28.241]) by meow.osd.bsdi.com (8.11.4/8.11.2) with ESMTP id f6OLgkv24683; Tue, 24 Jul 2001 14:42:46 -0700 (PDT) (envelope-from jhb@FreeBSD.org) Message-ID: X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: <20010724143734.A1412@Odin.AC.HMC.Edu> Date: Tue, 24 Jul 2001 14:42:43 -0700 (PDT) From: John Baldwin To: Brooks Davis Subject: RE: review request: ng_split cleanup Cc: hackers@FreeBSD.org, net@FreeBSD.org Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On 24-Jul-01 Brooks Davis wrote: > Please review the following diff for the ng_split netgraph node. It > cleans up a number of style issues, removes some functions that just did > that the default functions did, and renames the node to split from > ng_split to follow the normal convention. In addition to this diff, I > plan to commit a Makefile update to make this part of the modules build > and a sys/conf/options entry to allow static compilation. > > Thanks, > Brooks > > Index: ng_split.c > =================================================================== > RCS file: /home/ncvs/src/sys/netgraph/ng_split.c,v > retrieving revision 1.1 > diff -u -r1.1 ng_split.c > --- ng_split.c 2001/02/22 17:14:34 1.1 > +++ ng_split.c 2001/07/24 21:37:28 > @@ -1,5 +1,4 @@ > -/*- > - * > +/* > * Copyright (c) 1999-2000, Vitaly V Belekhov > * All rights reserved. > * This hunk is needed for lint(1) to recognize special comments. Don't remove it. -- John Baldwin -- http://www.FreeBSD.org/~jhb/ PGP Key: http://www.baldwin.cx/~john/pgpkey.asc "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 24 14:46:20 2001 Delivered-To: freebsd-net@freebsd.org Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by hub.freebsd.org (Postfix) with ESMTP id 7EAB837B403; Tue, 24 Jul 2001 14:46:13 -0700 (PDT) (envelope-from brdavis@odin.ac.hmc.edu) Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.11.0/8.11.0) id f6OLkDR04285; Tue, 24 Jul 2001 14:46:13 -0700 Date: Tue, 24 Jul 2001 14:46:13 -0700 From: Brooks Davis To: John Baldwin Cc: hackers@FreeBSD.org, net@FreeBSD.org Subject: Re: review request: ng_split cleanup Message-ID: <20010724144613.A3968@Odin.AC.HMC.Edu> References: <20010724143734.A1412@Odin.AC.HMC.Edu> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="CE+1k2dSO48ffgeK" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from jhb@FreeBSD.org on Tue, Jul 24, 2001 at 02:42:43PM -0700 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --CE+1k2dSO48ffgeK Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jul 24, 2001 at 02:42:43PM -0700, John Baldwin wrote: >=20 > > --- ng_split.c 2001/02/22 17:14:34 1.1 > > +++ ng_split.c 2001/07/24 21:37:28 > > @@ -1,5 +1,4 @@ > > -/*- > > - * > > +/* > > * Copyright (c) 1999-2000, Vitaly V Belekhov > > * All rights reserved. > > * >=20 > This hunk is needed for lint(1) to recognize special comments. Don't rem= ove it. Ok, I'm updated my sources and an online copy at: http://people.freebsd.org/~brooks/patches/ng_split.diff -- Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --CE+1k2dSO48ffgeK Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7XeykXY6L6fI4GtQRApF8AJ9+mF/ujgCNrMiEDCAmFVinWkeMNACfc5wY 4QZR9FIFeXLw/IpsSwdIBkc= =7lTR -----END PGP SIGNATURE----- --CE+1k2dSO48ffgeK-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 24 16: 0:12 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id 4421A37B407; Tue, 24 Jul 2001 15:59:59 -0700 (PDT) (envelope-from julian@elischer.org) Received: from InterJet.elischer.org (InterJet.elischer.org [192.168.1.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id RAA21029; Tue, 24 Jul 2001 17:04:55 -0700 (PDT) Date: Tue, 24 Jul 2001 17:04:53 -0700 (PDT) From: Julian Elischer To: Brooks Davis Cc: net@freebsd.org, hackers@freebsd.org Subject: Re: review request: ng_split cleanup In-Reply-To: <20010724143734.A1412@Odin.AC.HMC.Edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 24 Jul 2001, Brooks Davis wrote: > Please review the following diff for the ng_split netgraph node. It > cleans up a number of style issues, removes some functions that just did > that the default functions did, and renames the node to split from > ng_split to follow the normal convention. In addition to this diff, I > plan to commit a Makefile update to make this part of the modules build > and a sys/conf/options entry to allow static compilation. > > Thanks, > Brooks > > Index: ng_split.c > =================================================================== > RCS file: /home/ncvs/src/sys/netgraph/ng_split.c,v > retrieving revision 1.1 [...] > diff -u -r1.1 ng_split.c > - /* > - * XXX Really here we should just remove metadata we understand. > - */ > - NGI_GET_META(item, meta); > - NG_FREE_META(meta); this one is tricky.. it was written as part of a set of nodes that pass around their own metadata. The original idea was (so the author suggested) to stop those metadata structures from propogating out of the limited part of the graph that knew about them. However I don't see any harm in letting them go, since any node that doesn't understand a particular metadata type should ignore it.. otherwise your patch seems functionally the same.. please feel free to commit. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 24 16: 0:12 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id 518D537B403 for ; Tue, 24 Jul 2001 15:59:57 -0700 (PDT) (envelope-from julian@elischer.org) Received: from elischer.org (InterJet.elischer.org [192.168.1.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id WAA19967; Mon, 23 Jul 2001 22:10:34 -0700 (PDT) Message-ID: <3B5CE50D.D57F5E72@elischer.org> Date: Mon, 23 Jul 2001 20:01:33 -0700 From: Julian Elischer X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 5.0-CURRENT i386) X-Accept-Language: en, hu MIME-Version: 1.0 To: Brooks Davis Cc: net@freebsd.org Subject: Re: error in ip_checkinterface code? References: <20010723184418.B28097@Odin.AC.HMC.Edu> Content-Type: text/plain; charset=iso-8859-2 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Brooks Davis wrote: > > I just ran into what appears to be a bug in the ip_checkinterface code. > The problem is that is assumes m->m_pkthdr.rcvif is non-NULL. > Apparently this is normally true, but I have some netgraph code that > processes it's processes in such a way that they lose their interface > pointer which means that when I stick them back into the ip_stack get a > panic. A quick patch that fixes the problem is included below. Is > this fix correct? > > -- Brooks > > Index: ip_input.c > =================================================================== > RCS file: /home/ncvs/src/sys/netinet/ip_input.c,v > retrieving revision 1.174 > diff -u -r1.174 ip_input.c > --- ip_input.c 2001/06/23 17:17:58 1.174 > +++ ip_input.c 2001/07/24 01:46:22 > @@ -559,6 +559,7 @@ > * the packets are received. > */ > checkif = ip_checkinterface && (ipforwarding == 0) && > + m->m_pkthdr.rcvif != NULL && > ((m->m_pkthdr.rcvif->if_flags & IFF_LOOPBACK) == 0) && > (ip_fw_fwd_addr == NULL); another possibility is to assign an incoming interface to the reinjected packet :-) (what are you using netgraph for?) > > -- > Any statement of the form "X is the one, true Y" is FALSE. > PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 > > -------------------------------------------------------------------------------- > Part 1.2Type: application/pgp-signature -- +------------------------------------+ ______ _ __ | __--_|\ Julian Elischer | \ U \/ / hard at work in | / \ julian@elischer.org +------>x USA \ a very strange | ( OZ ) \___ ___ | country ! +- X_.---._/ presently in San Francisco \_/ \\ v To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 24 16: 3:15 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id 6027037B401; Tue, 24 Jul 2001 16:03:06 -0700 (PDT) (envelope-from julian@elischer.org) Received: from InterJet.elischer.org (InterJet.elischer.org [192.168.1.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id RAA21031; Tue, 24 Jul 2001 17:06:25 -0700 (PDT) Date: Tue, 24 Jul 2001 17:06:24 -0700 (PDT) From: Julian Elischer To: John Baldwin Cc: Brooks Davis , hackers@FreeBSD.org, net@FreeBSD.org Subject: RE: review request: ng_split cleanup In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org oops actually I think that I do it because 'indent' also recognises it I think. "yeah.. what he says".. :-) On Tue, 24 Jul 2001, John Baldwin wrote: > > On 24-Jul-01 Brooks Davis wrote: > > Please review the following diff for the ng_split netgraph node. It > > cleans up a number of style issues, removes some functions that just did > > that the default functions did, and renames the node to split from > > ng_split to follow the normal convention. In addition to this diff, I > > plan to commit a Makefile update to make this part of the modules build > > and a sys/conf/options entry to allow static compilation. > > > > Thanks, > > Brooks > > > > Index: ng_split.c > > =================================================================== > > RCS file: /home/ncvs/src/sys/netgraph/ng_split.c,v > > retrieving revision 1.1 > > diff -u -r1.1 ng_split.c > > --- ng_split.c 2001/02/22 17:14:34 1.1 > > +++ ng_split.c 2001/07/24 21:37:28 > > @@ -1,5 +1,4 @@ > > -/*- > > - * > > +/* > > * Copyright (c) 1999-2000, Vitaly V Belekhov > > * All rights reserved. > > * > > This hunk is needed for lint(1) to recognize special comments. Don't remove it. > > -- > > John Baldwin -- http://www.FreeBSD.org/~jhb/ > PGP Key: http://www.baldwin.cx/~john/pgpkey.asc > "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 24 16:21:19 2001 Delivered-To: freebsd-net@freebsd.org Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by hub.freebsd.org (Postfix) with ESMTP id 1181637B407 for ; Tue, 24 Jul 2001 16:21:16 -0700 (PDT) (envelope-from brdavis@odin.ac.hmc.edu) Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.11.0/8.11.0) id f6ONLCV18180; Tue, 24 Jul 2001 16:21:12 -0700 Date: Tue, 24 Jul 2001 16:21:12 -0700 From: Brooks Davis To: Julian Elischer Cc: net@freebsd.org Subject: Re: error in ip_checkinterface code? Message-ID: <20010724162111.A14440@Odin.AC.HMC.Edu> References: <20010723184418.B28097@Odin.AC.HMC.Edu> <3B5CE50D.D57F5E72@elischer.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="opJtzjQTFsWo+cga" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3B5CE50D.D57F5E72@elischer.org>; from julian@elischer.org on Mon, Jul 23, 2001 at 08:01:33PM -0700 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --opJtzjQTFsWo+cga Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Jul 23, 2001 at 08:01:33PM -0700, Julian Elischer wrote: > Brooks Davis wrote: > >=20 > > I just ran into what appears to be a bug in the ip_checkinterface code. > > The problem is that is assumes m->m_pkthdr.rcvif is non-NULL. > > Apparently this is normally true, but I have some netgraph code that > > processes it's processes in such a way that they lose their interface > > pointer which means that when I stick them back into the ip_stack get a > > panic. A quick patch that fixes the problem is included below. Is > > this fix correct? >=20 > another possibility is to assign an incoming interface to the reinjected = packet > :-) The problem with that is I'd basicaly just have to invent one because at that point I have no easy way of knowing where the packet came from. The other place ip_input() looks at the interface, it check that it exists first so there is some precident. > (what are you using netgraph for?) I'm using it to direct traffic from a number of agents through a userland network simulator. Each agent sits at the end of an IP over IP tunnel connected to a gif interface. I've written part of an ng_gif module based on ng_ether to provide access to all packets arriving over the interface. An ng_gif_demux module allows me to take all the inet packets off of each interface. An ng_one2many node is used to consolidate packets from these interfaces and feed them into an ng_split node which currently feeds them to the userland via an ng_socket node. On return from the simulator (currently, "nghook -l -n -a split: mixed"), the split node passes the packet to an ng_ip_input node which simply accepts packets, shoves them onto the ip input queue and schedules an ip soft interupt. This is where the current ip_input() gets into trouble because the mbuf created by ng_socket does not contain an interface pointer. In the final version, there will be a small address translator between the ng_split and ng_socket nodes handling a hack which will allow multiple agents to exist on the same host and still be forced to talk through the simulator without significant code modifications. There's a somewhat inaccurate picture at: http://people.freebsd.org/~brooks/tnt-netgraph.ps Assuming our funding for this didn't just totally vanish, I'm hoping to have a paper to present on this for BSDCon. -- Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --opJtzjQTFsWo+cga Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7XgLmXY6L6fI4GtQRAhsdAKDc2semulMxBC6vH/X0Bky7pTbOogCgramJ XJLXPNBmbxaWd3evg8G5/rM= =fdFf -----END PGP SIGNATURE----- --opJtzjQTFsWo+cga-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 24 16:38:56 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail.rpi.edu (mail.rpi.edu [128.113.22.40]) by hub.freebsd.org (Postfix) with ESMTP id B83EA37B405; Tue, 24 Jul 2001 16:38:50 -0700 (PDT) (envelope-from drosih@rpi.edu) Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47]) by mail.rpi.edu (8.11.3/8.11.3) with ESMTP id f6ONcis98792; Tue, 24 Jul 2001 19:38:44 -0400 Mime-Version: 1.0 X-Sender: drosih@mail.rpi.edu Message-Id: In-Reply-To: References: Date: Tue, 24 Jul 2001 19:38:42 -0400 To: John Baldwin , Brooks Davis From: Garance A Drosihn Subject: RE: review request: ng_split cleanup Cc: hackers@FreeBSD.ORG, net@FreeBSD.ORG Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 2:42 PM -0700 7/24/01, John Baldwin wrote: >On 24-Jul-01 Brooks Davis wrote: >> Please review the following diff for the ng_split netgraph node. It > > cleans up a number of style issues, ... > > diff -u -r1.1 ng_split.c >> --- ng_split.c 2001/02/22 17:14:34 1.1 >> +++ ng_split.c 2001/07/24 21:37:28 >> @@ -1,5 +1,4 @@ >> -/*- >> - * >> +/* >> * Copyright (c) 1999-2000, Vitaly V Belekhov >> * All rights reserved. >> * > >This hunk is needed for lint(1) to recognize special comments. >Don't remove it. The '/*-' part? What does lint do special with those? (and should I have those in new source modules that I create?) -- Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 24 17: 3:22 2001 Delivered-To: freebsd-net@freebsd.org Received: from meow.osd.bsdi.com (meow.osd.bsdi.com [204.216.28.88]) by hub.freebsd.org (Postfix) with ESMTP id 44C2037B406; Tue, 24 Jul 2001 17:03:17 -0700 (PDT) (envelope-from jhb@FreeBSD.org) Received: from laptop.baldwin.cx (john@jhb-laptop.osd.bsdi.com [204.216.28.241]) by meow.osd.bsdi.com (8.11.4/8.11.2) with ESMTP id f6P02rv42890; Tue, 24 Jul 2001 17:02:53 -0700 (PDT) (envelope-from jhb@FreeBSD.org) Message-ID: X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: Date: Tue, 24 Jul 2001 17:02:52 -0700 (PDT) From: John Baldwin To: Garance A Drosihn Subject: RE: review request: ng_split cleanup Cc: net@FreeBSD.org, hackers@FreeBSD.org, Brooks Davis Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On 24-Jul-01 Garance A Drosihn wrote: > At 2:42 PM -0700 7/24/01, John Baldwin wrote: >>On 24-Jul-01 Brooks Davis wrote: >>> Please review the following diff for the ng_split netgraph node. It >> > cleans up a number of style issues, ... > >> > diff -u -r1.1 ng_split.c >>> --- ng_split.c 2001/02/22 17:14:34 1.1 >>> +++ ng_split.c 2001/07/24 21:37:28 >>> @@ -1,5 +1,4 @@ >>> -/*- >>> - * >>> +/* >>> * Copyright (c) 1999-2000, Vitaly V Belekhov >>> * All rights reserved. >>> * >> >>This hunk is needed for lint(1) to recognize special comments. >>Don't remove it. > > The '/*-' part? What does lint do special with those? > (and should I have those in new source modules that I create?) Grr, not lint, but indent treats these special. My memory is failing apparently. -- John Baldwin -- http://www.FreeBSD.org/~jhb/ PGP Key: http://www.baldwin.cx/~john/pgpkey.asc "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 24 17:15:32 2001 Delivered-To: freebsd-net@freebsd.org Received: from mnmai05.mn.mediaone.net (mnmai05.mn.mediaone.net [24.131.1.59]) by hub.freebsd.org (Postfix) with ESMTP id EAE8937B408; Tue, 24 Jul 2001 17:15:24 -0700 (PDT) (envelope-from cameronh@remotepoint.com) Received: from toadstool (nic-41-c27-246.mn.mediaone.net [66.41.27.246]) by mnmai05.mn.mediaone.net (8.11.1/8.11.1) with SMTP id f6P0FJ122456; Tue, 24 Jul 2001 20:15:20 -0400 (EDT) From: "Cameron Haegle" To: "Olivier Cherrier" , "'Cameron Haegle'" , "Bill Moran" Cc: , Subject: RE: PPTPClient Setup Date: Tue, 24 Jul 2001 19:13:55 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-Mimeole: Produced By Microsoft MimeOLE V5.50.4522.1200 In-Reply-To: Importance: Normal Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org No I am not looking for a server, I am trying to get my system connected to my company network as a client. I am getting closer now, I appera to be failing authentication now. Thanks for all of the advise, keep it coming. Cameron -----Original Message----- From: owner-freebsd-net@FreeBSD.ORG [mailto:owner-freebsd-net@FreeBSD.ORG]On Behalf Of Olivier Cherrier Sent: Tuesday, July 24, 2001 10:43 AM To: 'Cameron Haegle'; Bill Moran Cc: net@FreeBSD.ORG; questions@FreeBSD.ORG Subject: RE: PPTPClient Setup >Bill, > >Thanks for the information. > >What I have is a FreeBSD server connected via cable modem. Is mpd still >recommended? You spoke to do a pptp client! Now, you want a server? Read the mpd documentation. It should be useful. mpd is a powerful software. > >I have installed pptpclient, but the documentation is quite sparse. pptpclient is PopTop which is different than mpd. oc To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 24 17:51:56 2001 Delivered-To: freebsd-net@freebsd.org Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by hub.freebsd.org (Postfix) with ESMTP id 642B637B405; Tue, 24 Jul 2001 17:51:49 -0700 (PDT) (envelope-from brdavis@odin.ac.hmc.edu) Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.11.0/8.11.0) id f6P0pmD32141; Tue, 24 Jul 2001 17:51:48 -0700 Date: Tue, 24 Jul 2001 17:51:48 -0700 From: Brooks Davis To: Julian Elischer Cc: net@freebsd.org, hackers@freebsd.org Subject: Re: review request: ng_split cleanup Message-ID: <20010724175148.A31113@Odin.AC.HMC.Edu> References: <20010724143734.A1412@Odin.AC.HMC.Edu> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="EVF5PPMfhYS0aIcm" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from julian@elischer.org on Tue, Jul 24, 2001 at 05:04:53PM -0700 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --EVF5PPMfhYS0aIcm Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jul 24, 2001 at 05:04:53PM -0700, Julian Elischer wrote: > On Tue, 24 Jul 2001, Brooks Davis wrote: >=20 > > Index: ng_split.c > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > RCS file: /home/ncvs/src/sys/netgraph/ng_split.c,v > > retrieving revision 1.1 >=20 > [...] >=20 > > diff -u -r1.1 ng_split.c > > - /*=20 > > - * XXX Really here we should just remove metadata we understand. > > - */ > > - NGI_GET_META(item, meta); > > - NG_FREE_META(meta); >=20 >=20 > this one is tricky.. > it was written as part of a set of nodes that pass around their own > metadata. The original idea was (so the author suggested) to stop those= =20 > metadata structures from propogating out of the limited part of the graph= =20 > that knew about them. >=20 > However I don't see any harm in letting them go, since any node that > doesn't understand a particular metadata type should ignore it.. My idea was that split falls into the same catagory as one2many or tee in that their sole function is to move packets around and thus removing metadata was a POLA violation. It seems that if you do need to create a wall to keep metadata out, the right answer would be an ng_stripmeta node who's purpose would be to remove metadata to provide this kind of isolation where needed. -- Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --EVF5PPMfhYS0aIcm Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7XhgjXY6L6fI4GtQRArtOAJ9tfOxOp+G2aYkP/YWed+bnaJTE9gCgmGMi 6wAr0aINiRt7xTU3hIOSH/0= =LZiK -----END PGP SIGNATURE----- --EVF5PPMfhYS0aIcm-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 24 18:37: 9 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id 6E56C37B408; Tue, 24 Jul 2001 18:37:03 -0700 (PDT) (envelope-from julian@elischer.org) Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id UAA01163; Tue, 24 Jul 2001 20:31:29 -0700 (PDT) Date: Tue, 24 Jul 2001 20:31:28 -0700 (PDT) From: Julian Elischer To: Brooks Davis Cc: net@freebsd.org, hackers@freebsd.org Subject: Re: review request: ng_split cleanup In-Reply-To: <20010724175148.A31113@Odin.AC.HMC.Edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I agree and see that you committed it already :-) On Tue, 24 Jul 2001, Brooks Davis wrote: > On Tue, Jul 24, 2001 at 05:04:53PM -0700, Julian Elischer wrote: > > On Tue, 24 Jul 2001, Brooks Davis wrote: > > > > > Index: ng_split.c > > > =================================================================== > > > RCS file: /home/ncvs/src/sys/netgraph/ng_split.c,v > > > retrieving revision 1.1 > > > > [...] > > > > > diff -u -r1.1 ng_split.c > > > - /* > > > - * XXX Really here we should just remove metadata we understand. > > > - */ > > > - NGI_GET_META(item, meta); > > > - NG_FREE_META(meta); > > > > > > this one is tricky.. > > it was written as part of a set of nodes that pass around their own > > metadata. The original idea was (so the author suggested) to stop those > > metadata structures from propogating out of the limited part of the graph > > that knew about them. > > > > However I don't see any harm in letting them go, since any node that > > doesn't understand a particular metadata type should ignore it.. > > My idea was that split falls into the same catagory as one2many or tee > in that their sole function is to move packets around and thus removing > metadata was a POLA violation. It seems that if you do need to create a > wall to keep metadata out, the right answer would be an ng_stripmeta > node who's purpose would be to remove metadata to provide this kind of > isolation where needed. > > -- Brooks > > -- > Any statement of the form "X is the one, true Y" is FALSE. > PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jul 24 21:20:17 2001 Delivered-To: freebsd-net@freebsd.org Received: from silby.com (cb34181-a.mdsn1.wi.home.com [24.14.173.39]) by hub.freebsd.org (Postfix) with ESMTP id B4A1337B403 for ; Tue, 24 Jul 2001 21:19:58 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 32546 invoked by uid 1000); 25 Jul 2001 04:19:57 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 25 Jul 2001 04:19:57 -0000 Date: Tue, 24 Jul 2001 23:19:57 -0500 (CDT) From: Mike Silbersack To: , Subject: TCP sequence numbers: RFC1948 patch ready for testing Message-ID: <20010724230813.A31803-200000@achilles.silby.com> MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="0-155072002-996034797=:31803" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mime@docserver.cac.washington.edu for more info. --0-155072002-996034797=:31803 Content-Type: TEXT/PLAIN; charset=US-ASCII Hello all, the RFC1948-like sequence number generation patch is ready for testing. The patch included will apply cleanly to both a recent -current and a recent -stable. I've spent a good deal of time looking at tcpdump logs, and it looks good to me. Please test and review this if you feel comfortable doing so. If you do not feel comfortable doing so, please simply test it instead. :) When testing, please try both with net.inet.tcp.tcp_seq_genscheme set to 0 and 1. 0 Uses the RFC1948 scheme for generating all ISNs, 1 uses RFC1948 only for outgoing SYN; SYN-ACKs are filled with random values instead. I'd like to leave this selectable, with the default to 1. 1 is slightly faster, while 0 may feel more comfortable to some users. Both schemes should work equally well, so please test both. I've changed the RFC1948 algorithm slightly, by adding a random offset. Please look this over carefully when reviewing. Note that this patch is _functionally_ complete, but does not yet remove cruft from other generation schemes; I will do this in the final version of the patch. Enjoy! Mike "Silby" Silbersack --0-155072002-996034797=:31803 Content-Type: TEXT/PLAIN; charset=US-ASCII; name="rfc1948seq.patch" Content-Transfer-Encoding: BASE64 Content-ID: <20010724231957.R31803@achilles.silby.com> Content-Description: Content-Disposition: attachment; filename="rfc1948seq.patch" ZGlmZiAtdSAtciBuZXRpbmV0Lm9sZC90Y3BfaW5wdXQuYyBuZXRpbmV0L3Rj cF9pbnB1dC5jDQotLS0gbmV0aW5ldC5vbGQvdGNwX2lucHV0LmMJVGh1IEp1 bCAxOSAyMDo0NTowMSAyMDAxDQorKysgbmV0aW5ldC90Y3BfaW5wdXQuYwlG cmkgSnVsIDIwIDIyOjM4OjE4IDIwMDENCkBAIC0xMTM1LDcgKzExMzUsNyBA QA0KIAkJaWYgKGlzcykNCiAJCQl0cC0+aXNzID0gaXNzOw0KIAkJZWxzZSB7 DQotCQkJdHAtPmlzcyA9IHRjcF9uZXdfaXNuKCk7DQorCQkJdHAtPmlzcyA9 IHRjcF9uZXdfaXNuKHRwKTsNCiAgCQl9DQogCQl0cC0+aXJzID0gdGgtPnRo X3NlcTsNCiAJCXRjcF9zZW5kc2VxaW5pdCh0cCk7DQpAQCAtMTY2Nyw3ICsx NjY3LDcgQEANCiAJCQlpZiAodGhmbGFncyAmIFRIX1NZTiAmJg0KIAkJCSAg ICB0cC0+dF9zdGF0ZSA9PSBUQ1BTX1RJTUVfV0FJVCAmJg0KIAkJCSAgICBT RVFfR1QodGgtPnRoX3NlcSwgdHAtPnJjdl9ueHQpKSB7DQotCQkJCWlzcyA9 IHRjcF9uZXdfaXNuKCk7DQorCQkJCWlzcyA9IHRjcF9uZXdfaXNuKHRwKTsN CiAJCQkJdHAgPSB0Y3BfY2xvc2UodHApOw0KIAkJCQlnb3RvIGZpbmRwY2I7 DQogCQkJfQ0KZGlmZiAtdSAtciBuZXRpbmV0Lm9sZC90Y3Bfc3Vici5jIG5l dGluZXQvdGNwX3N1YnIuYw0KLS0tIG5ldGluZXQub2xkL3RjcF9zdWJyLmMJ VGh1IEp1bCAxOSAyMDo0NTowMSAyMDAxDQorKysgbmV0aW5ldC90Y3Bfc3Vi ci5jCU1vbiBKdWwgMjMgMjE6NTk6NTMgMjAwMQ0KQEAgLTk4LDYgKzk4LDcg QEANCiAjZW5kaWYgLypJUFNFQyovDQogDQogI2luY2x1ZGUgPG1hY2hpbmUv aW5fY2tzdW0uaD4NCisjaW5jbHVkZSA8c3lzL21kNS5oPg0KIA0KIGludCAJ dGNwX21zc2RmbHQgPSBUQ1BfTVNTOw0KIFNZU0NUTF9JTlQoX25ldF9pbmV0 X3RjcCwgVENQQ1RMX01TU0RGTFQsIG1zc2RmbHQsIENUTEZMQUdfUlcsIA0K QEAgLTExMTIsMjQgKzExMTMsOTIgQEANCiB9DQogI2VuZGlmIC8qIElORVQ2 ICovDQogDQorLyoNCisgKiBGb2xsb3dpbmcgaXMgd2hlcmUgVENQIGluaXRp YWwgc2VxdWVuY2UgbnVtYmVyIGdlbmVyYXRpb24gb2NjdXJzLg0KKyAqIEZv ciBJU05zIGluIFNZTi1BQ0sgcGFja2V0cywgd2UgdXNlIHRoZSBvdXRwdXQg ZnJvbSBhcmM0cmFuZG9tKCk7DQorICogdGhlcmUgaXMgbm8gbW9udG9uaWNp dHkgcmVxdWlyZW1lbnQgZm9yIElTTnMgaW4gU1lOLUFDSyBwYWNrZXRzLA0K KyAqIGFuZCB0aGV5IHNob3VsZCBiZSBhcyByYW5kb20gYXMgcG9zc2libGUg dG8gYXZvaWQgc3Bvb2ZpbmcgYXR0YWNrcy4NCisgKg0KKyAqIFdoZW4gd2Ug c2VuZCBJU05zIGluIG91dGdvaW5nIFNZTiBwYWNrZXRzLCB3ZSBtdXN0IGVu c3VyZSBtb25vdG9uaWNpdHkNCisgKiBzbyB0aGF0IFRJTUVfV0FJVCByZWN5 Y2xpbmcgd29ya3MgcHJvcGVybHkgb24gdGhlIGhvc3RzIHdlIGFyZQ0KKyAq IGNvbm5lY3RpbmcgdG8uICBUbyBtZWV0IHRoaXMgcmVxdWlyZW1lbnQgd2hp bGUgc3RpbGwgYmVpbmcNCisgKiB1bnByZWRpY3RhYmxlLCB3ZSB1c2UgYSBt b2RpZmllZCB2ZXJzaW9uIG9mIHRoZSBhbGdvcml0aG0gc3BlY2lmaWVkDQor ICogaW4gUkZDIDE5NDguDQorICoNCisgKiBUaGUgYWxnb3JpdGhtIGlzIGFz IGZvbGxvd3M6DQorICogSVNOID0gVGltZSArIGlzbl9vZmZzZXQgKyBtZDUo ZnBvcnQsIGxwb3J0LCBmYWRkciwgbGFkZHIsIHNlY3JldCkNCisgKiANCisg KiBUaW1lIGlzIGJhc2VkIG9mZiB0aGUgc3lzdGVtIHRpbWVyLCBhbmQgaXMg Y29ycmVjdGVkIHNvIHRoYXQgaXQNCisgKiBpbmNyZWFzZXMgYnkgb25lIG1l Z2FieXRlIHBlciBzZWNvbmQuICBUaGlzIGFsbG93cyBmb3IgcHJvcGVyDQor ICogcmVjeWNsaW5nIG9uIGhpZ2ggc3BlZWQgTEFOcyB3aGlsZSBzdGlsbCBs ZWF2aW5nIG92ZXIgYW4gaG91cg0KKyAqIGJlZm9yZSByb2xsb3Zlci4NCisg Kg0KKyAqIGlzbl9vZmZzZXQgaXMgYSByYW5kb20gdmFsdWUgY2hhbmdlZCB3 aGVuZXZlciBzZWNyZXQgaXMgY2hhbmdlZC4NCisgKiBUaGUgcHVycG9zZSBv ZiB0aGlzIHZhbHVlIGlzIHRvIG1ha2Ugc3VyZSB0aGF0IHRoZSBleGFjdCBv dXRwdXQNCisgKiBvZiB0aGUgaGFzaCBmdW5jdGlvbiBjYW5ub3QgYmUgZGV0 ZXJtaW5lZC4gIElmIHRoaXMgd2FzIG5vdCBwcmVzZW50LA0KKyAqIGl0IHdv dWxkIGJlIGEgc2ltcGxlIG1hdHRlciB0byBzdWJ0cmFjdCB0aW1lIGZyb20g dGhlIElTTiBhbmQNCisgKiBsYXVuY2ggYSBicnV0ZS1mb3JjZSBhdHRhY2sg b24gdGhlIHNlY3JldCBvZiB0aGUgaGFzaC4gIFRoaXMNCisgKiBhdHRhY2sg c2hvdWxkIG5vdyBiZSBtdWNoIHRvdWdoZXIuICAoaXNuX29mZnNldCBpcyBu b3QgcGFydA0KKyAqIG9mIHRoZSBzcGVjIG91dGxpbmVkIGluIFJGQyAxOTQ4 LikNCisgKg0KKyAqIFRoZSBtZDUgaGFzaCBpcyB3aGF0IHNlcGVyYXRlcyB0 aGUgSVNOIHNwYWNlIG9mIGV2ZXJ5IGNvbm5lY3Rpb24uDQorICogQXMgbG9u ZyBhcyB0aGUgc2VjcmV0IHJlbWFpbnMgc2VjcmV0LCBpdCBzaG91bGQgYmUg dmlydHVhbGx5DQorICogaW1wb3NzaWJsZSBmb3IgYW55b25lIHRvIGd1ZXNz IHRoZSBzZXF1ZW5jZSBzcGFjZSBvZiBhbnkgb3RoZXINCisgKiBjb25uZWN0 aW9uLiAgVGhlIHNlY3JldCBpcyBjaGFuZ2VkIGhvdXJseSB0byBlbnN1cmUg dGhhdCANCisgKiBhIGJydXRlIGZvcmNlIGF0dGFjayBvbiB0aGUgc2VjcmV0 IHdpbGwgbm90IGJlIHBvc3NpYmxlIGluDQorICogdGhlIG5lYXIgZnV0dXJl Lg0KKyAqDQorICogRm9yIG1vcmUgaW5mb3JtYXRpb24gb24gdGhpcyBhbGdv cml0aG0sIHBsZWFzZSBzZWUgUkZDIDE5NDguDQorICovDQorDQorI2RlZmlu ZSBJU05fUkVTRUVEX0lOVFZMIDM2MDANCisjZGVmaW5lIElTTl9CWVRFU19Q RVJfU0VDT05EIDEwNDg1NzYNCisNCitpbnQgaXNuX3Jlc2VlZF90aW1lOw0K K3VfY2hhciBpc25fc2VjcmV0WzMyXTsNCit1X2ludDMyX3QgaXNuX29mZnNl dDsNCisNCiB0Y3Bfc2VxDQotdGNwX25ld19pc24oKQ0KK3RjcF9uZXdfaXNu KHRwKQ0KKwlzdHJ1Y3QgdGNwY2IgKnRwOw0KIHsNCi0JaWYgKCh0Y3Bfc2Vx X2dlbnNjaGVtZSA+IDEpIHx8ICh0Y3Bfc2VxX2dlbnNjaGVtZSA8IDApKQ0K LQkJdGNwX3NlcV9nZW5zY2hlbWUgPSAxOw0KLQ0KLQlzd2l0Y2ggKHRjcF9z ZXFfZ2Vuc2NoZW1lKSB7DQotCQljYXNlIDA6CS8qDQotCQkJICogUmFuZG9t IHBvc2l0aXZlIGluY3JlbWVudHMNCi0JCQkgKi8NCi0JCQl0Y3BfaXNzICs9 IFRDUF9JU1NJTkNSLzI7DQotCQkJcmV0dXJuIHRjcF9pc3M7DQotCQljYXNl IDE6CS8qDQotCQkJICogT3BlbUJTRCByYW5kb21pemVkIHNjaGVtZQ0KLQkJ CSAqLw0KLQkJCXJldHVybiB0Y3Bfcm5kaXNzX25leHQoKTsNCitNRDVfQ1RY IGN0eDsNCit1X2ludDMyX3QgbWQ1X2J1ZmZlcls0XTsNCit0Y3Bfc2VxIG5l d19pc247DQorDQorCWlmIChpc25fcmVzZWVkX3RpbWUgPCB0aWNrcykgew0K KwkJLyogUmVzZWVkIHRoZSBzZWNyZXQgYW5kIG9mZnNldC4gKi8NCisJCXJl YWRfcmFuZG9tKCZpc25fb2Zmc2V0LCBzaXplb2YodV9pbnQzMl90KSk7DQor CQlyZWFkX3JhbmRvbSgmaXNuX3NlY3JldCwgc2l6ZW9mKGlzbl9zZWNyZXQp KTsNCisJCWlzbl9yZXNlZWRfdGltZSA9IHRpY2tzICsgKElTTl9SRVNFRURf SU5UVkwgKiBoeik7DQogCX0NCiANCisJaWYgKCgodHAtPnRfc3RhdGUgPT0g VENQU19MSVNURU4pIHx8ICh0cC0+dF9zdGF0ZSA9PSBUQ1BTX1RJTUVfV0FJ VCkpDQorCSAgICYmIHRjcF9zZXFfZ2Vuc2NoZW1lID09IDEpDQorCQlyZXR1 cm4gYXJjNHJhbmRvbSgpOw0KKwlNRDVJbml0KCZjdHgpOw0KKwlNRDVVcGRh dGUoJmN0eCwgKHVfY2hhciAqKSAmdHAtPnRfaW5wY2ItPmlucF9mcG9ydCwg c2l6ZW9mKHVfc2hvcnQpKTsNCisJTUQ1VXBkYXRlKCZjdHgsICh1X2NoYXIg KikgJnRwLT50X2lucGNiLT5pbnBfbHBvcnQsIHNpemVvZih1X3Nob3J0KSk7 DQorI2lmZGVmIElORVQ2DQorCWlmICgodHAtPnRfaW5wY2ItPmlucF92Zmxh ZyAmIElOUF9JUFY2KSAhPSAwKSB7DQorCQlNRDVVcGRhdGUoJmN0eCwgKHVf Y2hhciAqKSAmdHAtPnRfaW5wY2ItPmluNnBfZmFkZHIsDQorCQkJICBzaXpl b2Yoc3RydWN0IGluNl9hZGRyKSk7DQorCQlNRDVVcGRhdGUoJmN0eCwgKHVf Y2hhciAqKSAmdHAtPnRfaW5wY2ItPmluNnBfbGFkZHIsDQorCQkJICBzaXpl b2Yoc3RydWN0IGluNl9hZGRyKSk7DQorCX0gZWxzZQ0KKyNlbmRpZg0KKwkJ ew0KKwkJTUQ1VXBkYXRlKCZjdHgsICh1X2NoYXIgKikgJnRwLT50X2lucGNi LT5pbnBfZmFkZHIsDQorCQkJICBzaXplb2Yoc3RydWN0IGluX2FkZHIpKTsN CisJCU1ENVVwZGF0ZSgmY3R4LCAodV9jaGFyICopICZ0cC0+dF9pbnBjYi0+ aW5wX2xhZGRyLA0KKwkJCSAgc2l6ZW9mKHN0cnVjdCBpbl9hZGRyKSk7DQor CX0NCisJTUQ1VXBkYXRlKCZjdHgsICh1X2NoYXIgKikgJmlzbl9zZWNyZXQs IHNpemVvZihpc25fc2VjcmV0KSk7DQorCU1ENUZpbmFsKCh1X2NoYXIgKikg Jm1kNV9idWZmZXIsICZjdHgpOw0KKwluZXdfaXNuID0gKHRjcF9zZXEpIG1k NV9idWZmZXJbMF07DQorCW5ld19pc24gKz0gdGlja3MgKiAoSVNOX0JZVEVT X1BFUl9TRUNPTkQgLyBoeik7DQorCW5ld19pc24gKz0gaXNuX29mZnNldDsN CisJcmV0dXJuIG5ld19pc247DQogfQ0KIA0KICNkZWZpbmUgVENQX1JORElT U19ST1VORFMJMTYNCmRpZmYgLXUgLXIgbmV0aW5ldC5vbGQvdGNwX3VzcnJl cS5jIG5ldGluZXQvdGNwX3VzcnJlcS5jDQotLS0gbmV0aW5ldC5vbGQvdGNw X3VzcnJlcS5jCVRodSBKdWwgMTkgMjA6NDU6MDEgMjAwMQ0KKysrIG5ldGlu ZXQvdGNwX3VzcnJlcS5jCUZyaSBKdWwgMjAgMjI6Mzg6MjggMjAwMQ0KQEAg LTc1OCw3ICs3NTgsNyBAQA0KIAl0Y3BzdGF0LnRjcHNfY29ubmF0dGVtcHQr KzsNCiAJdHAtPnRfc3RhdGUgPSBUQ1BTX1NZTl9TRU5UOw0KIAljYWxsb3V0 X3Jlc2V0KHRwLT50dF9rZWVwLCB0Y3Bfa2VlcGluaXQsIHRjcF90aW1lcl9r ZWVwLCB0cCk7DQotCXRwLT5pc3MgPSB0Y3BfbmV3X2lzbigpOw0KKwl0cC0+ aXNzID0gdGNwX25ld19pc24odHApOw0KIAl0Y3Bfc2VuZHNlcWluaXQodHAp Ow0KIA0KIAkvKg0KQEAgLTg0NCw3ICs4NDQsNyBAQA0KIAl0Y3BzdGF0LnRj cHNfY29ubmF0dGVtcHQrKzsNCiAJdHAtPnRfc3RhdGUgPSBUQ1BTX1NZTl9T RU5UOw0KIAljYWxsb3V0X3Jlc2V0KHRwLT50dF9rZWVwLCB0Y3Bfa2VlcGlu aXQsIHRjcF90aW1lcl9rZWVwLCB0cCk7DQotCXRwLT5pc3MgPSB0Y3BfbmV3 X2lzbigpOw0KKwl0cC0+aXNzID0gdGNwX25ld19pc24odHApOw0KIAl0Y3Bf c2VuZHNlcWluaXQodHApOw0KIA0KIAkvKg0KZGlmZiAtdSAtciBuZXRpbmV0 Lm9sZC90Y3BfdmFyLmggbmV0aW5ldC90Y3BfdmFyLmgNCi0tLSBuZXRpbmV0 Lm9sZC90Y3BfdmFyLmgJVGh1IEp1bCAxOSAyMDo0NTowMSAyMDAxDQorKysg bmV0aW5ldC90Y3BfdmFyLmgJVGh1IEp1bCAxOSAyMDo0NjowMSAyMDAxDQpA QCAtNDE0LDcgKzQxNCw3IEBADQogdGNwX3NlcQl0Y3Bfcm5kaXNzX25leHQg X19QKCh2b2lkKSk7DQogdV9pbnQxNl90DQogCXRjcF9ybmRpc3NfZW5jcnlw dCBfX1AoKHVfaW50MTZfdCkpOw0KLXRjcF9zZXEgdGNwX25ld19pc24gX19Q KCh2b2lkKSk7DQordGNwX3NlcSB0Y3BfbmV3X2lzbiBfX1AoKHN0cnVjdCB0 Y3BjYiAqKSk7DQogDQogI2VuZGlmIC8qIF9LRVJORUwgKi8NCiANCg== --0-155072002-996034797=:31803-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 25 0:48:55 2001 Delivered-To: freebsd-net@freebsd.org Received: from tp.databus.com (p101-46.acedsl.com [160.79.101.46]) by hub.freebsd.org (Postfix) with ESMTP id 5919F37B405; Wed, 25 Jul 2001 00:48:45 -0700 (PDT) (envelope-from barney@tp.databus.com) Received: (from barney@localhost) by tp.databus.com (8.11.4/8.11.4) id f6P7SA522199; Wed, 25 Jul 2001 03:28:10 -0400 (EDT) (envelope-from barney) Date: Wed, 25 Jul 2001 03:28:05 -0400 From: Barney Wolff To: Mike Silbersack Cc: arch@FreeBSD.ORG, net@FreeBSD.ORG Subject: Re: TCP sequence numbers: RFC1948 patch ready for testing Message-ID: <20010725032805.A21133@tp.databus.com> References: <20010724230813.A31803-200000@achilles.silby.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010724230813.A31803-200000@achilles.silby.com>; from silby@silby.com on Tue, Jul 24, 2001 at 11:19:57PM -0500 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I have a few comments :) 1. Rekeying is completely unnecessary - talking of brute-forcing the MD5 of a 32-byte random secret is fantasy, for the forseeable future. Similarly, isn_offset adds nothing real to security. 2. By rekeying you risk violating the monotonicity of the isn across the rekeying, which is the whole point of not just doing random isn. 3. Unless I'm confused, hz is typically 100 or 1000, meaning that the signed-32 tick counters you're relying on to trigger rekeying will flip sign and overflow within the typical uptime of a server. You risk having the test fail for a long time, if isn_reseed_time is a large positive and ticks has become negative before you get to test it. Of course that's no loss, imo. 4. As a nit, if you're going to do the rekeying check, do it only when you're actually going to do the md5 work, not before the test that may return arc4random. 5. You seem to have ignored 1948's advice to include some configurable secret in the hash - are we really sure that read_random gives good bits right after reboot? Regards, Barney Wolff On Tue, Jul 24, 2001 at 11:19:57PM -0500, Mike Silbersack wrote: > > Hello all, the RFC1948-like sequence number generation patch is ready for > testing. The patch included will apply cleanly to both a recent -current > and a recent -stable. I've spent a good deal of time looking at tcpdump > logs, and it looks good to me. > > Please test and review this if you feel comfortable doing so. If you do > not feel comfortable doing so, please simply test it instead. :) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 25 5:57:20 2001 Delivered-To: freebsd-net@freebsd.org Received: from ns1.hexanet.fr (ns1.hexanet.fr [194.98.140.1]) by hub.freebsd.org (Postfix) with ESMTP id 28A9537B403 for ; Wed, 25 Jul 2001 05:57:15 -0700 (PDT) (envelope-from c.prevotaux@hexanet.fr) Received: from proton.hexanet.fr (proton.hexanet.fr [194.98.140.18]) by ns1.hexanet.fr (8.9.3/8.9.3) with ESMTP id OAA84677 for ; Wed, 25 Jul 2001 14:57:14 +0200 (CEST) (envelope-from c.prevotaux@hexanet.fr) Received: from hexanet.fr (localhost [127.0.0.1]) by proton.hexanet.fr (8.11.2/8.11.2) with SMTP id f6PCvDn76077 for ; Wed, 25 Jul 2001 14:57:14 +0200 (CEST) (envelope-from c.prevotaux@hexanet.fr) Date: Wed, 25 Jul 2001 14:57:13 +0200 From: Christophe Pr憝otaux To: net@freebsd.org Subject: SBEI WanAdapt Message-Id: <20010725145713.0fcc0ddd.c.prevotaux@hexanet.fr> X-Mailer: Sylpheed version 0.4.66 (GTK+ 1.2.7; i386--freebsd4.2) Organization: HEXANET Sarl Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I suggested to the SBEI people that they ask for inclusion of their driver in the FreeBSD distribution. I think this would be a good thing since they already have it available. ftp://ftp.sbei.com/pub/ Just thought maybe some other people would be interested. -- =================================================================== Christophe Prevotaux Email: c.prevotaux@hexanet.fr HEXANET SARL URL: http://www.hexanet.fr/ Z.A Farman Sud Tel: +33 (0)3 26 79 30 05 9 rue Roland Coffignot Direct: +33 (0)3 26 79 08 02 BP415 Fax: +33 (0)3 26 79 30 06 51689 Reims Cedex 2 FRANCE =================================================================== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 25 6:41:20 2001 Delivered-To: freebsd-net@freebsd.org Received: from purus.tcoip (unknown [200.199.244.162]) by hub.freebsd.org (Postfix) with ESMTP id 128F937B403; Wed, 25 Jul 2001 06:39:39 -0700 (PDT) (envelope-from daniel.sobral@tcoip.com.br) Received: from tcoip.com.br (hikx6xavvf2ihl20@dcs.tcoip.com.br [192.168.60.194]) by purus.tcoip (8.11.1/8.11.1) with ESMTP id f6OKLHA04711; Tue, 24 Jul 2001 17:21:18 -0300 Message-ID: <3B5DD8BC.8010601@tcoip.com.br> Date: Tue, 24 Jul 2001 17:21:16 -0300 From: "Daniel C. Sobral" User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:0.9.2) Gecko/20010705 X-Accept-Language: en, pt-br, ja MIME-Version: 1.0 To: stable@freebsd.org Subject: Completely unstable -stable (IPSEC) Content-Type: multipart/mixed; boundary="------------010203040502050203020102" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is a multi-part message in MIME format. --------------010203040502050203020102 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable (message Bcc=B4ed to -net) I have a 4.3-STABLE (cvsupped a few times this week already) which will=20 crash within hours (and then never get to a second succesful boot).=20 4.3-RELEASE works fine with the same kernel. Data follows: IdlePTD 3207168 initial pcb at 27dc80 panicstr: ipsec4_setspidx_inpcb: no inp_sp found. panic messages: --- panic: ipsec4_setspidx_inpcb: no inp_sp found. syncing disks... panic: ipsec4_setspidx_inpcb: no inp_sp found. Uptime: 1m13s dumping to dev #ad/0x20001, offset 786456 dump ata0: resetting devices .. done 127 126 125 124 123 122 121 120 119 118 117 116 115 114 113 112 111 110=20 109 108 107 106 105 104 103 102 101 100 99 98 97 96 95 94 93 92 91 90 89 = 88 87 86 85 84 83 82 81 80 79 78 77 76 75 74 73 72 71 70 69 68 67 66 65=20 64 63 62 61 60 59 58 57 56 55 54 53 52 51 50 49 48 47 46 45 44 43 42 41=20 40 39 38 37 36 35 34 33 32 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17=20 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0 --- #0 dumpsys () at /usr/src/sys/kern/kern_shutdown.c:472 472 if (dumping++) { (kgdb) up #1 0xc0143ff8 in boot (howto=3D260) at /usr/src/sys/kern/kern_shutdown.c= :312 312 dumpsys(); (kgdb) up #2 0xc0144380 in poweroff_wait (junk=3D0xc023c400, howto=3D-921524928) at /usr/src/sys/kern/kern_shutdown.c:559 559 boot(bootopt); (kgdb) up #3 0xc01abe88 in ipsec4_setspidx_inpcb (m=3D0xc083d000, pcb=3D0xc99eacc0= ) at /usr/src/sys/netinet6/ipsec.c:723 723 panic("ipsec4_setspidx_inpcb: no inp_sp found.\n"= ); (kgdb) list 718 719 /* sanity check */ 720 if (pcb =3D=3D NULL) 721 panic("ipsec4_setspidx_inpcb: no PCB found.\n"); 722 if (pcb->inp_sp =3D=3D NULL) 723 panic("ipsec4_setspidx_inpcb: no inp_sp found.\n"= ); 724 if (pcb->inp_sp->sp_out =3D=3D NULL || pcb->inp_sp->sp_in= =3D=3D=20 NULL) 725 panic("ipsec4_setspidx_inpcb: no sp_in/out=20 found.\n"); 726 727 bzero(&pcb->inp_sp->sp_in->spidx, sizeof(*spidx)); (kgdb) where #0 dumpsys () at /usr/src/sys/kern/kern_shutdown.c:472 #1 0xc0143ff8 in boot (howto=3D260) at /usr/src/sys/kern/kern_shutdown.c= :312 #2 0xc0144380 in poweroff_wait (junk=3D0xc023c400, howto=3D-921524928) at /usr/src/sys/kern/kern_shutdown.c:559 #3 0xc01abe88 in ipsec4_setspidx_inpcb (m=3D0xc083d000, pcb=3D0xc99eacc0= ) at /usr/src/sys/netinet6/ipsec.c:723 #4 0xc01abba1 in ipsec4_getpolicybysock (m=3D0xc083d000, dir=3D1,=20 so=3D0xc912a540, error=3D0xca532af8) at /usr/src/sys/netinet6/ipsec.c:258 #5 0xc01aca09 in ipsec4_in_reject_so (m=3D0xc083d000, so=3D0xc912a540) at /usr/src/sys/netinet6/ipsec.c:1715 #6 0xc019fd6a in rip_input (m=3D0xc0885e00, off=3D20, proto=3D89) at /usr/src/sys/netinet/raw_ip.c:144 #7 0xc019a6d0 in ip_input (m=3D0xc0885e00) at=20 /usr/src/sys/netinet/ip_input.c:820 #8 0xc019a747 in ipintr () at /usr/src/sys/netinet/ip_input.c:848 #9 0xc020c995 in swi_net_next () #10 0xc01699e5 in bwrite (bp=3D0xc486df3c) at /usr/src/sys/kern/vfs_bio.c= :265 #11 0xc016f0bf in vop_stdbwrite (ap=3D0xca532c0c) at=20 /usr/src/sys/kern/vfs_default.c:331 #12 0xc016eee5 in vop_defaultop (ap=3D0xca532c0c) at=20 /usr/src/sys/kern/vfs_default.c:150 #13 0xc01d30ed in ufs_vnoperate (ap=3D0xca532c0c) at=20 /usr/src/sys/ufs/ufs/ufs_vnops.c:2373 #14 0xc0169d06 in bawrite (bp=3D0xc486df3c) at vnode_if.h:1193 #15 0xc016e78b in cluster_wbuild (vp=3D0xca535040, size=3D8192,=20 start_lbn=3D5250, len=3D16) at /usr/src/sys/kern/vfs_cluster.c:888 #16 0xc016a8a4 in vfs_bio_awrite (bp=3D0xc48bf01c) at=20 /usr/src/sys/kern/vfs_bio.c:1450 #17 0xc01ccf09 in ffs_fsync (ap=3D0xca532cf0) at=20 /usr/src/sys/ufs/ffs/ffs_vnops.c:220 #18 0xc01cb8c0 in ffs_sync (mp=3D0xc2090000, waitfor=3D2, cred=3D0xc081d8= 80,=20 p=3D0xc029a8c0) at vnode_if.h:558 #19 0xc0173e4b in sync (p=3D0xc029a8c0, uap=3D0x0) at=20 /usr/src/sys/kern/vfs_syscalls.c:545 #20 0xc0143dcb in boot (howto=3D256) at /usr/src/sys/kern/kern_shutdown.c= :233 #21 0xc0144380 in poweroff_wait (junk=3D0xc023c400, howto=3D-921524928) at /usr/src/sys/kern/kern_shutdown.c:559 #22 0xc01abe88 in ipsec4_setspidx_inpcb (m=3D0xc0885800, pcb=3D0xc99eacc0= ) at /usr/src/sys/netinet6/ipsec.c:723 #23 0xc01abba1 in ipsec4_getpolicybysock (m=3D0xc0885800, dir=3D1,=20 so=3D0xc912a540, error=3D0xca532dd0) at /usr/src/sys/netinet6/ipsec.c:258 #24 0xc01aca09 in ipsec4_in_reject_so (m=3D0xc0885800, so=3D0xc912a540) at /usr/src/sys/netinet6/ipsec.c:1715 #25 0xc019fd6a in rip_input (m=3D0xc0885d00, off=3D20, proto=3D89) at /usr/src/sys/netinet/raw_ip.c:144 #26 0xc019a6d0 in ip_input (m=3D0xc0885d00) at=20 /usr/src/sys/netinet/ip_input.c:820 #27 0xc019a747 in ipintr () at /usr/src/sys/netinet/ip_input.c:848 #28 0xc020c995 in swi_net_next () #29 0xc01af9a0 in key_newsp () at /usr/src/sys/netkey/key.c:1196 #30 0xc01ac290 in ipsec_init_policy (so=3D0xc912a540, pcb_sp=3D0xc99ead28= ) at /usr/src/sys/netinet6/ipsec.c:1128 #31 0xc01a0373 in rip_attach (so=3D0xc912a540, proto=3D89, p=3D0xc8d1cdc0= ) at /usr/src/sys/netinet/raw_ip.c:490 #32 0xc0161c4a in socreate (dom=3D2, aso=3D0xca532f2c, type=3D3, proto=3D= 89,=20 p=3D0xc8d1cdc0) at /usr/src/sys/kern/uipc_socket.c:163 #33 0xc016569b in socket (p=3D0xc8d1cdc0, uap=3D0xca532f80) at /usr/src/sys/kern/uipc_syscalls.c:120 #34 0xc0216e65 in syscall2 (frame=3D{tf_fs =3D 47, tf_es =3D 47, tf_ds =3D= 47,=20 tf_edi =3D 135151616, tf_esi =3D 0, tf_ebp =3D -1077937024, tf_isp =3D -900517932, tf_eb= x =3D=20 -1077936820, tf_edx =3D 134869052, tf_ecx =3D 135098944, tf_eax =3D 97, tf_trap= no =3D=20 12, tf_err =3D 2, tf_eip =3D 672284416, tf_cs =3D 31, tf_eflags =3D 659, tf_esp =3D = -1077937068, tf_ss =3D 47}) at /usr/src/sys/i386/i386/trap.c:1150 #35 0xc020b535 in Xint0x80_syscall () #36 0x80596f9 in ?? () #37 0x807369a in ?? () #38 0x8049ca9 in ?? () #39 0x80498e1 in ?? () (kgdb) print pcb $1 =3D (struct inpcb *) 0xc99eacc0 (kgdb) print *pcb $2 =3D {inp_hash =3D {le_next =3D 0x0, le_prev =3D 0x0}, inp_fport =3D 0,= =20 inp_lport =3D 0, inp_list =3D { le_next =3D 0xc99ead80, le_prev =3D 0xc029c380}, inp_flow =3D 0,=20 inp_dependfaddr =3D { inp46_foreign =3D {ia46_pad32 =3D {0, 0, 0}, ia46_addr4 =3D {s_addr = =3D=20 0}}, inp6_foreign =3D { __u6_addr =3D {__u6_addr8 =3D '\000' , __u6_addr= 16=20 =3D {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 =3D {0, 0, 0, 0}}}}, inp_dependladdr =3D=20 {inp46_local =3D { ia46_pad32 =3D {0, 0, 0}, ia46_addr4 =3D {s_addr =3D 0}}, inp6_loc= al =3D=20 {__u6_addr =3D { __u6_addr8 =3D '\000' , __u6_addr16 =3D {0, 0,= 0,=20 0, 0, 0, 0, 0}, __u6_addr32 =3D {0, 0, 0, 0}}}}, inp_ppcb =3D 0x0, inp_pcbinfo =3D= =20 0xc029c3a0, inp_socket =3D 0xc912a540, inp_flags =3D 0, inp_dependroute =3D {inp4_= route=20 =3D {ro_rt =3D 0x0, ro_dst =3D {sa_len =3D 0 '\000', sa_family =3D 0 '\000', sa_data =3D '\000' }}, inp6_route =3D {ro_rt =3D= =20 0x0, ro_dst =3D { sin6_len =3D 0 '\000', sin6_family =3D 0 '\000', sin6_port =3D 0= ,=20 sin6_flowinfo =3D 0, sin6_addr =3D {__u6_addr =3D {__u6_addr8 =3D '\000' , __u6_addr16 =3D {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 =3D {0, 0, 0, 0}}},=20 sin6_scope_id =3D 0}}}, inp_sp =3D 0x0, inp_vflag =3D 1 '\001', inp_ip_ttl =3D 64 '@', inp_ip_= p =3D=20 89 'Y', inp_depend4 =3D { inp4_ip_tos =3D 0 '\000', inp4_options =3D 0x0, inp4_moptions =3D 0x= 0},=20 inp_depend6 =3D { inp6_options =3D 0x0, inp6_outputopts =3D 0x0, inp6_moptions =3D 0x0= ,=20 inp6_icmp6filt =3D 0x0, inp6_cksum =3D 0, inp6_ifindex =3D 0, inp6_hops =3D 0, inp6_hlim =3D= 0=20 '\000'}, inp_portlist =3D { le_next =3D 0x0, le_prev =3D 0x0}, inp_phd =3D 0x0, inp_gencnt =3D 5= 56} Kernel configuration file attached. Any ideas? --=20 Daniel C. Sobral (8-DCS) Daniel.Sobral@tcoip.com.br dcs@newsguy.com dcs@freebsd.org capo@notorious.bsdconspiracy.net Love to eat them mousies, Mousies what I love to eat. Bite they little heads off, Nibble on they tiny feet. -- Kliban --------------010203040502050203020102 Content-Type: text/plain; name="OSPF" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="OSPF" # # GENERIC -- Generic kernel configuration file for FreeBSD/i386 # # For more information on this file, please read the handbook section on # Kernel Configuration Files: # # http://www.FreeBSD.org/handbook/kernelconfig-config.html # # The handbook is also available locally in /usr/share/doc/handbook # if you've installed the doc distribution, otherwise always see the # FreeBSD World Wide Web server (http://www.FreeBSD.org/) for the # latest information. # # An exhaustive list of options and more detailed explanations of the # device lines is also present in the ./LINT configuration file. If you are # in doubt as to the purpose or necessity of a line, check first in LINT. # # $FreeBSD: src/sys/i386/conf/GENERIC,v 1.246.2.20 2000/10/31 23:16:07 n_hibma Exp $ machine i386 cpu I686_CPU ident ALMAS maxusers 32 makeoptions DEBUG=-g #Build kernel with gdb(1) debug symbols options IPSEC #IP security options IPSEC_ESP #IP security (crypto; define w/ IPSEC) options INET #InterNETworking options FFS #Berkeley Fast Filesystem options FFS_ROOT #FFS usable as root device [keep this!] options SOFTUPDATES #Enable FFS soft updates support options MD_ROOT #MD is a potential root device options PROCFS #Process filesystem options COMPAT_43 #Compatible with BSD 4.3 [KEEP THIS!] options SCSI_DELAY=15000 #Delay (in ms) before probing SCSI options UCONSOLE #Allow users to grab the console options USERCONFIG #boot -c editor options VISUAL_USERCONFIG #visual boot -c editor options KTRACE #ktrace(1) support options SYSVSHM #SYSV-style shared memory options SYSVMSG #SYSV-style message queues options SYSVSEM #SYSV-style semaphores options P1003_1B #Posix P1003_1B real-time extensions options _KPOSIX_PRIORITY_SCHEDULING options ICMP_BANDLIM #Rate limit bad replies options KBD_INSTALL_CDEV # install a CDEV entry in /dev options NMBCLUSTERS=8192 options TCP_DROP_SYNFIN #drop TCP packets with SYN+FIN device isa device eisa device pci # Floppy drives device fdc0 at isa? port IO_FD1 irq 6 drq 2 device fd0 at fdc0 drive 0 device fd1 at fdc0 drive 1 # ATA and ATAPI devices device ata0 at isa? port IO_WD1 irq 14 device ata1 at isa? port IO_WD2 irq 15 device ata device atadisk # ATA disk drives device atapifd # ATAPI floppy drives options ATA_STATIC_ID #Static device numbering options IPFIREWALL options IPDIVERT options IPFIREWALL_VERBOSE options IPFIREWALL_FORWARD options IPFIREWALL_VERBOSE_LIMIT=100 options MROUTING # atkbdc0 controls both the keyboard and the PS/2 mouse device atkbdc0 at isa? port IO_KBD device atkbd0 at atkbdc? irq 1 flags 0x1 device psm0 at atkbdc? irq 12 device vga0 at isa? # splash screen/screen saver pseudo-device splash # syscons is the default console driver, resembling an SCO console device sc0 at isa? flags 0x100 # Enable this and PCVT_FREEBSD for pcvt vt220 compatible console driver #device vt0 at isa? #options XSERVER # support for X server on a vt console #options FAT_CURSOR # start with block cursor # Floating point support - do not disable. device npx0 at nexus? port IO_NPX irq 13 # Power management support (see LINT for more options) device apm0 at nexus? flags 0x20 # Advanced Power Management # Serial (COM) ports device sio0 at isa? port IO_COM1 flags 0x10 irq 4 device sio1 at isa? port IO_COM2 irq 3 # Parallel port device ppc0 at isa? irq 7 device ppbus # Parallel port bus (required) device lpt # Printer device plip # TCP/IP over parallel device ppi # Parallel port interface device device miibus # MII bus support device xl # 3Com 3c90x device fxp # Intel EtherExpress Pro/100B # Pseudo devices - the number indicates how many units to allocated. pseudo-device loop # Network loopback pseudo-device ether # Ethernet support pseudo-device sl 4 # Kernel SLIP pseudo-device ppp 4 # Kernel PPP pseudo-device tun 4 # Packet tunnel. pseudo-device pty # Pseudo-ttys (telnet etc) pseudo-device vlan 16 # The `bpf' pseudo-device enables the Berkeley Packet Filter. # Be aware of the administrative consequences of enabling this! pseudo-device bpf #Berkeley packet filter # USB support device uhci # UHCI PCI->USB interface device usb # USB Bus (required) options SC_HISTORY_SIZE=6000 --------------010203040502050203020102-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 25 6:57:52 2001 Delivered-To: freebsd-net@freebsd.org Received: from gnuchina.org (unknown [210.73.87.125]) by hub.freebsd.org (Postfix) with ESMTP id 5A2BF37B43A for ; Wed, 25 Jul 2001 06:56:55 -0700 (PDT) (envelope-from suxm@gnuchina.org) Received: from water ([166.111.36.179]) by gnuchina.org (8.11.3/8.9.3) with SMTP id f6J6U0930698 for ; Thu, 19 Jul 2001 14:30:03 +0800 Message-Id: <200107190630.f6J6U0930698@gnuchina.org> Date: Thu, 19 Jul 2001 14:29:1 +0800 From: suxm Reply-To: suxm@gnuchina.org To: "freebsd-net@FreeBSD.ORG" Subject: serial terminal X-mailer: FoxMail 3.11 Release [cn] Mime-Version: 1.0 Content-Type: text/plain; charset="GB2312" Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, I want to login to a FreeBSD box with a serial line. So I modified the /etc/ttys as following: ttyd0 "/usr/libexec/getty std.9600" vt220 on secure ttyd1 "/usr/libexec/getty std.9600" vt220 on secure # kill -HUP 1 When I connect the FreeBSD box from Windows HyperTerm with 9600= 8N1, the "login prompt" is not shown. I think I should set the clocal options. So I typed the following commands, # stty -f /dev/ttyid1 clocal # kill -HUP 1 The "login prompt" is still not shown. Then I typed the following commands # ps ax | grep tty # kill -HUP pid_of_ttyd1 The "login prompt" is shown, but I can't type anything. Any suggestions? Thank you very much! Best regards sincerely yours suxm suxm@gnuchina.org =A1=EE _______ =A1=A4 =A1=EE =C9=A1 =A5=CE____=A5=CE=A1=F5 =A1=F1 =C9=A1 =C9=A1=C9=A1 =A3=FC =A3=FC=A3=FC =C9=A1=C9=A1 =C9=A1=C9=A1=C9=A1 =A1=A5=A1=A5=A1=A5=A1=A5=A1=A5-_ =A1=E2 =C9=A1=C9=A1=C9=A1 =A1=AC =A1=A5-=A4=D8 =A1=AC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 25 7:16:55 2001 Delivered-To: freebsd-net@freebsd.org Received: from gnuchina.org (unknown [210.73.87.125]) by hub.freebsd.org (Postfix) with ESMTP id 5A2BF37B43A for ; Wed, 25 Jul 2001 06:56:55 -0700 (PDT) (envelope-from suxm@gnuchina.org) Received: from water ([166.111.36.179]) by gnuchina.org (8.11.3/8.9.3) with SMTP id f6J6U0930698 for ; Thu, 19 Jul 2001 14:30:03 +0800 Message-Id: <200107190630.f6J6U0930698@gnuchina.org> Date: Thu, 19 Jul 2001 14:29:1 +0800 From: suxm Reply-To: suxm@gnuchina.org To: "freebsd-net@FreeBSD.ORG" Subject: serial terminal X-mailer: FoxMail 3.11 Release [cn] Mime-Version: 1.0 Content-Type: text/plain; charset="GB2312" Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, I want to login to a FreeBSD box with a serial line. So I modified the /etc/ttys as following: ttyd0 "/usr/libexec/getty std.9600" vt220 on secure ttyd1 "/usr/libexec/getty std.9600" vt220 on secure # kill -HUP 1 When I connect the FreeBSD box from Windows HyperTerm with 9600= 8N1, the "login prompt" is not shown. I think I should set the clocal options. So I typed the following commands, # stty -f /dev/ttyid1 clocal # kill -HUP 1 The "login prompt" is still not shown. Then I typed the following commands # ps ax | grep tty # kill -HUP pid_of_ttyd1 The "login prompt" is shown, but I can't type anything. Any suggestions? Thank you very much! Best regards sincerely yours suxm suxm@gnuchina.org =A1=EE _______ =A1=A4 =A1=EE =C9=A1 =A5=CE____=A5=CE=A1=F5 =A1=F1 =C9=A1 =C9=A1=C9=A1 =A3=FC =A3=FC=A3=FC =C9=A1=C9=A1 =C9=A1=C9=A1=C9=A1 =A1=A5=A1=A5=A1=A5=A1=A5=A1=A5-_ =A1=E2 =C9=A1=C9=A1=C9=A1 =A1=AC =A1=A5-=A4=D8 =A1=AC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 25 8:13:12 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail-green.research.att.com (H-135-207-30-103.research.att.com [135.207.30.103]) by hub.freebsd.org (Postfix) with ESMTP id 0D01337B7AC for ; Wed, 25 Jul 2001 08:12:31 -0700 (PDT) (envelope-from fenner@research.att.com) Received: from alliance.research.att.com (alliance.research.att.com [135.207.26.26]) by mail-green.research.att.com (Postfix) with ESMTP id 35BF21E004; Wed, 25 Jul 2001 11:12:30 -0400 (EDT) Received: from windsor.research.att.com (windsor.research.att.com [135.207.26.46]) by alliance.research.att.com (8.8.7/8.8.7) with ESMTP id LAA25296; Wed, 25 Jul 2001 11:12:29 -0400 (EDT) From: Bill Fenner Received: (from fenner@localhost) by windsor.research.att.com (8.8.8+Sun/8.8.5) id IAA02398; Wed, 25 Jul 2001 08:12:29 -0700 (PDT) Message-Id: <200107251512.IAA02398@windsor.research.att.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII To: dd@skynet.lt Subject: Re: problem with MROUTED Cc: net@freebsd.org Date: Wed, 25 Jul 2001 08:12:29 -0700 Versions: dmail (solaris) 2.2j/makemail 2.9b Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Dmitry, In the future, please publish large files on a web site or something and offer URLs instead of attaching the files to a mailing list. I'd like to see an mrouted.cache and a netstat -g taken at the same time; perhaps it'd be best to just attach them in email to me and leave the list out of it. Bill To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 25 8:26: 6 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail.numachi.com (numachi.numachi.com [198.175.254.2]) by hub.freebsd.org (Postfix) with SMTP id 5CACC37B777 for ; Wed, 25 Jul 2001 08:23:46 -0700 (PDT) (envelope-from reichert@natto.numachi.com) Received: (qmail 8436 invoked by uid 3001); 25 Jul 2001 15:23:36 -0000 Received: from natto.numachi.com (198.175.254.216) by numachi.numachi.com with SMTP; 25 Jul 2001 15:23:36 -0000 Received: (qmail 62762 invoked by uid 1001); 25 Jul 2001 15:23:36 -0000 Date: Wed, 25 Jul 2001 11:23:36 -0400 From: Brian Reichert To: suxm Cc: "freebsd-net@FreeBSD.ORG" Subject: Re: serial terminal Message-ID: <20010725112336.B52823@numachi.com> References: <200107190630.f6J6U0930698@gnuchina.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200107190630.f6J6U0930698@gnuchina.org>; from suxm@gnuchina.org on Thu, Jul 19, 2001 at 02:29:01PM +0800 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Jul 19, 2001 at 02:29:01PM +0800, suxm wrote: > The "login prompt" is still not shown. > Then I typed the following commands > # ps ax | grep tty > # kill -HUP pid_of_ttyd1 > > The "login prompt" is shown, but I can't type anything. Make sure your serial cable is fully pinned. It's it's not, you may have to use 'cuaa0' and 'cuaa1' in /etc/ttys. > > Any suggestions? > > Thank you very much! > > > Best regards > > sincerely yours > suxm -- Brian 'you Bastard' Reichert 37 Crystal Ave. #303 Daytime number: (603) 434-6842 Derry NH 03038-1713 USA Intel architecture: the left-hand path To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 25 11:41:11 2001 Delivered-To: freebsd-net@freebsd.org Received: from ns1.hexanet.fr (ns1.hexanet.fr [194.98.140.1]) by hub.freebsd.org (Postfix) with ESMTP id 2C10137B405; Wed, 25 Jul 2001 11:41:04 -0700 (PDT) (envelope-from c.prevotaux@hexanet.fr) Received: from proton.hexanet.fr (proton.hexanet.fr [194.98.140.18]) by ns1.hexanet.fr (8.9.3/8.9.3) with ESMTP id UAA92534; Wed, 25 Jul 2001 20:41:03 +0200 (CEST) (envelope-from c.prevotaux@hexanet.fr) Received: from hexanet.fr (localhost [127.0.0.1]) by proton.hexanet.fr (8.11.2/8.11.2) with SMTP id f6PIf3n05086; Wed, 25 Jul 2001 20:41:03 +0200 (CEST) (envelope-from c.prevotaux@hexanet.fr) Date: Wed, 25 Jul 2001 20:41:03 +0200 From: Christophe Pr憝otaux To: net@freebsd.org, stable@freebsd.org Subject: buildkernel fails again Message-Id: <20010725204103.7381ea1c.c.prevotaux@hexanet.fr> X-Mailer: Sylpheed version 0.4.66 (GTK+ 1.2.7; i386--freebsd4.2) Organization: HEXANET Sarl Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I tried to buildkernel on a FreeBSD RELENG_4_3 but I got the following message ===> ipfilter make: don't know how to make /usr/src/sys/modules/ipfilter/../../contrib/ipfilter/netinet/mlfk_ipl.c. Stop *** Error code 2 Stop in /usr/src/sys/modules. *** Error code 1 Stop in /usr/obj/usr/src/sys/PROTON. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. can anyone tell me why it stop here ? and how to fix it ? -- =================================================================== Christophe Prevotaux Email: c.prevotaux@hexanet.fr HEXANET SARL URL: http://www.hexanet.fr/ Z.A Farman Sud Tel: +33 (0)3 26 79 30 05 9 rue Roland Coffignot Direct: +33 (0)3 26 79 08 02 BP415 Fax: +33 (0)3 26 79 30 06 51689 Reims Cedex 2 FRANCE =================================================================== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 25 17: 5: 9 2001 Delivered-To: freebsd-net@freebsd.org Received: from silby.com (cb34181-a.mdsn1.wi.home.com [24.14.173.39]) by hub.freebsd.org (Postfix) with ESMTP id 1AC2C37B403 for ; Wed, 25 Jul 2001 17:04:55 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 35910 invoked by uid 1000); 26 Jul 2001 00:04:54 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 26 Jul 2001 00:04:54 -0000 Date: Wed, 25 Jul 2001 19:04:54 -0500 (CDT) From: Mike Silbersack To: Barney Wolff Cc: , Subject: Re: TCP sequence numbers: RFC1948 patch ready for testing In-Reply-To: <20010725032805.A21133@tp.databus.com> Message-ID: <20010725185434.V35719-100000@achilles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 25 Jul 2001, Barney Wolff wrote: > I have a few comments :) > > 1. Rekeying is completely unnecessary - talking of brute-forcing > the MD5 of a 32-byte random secret is fantasy, for the forseeable future. > Similarly, isn_offset adds nothing real to security. > > 2. By rekeying you risk violating the monotonicity of the isn across > the rekeying, which is the whole point of not just doing random isn. I'll go ahead and remove the isn_offset addition. I'm not really willing to remove the rekeying, though; we can't say that a faster method of brute force attack will not arise. Would a longer rekeying interval such as a day or two suffice? I'm not concerned about rekeying breaking a few connections given that it will only happen occasionally. > 3. Unless I'm confused, hz is typically 100 or 1000, meaning that the > signed-32 tick counters you're relying on to trigger rekeying will > flip sign and overflow within the typical uptime of a server. You > risk having the test fail for a long time, if isn_reseed_time is a > large positive and ticks has become negative before you get to test it. > Of course that's no loss, imo. Doh! I'll fix that in the next rev of the patch. > 4. As a nit, if you're going to do the rekeying check, do it only when > you're actually going to do the md5 work, not before the test that > may return arc4random. Will do as well. > 5. You seem to have ignored 1948's advice to include some configurable > secret in the hash - are we really sure that read_random gives good > bits right after reboot? I didn't think second-guessing the random dev would be a worthwhile endeavor, as it would probably just lead to less entropy. (Especially given that noone would ever set the configureable secret.) However, boot time randomness is a valid concern. We're slightly lucky in that the initial keying doesn't occur until the first connection, which isn't at a fixed time in the kernel startup, but is rather dependant on usage of the box. I'll check with Mark Murray on this. (And in 4.x, I'll use read_random_unlimited so that the entropy doesn't get truncated.) Thanks for the comments, Mike "Silby" Silbersack > > Regards, > Barney Wolff > > On Tue, Jul 24, 2001 at 11:19:57PM -0500, Mike Silbersack wrote: > > > > Hello all, the RFC1948-like sequence number generation patch is ready for > > testing. The patch included will apply cleanly to both a recent -current > > and a recent -stable. I've spent a good deal of time looking at tcpdump > > logs, and it looks good to me. > > > > Please test and review this if you feel comfortable doing so. If you do > > not feel comfortable doing so, please simply test it instead. :) > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 25 17:39:13 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail.tgd.net (rand.tgd.net [64.81.67.117]) by hub.freebsd.org (Postfix) with SMTP id E6EC737B406 for ; Wed, 25 Jul 2001 17:39:04 -0700 (PDT) (envelope-from sean@mailhost.tgd.net) Received: (qmail 66726 invoked by uid 1001); 26 Jul 2001 00:38:59 -0000 Date: Wed, 25 Jul 2001 17:38:59 -0700 From: Sean Chittenden To: Mike Silbersack Cc: Barney Wolff , arch@FreeBSD.ORG, net@FreeBSD.ORG Subject: Re: TCP sequence numbers: RFC1948 patch ready for testing Message-ID: <20010725173859.C65546@rand.tgd.net> References: <20010725032805.A21133@tp.databus.com> <20010725185434.V35719-100000@achilles.silby.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="OBd5C1Lgu00Gd/Tn" Content-Disposition: inline In-Reply-To: <20010725185434.V35719-100000@achilles.silby.com>; from "silby@silby.com" on Wed, Jul 25, 2001 at = 07:04:54PM X-PGP-Key: 0x1EDDFAAD X-PGP-Fingerprint: C665 A17F 9A56 286C 5CFB 1DEA 9F4F 5CEF 1EDD FAAD X-Web-Homepage: http://sean.chittenden.org/ Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --OBd5C1Lgu00Gd/Tn Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable > > 2. By rekeying you risk violating the monotonicity of the isn across > > the rekeying, which is the whole point of not just doing random isn. >=20 > I'll go ahead and remove the isn_offset addition. I'm not really willing > to remove the rekeying, though; we can't say that a faster method of brute > force attack will not arise. Would a longer rekeying interval such as a > day or two suffice? I'm not concerned about rekeying breaking a few > connections given that it will only happen occasionally. While I agree that rekeying isn't something that should be removed, I am concerned with your last sentence. Breaking TCP sessions strikes me as an indicator that there needs to be some way of configuring this. Is there any chance you could make this a tunable variable through sysctl such as the number of seconds between rekeying? Along similar lines, given that rekeying can be done lazily, would it be possible to rekey through the use of an external program that would be called by cron? If TCP sessions are going to be dropped, I want to be able to control, know, and plan when without giving up the added TCP security that this patch provides. -sc --=20 Sean Chittenden --OBd5C1Lgu00Gd/Tn Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Comment: Sean Chittenden iEYEARECAAYFAjtfZqIACgkQn09c7x7d+q3n1wCgq2pbyWeB1qwFW+R57u+nBK8S /gwAmwbrOVaXy3pXyIZcSr9OJ0WTOSnG =o2yj -----END PGP SIGNATURE----- --OBd5C1Lgu00Gd/Tn-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 25 18: 0:45 2001 Delivered-To: freebsd-net@freebsd.org Received: from silby.com (cb34181-a.mdsn1.wi.home.com [24.14.173.39]) by hub.freebsd.org (Postfix) with ESMTP id C6B4937B403 for ; Wed, 25 Jul 2001 18:00:41 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 36079 invoked by uid 1000); 26 Jul 2001 01:00:40 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 26 Jul 2001 01:00:40 -0000 Date: Wed, 25 Jul 2001 20:00:40 -0500 (CDT) From: Mike Silbersack To: Sean Chittenden Cc: Barney Wolff , , Subject: Re: TCP sequence numbers: RFC1948 patch ready for testing In-Reply-To: <20010725173859.C65546@rand.tgd.net> Message-ID: <20010725195901.W36006-100000@achilles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 25 Jul 2001, Sean Chittenden wrote: > > day or two suffice? I'm not concerned about rekeying breaking a few > > connections given that it will only happen occasionally. > > While I agree that rekeying isn't something that should be > removed, I am concerned with your last sentence. Breaking TCP sessions > strikes me as an indicator that there needs to be some way of > configuring this. Is there any chance you could make this a tunable > variable through sysctl such as the number of seconds between rekeying? By "breaking a few connections", I was referring to delaying the establishment of a few connections when TIME_WAIT wraparound occurs, not the termination of active connections. I apologize for the confusion. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jul 25 18:38:25 2001 Delivered-To: freebsd-net@freebsd.org Received: from tp.databus.com (p101-46.acedsl.com [160.79.101.46]) by hub.freebsd.org (Postfix) with ESMTP id CBE0937B405; Wed, 25 Jul 2001 18:38:18 -0700 (PDT) (envelope-from barney@tp.databus.com) Received: (from barney@localhost) by tp.databus.com (8.11.4/8.11.4) id f6Q1cCi29162; Wed, 25 Jul 2001 21:38:12 -0400 (EDT) (envelope-from barney) Date: Wed, 25 Jul 2001 21:38:12 -0400 From: Barney Wolff To: Sean Chittenden Cc: Mike Silbersack , Barney Wolff , arch@FreeBSD.ORG, net@FreeBSD.ORG Subject: Re: TCP sequence numbers: RFC1948 patch ready for testing Message-ID: <20010725213812.A28964@tp.databus.com> References: <20010725032805.A21133@tp.databus.com> <20010725185434.V35719-100000@achilles.silby.com> <20010725173859.C65546@rand.tgd.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010725173859.C65546@rand.tgd.net>; from sean-freebsd-arch@chittenden.org on Wed, Jul 25, 2001 at 05:38:59PM -0700 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Existing sessions would not be broken by rekeying. The risk is that some new session might fail - and this can happen any time a new session with the same tuple starts shortly after an old session which spans the rekeying event ends. If it becomes possible to brute-force (or smart-sneak) reverse MD5 in less time than the life of the Universe, the right answer is to change the hash, not to rekey. You guys don't seem to want to believe RFC1948: Note that the secret cannot easily be changed on a live machine. Doing so would change the initial sequence numbers used for reincarnated connections; to maintain safety, either dead connection state must be kept or a quiet time observed for two maximum segment lifetimes after such a change. Have you asked Steve Bellovin whether he still stands by those words? He's not that unapproachable, despite being one of the most prominent folks in computer networking and security around. But he earned that reputation by being right, pretty close to 100% of the time. Barney On Wed, Jul 25, 2001 at 05:38:59PM -0700, Sean Chittenden wrote: > > > 2. By rekeying you risk violating the monotonicity of the isn across > > > the rekeying, which is the whole point of not just doing random isn. > > > > I'll go ahead and remove the isn_offset addition. I'm not really willing > > to remove the rekeying, though; we can't say that a faster method of brute > > force attack will not arise. Would a longer rekeying interval such as a > > day or two suffice? I'm not concerned about rekeying breaking a few > > connections given that it will only happen occasionally. > > While I agree that rekeying isn't something that should be > removed, I am concerned with your last sentence. Breaking TCP sessions > strikes me as an indicator that there needs to be some way of > configuring this. Is there any chance you could make this a tunable > variable through sysctl such as the number of seconds between rekeying? > > Along similar lines, given that rekeying can be done lazily, > would it be possible to rekey through the use of an external program > that would be called by cron? If TCP sessions are going to be dropped, > I want to be able to control, know, and plan when without giving up the > added TCP security that this patch provides. -sc To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 3: 4:19 2001 Delivered-To: freebsd-net@freebsd.org Received: from mass.dis.org (sat.dis.org [216.240.44.14]) by hub.freebsd.org (Postfix) with ESMTP id 9E65437B406; Thu, 26 Jul 2001 03:04:07 -0700 (PDT) (envelope-from msmith@mass.dis.org) Received: from mass.dis.org (localhost [127.0.0.1]) by mass.dis.org (8.11.4/8.11.3) with ESMTP id f6ONju702219; Tue, 24 Jul 2001 16:45:57 -0700 (PDT) (envelope-from msmith@mass.dis.org) Message-Id: <200107242345.f6ONju702219@mass.dis.org> X-Mailer: exmh version 2.1.1 10/15/1999 To: Garance A Drosihn Cc: John Baldwin , Brooks Davis , hackers@freebsd.org, net@freebsd.org Subject: Re: review request: ng_split cleanup In-reply-to: Your message of "Tue, 24 Jul 2001 19:38:42 EDT." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Tue, 24 Jul 2001 16:45:56 -0700 From: Mike Smith Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > >This hunk is needed for lint(1) to recognize special comments. > >Don't remove it. > > The '/*-' part? What does lint do special with those? It's actually a signal to indent(1) to leave the comment's formatting alone. See the manpage. -- ... every activity meets with opposition, everyone who acts has his rivals and unfortunately opponents also. But not because people want to be opponents, rather because the tasks and relationships force people to take different points of view. [Dr. Fritz Todt] V I C T O R Y N O T V E N G E A N C E To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 6:54:29 2001 Delivered-To: freebsd-net@freebsd.org Received: from mgo.iij.ad.jp (mgo.iij.ad.jp [202.232.15.6]) by hub.freebsd.org (Postfix) with ESMTP id 05F3E37B407 for ; Thu, 26 Jul 2001 06:54:26 -0700 (PDT) (envelope-from keiichi@iij.ad.jp) Received: from ns.iij.ad.jp (ns.iij.ad.jp [192.168.2.8]) by mgo.iij.ad.jp (8.8.8/MGO1.0) with ESMTP id WAA22056 for ; Thu, 26 Jul 2001 22:54:24 +0900 (JST) Received: from keiichi00.osaka.iij.ad.jp (keiichi00.osaka.iij.ad.jp [192.168.65.65]) by ns.iij.ad.jp (8.8.5/3.5Wpl7) with ESMTP id WAA19746 for ; Thu, 26 Jul 2001 22:54:23 +0900 (JST) Date: Thu, 26 Jul 2001 22:54:46 +0900 Message-ID: <87r8v3ztg9.wl@keiichi00.osaka.iij.ad.jp> From: Keiichi SHIMA To: freebsd-net@FreeBSD.ORG Subject: Re: prefixes from the rr_prefix structure. In-Reply-To: <418EEE1F.179D1A54.9513E96F@netscape.net> References: <418EEE1F.179D1A54.9513E96F@netscape.net> User-Agent: Wanderlust/2.4.1 (Stand By Me) SEMI/1.14.3 (Ushinoya) FLIM/1.14.2 (Yagi-Nishiguchi) APEL/10.3 MULE XEmacs/21.1 (patch 14) (Cuyahoga Valley) (i386--freebsd) Organization: Internet Initiative Japan Inc. MIME-Version: 1.0 (generated by SEMI 1.14.3 - "Ushinoya") Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, raviprasad20@netscape.net wrote: > > I gave a prefix . The prefix was > fec0:1111:2222::. > Then i tried to print the prefix from the ifprefix > structure in the rr_prefix structure. It was some thing like this > > 00:00:00:00:00:00:fe:c0:11:11:22:22:00:00:00:00. > > Kindly mail me why zeros are stored at the start? > > Are there any other better way of accessing the prefixes than from > the ifprefix structure. struct rr_prefix is an old style of prefix management structure. I think this struct will disappear in the near future (probably at next KAME merge). You had better to use sysctl(3) to get the prefix lists. The souce code of ndp(8) will help you. At least, ndp(8) of freebsd4-stable uses sysctl(3) to get prefix information. Best regards, --- Keiichi SHIMA Internet Initiative Japan Inc. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 8:50:57 2001 Delivered-To: freebsd-net@freebsd.org Received: from over.ru (runaway.2sun.ru [217.174.96.249]) by hub.freebsd.org (Postfix) with SMTP id 71D1137B408 for ; Thu, 26 Jul 2001 08:50:52 -0700 (PDT) (envelope-from tarkhil@over.ru) Received: (qmail 3425 invoked by uid 1000); 26 Jul 2001 15:48:41 -0000 Date: Thu, 26 Jul 2001 19:48:41 +0400 From: Alex Povolotsky To: freebsd-stable@freebsd.org Cc: freebsd-net@freebsd.org Subject: Problem with two interfaces Message-ID: <20010726194841.A3351@runaway.2sun.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello! A friend of mine (he recalls installation and patching of 386BSD 0.02) asks me about the following problem: FreeBSD 4.3-RELEASE, ISO image fetched from ftp.freebsd.org; Box with two NICs, fxp and CNet on Macronix chipset (former mx). Gateway IS enabled. Both interfaces works, no firewall installed. Box can be seen from both interfaces, but it does not route. What can be wrong? Alex. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 9: 3: 1 2001 Delivered-To: freebsd-net@freebsd.org Received: from gekko.i-clue.de (server.ms-agentur.de [62.153.134.194]) by hub.freebsd.org (Postfix) with ESMTP id 2211737B405; Thu, 26 Jul 2001 09:02:54 -0700 (PDT) (envelope-from so@server.i-clue.de) Received: from i-clue.de (automatix.i-clue.de [192.168.0.112]) by gekko.i-clue.de (8.9.3/8.9.3/SuSE Linux 8.9.3-0.1) with ESMTP id SAA15307; Thu, 26 Jul 2001 18:10:56 +0200 Message-ID: <3B603FBC.E909C7D7@i-clue.de> Date: Thu, 26 Jul 2001 18:05:16 +0200 From: Christoph Sold Reply-To: so@server.i-clue.de X-Mailer: Mozilla 4.78 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: Alex Povolotsky Cc: freebsd-stable@FreeBSD.ORG, freebsd-net@FreeBSD.ORG Subject: Re: Problem with two interfaces References: <20010726194841.A3351@runaway.2sun.ru> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Alex Povolotsky wrote: > > Hello! > > A friend of mine (he recalls installation and patching of 386BSD 0.02) > asks me about the following problem: > > FreeBSD 4.3-RELEASE, ISO image fetched from ftp.freebsd.org; > > Box with two NICs, fxp and CNet on Macronix chipset (former mx). > > Gateway IS enabled. Both interfaces works, no firewall installed. Box > can be seen from both interfaces, but it does not route. > > What can be wrong? No routes installed, wrong routes installed, firewall up? Please post output of ifconfig -a, netstat -rn, ipfw list. HTH -Christoph Sold To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 9: 8:55 2001 Delivered-To: freebsd-net@freebsd.org Received: from skeezix.n0qds.org (skeezix.n0qds.org [204.246.69.106]) by hub.freebsd.org (Postfix) with ESMTP id 6549837B403; Thu, 26 Jul 2001 09:08:46 -0700 (PDT) (envelope-from gregp@n0qds.org) Received: by skeezix.n0qds.org (Postfix, from userid 501) id DA97FC9; Thu, 26 Jul 2001 11:08:39 -0500 (CDT) Date: Thu, 26 Jul 2001 11:08:39 -0500 From: Greg Putrich To: Alex Povolotsky Cc: freebsd-stable@FreeBSD.ORG, freebsd-net@FreeBSD.ORG Subject: Re: Problem with two interfaces Message-ID: <20010726110839.A71142@skeezix.n0qds.org> References: <20010726194841.A3351@runaway.2sun.ru> <3B603FBC.E909C7D7@i-clue.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3B603FBC.E909C7D7@i-clue.de>; from so@server.i-clue.de on Thu, Jul 26, 2001 at 06:05:16PM +0200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org After you enabled the gateway option, did you reboot? You can check to see if forwarding is enabled: # sysctl net.inet.ip.forwarding If it returns 0, then no forwarding. 1 it is forwarding (and the problem rests elsewhere). If it's 0, either reboot or type: # sysctl -w net.inet.ip.forwarding=1 > Alex Povolotsky wrote: > > > > Hello! > > > > A friend of mine (he recalls installation and patching of 386BSD 0.02) > > asks me about the following problem: > > > > FreeBSD 4.3-RELEASE, ISO image fetched from ftp.freebsd.org; > > > > Box with two NICs, fxp and CNet on Macronix chipset (former mx). > > > > Gateway IS enabled. Both interfaces works, no firewall installed. Box > > can be seen from both interfaces, but it does not route. > > > > What can be wrong? -- -------------------------------------------------------------------------- Greg Putrich - Internet: gregp@n0qds.org [sk] "I will not be pushed, filed, stamped, indexed, briefed, debriefed, or numbered. My life is my own." - No. 6 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 9:53:31 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail.numachi.com (numachi.numachi.com [198.175.254.2]) by hub.freebsd.org (Postfix) with SMTP id 9DB0837B405 for ; Thu, 26 Jul 2001 09:53:25 -0700 (PDT) (envelope-from reichert@natto.numachi.com) Received: (qmail 27320 invoked by uid 3001); 26 Jul 2001 16:53:21 -0000 Received: from natto.numachi.com (198.175.254.216) by numachi.numachi.com with SMTP; 26 Jul 2001 16:53:21 -0000 Received: (qmail 79830 invoked by uid 1001); 26 Jul 2001 16:53:21 -0000 Date: Thu, 26 Jul 2001 12:53:21 -0400 From: Brian Reichert To: freebsd-net@freebsd.org Subject: filtering with netgraph? Message-ID: <20010726125321.D79454@numachi.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I need to put together a bridging packet filter. I've done so in the past with bridge(4) and ipfw(8), and am willing to do so again. However, there seems to be a great deal of interest nowadays in using netgraph(4). Two things I haven't yet been able to glean from the archives (yet, pointers appreciated): - Is it currently achieveable? I get the impression from "here are many node types yet to be written: An implementation of the Dynamic Packet Filter as a netgraph node. DPF is sort of a hyper-speed JIT compiling version of BPF." that such an ability is not quite in place yet. - Would a netgraph-based bridge be limited to the set of interfaces documented in bridge(4)? Just fishing for info... -- Brian 'you Bastard' Reichert 37 Crystal Ave. #303 Daytime number: (603) 434-6842 Derry NH 03038-1713 USA Intel architecture: the left-hand path To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 10:24:25 2001 Delivered-To: freebsd-net@freebsd.org Received: from falcon.mail.pas.earthlink.net (falcon.mail.pas.earthlink.net [207.217.120.74]) by hub.freebsd.org (Postfix) with ESMTP id BD91737B408; Thu, 26 Jul 2001 10:24:17 -0700 (PDT) (envelope-from tlambert2@mindspring.com) Received: from mindspring.com (dialup-209.245.129.59.Dial1.SanJose1.Level3.net [209.245.129.59]) by falcon.mail.pas.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id KAA16960; Thu, 26 Jul 2001 10:24:02 -0700 (PDT) Message-ID: <3B605255.EDBA1D3C@mindspring.com> Date: Thu, 26 Jul 2001 10:24:37 -0700 From: Terry Lambert Reply-To: tlambert2@mindspring.com X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Barney Wolff Cc: Sean Chittenden , Mike Silbersack , arch@FreeBSD.ORG, net@FreeBSD.ORG Subject: Re: TCP sequence numbers: RFC1948 patch ready for testing References: <20010725032805.A21133@tp.databus.com> <20010725185434.V35719-100000@achilles.silby.com> <20010725173859.C65546@rand.tgd.net> <20010725213812.A28964@tp.databus.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Barney Wolff wrote: > Existing sessions would not be broken by rekeying. The risk is that > some new session might fail - and this can happen any time a new > session with the same tuple starts shortly after an old session which > spans the rekeying event ends. > > If it becomes possible to brute-force (or smart-sneak) reverse MD5 > in less time than the life of the Universe, the right answer is to > change the hash, not to rekey. > > You guys don't seem to want to believe RFC1948: > > Note that the secret cannot easily be changed on a live machine. > Doing so would change the initial sequence numbers used for > reincarnated connections; to maintain safety, either dead connection > state must be kept or a quiet time observed for two maximum segment > lifetimes after such a change. > > Have you asked Steve Bellovin whether he still > stands by those words? He's not that unapproachable, despite being > one of the most prominent folks in computer networking and security > around. But he earned that reputation by being right, pretty close > to 100% of the time. Consider that sequence number rollover is faster than you think on a Gigabit system. 200,000 packets a second on unoptimized firmware is not impossible, and the theoretical maximum is closer to 1/2 million a second... -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 10:39:18 2001 Delivered-To: freebsd-net@freebsd.org Received: from harrier.mail.pas.earthlink.net (harrier.mail.pas.earthlink.net [207.217.121.12]) by hub.freebsd.org (Postfix) with ESMTP id 5008F37B405; Thu, 26 Jul 2001 10:39:11 -0700 (PDT) (envelope-from tlambert2@mindspring.com) Received: from mindspring.com (dialup-209.245.129.59.Dial1.SanJose1.Level3.net [209.245.129.59]) by harrier.mail.pas.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id KAA18517; Thu, 26 Jul 2001 10:38:44 -0700 (PDT) Message-ID: <3B6055C8.C0B5554D@mindspring.com> Date: Thu, 26 Jul 2001 10:39:20 -0700 From: Terry Lambert Reply-To: tlambert2@mindspring.com X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Julian Elischer Cc: "Eugene L. Vorokov" , Soren Kristensen , freebsd-hackers@FreeBSD.ORG, freebsd-net@FreeBSD.ORG Subject: Why two cards on the same segment... References: <200107260837.f6Q8b9K00767@bugz.infotecs.ru> <3B5FDD32.7758EB35@elischer.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Julian Elischer wrote: > > > Things seem to work fine now, but I still get a lot of those: > > > > > > "Jul 26 00:43:48 test256m /kernel: arp: 192.168.1.4 is on sis0 but got > > > reply from 00:a0:cc:a0:d4:07 on sis1" > > > > > > Anybody know how to turn them off ? > > > > Yes, I have this problem too. We use several interfaces with totally > > different addresses connected to the same hub for testing purposes, > > on a testing stand. It's more cheap than bulding truly different > > networks. I think it isn't possible to just turn those log messages > > off without kernel hacking, which is sad. Probably some sysctl var > > would be good ... > > why not use several addresses on one card? At a guess, he's attempting to implement VRRP, which requires that the virtual interface have a differen MAC address, and FreeBSD fails to support programming of MAC addresses, and even if it did, things like the Tigon II only support one programmable MAC (Tigon III supports 4, and Intel Gigabit Pro supports 16). Even after crossing that hurdle, FreeBSD will send out the interface, and does not have the concept of virtualized interfaces, and without that, he'd get packets in on the VIP, but send them out on the primary MAC, instead of the VIP MAC, which would confuse the hell out of his switch. FreeBSD fails to do this because the route goes to an interface, and does not distinguish virtual interfaces, and therefore does not distinguish virtual MACs (and then use the right one). So short of implementing auxillary MAC programming and virtual interfaces in FreeBSD, he has to use two cards on the same wire. ...not to mention the mess the current FreeBSD ARP code is in, with regard to gratuitous ARPs... ...or the mess that the FreeBSD interface code is in, since it resets the ethernet hardware anytime you ifconfig an alias on or off the card, or the real IP on or off the card, instead of leaving the card alone (try this on a Tigon II: be prepared to wait a long time, since a reset reloads the firmware on these beasts, since FreeBSD doesn't have a seperate driver entry point to support downloading of firmware as a seperate, one-time event). ...or the mess the FreeBSD alias code is in, with it demanding netmasks of 255.255.255.255 on aliases, so that aliases and the primary IP _MUST_ have the same netmask instead of different ones (hell, he may just be trying to have two IP's with different netmasks, and the only way he can do it in FreeBSD is to have two cards!). So, the major reasons for two cards on one segment: to work around bugs in FreeBSD's networking code. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 10:41:58 2001 Delivered-To: freebsd-net@freebsd.org Received: from elvis.mu.org (elvis.mu.org [216.33.66.196]) by hub.freebsd.org (Postfix) with ESMTP id BA49437B405; Thu, 26 Jul 2001 10:41:52 -0700 (PDT) (envelope-from bright@elvis.mu.org) Received: by elvis.mu.org (Postfix, from userid 1192) id B619181D39; Thu, 26 Jul 2001 12:41:52 -0500 (CDT) Date: Thu, 26 Jul 2001 12:41:52 -0500 From: Alfred Perlstein To: Terry Lambert Cc: Julian Elischer , "Eugene L. Vorokov" , Soren Kristensen , freebsd-hackers@FreeBSD.ORG, freebsd-net@FreeBSD.ORG Subject: Re: Why two cards on the same segment... Message-ID: <20010726124152.F26571@elvis.mu.org> References: <200107260837.f6Q8b9K00767@bugz.infotecs.ru> <3B5FDD32.7758EB35@elischer.org> <3B6055C8.C0B5554D@mindspring.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3B6055C8.C0B5554D@mindspring.com>; from tlambert2@mindspring.com on Thu, Jul 26, 2001 at 10:39:20AM -0700 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org * Terry Lambert [010726 12:39] wrote: > Julian Elischer wrote: > > > > Things seem to work fine now, but I still get a lot of those: > > > > > > > > "Jul 26 00:43:48 test256m /kernel: arp: 192.168.1.4 is on sis0 but got > > > > reply from 00:a0:cc:a0:d4:07 on sis1" > > > > > > > > Anybody know how to turn them off ? > > > > > > Yes, I have this problem too. We use several interfaces with totally > > > different addresses connected to the same hub for testing purposes, > > > on a testing stand. It's more cheap than bulding truly different > > > networks. I think it isn't possible to just turn those log messages > > > off without kernel hacking, which is sad. Probably some sysctl var > > > would be good ... Without proper attribution I can't make proper fun of you guys for not noticing: net.link.ether.inet.log_arp_wrong_iface set it to zero. bye, -- -Alfred Perlstein [alfred@freebsd.org] Ok, who wrote this damn function called '??'? And why do my programs keep crashing in it? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 10:54:40 2001 Delivered-To: freebsd-net@freebsd.org Received: from harrier.mail.pas.earthlink.net (harrier.mail.pas.earthlink.net [207.217.121.12]) by hub.freebsd.org (Postfix) with ESMTP id E280137B406; Thu, 26 Jul 2001 10:54:35 -0700 (PDT) (envelope-from tlambert2@mindspring.com) Received: from mindspring.com (dialup-209.245.129.59.Dial1.SanJose1.Level3.net [209.245.129.59]) by harrier.mail.pas.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id KAA23602; Thu, 26 Jul 2001 10:54:24 -0700 (PDT) Message-ID: <3B605976.C3B01A42@mindspring.com> Date: Thu, 26 Jul 2001 10:55:02 -0700 From: Terry Lambert Reply-To: tlambert2@mindspring.com X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Alfred Perlstein Cc: Julian Elischer , "Eugene L. Vorokov" , Soren Kristensen , freebsd-hackers@FreeBSD.ORG, freebsd-net@FreeBSD.ORG Subject: Re: Why two cards on the same segment... References: <200107260837.f6Q8b9K00767@bugz.infotecs.ru> <3B5FDD32.7758EB35@elischer.org> <3B6055C8.C0B5554D@mindspring.com> <20010726124152.F26571@elvis.mu.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Alfred Perlstein wrote: > Without proper attribution I can't make proper fun of you guys for > not noticing: > > net.link.ether.inet.log_arp_wrong_iface > > set it to zero. 1) 4.3 and above specific. 2) Only makes it quit bitching, doesn't fix the ARP, source MAC address, or other bugs. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 11:34:53 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id 2ABBB37B401 for ; Thu, 26 Jul 2001 11:34:50 -0700 (PDT) (envelope-from julian@elischer.org) Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id NAA10560; Thu, 26 Jul 2001 13:32:01 -0700 (PDT) Date: Thu, 26 Jul 2001 13:32:00 -0700 (PDT) From: Julian Elischer To: Brian Reichert Cc: freebsd-net@freebsd.org Subject: Re: filtering with netgraph? In-Reply-To: <20010726125321.D79454@numachi.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, 26 Jul 2001, Brian Reichert wrote: > I need to put together a bridging packet filter. I've done so in > the past with bridge(4) and ipfw(8), and am willing to do so again. > > However, there seems to be a great deal of interest nowadays in > using netgraph(4). > > Two things I haven't yet been able to glean from the archives (yet, > pointers appreciated): > > - Is it currently achieveable? I get the impression from > > > > "here are many node types yet to be written: > > An implementation of the Dynamic Packet Filter as a netgraph > node. DPF is sort of a hyper-speed JIT compiling version of > BPF." > > that such an ability is not quite in place yet. yes and no.. there is a BPF node that takes BPF filter expressions and selects between one of a number of hooks using that. there is also an ipfw node (not checked in) that can be used (mentionned several times in the lists... Needs updating and someone said they were going to do that..) lastly, you could implement DPF :-) (it's part of the exokernel project) (MIT) given that then I think we could alter the 'bridge' node to know how to hook onto a filter. > > - Would a netgraph-based bridge be limited to the set of interfaces > documented in bridge(4)? NO, and these days even the other bridging is supported by teh base ethernet code rather than a particular driver (I think) > > Just fishing for info... > > -- > Brian 'you Bastard' Reichert > 37 Crystal Ave. #303 Daytime number: (603) 434-6842 > Derry NH 03038-1713 USA Intel architecture: the left-hand path > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 11:40:57 2001 Delivered-To: freebsd-net@freebsd.org Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by hub.freebsd.org (Postfix) with ESMTP id 1088637B401 for ; Thu, 26 Jul 2001 11:40:55 -0700 (PDT) (envelope-from brdavis@odin.ac.hmc.edu) Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.11.0/8.11.0) id f6QIeld16818; Thu, 26 Jul 2001 11:40:47 -0700 Date: Thu, 26 Jul 2001 11:40:47 -0700 From: Brooks Davis To: Julian Elischer Cc: Brian Reichert , freebsd-net@FreeBSD.ORG Subject: Re: filtering with netgraph? Message-ID: <20010726114047.A16234@Odin.AC.HMC.Edu> References: <20010726125321.D79454@numachi.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="T4sUOijqQbZv57TR" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from julian@elischer.org on Thu, Jul 26, 2001 at 01:32:00PM -0700 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --T4sUOijqQbZv57TR Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jul 26, 2001 at 01:32:00PM -0700, Julian Elischer wrote: > > - Would a netgraph-based bridge be limited to the set of interfaces > > documented in bridge(4)? >=20 > NO, and these days even the other bridging is supported by=20 > teh base ethernet code rather than a particular driver (I think) If you're bridge(4) manpage lists interfaces, it's out of date. Here's what it says on current and stable: Interfaces that cannot be put into promiscuous mode or that don't supp= ort sending packets with arbitrary Ethernet source addresses are not compa= ti- ble with bridging. Presumably netgraph bridging has the same requirements. -- Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --T4sUOijqQbZv57TR Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7YGQuXY6L6fI4GtQRAuH9AJ95aDyer+jkb/hftyWBr+XfUbgmqACcCwGq J+T88YwFlE0KVJWJ/o/ZO0E= =Bv8I -----END PGP SIGNATURE----- --T4sUOijqQbZv57TR-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 11:46:52 2001 Delivered-To: freebsd-net@freebsd.org Received: from mgw1.MEIway.com (mgw1.meiway.com [212.73.210.75]) by hub.freebsd.org (Postfix) with ESMTP id 7226637B401 for ; Thu, 26 Jul 2001 11:46:49 -0700 (PDT) (envelope-from LConrad@Go2France.com) Received: from mail.Go2France.com (ms1.meiway.com [212.73.210.73]) by mgw1.MEIway.com (Postfix Relay Hub) with ESMTP id 8EC0B16B20 for ; Thu, 26 Jul 2001 20:46:47 +0200 (CEST) Received: from IBM-HIRXKN66F0W.Go2France.com [195.115.185.184] by mail.Go2France.com with ESMTP (SMTPD32-6.06) id A7BC30B30202; Thu, 26 Jul 2001 20:55:56 +0200 Message-Id: <5.1.0.14.0.20010726204651.03824e90@mail.Go2France.com> X-Sender: LConrad@Go2France.com@mail.Go2France.com X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Thu, 26 Jul 2001 20:47:38 +0200 To: freebsd-net@freebsd.org From: Len Conrad Subject: Re: filtering with netgraph? In-Reply-To: <20010726125321.D79454@numachi.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >I need to put together a bridging packet filter. Can someone confirm that there is no way in FreeBSD to bridge Ethernet and TR? Len http://MenAndMice.com/DNS-training http://BIND8NT.MEIway.com : ISC BIND 8.2.4 for NT4 & W2K http://IMGate.MEIway.com : Build free, hi-perf, anti-abuse mail gateways To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 11:55: 2 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id 9D56137B401 for ; Thu, 26 Jul 2001 11:54:56 -0700 (PDT) (envelope-from julian@elischer.org) Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id NAA10648; Thu, 26 Jul 2001 13:51:45 -0700 (PDT) Date: Thu, 26 Jul 2001 13:51:45 -0700 (PDT) From: Julian Elischer To: Brooks Davis Cc: Brian Reichert , freebsd-net@FreeBSD.ORG Subject: Re: filtering with netgraph? In-Reply-To: <20010726114047.A16234@Odin.AC.HMC.Edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Ahhhh yes,.... you are correct. On Thu, 26 Jul 2001, Brooks Davis wrote: > On Thu, Jul 26, 2001 at 01:32:00PM -0700, Julian Elischer wrote: > > > - Would a netgraph-based bridge be limited to the set of interfaces > > > documented in bridge(4)? > > > > NO, and these days even the other bridging is supported by > > teh base ethernet code rather than a particular driver (I think) > > If you're bridge(4) manpage lists interfaces, it's out of date. Here's > what it says on current and stable: > > Interfaces that cannot be put into promiscuous mode or that don't support > sending packets with arbitrary Ethernet source addresses are not compati- > ble with bridging. > > Presumably netgraph bridging has the same requirements. > > -- Brooks > > -- > Any statement of the form "X is the one, true Y" is FALSE. > PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 12:13:23 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail.numachi.com (numachi.numachi.com [198.175.254.2]) by hub.freebsd.org (Postfix) with SMTP id 9405C37B401 for ; Thu, 26 Jul 2001 12:13:18 -0700 (PDT) (envelope-from reichert@natto.numachi.com) Received: (qmail 29488 invoked by uid 3001); 26 Jul 2001 19:13:15 -0000 Received: from natto.numachi.com (198.175.254.216) by numachi.numachi.com with SMTP; 26 Jul 2001 19:13:15 -0000 Received: (qmail 81591 invoked by uid 1001); 26 Jul 2001 19:13:15 -0000 Date: Thu, 26 Jul 2001 15:13:15 -0400 From: Brian Reichert To: Julian Elischer Cc: Brian Reichert , freebsd-net@freebsd.org Subject: Re: filtering with netgraph? Message-ID: <20010726151315.F79454@numachi.com> References: <20010726125321.D79454@numachi.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from julian@elischer.org on Thu, Jul 26, 2001 at 01:32:00PM -0700 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Jul 26, 2001 at 01:32:00PM -0700, Julian Elischer wrote: > yes and no.. > there is a BPF node that takes BPF filter expressions > and selects between one of a number of hooks using that. > > there is also an ipfw node (not checked in) that can be > used (mentionned several times in the lists... Needs updating > and someone said they were going to do that..) > > lastly, you could implement DPF :-) > (it's part of the exokernel project) (MIT) That looks like fun, but this is a Need It Now kinda thing, so I guess I'll roll my own in the tried-and-true fashion. In my Copious Free Time(tm), maybe I'll poke at DPF; it looked neat... Thanks for the feedback, folks... -- Brian 'you Bastard' Reichert 37 Crystal Ave. #303 Daytime number: (603) 434-6842 Derry NH 03038-1713 USA Intel architecture: the left-hand path To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 13:40:57 2001 Delivered-To: freebsd-net@freebsd.org Received: from peter3.wemm.org (c1315225-a.plstn1.sfba.home.com [24.14.150.180]) by hub.freebsd.org (Postfix) with ESMTP id ABA5937B409; Thu, 26 Jul 2001 13:40:52 -0700 (PDT) (envelope-from peter@wemm.org) Received: from overcee.netplex.com.au (overcee.wemm.org [10.0.0.3]) by peter3.wemm.org (8.11.0/8.11.0) with ESMTP id f6QKeqM56315; Thu, 26 Jul 2001 13:40:52 -0700 (PDT) (envelope-from peter@wemm.org) Received: from wemm.org (localhost [127.0.0.1]) by overcee.netplex.com.au (Postfix) with ESMTP id 7D4BB38CC; Thu, 26 Jul 2001 13:40:52 -0700 (PDT) (envelope-from peter@wemm.org) X-Mailer: exmh version 2.3.1 01/18/2001 with nmh-1.0.4 To: tlambert2@mindspring.com Cc: Julian Elischer , "Eugene L. Vorokov" , Soren Kristensen , freebsd-hackers@FreeBSD.ORG, freebsd-net@FreeBSD.ORG Subject: Re: Why two cards on the same segment... In-Reply-To: <3B6055C8.C0B5554D@mindspring.com> Date: Thu, 26 Jul 2001 13:40:52 -0700 From: Peter Wemm Message-Id: <20010726204052.7D4BB38CC@overcee.netplex.com.au> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Terry Lambert wrote: [..] > At a guess, he's attempting to implement VRRP, which requires > that the virtual interface have a differen MAC address, Dont guess, ask. > and FreeBSD fails to support programming of MAC addresses, Damn, then I must be imagining the fact that I change MAC addresses with 'ifconfig ether' on a regular basis. (see: SIOCSIFLLADDR) Cheers, -Peter -- Peter Wemm - peter@FreeBSD.org; peter@yahoo-inc.com; peter@netplex.com.au "All of this is for nothing if we don't go to the stars" - JMS/B5 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 13:45:39 2001 Delivered-To: freebsd-net@freebsd.org Received: from elvis.mu.org (elvis.mu.org [216.33.66.196]) by hub.freebsd.org (Postfix) with ESMTP id 0378837B407 for ; Thu, 26 Jul 2001 13:45:37 -0700 (PDT) (envelope-from billf@elvis.mu.org) Received: by elvis.mu.org (Postfix, from userid 1098) id 079DD81D0D; Thu, 26 Jul 2001 15:45:37 -0500 (CDT) Date: Thu, 26 Jul 2001 15:45:37 -0500 From: Bill Fumerola To: Brian Reichert Cc: Julian Elischer , freebsd-net@freebsd.org Subject: Re: filtering with netgraph? Message-ID: <20010726154536.I2759@elvis.mu.org> References: <20010726125321.D79454@numachi.com> <20010726151315.F79454@numachi.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010726151315.F79454@numachi.com>; from reichert@numachi.com on Thu, Jul 26, 2001 at 03:13:15PM -0400 X-Operating-System: FreeBSD 4.3-FEARSOME-20010712 i386 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Jul 26, 2001 at 03:13:15PM -0400, Brian Reichert wrote: > > lastly, you could implement DPF :-) > > (it's part of the exokernel project) (MIT) > > That looks like fun, but this is a Need It Now kinda thing, so I > guess I'll roll my own in the tried-and-true fashion. > > In my Copious Free Time(tm), maybe I'll poke at DPF; it looked > neat... good luck. there is no i386 vcode, so dpf is fairly useless to freebsd right now. rumors of existing i386 code have been floating around, I've e-mailed lots of people about it but haven't been able to come up with actual code. just more names and rumors. plus there are license issues that thorpej pointed out to me. its a really cool idea, though... -- Bill Fumerola - security yahoo / Yahoo! inc. - fumerola@yahoo-inc.com / billf@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 13:45:47 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail.wolves.k12.mo.us (mail.wolves.k12.mo.us [207.160.214.1]) by hub.freebsd.org (Postfix) with ESMTP id 62DC837B407; Thu, 26 Jul 2001 13:45:41 -0700 (PDT) (envelope-from cdillon@wolves.k12.mo.us) Received: from mail.wolves.k12.mo.us (cdillon@mail.wolves.k12.mo.us [207.160.214.1]) by mail.wolves.k12.mo.us (8.9.3/8.9.3) with ESMTP id PAA02805; Thu, 26 Jul 2001 15:45:16 -0500 (CDT) (envelope-from cdillon@wolves.k12.mo.us) Date: Thu, 26 Jul 2001 15:45:15 -0500 (CDT) From: Chris Dillon To: Terry Lambert Cc: Julian Elischer , "Eugene L. Vorokov" , Soren Kristensen , , Subject: Re: Why two cards on the same segment... In-Reply-To: <3B6055C8.C0B5554D@mindspring.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, 26 Jul 2001, Terry Lambert wrote: [...other stuff I've not personally encountered snipped...] > ...or the mess the FreeBSD alias code is in, with it demanding > netmasks of 255.255.255.255 on aliases, so that aliases and the > primary IP _MUST_ have the same netmask instead of different ones > (hell, he may just be trying to have two IP's with different > netmasks, and the only way he can do it in FreeBSD is to have two > cards!). Why would you want multiple IP addresses that belong to the same IP network to have different subnet masks? You'll break the network. If you're saying that you can't put two or more different IP addresses on one NIC that belong to different IP networks, then don't tell my router that, it might decide to stop working. :-) fxp7: flags=8943 mtu 1500 inet 207.160.214.253 netmask 0xffffff00 broadcast 207.160.214.255 inet 207.160.214.252 netmask 0xffffffff broadcast 207.160.214.252 inet 192.168.254.254 netmask 0xffffff00 broadcast 192.168.254.255 ether 00:08:c7:07:b2:96 media: Ethernet autoselect (100baseTX ) status: active > So, the major reasons for two cards on one segment: to work around > bugs in FreeBSD's networking code. The best reason I can think of to put two cards on one segment is for performance reasons. You'll only get a performance benefit if you're attached to a switch, of course. I'm not talking about Fast EtherChannel or other channel bonding or anything like that, just two or more NICs with two or more different IP addresses. -- Chris Dillon - cdillon@wolves.k12.mo.us - cdillon@inter-linc.net FreeBSD: The fastest and most stable server OS on the planet - Available for IA32 (Intel x86) and Alpha architectures - IA64 (Itanium), PowerPC, and ARM architectures under development - http://www.freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 14:34:42 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id 4656D37B401 for ; Thu, 26 Jul 2001 14:34:38 -0700 (PDT) (envelope-from julian@elischer.org) Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id QAA11365; Thu, 26 Jul 2001 16:34:32 -0700 (PDT) Date: Thu, 26 Jul 2001 16:34:31 -0700 (PDT) From: Julian Elischer To: Brian Reichert Cc: freebsd-net@freebsd.org Subject: Re: filtering with netgraph? In-Reply-To: <20010726151315.F79454@numachi.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org As I mentionned, you may be able to use the BPF hook for it. failing that try track down the ipfw node.. On Thu, 26 Jul 2001, Brian Reichert wrote: > On Thu, Jul 26, 2001 at 01:32:00PM -0700, Julian Elischer wrote: > > yes and no.. > > there is a BPF node that takes BPF filter expressions > > and selects between one of a number of hooks using that. > > > > there is also an ipfw node (not checked in) that can be > > used (mentionned several times in the lists... Needs updating > > and someone said they were going to do that..) > > > > lastly, you could implement DPF :-) > > (it's part of the exokernel project) (MIT) > > That looks like fun, but this is a Need It Now kinda thing, so I > guess I'll roll my own in the tried-and-true fashion. > > In my Copious Free Time(tm), maybe I'll poke at DPF; it looked > neat... > > Thanks for the feedback, folks... > > -- > Brian 'you Bastard' Reichert > 37 Crystal Ave. #303 Daytime number: (603) 434-6842 > Derry NH 03038-1713 USA Intel architecture: the left-hand path > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 14:35: 0 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id DF61937B403 for ; Thu, 26 Jul 2001 14:34:57 -0700 (PDT) (envelope-from julian@elischer.org) Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id QAA11359; Thu, 26 Jul 2001 16:31:34 -0700 (PDT) Date: Thu, 26 Jul 2001 16:31:33 -0700 (PDT) From: Julian Elischer To: Len Conrad Cc: freebsd-net@freebsd.org, lile@stdio.com Subject: Re: filtering with netgraph? In-Reply-To: <5.1.0.14.0.20010726204651.03824e90@mail.Go2France.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org there is no way at this time but the support for netgraph bridging (and other bridging) was added to if_ethersubr.c if_is088025subr.c is basically a copy of how if_ehtersubr looked at one time, so if one were to bring forward all the changes in if_ethersubr.c and apply them to if_is088025subr.c then one would get bridging of both kinds. On Thu, 26 Jul 2001, Len Conrad wrote: > > >I need to put together a bridging packet filter. > > Can someone confirm that there is no way in FreeBSD to bridge Ethernet and TR? > > Len > > > http://MenAndMice.com/DNS-training > http://BIND8NT.MEIway.com : ISC BIND 8.2.4 for NT4 & W2K > http://IMGate.MEIway.com : Build free, hi-perf, anti-abuse mail gateways > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 14:55:11 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id E410437B429 for ; Thu, 26 Jul 2001 14:54:54 -0700 (PDT) (envelope-from julian@elischer.org) Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id QAA11470; Thu, 26 Jul 2001 16:53:42 -0700 (PDT) Date: Thu, 26 Jul 2001 16:53:41 -0700 (PDT) From: Julian Elischer To: Bill Fumerola Cc: Brian Reichert , freebsd-net@freebsd.org Subject: Re: filtering with netgraph? In-Reply-To: <20010726154536.I2759@elvis.mu.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org there is a i386 vcode.. I've seen it... also alpha I think.. it's part of the exokernel so it supports whatever they support On Thu, 26 Jul 2001, Bill Fumerola wrote: > On Thu, Jul 26, 2001 at 03:13:15PM -0400, Brian Reichert wrote: > > > > lastly, you could implement DPF :-) > > > (it's part of the exokernel project) (MIT) > > > > That looks like fun, but this is a Need It Now kinda thing, so I > > guess I'll roll my own in the tried-and-true fashion. > > > > In my Copious Free Time(tm), maybe I'll poke at DPF; it looked > > neat... > > good luck. there is no i386 vcode, so dpf is fairly useless to freebsd > right now. rumors of existing i386 code have been floating around, I've > e-mailed lots of people about it but haven't been able to come up with > actual code. just more names and rumors. > > plus there are license issues that thorpej pointed out to me. > > its a really cool idea, though... > > -- > Bill Fumerola - security yahoo / Yahoo! inc. > - fumerola@yahoo-inc.com / billf@FreeBSD.org > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 23: 5:12 2001 Delivered-To: freebsd-net@freebsd.org Received: from scaup.mail.pas.earthlink.net (scaup.mail.pas.earthlink.net [207.217.121.49]) by hub.freebsd.org (Postfix) with ESMTP id CDA2237B401; Thu, 26 Jul 2001 23:05:04 -0700 (PDT) (envelope-from cjc@earthlink.net) Received: from blossom.cjclark.org (dialup-209.245.131.10.Dial1.SanJose1.Level3.net [209.245.131.10]) by scaup.mail.pas.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id XAA13825; Thu, 26 Jul 2001 23:05:02 -0700 (PDT) Received: (from cjc@localhost) by blossom.cjclark.org (8.11.4/8.11.3) id f6R64xp82800; Thu, 26 Jul 2001 23:04:59 -0700 (PDT) (envelope-from cjc) Date: Thu, 26 Jul 2001 23:04:59 -0700 From: "Crist J. Clark" To: =?iso-8859-1?Q?Christophe_Pr=E9votaux?= Cc: net@FreeBSD.ORG, stable@FreeBSD.ORG Subject: Re: buildkernel fails again Message-ID: <20010726230459.B343@blossom.cjclark.org> Reply-To: cjclark@alum.mit.edu References: <20010725204103.7381ea1c.c.prevotaux@hexanet.fr> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit User-Agent: Mutt/1.2.5i In-Reply-To: <20010725204103.7381ea1c.c.prevotaux@hexanet.fr>; from c.prevotaux@hexanet.fr on Wed, Jul 25, 2001 at 08:41:03PM +0200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, Jul 25, 2001 at 08:41:03PM +0200, Christophe Pr憝otaux wrote: > I tried to buildkernel on a FreeBSD RELENG_4_3 > but I got the following message > > > ===> ipfilter > make: don't know how to make /usr/src/sys/modules/ipfilter/../../contrib/ipfilter/netinet/mlfk_ipl.c. Stop > *** Error code 2 > > Stop in /usr/src/sys/modules. > *** Error code 1 > > Stop in /usr/obj/usr/src/sys/PROTON. > *** Error code 1 > > Stop in /usr/src. > *** Error code 1 > > Stop in /usr/src. > > can anyone tell me why it stop here ? and how to fix it ? Clean things up before you build, # rm -rf /usr/obj/usr/src/sys/PROTON -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 23:47:19 2001 Delivered-To: freebsd-net@freebsd.org Received: from gull.mail.pas.earthlink.net (gull.mail.pas.earthlink.net [207.217.121.85]) by hub.freebsd.org (Postfix) with ESMTP id D2B8B37B407; Thu, 26 Jul 2001 23:47:09 -0700 (PDT) (envelope-from tlambert2@mindspring.com) Received: from mindspring.com (dialup-209.245.136.132.Dial1.SanJose1.Level3.net [209.245.136.132]) by gull.mail.pas.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id XAA23954; Thu, 26 Jul 2001 23:46:27 -0700 (PDT) Message-ID: <3B610E69.74C105AB@mindspring.com> Date: Thu, 26 Jul 2001 23:47:05 -0700 From: Terry Lambert Reply-To: tlambert2@mindspring.com X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Peter Wemm Cc: Julian Elischer , "Eugene L. Vorokov" , Soren Kristensen , freebsd-hackers@FreeBSD.ORG, freebsd-net@FreeBSD.ORG Subject: Re: Why two cards on the same segment... References: <20010726204052.7D4BB38CC@overcee.netplex.com.au> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Peter Wemm wrote: > Terry Lambert wrote: > [..] > > > At a guess, he's attempting to implement VRRP, which requires > > that the virtual interface have a differen MAC address, > > Dont guess, ask. He said he needed it for testing. Personally, I need it for VRRP, and to compete with NT, which tests file server configurations with 4 cards with interrupts vectored, one each, to each of 4 CPUs, and tends to kick both Linux and FreeBSD's butts. > > and FreeBSD fails to support programming of MAC addresses, > > Damn, then I must be imagining the fact that I change MAC addresses > with 'ifconfig ether' on a regular basis. (see: SIOCSIFLLADDR) Look at the plural there: Intel Gigabit cards support 16 programmable MAC addresses, while the Tigon II supports 4, and the Tigon II supports one. Read RFC 2338: VRRP requires that each VID ends up with a MAC address in the VRRP address space, so that you can do transparent takeover, should one of your routers fail. Using the host MAC address is actually broken: it will fail to do the right thing on things like Alpine L2 switches: you end up needing to go all the way to L3 or L4 switching before you get correct behaviour again. The problem with this, of course, is that most L3/L4 switches have a limited depth ARP cache, and also have a limited number of addresses (sometimes only one) which they are able to cache on the switch to identify the card on the client side of the port. To resolve this, you pretty much need to implement virtual interfaces, one per programmable MAC. If you look at the Linux VRRPd project, you;ll see that they punted: they program the multicast address to the real MAC address on the card, and then they reprogram the original MAC to be the VRRP MAC. This lets them continue to receive any packets destined for the original MAC address, but it means that any packets they transmit go out the VID MAC address, which is technically wrong. FreeBSD doesn't even allow a single additional MAC address to be programmed: the code that does the SIOCSIFLLADDR handling when the card "init" is called (which incidently reloads the firmware on the Tigon II cards, and sends them into "watchdog timeout, resetting" hell) _ONLY_ permits reprogramming of the main MAC address, and not any of the auxillaries, for cards that support the idea -- or the multicast, for cards that can't support it. So the Linux VRRPd code won't run on FreeBSD (it's a hack), and true VRRP won't run on FreeBSD, since FreeBSD doesn't support the idea of multiple interfaces for a single card (sa_zero, as used in ip_divert, could probably do the trick to provide virtual interfaces for FreeBSD, to do the right thing). -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jul 26 23:51:21 2001 Delivered-To: freebsd-net@freebsd.org Received: from snipe.mail.pas.earthlink.net (snipe.mail.pas.earthlink.net [207.217.120.62]) by hub.freebsd.org (Postfix) with ESMTP id 6825637B405; Thu, 26 Jul 2001 23:51:16 -0700 (PDT) (envelope-from tlambert2@mindspring.com) Received: from mindspring.com (dialup-209.245.136.132.Dial1.SanJose1.Level3.net [209.245.136.132]) by snipe.mail.pas.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id XAA01390; Thu, 26 Jul 2001 23:49:49 -0700 (PDT) Message-ID: <3B610F34.619E55CE@mindspring.com> Date: Thu, 26 Jul 2001 23:50:28 -0700 From: Terry Lambert Reply-To: tlambert2@mindspring.com X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Chris Dillon Cc: Julian Elischer , "Eugene L. Vorokov" , Soren Kristensen , freebsd-hackers@FreeBSD.ORG, freebsd-net@FreeBSD.ORG Subject: Re: Why two cards on the same segment... References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Chris Dillon wrote: > > ...or the mess the FreeBSD alias code is in, with it demanding > > netmasks of 255.255.255.255 on aliases, so that aliases and the > > primary IP _MUST_ have the same netmask instead of different ones > > (hell, he may just be trying to have two IP's with different > > netmasks, and the only way he can do it in FreeBSD is to have two > > cards!). > > Why would you want multiple IP addresses that belong to the same IP > network to have different subnet masks? You'll break the network. > If you're saying that you can't put two or more different IP addresses > on one NIC that belong to different IP networks, then don't tell my > router that, it might decide to stop working. :-) > > fxp7: flags=8943 mtu 1500 > inet 207.160.214.253 netmask 0xffffff00 broadcast 207.160.214.255 > inet 207.160.214.252 netmask 0xffffffff broadcast 207.160.214.252 > inet 192.168.254.254 netmask 0xffffff00 broadcast 192.168.254.255 > ether 00:08:c7:07:b2:96 > media: Ethernet autoselect (100baseTX ) > status: active We saw the error with multiple 10.x addresses, with subnet masks which should have logically seperated the subnets, but failed to do the job correctly, when using two cards on the same segment, with different subnet masks which should have rendered them non-intersecting. I can probably get the configuration data for you, if you are truly interested (this is on a 4.3 derived system). -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 27 4:10:17 2001 Delivered-To: freebsd-net@freebsd.org Received: from purus.tcoip (unknown [200.199.244.162]) by hub.freebsd.org (Postfix) with ESMTP id A280937B405 for ; Fri, 27 Jul 2001 04:10:14 -0700 (PDT) (envelope-from daniel.sobral@tcoip.com.br) Received: from tcoip.com.br (nd9g0gqnkp059tsi@dcs.tcoip.com.br [192.168.60.194]) by purus.tcoip (8.11.1/8.11.1) with ESMTP id f6RB8uA03288; Fri, 27 Jul 2001 08:08:56 -0300 Message-ID: <3B614BC8.7040904@tcoip.com.br> Date: Fri, 27 Jul 2001 08:08:56 -0300 From: "Daniel C. Sobral" User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:0.9.2) Gecko/20010705 X-Accept-Language: en, pt-br, ja MIME-Version: 1.0 To: zebra@zebra.org, net@freebsd.org Subject: Re: [zebra 9651] RE: Linux/Ethernet interface status? Linux & BSD References: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Bulger, Tim wrote: > Well, the verdict is in... FreeBSD does know the interface status (per > ifconfig), but neither the kernel nor zebra reacts to the cable being > pulled. This seems basically broken from a kernel perspective. It doesn't > make sense to retain connected and/or static routes in the routing table for > an interface that is down. If you have two static routes for the same > network with different metrics as a simple failover scheme, it will not work > on these systems because the route with the lower metric is never removed > from the table....... Perhaps this is OK from a workstation perspective, > but this is not suitable for a router. I will be investigating ways to work > around this problem without compromising sanity. The kernel _should not_ react in any such way. In first place, an "no route to host" error is a very different one from lost packets, so the kernel must not presume any knowledge of what you want. Second, if it deletes the static routes it will not know what these are when the interface conectivity is restored. A routing demon, such as Zebra, would be in a proper place to take decisions like this. This would be an ideal application for kqueue. Is there any kqueue events for interface status? -- Daniel C. Sobral (8-DCS) Daniel.Sobral@tcoip.com.br dcs@newsguy.com dcs@freebsd.org capo@notorious.bsdconspiracy.net Maybe Computer Science should be in the College of Theology. -- R. S. Barton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 27 6:20:19 2001 Delivered-To: freebsd-net@freebsd.org Received: from purus.tcoip (unknown [200.199.244.162]) by hub.freebsd.org (Postfix) with ESMTP id 85FCD37B403 for ; Fri, 27 Jul 2001 06:20:15 -0700 (PDT) (envelope-from daniel.sobral@tcoip.com.br) Received: from tcoip.com.br (3d0e9u5ky4w4hz45@dcs.tcoip.com.br [192.168.60.194]) by purus.tcoip (8.11.1/8.11.1) with ESMTP id f6RDFlA06655 for ; Fri, 27 Jul 2001 10:15:47 -0300 Message-ID: <3B616981.9080508@tcoip.com.br> Date: Fri, 27 Jul 2001 10:15:45 -0300 From: "Daniel C. Sobral" User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:0.9.2) Gecko/20010705 X-Accept-Language: en, pt-br, ja MIME-Version: 1.0 To: net@freebsd.org Subject: TCP window and vlans Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org While configuring my new firewalls, I started getting annoying freezes on my ssh connections. Finally, having put to rest more pressing problems, I looked into it. Dumps from both the firewall and a remote machine shows traffic going until the window of the remote machine falls below the average packet length of the firewall. The window size is quickly restored, but the firewall won't send any more packets. On a slightly different combination of monitoring programs, I have seen the firewall send packets without the push flag, and then a packet with the push flag. The latter one is received by the remote host but not the others. I have four very similar firewalls in this setup. Two show the problem, and two doesn't. The main difference: the traffic on the ones that show the problem goes through a vlan. This is 4.3-RELEASE (I can't run stable because the kernel will crash within minutes, though I'm about to test a patch for that). Any ideas? I'm unfamiliar with this part of the code, so even pointers to where this code is will be helpful. -- Daniel C. Sobral (8-DCS) Daniel.Sobral@tcoip.com.br dcs@newsguy.com dcs@freebsd.org capo@notorious.bsdconspiracy.net Ah say, son, you're about as sharp as a bowlin' ball. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 27 8:49:19 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail.wolves.k12.mo.us (mail.wolves.k12.mo.us [207.160.214.1]) by hub.freebsd.org (Postfix) with ESMTP id E9B9B37B403; Fri, 27 Jul 2001 08:49:12 -0700 (PDT) (envelope-from cdillon@wolves.k12.mo.us) Received: from mail.wolves.k12.mo.us (cdillon@mail.wolves.k12.mo.us [207.160.214.1]) by mail.wolves.k12.mo.us (8.9.3/8.9.3) with ESMTP id KAA38303; Fri, 27 Jul 2001 10:48:55 -0500 (CDT) (envelope-from cdillon@wolves.k12.mo.us) Date: Fri, 27 Jul 2001 10:48:55 -0500 (CDT) From: Chris Dillon To: Terry Lambert Cc: Julian Elischer , "Eugene L. Vorokov" , Soren Kristensen , , Subject: Re: Why two cards on the same segment... In-Reply-To: <3B610F34.619E55CE@mindspring.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, 26 Jul 2001, Terry Lambert wrote: > Chris Dillon wrote: > > > ...or the mess the FreeBSD alias code is in, with it demanding > > > netmasks of 255.255.255.255 on aliases, so that aliases and the > > > primary IP _MUST_ have the same netmask instead of different ones > > > (hell, he may just be trying to have two IP's with different > > > netmasks, and the only way he can do it in FreeBSD is to have two > > > cards!). > > > > Why would you want multiple IP addresses that belong to the same IP > > network to have different subnet masks? You'll break the network. > > If you're saying that you can't put two or more different IP addresses > > on one NIC that belong to different IP networks, then don't tell my > > router that, it might decide to stop working. :-) > > > > fxp7: flags=8943 mtu 1500 > > inet 207.160.214.253 netmask 0xffffff00 broadcast 207.160.214.255 > > inet 207.160.214.252 netmask 0xffffffff broadcast 207.160.214.252 > > inet 192.168.254.254 netmask 0xffffff00 broadcast 192.168.254.255 > > ether 00:08:c7:07:b2:96 > > media: Ethernet autoselect (100baseTX ) > > status: active > > We saw the error with multiple 10.x addresses, with subnet masks > which should have logically seperated the subnets, but failed to > do the job correctly, when using two cards on the same segment, > with different subnet masks which should have rendered them > non-intersecting. I can probably get the configuration data for > you, if you are truly interested (this is on a 4.3 derived > system). Not that being 10.x addresses would matter any, but it would be interesting to look at. It wouldn't be hard for me to put another NIC in this box and play around with that scenario. What exactly was going wrong in the above setup you're talking about? -- Chris Dillon - cdillon@wolves.k12.mo.us - cdillon@inter-linc.net FreeBSD: The fastest and most stable server OS on the planet - Available for IA32 (Intel x86) and Alpha architectures - IA64 (Itanium), PowerPC, and ARM architectures under development - http://www.freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 27 8:55:59 2001 Delivered-To: freebsd-net@freebsd.org Received: from nothing-going-on.demon.co.uk (unknown [205.230.22.137]) by hub.freebsd.org (Postfix) with ESMTP id 750DD37B403; Fri, 27 Jul 2001 08:55:50 -0700 (PDT) (envelope-from nik@nothing-going-on.demon.co.uk) Received: (from nik@localhost) by nothing-going-on.demon.co.uk (8.11.3/8.11.3) id f6R0Y4U28965; Fri, 27 Jul 2001 01:34:05 +0100 (BST) (envelope-from nik) Date: Fri, 27 Jul 2001 01:34:02 +0100 From: Nik Clayton To: Terry Lambert Cc: Julian Elischer , "Eugene L. Vorokov" , Soren Kristensen , freebsd-hackers@FreeBSD.ORG, freebsd-net@FreeBSD.ORG Subject: Re: Why two cards on the same segment... Message-ID: <20010727013402.G17126@canyon.nothing-going-on.org> References: <200107260837.f6Q8b9K00767@bugz.infotecs.ru> <3B5FDD32.7758EB35@elischer.org> <3B6055C8.C0B5554D@mindspring.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="vJguvTgX93MxBIIe" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3B6055C8.C0B5554D@mindspring.com>; from tlambert2@mindspring.com on Thu, Jul 26, 2001 at 10:39:20AM -0700 Organization: FreeBSD Project Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --vJguvTgX93MxBIIe Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jul 26, 2001 at 10:39:20AM -0700, Terry Lambert wrote: > At a guess, he's attempting to implement VRRP, which requires [...] > Even after crossing that hurdle, FreeBSD will send out the [...] > So short of implementing auxillary MAC programming and virtual > interfaces in FreeBSD, he has to use two cards on the same wire. >=20 > ...not to mention the mess the current FreeBSD ARP code is in, [...] > ...or the mess that the FreeBSD interface code is in, since it [...] =20 > ...or the mess the FreeBSD alias code is in, with it demanding [...] > So, the major reasons for two cards on one segment: to work around > bugs in FreeBSD's networking code. Have you submitted these bugs using send-pr(8)? N --=20 FreeBSD: The Power to Serve http://www.freebsd.org/ FreeBSD Documentation Project http://www.freebsd.org/docproj/ --- 15B8 3FFC DDB4 34B0 AA5F 94B7 93A8 0764 2C37 E375 --- --vJguvTgX93MxBIIe Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjtgtvkACgkQk6gHZCw343WhrQCgiiLq6NQh53kyXyMcxiZdAbd8 2a0An1Lbdc1x1HLKCur5BH2y3o0uuKNR =kgaQ -----END PGP SIGNATURE----- --vJguvTgX93MxBIIe-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 27 9:10: 1 2001 Delivered-To: freebsd-net@freebsd.org Received: from outbound.ea.com (outbound.ea.com [12.35.91.3]) by hub.freebsd.org (Postfix) with ESMTP id 3EC1B37B403 for ; Fri, 27 Jul 2001 09:09:54 -0700 (PDT) (envelope-from TBulger@ea.com) Received: from eahq-bh2.rws.ad.ea.com (eahq-bh2.ea.com [10.14.204.33]) by outbound.ea.com (Switch-2.1.3/Switch-2.1.0) with ESMTP id f6RGAp403109; Fri, 27 Jul 2001 09:10:51 -0700 (PDT) Received: by eahq-bh2 with Internet Mail Service (5.5.2653.19) id ; Fri, 27 Jul 2001 09:09:51 -0700 Message-ID: From: "Bulger, Tim" To: "'zebra@zebra.org'" , net@freebsd.org Subject: RE: [zebra 9666] Re: Linux/Ethernet interface status? Linux & BSD Date: Fri, 27 Jul 2001 09:09:51 -0700 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I agree completely re: Zebra being in control of the static route handling process. If it is capable of determining the interface status (kernel up/down is recognized), it can add or remove the static routes as necessary. If the kernel is aware of the interface status but continues to consider itself connected to that network (by maintaining the connected route in the table), there is no way to configure a backup route to that network using the very basic concept of networking that is routes with different metrics... As I said, for a workstation to maintain its routing table despite the interface status is great because without a routing daemon you don't have to directly manage it after a down/up event. For a router or a server that is employing routing for a backup solution, this is inadequate. An option in the kernel to allow this behavior would be ideal. (Sorry for the long, rambling email) Tim. -----Original Message----- From: Daniel C. Sobral [mailto:daniel.sobral@tcoip.com.br] Sent: Friday, July 27, 2001 4:09 AM To: zebra@zebra.org; net@freebsd.org Subject: [zebra 9666] Re: Linux/Ethernet interface status? Linux & BSD Bulger, Tim wrote: > Well, the verdict is in... FreeBSD does know the interface status (per > ifconfig), but neither the kernel nor zebra reacts to the cable being > pulled. This seems basically broken from a kernel perspective. It doesn't > make sense to retain connected and/or static routes in the routing table for > an interface that is down. If you have two static routes for the same > network with different metrics as a simple failover scheme, it will not work > on these systems because the route with the lower metric is never removed > from the table....... Perhaps this is OK from a workstation perspective, > but this is not suitable for a router. I will be investigating ways to work > around this problem without compromising sanity. The kernel _should not_ react in any such way. In first place, an "no route to host" error is a very different one from lost packets, so the kernel must not presume any knowledge of what you want. Second, if it deletes the static routes it will not know what these are when the interface conectivity is restored. A routing demon, such as Zebra, would be in a proper place to take decisions like this. This would be an ideal application for kqueue. Is there any kqueue events for interface status? -- Daniel C. Sobral (8-DCS) Daniel.Sobral@tcoip.com.br dcs@newsguy.com dcs@freebsd.org capo@notorious.bsdconspiracy.net Maybe Computer Science should be in the College of Theology. -- R. S. Barton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 27 9:46: 9 2001 Delivered-To: freebsd-net@freebsd.org Received: from peter3.wemm.org (c1315225-a.plstn1.sfba.home.com [24.14.150.180]) by hub.freebsd.org (Postfix) with ESMTP id 81A3037B406; Fri, 27 Jul 2001 09:46:02 -0700 (PDT) (envelope-from peter@wemm.org) Received: from overcee.netplex.com.au (overcee.wemm.org [10.0.0.3]) by peter3.wemm.org (8.11.0/8.11.0) with ESMTP id f6RGk2M59279; Fri, 27 Jul 2001 09:46:02 -0700 (PDT) (envelope-from peter@wemm.org) Received: from wemm.org (localhost [127.0.0.1]) by overcee.netplex.com.au (Postfix) with ESMTP id 46DBC380B; Fri, 27 Jul 2001 09:46:02 -0700 (PDT) (envelope-from peter@wemm.org) X-Mailer: exmh version 2.3.1 01/18/2001 with nmh-1.0.4 To: tlambert2@mindspring.com Cc: Julian Elischer , "Eugene L. Vorokov" , Soren Kristensen , freebsd-hackers@FreeBSD.ORG, freebsd-net@FreeBSD.ORG Subject: Re: Why two cards on the same segment... In-Reply-To: <3B610E69.74C105AB@mindspring.com> Date: Fri, 27 Jul 2001 09:46:02 -0700 From: Peter Wemm Message-Id: <20010727164602.46DBC380B@overcee.netplex.com.au> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Terry Lambert wrote: > Peter Wemm wrote: > > Terry Lambert wrote: > > [..] > > > > > At a guess, he's attempting to implement VRRP, which requires > > > that the virtual interface have a differen MAC address, > > > > Dont guess, ask. > > He said he needed it for testing. > > Personally, I need it for VRRP, and to compete with NT, which > tests file server configurations with 4 cards with interrupts > vectored, one each, to each of 4 CPUs, and tends to kick both > Linux and FreeBSD's butts. Have you seen Bill Paul's FEC stuff? It works very nicely, but using the cisco Fast EtherChannel instead of VRRP. While it isn't the same, we have used it with four interfaces merged into one virtual interface quite happily. Cheers, -Peter -- Peter Wemm - peter@FreeBSD.org; peter@yahoo-inc.com; peter@netplex.com.au "All of this is for nothing if we don't go to the stars" - JMS/B5 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 27 10:21:37 2001 Delivered-To: freebsd-net@freebsd.org Received: from purus.tcoip (unknown [200.199.244.162]) by hub.freebsd.org (Postfix) with ESMTP id 3B93537B409 for ; Fri, 27 Jul 2001 10:21:24 -0700 (PDT) (envelope-from daniel.sobral@tcoip.com.br) Received: from tcoip.com.br (pdi9mjtwfzcguese@dcs.tcoip.com.br [192.168.60.194]) by purus.tcoip (8.11.1/8.11.1) with ESMTP id f6RHJbA14119; Fri, 27 Jul 2001 14:19:38 -0300 Message-ID: <3B61A2A9.4050409@tcoip.com.br> Date: Fri, 27 Jul 2001 14:19:37 -0300 From: "Daniel C. Sobral" User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:0.9.2) Gecko/20010705 X-Accept-Language: en, pt-br, ja MIME-Version: 1.0 To: "Bulger, Tim" Cc: "'zebra@zebra.org'" , net@FreeBSD.org Subject: Re: [zebra 9666] Re: Linux/Ethernet interface status? Linux & BSD References: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Bulger, Tim wrote: > I agree completely re: Zebra being in control of the static route handling > process. If it is capable of determining the interface status (kernel > up/down is recognized), it can add or remove the static routes as necessary. > If the kernel is aware of the interface status but continues to consider > itself connected to that network (by maintaining the connected route in the > table), there is no way to configure a backup route to that network using > the very basic concept of networking that is routes with different > metrics... As I said, for a workstation to maintain its routing table > despite the interface status is great because without a routing daemon you > don't have to directly manage it after a down/up event. For a router or a > server that is employing routing for a backup solution, this is inadequate. > An option in the kernel to allow this behavior would be ideal. The kernel does not "maintain" any routes. When you ifconfig an interface up, a route is created. It is responsibility of the routing daemon to remove that route if it feels it is appropriate. It is perfectly possible to have the interface up without any routes on it, even if it has an address/netmask. In fact, it happened to me due to some obscure bug in Zebra once. :-) -- Daniel C. Sobral (8-DCS) Daniel.Sobral@tcoip.com.br dcs@newsguy.com dcs@freebsd.org capo@notorious.bsdconspiracy.net Boy, n.: A noise with dirt on it. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 27 11: 6:19 2001 Delivered-To: freebsd-net@freebsd.org Received: from connectmed.com.br (unknown [200.202.120.103]) by hub.freebsd.org (Postfix) with SMTP id 252D337B403 for ; Fri, 27 Jul 2001 11:06:17 -0700 (PDT) (envelope-from Biancalana@Connectmed.com.br) Received: (qmail 14691 invoked from network); 27 Jul 2001 17:58:34 -0000 Received: from unknown (HELO Connectmed.com.br) (200.202.120.131) by donald.connectmed.com.br with SMTP; 27 Jul 2001 17:58:34 -0000 Message-ID: <3B61AE8F.11C05184@Connectmed.com.br> Date: Fri, 27 Jul 2001 15:10:23 -0300 From: Alexandre Biancalana X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.3-STABLE i386) X-Accept-Language: en MIME-Version: 1.0 To: FreeBSD-net Subject: IPX over IP Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi guys, Anyone know if it's possible to make a IPX tunnel over IP on FreeBSD ? using netgraph or IPXIP (kernel option) ?! Has anyone done this before !? [ ]''s Alexandre To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 27 11:33:41 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id 191DE37B403 for ; Fri, 27 Jul 2001 11:33:39 -0700 (PDT) (envelope-from julian@elischer.org) Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id NAA15708; Fri, 27 Jul 2001 13:28:36 -0700 (PDT) Date: Fri, 27 Jul 2001 13:28:36 -0700 (PDT) From: Julian Elischer To: Alexandre Biancalana Cc: FreeBSD-net Subject: Re: IPX over IP In-Reply-To: <3B61AE8F.11C05184@Connectmed.com.br> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org you could defintately do it with netgraph at both ends.. start with the exampe in the examples in /usr/share/examples/netgraph that do IP over UDP and change to do IPX over UDP julian On Fri, 27 Jul 2001, Alexandre Biancalana wrote: > Hi guys, > > Anyone know if it's possible to make a IPX tunnel over IP on FreeBSD ? > using netgraph or IPXIP (kernel option) ?! > Has anyone done this before !? > > [ ]''s > Alexandre > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 27 11:41:52 2001 Delivered-To: freebsd-net@freebsd.org Received: from w250.z064001178.sjc-ca.dsl.cnc.net (w250.z064001178.sjc-ca.dsl.cnc.net [64.1.178.250]) by hub.freebsd.org (Postfix) with SMTP id CAA2837B401 for ; Fri, 27 Jul 2001 11:41:50 -0700 (PDT) (envelope-from josb@cncdsl.com) Received: (qmail 7013 invoked by uid 1000); 27 Jul 2001 18:42:12 -0000 Date: Fri, 27 Jul 2001 11:41:50 -0700 From: Jos Backus To: freebsd-net@freebsd.org Subject: Re: filtering with netgraph? Message-ID: <20010727114150.A2964@lizzy.bugworks.com> Reply-To: Jos Backus Mail-Followup-To: freebsd-net@freebsd.org References: <20010726125321.D79454@numachi.com> <20010726151315.F79454@numachi.com> <20010726154536.I2759@elvis.mu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20010726154536.I2759@elvis.mu.org> User-Agent: Mutt/1.3.19i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Jul 26, 2001 at 03:45:15PM -0500, Bill Fumerola wrote: > > In my Copious Free Time(tm), maybe I'll poke at DPF; it looked > > neat... Also, there's BPF+; see http://www.tcpdump.org/lists/workers/2000/msg00345.html for some links. -- Jos Backus _/ _/_/_/ Santa Clara, CA _/ _/ _/ _/ _/_/_/ _/ _/ _/ _/ josb@cncdsl.com _/_/ _/_/_/ use Std::Disclaimer; To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 27 11:48:31 2001 Delivered-To: freebsd-net@freebsd.org Received: from falcon.opencon.com (mail.opencon.com [38.246.253.2]) by hub.freebsd.org (Postfix) with ESMTP id 4C4F837B403 for ; Fri, 27 Jul 2001 11:48:28 -0700 (PDT) (envelope-from krishna@falcon.opencon.com) Received: from krishna.opencon.com (krishna.opencon.com [100.0.0.206] (may be forged)) by falcon.opencon.com (8.8.8+Sun/8.8.8) with SMTP id OAA19413 for ; Fri, 27 Jul 2001 14:59:46 -0400 (EDT) Received: by krishna.opencon.com with Microsoft Mail id <01C116AB.D69D5B60@krishna.opencon.com>; Fri, 27 Jul 2001 14:53:03 -0400 Message-ID: <01C116AB.D69D5B60@krishna.opencon.com> From: Rama Krishna Kumar To: "'net@FreeBSD.org'" Subject: FreeBSD TCP/IP Date: Fri, 27 Jul 2001 14:53:02 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, We are planning to use FreeBSD TCP/IP stack in one of the projects we = are working on. I am looking for the information related to FreeBSD = TCP/IP like i) Feartures supported by TCP/IP stack ii) RFCs supported by TCP/IP stack iii) API (both socket level and to the Data link layer ) Could someone tell me from where and how to get the documents that = provides the above mentioned information (or) any other information = related to FreeBSD TCP/IP ? I would appreciate your help. Thanks, - Krishna =20 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 27 11:59:29 2001 Delivered-To: freebsd-net@freebsd.org Received: from gopostal.digi.com (gopostal.digi.com [204.221.110.15]) by hub.freebsd.org (Postfix) with ESMTP id 0E26F37B406; Fri, 27 Jul 2001 11:58:50 -0700 (PDT) (envelope-from chaegle@mediaone.net) Received: from minx.dgii.com (minx.digi.com [204.221.110.36]) by gopostal.digi.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13) id PJLHDRN1; Fri, 27 Jul 2001 13:58:38 -0500 Received: from hlc02 (hlc02.digi.com) by minx.dgii.com (5.x/SMI-SVR4) id AA08647; Sun, 15 Aug 1999 17:25:19 -0500 Message-Id: <008f01c116ce$6c448b30$420fbf8f@hlc02> From: "Cameron Haegle" To: , , Subject: PPTP Trouble Date: Fri, 27 Jul 2001 14:00:33 -0500 Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_008C_01C116A4.80FDD150" X-Priority: 3 X-Msmail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-Mimeole: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is a multi-part message in MIME format. ------=_NextPart_000_008C_01C116A4.80FDD150 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I am still unable to get my 4.2-FreeBSD server to successfully make a = pptp connected to my company's VPN server. My system is configured to perform firewall functions for my home office = computers. Below are the logged messages from a connection attempt (taken from the = /var/log/messages and /var/log/ppp.log files: Any assistance would be greatly appreciated. ppp.conf file: ************** pptp: set log IPCP Char Phase set timeout 0 set authname set authkey add default HISADDR=20 messages: ************ Jul 27 13:41:42 mycomputer pptp[71976]: = log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:548]: Client connection = established. Jul 27 13:41:43 mycomputer pptp[71976]: = log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:655]: Outgoing call = established (call ID 0, peer's call ID 50149).=20 Jul 27 13:41:45 mycomputer ppp[71974]: Warning: CHAP 0x81 not supported=20 Jul 27 13:41:45 mycomputer pptp[64619]: log[decaps_gre:pptp_gre.c:252]: = discarding out-of-order seq is 0 seqrecv is 7 Jul 27 13:41:45 mycomputer pptp[64619]: log[decaps_gre:pptp_gre.c:252]: = discarding out-of-order seq is 1 seqrecv is 7 Jul 27 13:41:45 mycomputer ppp[71974]: Warning: CHAP 0x81 not supported=20 Jul 27 13:41:45 mycomputer pptp[64619]: log[decaps_gre:pptp_gre.c:252]: = discarding out-of-order seq is 2 seqrecv is 7 Jul 27 13:41:45 mycomputer pptp[64619]: log[decaps_gre:pptp_gre.c:252]: = discarding out-of-order seq is 3 seqrecv is 7 Jul 27 13:41:45 mycomputer pptp[64619]: log[decaps_gre:pptp_gre.c:252]: = discarding out-of-order seq is 4 seqrecv is 7 Jul 27 13:41:45 mycomputer pptp[64619]: log[decaps_gre:pptp_gre.c:252]: = discarding out-of-order seq is 5 seqrecv is 7 Jul 27 13:41:45 mycomputer pptp[64619]: log[decaps_gre:pptp_gre.c:252]: = discarding out-of-order seq is 6 seqrecv is 7 Jul 27 13:41:45 mycomputer pptp[64619]: log[decaps_gre:pptp_gre.c:252]: = discarding out-of-order seq is 7 seqrecv is 7 Jul 27 13:42:16 mycomputer pptp[71976]: = log[pptp_read_some:pptp_ctrl.c:383]: read error: Connection reset by = peer Jul 27 13:42:16 mycomputer pptp[71976]: = log[call_callback:pptp_callmgr.c:88]: Closing connection Jul 27 13:42:16 mycomputer pptp[71976]: = log[pptp_conn_close:pptp_ctrl.c:285]: Closing PPTP connection Jul 27 13:42:16 mycomputer /kernel: pid 71976 (pptp), uid 0: exited on = signal 10 (core dumped) ppp.log ******** Jul 27 13:41:43 mycomputer ppp[71974]: Phase: Using interface: tun0=20 Jul 27 13:41:43 mycomputer ppp[71974]: Phase: deflink: Created in closed = state=20 Jul 27 13:41:43 mycomputer ppp[71974]: Phase: PPP Started (direct mode). = Jul 27 13:41:43 mycomputer ppp[71974]: Phase: bundle: Establish=20 Jul 27 13:41:43 mycomputer ppp[71974]: Phase: deflink: closed -> opening = Jul 27 13:41:43 mycomputer ppp[71974]: Phase: deflink: Connected!=20 Jul 27 13:41:43 mycomputer ppp[71974]: Phase: deflink: opening -> = carrier=20 Jul 27 13:41:44 mycomputer ppp[71974]: Phase: deflink: carrier -> lcp=20 Jul 27 13:41:45 mycomputer ppp[71974]: Warning: CHAP 0x81 not supported=20 Jul 27 13:41:45 mycomputer ppp[71974]: Warning: CHAP 0x81 not supported=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: bundle: Authenticate=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: deflink: his =3D CHAP = 0x05, mine =3D none=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: Chap Input: CHALLENGE (16 = bytes from VPN)=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: Chap Output: RESPONSE = (mypassword)=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: Chap Input: FAILURE=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: deflink: Disconnected!=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: deflink: Connect time: 2 = secs: 407 octets in, 268 octets out=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: deflink: : 8 packets in, 7 = packets out=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: total 337 bytes/sec, peak = 0 bytes/sec on Fri Jul 27 13:41:45 2001=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: deflink: lcp -> closed=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: bundle: Dead=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: PPP Terminated (normal).=20 ------=_NextPart_000_008C_01C116A4.80FDD150 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
I am still unable to get my 4.2-FreeBSD = server to=20 successfully make a pptp connected to my company's VPN = server.
 
My system is configured to perform = firewall=20 functions for my home office computers.
 
Below are the logged messages from a = connection=20 attempt (taken from the /var/log/messages and /var/log/ppp.log=20 files:
 
Any assistance would be greatly=20 appreciated.
 
ppp.conf file:
**************
pptp:

  set log IPCP Char Phase

  set timeout 0

  set authname <myusername>

  set authkey <mypassword>

  add default HISADDR

 
messages:
************

Jul 27 13:41:42 mycomputer pptp[71976]:=20 log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:548]: Client connection=20 established.

Jul 27 13:41:43 mycomputer pptp[71976]:=20 log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:655]: Outgoing call = established (call=20 ID 0, peer's call ID 50149).

Jul 27 13:41:45 mycomputer ppp[71974]: Warning: CHAP 0x81 not = supported

Jul 27 13:41:45 mycomputer pptp[64619]: = log[decaps_gre:pptp_gre.c:252]:=20 discarding out-of-order seq is 0 seqrecv is 7

Jul 27 13:41:45 mycomputer pptp[64619]: = log[decaps_gre:pptp_gre.c:252]:=20 discarding out-of-order seq is 1 seqrecv is 7

Jul 27 13:41:45 mycomputer ppp[71974]: Warning: CHAP 0x81 not = supported

Jul 27 13:41:45 mycomputer pptp[64619]: = log[decaps_gre:pptp_gre.c:252]:=20 discarding out-of-order seq is 2 seqrecv is 7

Jul 27 13:41:45 mycomputer pptp[64619]: = log[decaps_gre:pptp_gre.c:252]:=20 discarding out-of-order seq is 3 seqrecv is 7

Jul 27 13:41:45 mycomputer pptp[64619]: = log[decaps_gre:pptp_gre.c:252]:=20 discarding out-of-order seq is 4 seqrecv is 7

Jul 27 13:41:45 mycomputer pptp[64619]: = log[decaps_gre:pptp_gre.c:252]:=20 discarding out-of-order seq is 5 seqrecv is 7

Jul 27 13:41:45 mycomputer pptp[64619]: = log[decaps_gre:pptp_gre.c:252]:=20 discarding out-of-order seq is 6 seqrecv is 7

Jul 27 13:41:45 mycomputer pptp[64619]: = log[decaps_gre:pptp_gre.c:252]:=20 discarding out-of-order seq is 7 seqrecv is 7

Jul 27 13:42:16 mycomputer pptp[71976]: = log[pptp_read_some:pptp_ctrl.c:383]:=20 read error: Connection reset by peer

Jul 27 13:42:16 mycomputer pptp[71976]: = log[call_callback:pptp_callmgr.c:88]:=20 Closing connection

Jul 27 13:42:16 mycomputer pptp[71976]: = log[pptp_conn_close:pptp_ctrl.c:285]:=20 Closing PPTP connection

Jul 27 13:42:16 mycomputer /kernel: pid 71976 (pptp), uid 0: exited = on signal=20 10 (core dumped)

 
ppp.log
********

Jul 27 13:41:43 mycomputer ppp[71974]: Phase: Using interface: tun0 =

Jul 27 13:41:43 mycomputer ppp[71974]: Phase: deflink: Created in = closed=20 state

Jul 27 13:41:43 mycomputer ppp[71974]: Phase: PPP Started (direct = mode).

Jul 27 13:41:43 mycomputer ppp[71974]: Phase: bundle: Establish

Jul 27 13:41:43 mycomputer ppp[71974]: Phase: deflink: closed -> = opening=20

Jul 27 13:41:43 mycomputer ppp[71974]: Phase: deflink: Connected! =

Jul 27 13:41:43 mycomputer ppp[71974]: Phase: deflink: opening -> = carrier=20

Jul 27 13:41:44 mycomputer ppp[71974]: Phase: deflink: carrier -> = lcp

Jul 27 13:41:45 mycomputer ppp[71974]: Warning: CHAP 0x81 not = supported

Jul 27 13:41:45 mycomputer ppp[71974]: Warning: CHAP 0x81 not = supported

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: bundle: Authenticate =

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: deflink: his =3D CHAP = 0x05, mine=20 =3D none

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: Chap Input: CHALLENGE = (16 bytes=20 from VPN)

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: Chap Output: RESPONSE=20 (mypassword)

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: Chap Input: FAILURE =

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: deflink: Disconnected! =

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: deflink: Connect time: = 2 secs:=20 407 octets in, 268 octets out

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: deflink: : 8 packets = in, 7=20 packets out

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: total 337 bytes/sec, = peak 0=20 bytes/sec on Fri Jul 27 13:41:45 2001

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: deflink: lcp -> = closed

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: bundle: Dead

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: PPP Terminated = (normal).=20

 
------=_NextPart_000_008C_01C116A4.80FDD150-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 27 11:59:34 2001 Delivered-To: freebsd-net@freebsd.org Received: from gopostal.digi.com (gopostal.digi.com [204.221.110.15]) by hub.freebsd.org (Postfix) with ESMTP id 0E26F37B406; Fri, 27 Jul 2001 11:58:50 -0700 (PDT) (envelope-from chaegle@mediaone.net) Received: from minx.dgii.com (minx.digi.com [204.221.110.36]) by gopostal.digi.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13) id PJLHDRN1; Fri, 27 Jul 2001 13:58:38 -0500 Received: from hlc02 (hlc02.digi.com) by minx.dgii.com (5.x/SMI-SVR4) id AA08647; Sun, 15 Aug 1999 17:25:19 -0500 Message-Id: <008f01c116ce$6c448b30$420fbf8f@hlc02> From: "Cameron Haegle" To: , , Subject: PPTP Trouble Date: Fri, 27 Jul 2001 14:00:33 -0500 Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_008C_01C116A4.80FDD150" X-Priority: 3 X-Msmail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-Mimeole: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is a multi-part message in MIME format. ------=_NextPart_000_008C_01C116A4.80FDD150 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I am still unable to get my 4.2-FreeBSD server to successfully make a = pptp connected to my company's VPN server. My system is configured to perform firewall functions for my home office = computers. Below are the logged messages from a connection attempt (taken from the = /var/log/messages and /var/log/ppp.log files: Any assistance would be greatly appreciated. ppp.conf file: ************** pptp: set log IPCP Char Phase set timeout 0 set authname set authkey add default HISADDR=20 messages: ************ Jul 27 13:41:42 mycomputer pptp[71976]: = log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:548]: Client connection = established. Jul 27 13:41:43 mycomputer pptp[71976]: = log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:655]: Outgoing call = established (call ID 0, peer's call ID 50149).=20 Jul 27 13:41:45 mycomputer ppp[71974]: Warning: CHAP 0x81 not supported=20 Jul 27 13:41:45 mycomputer pptp[64619]: log[decaps_gre:pptp_gre.c:252]: = discarding out-of-order seq is 0 seqrecv is 7 Jul 27 13:41:45 mycomputer pptp[64619]: log[decaps_gre:pptp_gre.c:252]: = discarding out-of-order seq is 1 seqrecv is 7 Jul 27 13:41:45 mycomputer ppp[71974]: Warning: CHAP 0x81 not supported=20 Jul 27 13:41:45 mycomputer pptp[64619]: log[decaps_gre:pptp_gre.c:252]: = discarding out-of-order seq is 2 seqrecv is 7 Jul 27 13:41:45 mycomputer pptp[64619]: log[decaps_gre:pptp_gre.c:252]: = discarding out-of-order seq is 3 seqrecv is 7 Jul 27 13:41:45 mycomputer pptp[64619]: log[decaps_gre:pptp_gre.c:252]: = discarding out-of-order seq is 4 seqrecv is 7 Jul 27 13:41:45 mycomputer pptp[64619]: log[decaps_gre:pptp_gre.c:252]: = discarding out-of-order seq is 5 seqrecv is 7 Jul 27 13:41:45 mycomputer pptp[64619]: log[decaps_gre:pptp_gre.c:252]: = discarding out-of-order seq is 6 seqrecv is 7 Jul 27 13:41:45 mycomputer pptp[64619]: log[decaps_gre:pptp_gre.c:252]: = discarding out-of-order seq is 7 seqrecv is 7 Jul 27 13:42:16 mycomputer pptp[71976]: = log[pptp_read_some:pptp_ctrl.c:383]: read error: Connection reset by = peer Jul 27 13:42:16 mycomputer pptp[71976]: = log[call_callback:pptp_callmgr.c:88]: Closing connection Jul 27 13:42:16 mycomputer pptp[71976]: = log[pptp_conn_close:pptp_ctrl.c:285]: Closing PPTP connection Jul 27 13:42:16 mycomputer /kernel: pid 71976 (pptp), uid 0: exited on = signal 10 (core dumped) ppp.log ******** Jul 27 13:41:43 mycomputer ppp[71974]: Phase: Using interface: tun0=20 Jul 27 13:41:43 mycomputer ppp[71974]: Phase: deflink: Created in closed = state=20 Jul 27 13:41:43 mycomputer ppp[71974]: Phase: PPP Started (direct mode). = Jul 27 13:41:43 mycomputer ppp[71974]: Phase: bundle: Establish=20 Jul 27 13:41:43 mycomputer ppp[71974]: Phase: deflink: closed -> opening = Jul 27 13:41:43 mycomputer ppp[71974]: Phase: deflink: Connected!=20 Jul 27 13:41:43 mycomputer ppp[71974]: Phase: deflink: opening -> = carrier=20 Jul 27 13:41:44 mycomputer ppp[71974]: Phase: deflink: carrier -> lcp=20 Jul 27 13:41:45 mycomputer ppp[71974]: Warning: CHAP 0x81 not supported=20 Jul 27 13:41:45 mycomputer ppp[71974]: Warning: CHAP 0x81 not supported=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: bundle: Authenticate=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: deflink: his =3D CHAP = 0x05, mine =3D none=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: Chap Input: CHALLENGE (16 = bytes from VPN)=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: Chap Output: RESPONSE = (mypassword)=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: Chap Input: FAILURE=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: deflink: Disconnected!=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: deflink: Connect time: 2 = secs: 407 octets in, 268 octets out=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: deflink: : 8 packets in, 7 = packets out=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: total 337 bytes/sec, peak = 0 bytes/sec on Fri Jul 27 13:41:45 2001=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: deflink: lcp -> closed=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: bundle: Dead=20 Jul 27 13:41:45 mycomputer ppp[71974]: Phase: PPP Terminated (normal).=20 ------=_NextPart_000_008C_01C116A4.80FDD150 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
I am still unable to get my 4.2-FreeBSD = server to=20 successfully make a pptp connected to my company's VPN = server.
 
My system is configured to perform = firewall=20 functions for my home office computers.
 
Below are the logged messages from a = connection=20 attempt (taken from the /var/log/messages and /var/log/ppp.log=20 files:
 
Any assistance would be greatly=20 appreciated.
 
ppp.conf file:
**************
pptp:

  set log IPCP Char Phase

  set timeout 0

  set authname <myusername>

  set authkey <mypassword>

  add default HISADDR

 
messages:
************

Jul 27 13:41:42 mycomputer pptp[71976]:=20 log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:548]: Client connection=20 established.

Jul 27 13:41:43 mycomputer pptp[71976]:=20 log[pptp_dispatch_ctrl_packet:pptp_ctrl.c:655]: Outgoing call = established (call=20 ID 0, peer's call ID 50149).

Jul 27 13:41:45 mycomputer ppp[71974]: Warning: CHAP 0x81 not = supported

Jul 27 13:41:45 mycomputer pptp[64619]: = log[decaps_gre:pptp_gre.c:252]:=20 discarding out-of-order seq is 0 seqrecv is 7

Jul 27 13:41:45 mycomputer pptp[64619]: = log[decaps_gre:pptp_gre.c:252]:=20 discarding out-of-order seq is 1 seqrecv is 7

Jul 27 13:41:45 mycomputer ppp[71974]: Warning: CHAP 0x81 not = supported

Jul 27 13:41:45 mycomputer pptp[64619]: = log[decaps_gre:pptp_gre.c:252]:=20 discarding out-of-order seq is 2 seqrecv is 7

Jul 27 13:41:45 mycomputer pptp[64619]: = log[decaps_gre:pptp_gre.c:252]:=20 discarding out-of-order seq is 3 seqrecv is 7

Jul 27 13:41:45 mycomputer pptp[64619]: = log[decaps_gre:pptp_gre.c:252]:=20 discarding out-of-order seq is 4 seqrecv is 7

Jul 27 13:41:45 mycomputer pptp[64619]: = log[decaps_gre:pptp_gre.c:252]:=20 discarding out-of-order seq is 5 seqrecv is 7

Jul 27 13:41:45 mycomputer pptp[64619]: = log[decaps_gre:pptp_gre.c:252]:=20 discarding out-of-order seq is 6 seqrecv is 7

Jul 27 13:41:45 mycomputer pptp[64619]: = log[decaps_gre:pptp_gre.c:252]:=20 discarding out-of-order seq is 7 seqrecv is 7

Jul 27 13:42:16 mycomputer pptp[71976]: = log[pptp_read_some:pptp_ctrl.c:383]:=20 read error: Connection reset by peer

Jul 27 13:42:16 mycomputer pptp[71976]: = log[call_callback:pptp_callmgr.c:88]:=20 Closing connection

Jul 27 13:42:16 mycomputer pptp[71976]: = log[pptp_conn_close:pptp_ctrl.c:285]:=20 Closing PPTP connection

Jul 27 13:42:16 mycomputer /kernel: pid 71976 (pptp), uid 0: exited = on signal=20 10 (core dumped)

 
ppp.log
********

Jul 27 13:41:43 mycomputer ppp[71974]: Phase: Using interface: tun0 =

Jul 27 13:41:43 mycomputer ppp[71974]: Phase: deflink: Created in = closed=20 state

Jul 27 13:41:43 mycomputer ppp[71974]: Phase: PPP Started (direct = mode).

Jul 27 13:41:43 mycomputer ppp[71974]: Phase: bundle: Establish

Jul 27 13:41:43 mycomputer ppp[71974]: Phase: deflink: closed -> = opening=20

Jul 27 13:41:43 mycomputer ppp[71974]: Phase: deflink: Connected! =

Jul 27 13:41:43 mycomputer ppp[71974]: Phase: deflink: opening -> = carrier=20

Jul 27 13:41:44 mycomputer ppp[71974]: Phase: deflink: carrier -> = lcp

Jul 27 13:41:45 mycomputer ppp[71974]: Warning: CHAP 0x81 not = supported

Jul 27 13:41:45 mycomputer ppp[71974]: Warning: CHAP 0x81 not = supported

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: bundle: Authenticate =

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: deflink: his =3D CHAP = 0x05, mine=20 =3D none

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: Chap Input: CHALLENGE = (16 bytes=20 from VPN)

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: Chap Output: RESPONSE=20 (mypassword)

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: Chap Input: FAILURE =

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: deflink: Disconnected! =

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: deflink: Connect time: = 2 secs:=20 407 octets in, 268 octets out

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: deflink: : 8 packets = in, 7=20 packets out

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: total 337 bytes/sec, = peak 0=20 bytes/sec on Fri Jul 27 13:41:45 2001

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: deflink: lcp -> = closed

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: bundle: Dead

Jul 27 13:41:45 mycomputer ppp[71974]: Phase: PPP Terminated = (normal).=20

 
------=_NextPart_000_008C_01C116A4.80FDD150-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 27 12:32:21 2001 Delivered-To: freebsd-net@freebsd.org Received: from ns2.myway.com.br (ns2.myway.com.br [200.186.239.2]) by hub.freebsd.org (Postfix) with SMTP id BD2BF37B401; Fri, 27 Jul 2001 12:32:13 -0700 (PDT) (envelope-from leal@myway.com.br) Received: from myway.com.br (unverified [200.186.239.10]) by ns2.myway.com.br (EMWAC SMTPRS 0.83) with SMTP id ; Fri, 27 Jul 2001 16:34:20 -0300 Message-ID: <3B61C27C.A9675750@myway.com.br> Date: Fri, 27 Jul 2001 16:35:24 -0300 From: Marcelo Leal Organization: webcom X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.2-RELEASE i386) X-Accept-Language: pt-BR, en MIME-Version: 1.0 To: Chris Dillon Cc: Terry Lambert , Julian Elischer , "Eugene L. Vorokov" , Soren Kristensen , freebsd-hackers@FreeBSD.ORG, freebsd-net@FreeBSD.ORG Subject: arp References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Antirelay: Good relay from local net2 200.186.239.0/24 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org folks... sorry, but i trust in you :O) i have a problem, and don't know where find the answers... and that list is for net problems... my desktop freebsd give me a message: arp moved from: xxx to xxx... ARP MOVED???? when i look in arp table.... the arp address of my dhcpd server is wrong!!! i put the right there... and reboot... look and.... the wrong!!!! this mac address is not from my network... (machines) .. maybe arp of the switch ports... thanks!!! and sorry by the english... :O) i'm brazilian. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 27 13:53:47 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail.wolves.k12.mo.us (mail.wolves.k12.mo.us [207.160.214.1]) by hub.freebsd.org (Postfix) with ESMTP id D8FFC37B401; Fri, 27 Jul 2001 13:53:41 -0700 (PDT) (envelope-from cdillon@wolves.k12.mo.us) Received: from mail.wolves.k12.mo.us (cdillon@mail.wolves.k12.mo.us [207.160.214.1]) by mail.wolves.k12.mo.us (8.9.3/8.9.3) with ESMTP id PAA85678; Fri, 27 Jul 2001 15:53:27 -0500 (CDT) (envelope-from cdillon@wolves.k12.mo.us) Date: Fri, 27 Jul 2001 15:53:26 -0500 (CDT) From: Chris Dillon To: Marcelo Leal Cc: Terry Lambert , Julian Elischer , "Eugene L. Vorokov" , Soren Kristensen , , Subject: Re: arp In-Reply-To: <3B61C27C.A9675750@myway.com.br> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, 27 Jul 2001, Marcelo Leal wrote: > folks... > sorry, but i trust in you :O) > i have a problem, and don't know where find the answers... and that list > is for net problems... > my desktop freebsd give me a message: arp moved from: xxx to xxx... ARP > MOVED???? > when i look in arp table.... the arp address of my dhcpd server is > wrong!!! i put the right there... and reboot... look and.... the > wrong!!!! > this mac address is not from my network... (machines) .. > maybe arp of the switch ports... > thanks!!! > and sorry by the english... :O) > i'm brazilian. You have more than one machine on the network that is attempting to use the same IP address and/or your DHCP server is handing out leases that are shorter than the ARP cache life and you are recycling DHCP leases quickly. I suggest you set your DHCP lease times to at least an hour or more (my DHCP leases are one week), and make sure there are no manually-configured machines that are attempting to use an address from the DHCP address pool, or two manually-configured machines trying to use the same address. -- Chris Dillon - cdillon@wolves.k12.mo.us - cdillon@inter-linc.net FreeBSD: The fastest and most stable server OS on the planet - Available for IA32 (Intel x86) and Alpha architectures - IA64 (Itanium), PowerPC, and ARM architectures under development - http://www.freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 27 14:14:27 2001 Delivered-To: freebsd-net@freebsd.org Received: from harrier.mail.pas.earthlink.net (harrier.mail.pas.earthlink.net [207.217.121.12]) by hub.freebsd.org (Postfix) with ESMTP id E296437B403; Fri, 27 Jul 2001 14:14:19 -0700 (PDT) (envelope-from matt-l@pacbell.net) Received: from fire (1Cust226.tnt1.pasadena.ca.da.uu.net [63.28.226.226]) by harrier.mail.pas.earthlink.net (EL-8_9_3_3/8.9.3) with SMTP id OAA26330; Fri, 27 Jul 2001 14:13:36 -0700 (PDT) Message-ID: <000b01c116e0$2e7ffe30$6503c23f@XGforce.com> Reply-To: "matt" From: "matt" To: "Marcelo Leal" , "Chris Dillon" Cc: "Terry Lambert" , "Julian Elischer" , "Eugene L. Vorokov" , "Soren Kristensen" , , References: <3B61C27C.A9675750@myway.com.br> Subject: Re: arp Date: Fri, 27 Jul 2001 14:07:36 -0700 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2314.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org One of your host in your net using the same ip. ====================================== WWW.XGFORCE.COM The Next Generation Load Balance and Fail Safe Server Clustering Software for the Internet. ====================================== ----- Original Message ----- From: Marcelo Leal To: Chris Dillon Cc: Terry Lambert ; Julian Elischer ; Eugene L. Vorokov ; Soren Kristensen ; ; Sent: Friday, July 27, 2001 12:35 PM Subject: arp > folks... > sorry, but i trust in you :O) > i have a problem, and don't know where find the answers... and that list > is for net problems... > my desktop freebsd give me a message: arp moved from: xxx to xxx... ARP > MOVED???? > when i look in arp table.... the arp address of my dhcpd server is > wrong!!! i put the right there... and reboot... look and.... the > wrong!!!! > this mac address is not from my network... (machines) .. > maybe arp of the switch ports... > thanks!!! > and sorry by the english... :O) > i'm brazilian. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jul 27 16:55: 4 2001 Delivered-To: freebsd-net@freebsd.org Received: from tomts6-srv.bellnexxia.net (tomts6.bellnexxia.net [209.226.175.26]) by hub.freebsd.org (Postfix) with ESMTP id 27FB837B403; Fri, 27 Jul 2001 16:54:58 -0700 (PDT) (envelope-from dp@penix.org) Received: from penix.org ([65.92.126.45]) by tomts6-srv.bellnexxia.net (InterMail vM.4.01.03.16 201-229-121-116-20010115) with ESMTP id <20010727235457.XWXW12153.tomts6-srv.bellnexxia.net@penix.org>; Fri, 27 Jul 2001 19:54:57 -0400 Message-ID: <3B61CAA9.30807@penix.org> Date: Fri, 27 Jul 2001 20:10:17 +0000 From: Paul Halliday User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:0.9.2) Gecko/20010722 X-Accept-Language: en-us MIME-Version: 1.0 To: Marcelo Leal Cc: freebsd-hackers@FreeBSD.ORG, freebsd-net@FreeBSD.ORG Subject: Re: arp References: <3B61C27C.A9675750@myway.com.br> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Marcelo Leal wrote: > folks... > sorry, but i trust in you :O) > i have a problem, and don't know where find the answers... and that list > is for net problems... > my desktop freebsd give me a message: arp moved from: xxx to xxx... ARP > MOVED???? > when i look in arp table.... the arp address of my dhcpd server is > wrong!!! i put the right there... and reboot... look and.... the > wrong!!!! > this mac address is not from my network... (machines) .. > maybe arp of the switch ports... > thanks!!! > and sorry by the english... :O) > i'm brazilian. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-hackers" in the body of the message > > > Not from your network? Not overly sure of your topology but is it possible that someone could be arpspoofing your dhcp? -- Paul H. ___________________ http://dp.penix.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 28 13:13: 0 2001 Delivered-To: freebsd-net@freebsd.org Received: from scaup.mail.pas.earthlink.net (scaup.mail.pas.earthlink.net [207.217.121.49]) by hub.freebsd.org (Postfix) with ESMTP id 84CDE37B405; Sat, 28 Jul 2001 13:12:55 -0700 (PDT) (envelope-from tlambert2@mindspring.com) Received: from mindspring.com (dialup-209.247.137.129.Dial1.SanJose1.Level3.net [209.247.137.129]) by scaup.mail.pas.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id NAA16424; Sat, 28 Jul 2001 13:12:52 -0700 (PDT) Message-ID: <3B631CEB.944A9750@mindspring.com> Date: Sat, 28 Jul 2001 13:13:31 -0700 From: Terry Lambert Reply-To: tlambert2@mindspring.com X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Nik Clayton Cc: Julian Elischer , "Eugene L. Vorokov" , Soren Kristensen , freebsd-hackers@freebsd.org, freebsd-net@freebsd.org Subject: Re: Why two cards on the same segment... References: <200107260837.f6Q8b9K00767@bugz.infotecs.ru> <3B5FDD32.7758EB35@elischer.org> <3B6055C8.C0B5554D@mindspring.com> <20010727013402.G17126@canyon.nothing-going-on.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Nik Clayton wrote: [ ... ] > > So, the major reasons for two cards on one segment: to work around > > bugs in FreeBSD's networking code. > > Have you submitted these bugs using send-pr(8)? No. The last three times I attempted to use send-pr(8), it bitched about my email address. It seems to me that it's pretty useless. It also seems to me that, even if it worked, driving yourself by a bugs database instead of a product roadmap is bound to get you incremental improvements only. There are a lot of organizations, some of which I have participated in, which lose enhancement requests into their bugs database; from that perspective, there is a need for a seperate "importance" factor, aprat from the traditional "severity" factor; even then, there is a tendency to bury your engineers in a bunch of "previous product++" changes, instead of tackling real problems. In the abosolute worst case, I know that there are Linux and NetBSD people monitoring these lists, and they will implement the code, even if FreeBSD doesn't, and then FreeBSD will implement it to "catch up". The NetBSD KSE code is just the latest example of this. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 28 13:28:11 2001 Delivered-To: freebsd-net@freebsd.org Received: from scaup.mail.pas.earthlink.net (scaup.mail.pas.earthlink.net [207.217.121.49]) by hub.freebsd.org (Postfix) with ESMTP id D64B637B401; Sat, 28 Jul 2001 13:28:05 -0700 (PDT) (envelope-from tlambert2@mindspring.com) Received: from mindspring.com (dialup-209.247.137.129.Dial1.SanJose1.Level3.net [209.247.137.129]) by scaup.mail.pas.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id NAA02282; Sat, 28 Jul 2001 13:27:50 -0700 (PDT) Message-ID: <3B63206D.4377EDD9@mindspring.com> Date: Sat, 28 Jul 2001 13:28:29 -0700 From: Terry Lambert Reply-To: tlambert2@mindspring.com X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Chris Dillon Cc: Julian Elischer , "Eugene L. Vorokov" , Soren Kristensen , freebsd-hackers@FreeBSD.ORG, freebsd-net@FreeBSD.ORG Subject: Re: Why two cards on the same segment... References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Chris Dillon wrote: > > We saw the error with multiple 10.x addresses, with subnet masks > > which should have logically seperated the subnets, but failed to > > do the job correctly, when using two cards on the same segment, > > with different subnet masks which should have rendered them > > non-intersecting. I can probably get the configuration data for > > you, if you are truly interested (this is on a 4.3 derived > > system). > > Not that being 10.x addresses would matter any, but it would be > interesting to look at. It wouldn't be hard for me to put another NIC > in this box and play around with that scenario. What exactly was > going wrong in the above setup you're talking about? The ARP response came back on the wrong interface because it was sent on the wrong interface, and the kernel bitched about it coming back from the wrong place. If it didn't want the response coming back on that interface, it shouldn't have sent the request from that interface. You can duplicate this pretty easily by: 1) Set up a 10.x address with a netmask of 255.255.0.0 on one card. 2) Make this card your default route 3) Set up a 10.7.y (x != 7) address with a netmask of 255.255.255.0 on a second card attached to the same wire (we used a Netgear hub, but a Netgear switch and some other equipment shows the same behaviour) 4) Config the second interface to force a proxy arp for its own address 5) Watch the ARP be sent by the first interface instead of the second 6) Watch the kernel complain about the response coming back to the MAC which it was sent from - by the kernel If you need exact numbers and netmasks and hardware, I can give you that information on Monday or Tuesday (it wasn't my personal box that had this problem). -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 28 13:45:59 2001 Delivered-To: freebsd-net@freebsd.org Received: from angelo.kcl.ac.uk (angelo.kcl.ac.uk [137.73.66.5]) by hub.freebsd.org (Postfix) with ESMTP id 31CF537B405 for ; Sat, 28 Jul 2001 13:45:56 -0700 (PDT) (envelope-from stephane.antoine@kcl.ac.uk) Received: from ee364 ([137.73.11.64]) by angelo.kcl.ac.uk with SMTP id f6SKjsF03201 for ; Sat, 28 Jul 2001 21:45:54 +0100 (BST) Message-ID: <00d701c117a6$7ae0d710$400b4989@eee.kcl.ac.uk> From: "stephane antoine" To: References: <3B63206D.4377EDD9@mindspring.com> Subject: Wlan 802.11 support for FreeBSD 4.2 Date: Sat, 28 Jul 2001 21:47:02 +0100 Organization: CTR MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6600 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Dear all, Does anybody know if there is a support for wlan 802.11 for FreeBSD 4.2 ? I have a 802.11 card plugged in my laptop and I am running FreeBSD 4.2. I only have the following interfaces when I type ifconfig -a fxp0(eth), lp0, faith0, gif0, gif1, gif2, gif3, lo0, ppp0, sl0, and no wireless interface as I am expecting. Does anyone know if there is currently a driver available for Wlan 802.11 for freeBSD 4.2? Best regards Stephane To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 28 14: 1:22 2001 Delivered-To: freebsd-net@freebsd.org Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by hub.freebsd.org (Postfix) with ESMTP id AE21637B405 for ; Sat, 28 Jul 2001 14:01:19 -0700 (PDT) (envelope-from brdavis@odin.ac.hmc.edu) Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.11.0/8.11.0) id f6SL1Co28607; Sat, 28 Jul 2001 14:01:12 -0700 Date: Sat, 28 Jul 2001 14:01:12 -0700 From: Brooks Davis To: stephane antoine Cc: freebsd-net@FreeBSD.ORG Subject: Re: Wlan 802.11 support for FreeBSD 4.2 Message-ID: <20010728140112.A27582@Odin.AC.HMC.Edu> References: <3B63206D.4377EDD9@mindspring.com> <00d701c117a6$7ae0d710$400b4989@eee.kcl.ac.uk> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="zYM0uCDKw75PZbzx" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <00d701c117a6$7ae0d710$400b4989@eee.kcl.ac.uk>; from stephane.antoine@kcl.ac.uk on Sat, Jul 28, 2001 at 09:47:02PM +0100 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --zYM0uCDKw75PZbzx Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Jul 28, 2001 at 09:47:02PM +0100, stephane antoine wrote: > Does anybody know if there=20 > is a support for wlan 802.11 for > FreeBSD 4.2 ? Yes, but you really should upgarde to 4.3-STABLE. Support is greatly improved. What care are you using. Virtualy all are supported in the lastest stable, but it may be important. > I have a 802.11 card plugged in my laptop > and I am running FreeBSD 4.2. > I only have the following interfaces when I type=20 > ifconfig -a > fxp0(eth), lp0, faith0, gif0, gif1, gif2, gif3, lo0, ppp0, sl0, > and no wireless interface as I am expecting. Are the wi and an devices in your kernel? They should be in GENERIC. Is pccardd enabled? My suggestion would be to upgrade to stable and then ask on questions if it continues to not work. -- Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --zYM0uCDKw75PZbzx Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7YygXXY6L6fI4GtQRAk4YAJ9ZdwRa/Z64ty+wXNYqcOdu8UyzCACfSBwF kMxjm5SE9dJp3WughlGAqTE= =NBus -----END PGP SIGNATURE----- --zYM0uCDKw75PZbzx-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 28 14: 4:34 2001 Delivered-To: freebsd-net@freebsd.org Received: from ptavv.es.net (ptavv.es.net [198.128.4.29]) by hub.freebsd.org (Postfix) with ESMTP id 6CED137B403 for ; Sat, 28 Jul 2001 14:04:32 -0700 (PDT) (envelope-from oberman@ptavv.es.net) Received: from ptavv.es.net (localhost [127.0.0.1]) by ptavv.es.net (8.10.1/8.10.1) with ESMTP id f6SL4Tb01020; Sat, 28 Jul 2001 14:04:29 -0700 (PDT) Message-Id: <200107282104.f6SL4Tb01020@ptavv.es.net> To: "stephane antoine" Cc: freebsd-net@FreeBSD.ORG Subject: Re: Wlan 802.11 support for FreeBSD 4.2 In-reply-to: Your message of "Sat, 28 Jul 2001 21:47:02 BST." <00d701c117a6$7ae0d710$400b4989@eee.kcl.ac.uk> Date: Sat, 28 Jul 2001 14:04:29 -0700 From: "Kevin Oberman" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > From: "stephane antoine" > Date: Sat, 28 Jul 2001 21:47:02 +0100 > Sender: owner-freebsd-net@FreeBSD.ORG > > Dear all, > > Does anybody know if there > is a support for wlan 802.11 for > FreeBSD 4.2 ? > > I have a 802.11 card plugged in my laptop > and I am running FreeBSD 4.2. > I only have the following interfaces when I type > ifconfig -a > fxp0(eth), lp0, faith0, gif0, gif1, gif2, gif3, lo0, ppp0, sl0, > and no wireless interface as I am expecting. > Does anyone know if there is currently > a driver available for Wlan 802.11 > for freeBSD 4.2? The WaveLAN 802.11 cards have been supported for some time. I am sending this message from my laptop via a Lucent Gold 802.11b card. Your message contains no information to help you find the problem. What messages do you get when you plug in the card? It should be probed and the wi0 device created. Do other PCMCIA cards work? If not, you need to make sure the pcic0 device may not be properly configured. Send dmesg contents. Make sure rc.conf contains pccard_enable="YES" and pccardd_flags="-z". If you get messages when you insert the card, please send them. R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 28 14:23: 2 2001 Delivered-To: freebsd-net@freebsd.org Received: from angelo.kcl.ac.uk (angelo.kcl.ac.uk [137.73.66.5]) by hub.freebsd.org (Postfix) with ESMTP id 9A10337B403 for ; Sat, 28 Jul 2001 14:22:57 -0700 (PDT) (envelope-from stephane.antoine@kcl.ac.uk) Received: from ee364 ([137.73.11.64]) by angelo.kcl.ac.uk with SMTP id f6SLMsF05200; Sat, 28 Jul 2001 22:22:54 +0100 (BST) Message-ID: <010701c117ab$a638c7b0$400b4989@eee.kcl.ac.uk> From: "stephane antoine" To: "Kevin Oberman" Cc: References: <200107282104.f6SL4Tb01020@ptavv.es.net> Subject: Re: Wlan 802.11 support for FreeBSD 4.2 Date: Sat, 28 Jul 2001 22:23:24 +0100 Organization: CTR MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6600 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi Kevin, Thanks it works!!! pccard_enable="YES" pccard_flags="-z" I have now a wi0 interface that shows up in the rc.conf of my FreeBSD 4.2 laptop, Where can I learn all these tips to configure the devices..... Best Regards Stephane ----- Original Message ----- From: "Kevin Oberman" To: "stephane antoine" Cc: Sent: Saturday, July 28, 2001 10:04 PM Subject: Re: Wlan 802.11 support for FreeBSD 4.2 > > From: "stephane antoine" > > Date: Sat, 28 Jul 2001 21:47:02 +0100 > > Sender: owner-freebsd-net@FreeBSD.ORG > > > > Dear all, > > > > Does anybody know if there > > is a support for wlan 802.11 for > > FreeBSD 4.2 ? > > > > I have a 802.11 card plugged in my laptop > > and I am running FreeBSD 4.2. > > I only have the following interfaces when I type > > ifconfig -a > > fxp0(eth), lp0, faith0, gif0, gif1, gif2, gif3, lo0, ppp0, sl0, > > and no wireless interface as I am expecting. > > Does anyone know if there is currently > > a driver available for Wlan 802.11 > > for freeBSD 4.2? > > The WaveLAN 802.11 cards have been supported for some time. I am > sending this message from my laptop via a Lucent Gold 802.11b card. > > Your message contains no information to help you find the problem. > > What messages do you get when you plug in the card? It should be > probed and the wi0 device created. > > Do other PCMCIA cards work? If not, you need to make sure the pcic0 > device may not be properly configured. Send dmesg contents. Make sure > rc.conf contains pccard_enable="YES" and pccardd_flags="-z". > > If you get messages when you insert the card, please send them. > > R. Kevin Oberman, Network Engineer > Energy Sciences Network (ESnet) > Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) > E-mail: oberman@es.net Phone: +1 510 486-8634 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 28 20:16:10 2001 Delivered-To: freebsd-net@freebsd.org Received: from lucifer.fuzion.za.org (pta-dial-196-31-186-98.mweb.co.za [196.31.186.98]) by hub.freebsd.org (Postfix) with ESMTP id 9481937B406; Sat, 28 Jul 2001 20:15:46 -0700 (PDT) (envelope-from psyv@root.org.za) Received: from localhost (psyv@localhost) by lucifer.fuzion.za.org (8.11.3/8.11.3) with ESMTP id f6T3HYc35939; Sun, 29 Jul 2001 05:17:37 +0200 (SAST) (envelope-from psyv@root.org.za) X-Authentication-Warning: lucifer.fuzion.za.org: psyv owned process doing -bs Date: Sun, 29 Jul 2001 05:17:32 +0200 (SAST) From: The Psychotic Viper X-Sender: psyv@lucifer.fuzion.za.org To: freebsd-net@freebsd.org Cc: freebsd-questions@freebsd.org Subject: Voice Conferencing Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, Posting to both -Questions and -Net because it is a networking related question. I am trying to setup voice conferencing behind a freebsd NAT gateway, and seem to get stuck. They can hear me, but no luck on my side. Tried multiple clients including speak freely and netmeeting. I know netmeeting may not work but what about all the rest? All I need is voice, no video. So time to ask if anyone out there can suggest anything, a client that works and some tips how to get it working, a firewall rule that works or could be bumping the clients off? Im open to anything as long as it works. TIA PsyV btw its a win2k box behind a freebsd 4.3 gateway doing NAT via ipnat and have two (non-conflicting) rulesets , one ipf and one ipfw. The rulesets are available on request tho I should mention its not worked even with a basic 2 line (NAT enabling) ruleset either. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jul 28 20:27:26 2001 Delivered-To: freebsd-net@freebsd.org Received: from merlot.juniper.net (natint.juniper.net [207.17.136.129]) by hub.freebsd.org (Postfix) with ESMTP id EECBD37B405; Sat, 28 Jul 2001 20:27:21 -0700 (PDT) (envelope-from pingpan@cs.columbia.edu) Received: from cs.columbia.edu ([172.16.167.234]) by merlot.juniper.net (8.11.3/8.11.3) with ESMTP id f6T3QfH65462; Sat, 28 Jul 2001 20:26:41 -0700 (PDT) (envelope-from pingpan@cs.columbia.edu) Message-ID: <3B638238.3090407@cs.columbia.edu> Date: Sat, 28 Jul 2001 20:25:44 -0700 From: Ping Pan User-Agent: Mozilla/5.0 (X11; U; Linux 2.4.2-2 i686; en-US; m18) Gecko/20010131 Netscape6/6.01 X-Accept-Language: en MIME-Version: 1.0 To: The Psychotic Viper Cc: freebsd-net@FreeBSD.ORG, freebsd-questions@FreeBSD.ORG Subject: Re: Voice Conferencing References: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Have you tried vic, vat and rat? Essentially, the voice streams are sent in RTP and RTCP. By setting up firewall rules, I had gotten vic/vat working in the past.... but not NAT. Curious to find out.... You may also want to ask the question in avt@ietf.org mailing list. Good luck! - Ping The Psychotic Viper wrote: > Hi, > > Posting to both -Questions and -Net because it is a networking related > question. > > I am trying to setup voice conferencing behind a freebsd NAT gateway, and > seem to get stuck. They can hear me, but no luck on my side. Tried > multiple clients including speak freely and netmeeting. I know netmeeting > may not work but what about all the rest? All I need is voice, no video. > So time to ask if anyone out there can suggest anything, a client that > works and some tips how to get it working, a firewall rule that works or > could be bumping the clients off? Im open to anything as long as it works. > > > TIA > > PsyV > > btw its a win2k box behind a freebsd 4.3 gateway doing NAT via ipnat and > have two (non-conflicting) rulesets , one ipf and one ipfw. The rulesets > are available on request tho I should mention its not worked even with a > basic 2 line (NAT enabling) ruleset either. > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message