From owner-freebsd-net Sun Jan 12 10:11:36 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1C7E837B401 for ; Sun, 12 Jan 2003 10:11:35 -0800 (PST) Received: from xorpc.icir.org (xorpc.icir.org [192.150.187.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id B296943F13 for ; Sun, 12 Jan 2003 10:11:34 -0800 (PST) (envelope-from rizzo@xorpc.icir.org) Received: from xorpc.icir.org (localhost [127.0.0.1]) by xorpc.icir.org (8.12.3/8.12.3) with ESMTP id h0CIBTTO010847; Sun, 12 Jan 2003 10:11:29 -0800 (PST) (envelope-from rizzo@xorpc.icir.org) Received: (from rizzo@localhost) by xorpc.icir.org (8.12.3/8.12.3/Submit) id h0CIBTaX010846; Sun, 12 Jan 2003 10:11:29 -0800 (PST) (envelope-from rizzo) Date: Sun, 12 Jan 2003 10:11:28 -0800 From: Luigi Rizzo To: Josh Brooks Cc: freebsd-net@FreeBSD.ORG Subject: Re: ipfw rules - SYN w/o MSS, and ACK with 0 sequence number Message-ID: <20030112101128.C10609@xorpc.icir.org> References: <20030111163433.S78856-100000@mail.econolodgetulsa.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20030111163433.S78856-100000@mail.econolodgetulsa.com>; from user@mail.econolodgetulsa.com on Sat, Jan 11, 2003 at 04:40:53PM -0800 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, On Sat, Jan 11, 2003 at 04:40:53PM -0800, Josh Brooks wrote: ... > After reading some more documents on DoS attacks (namely > http://www.e-gerbil.net/ras/projects/dos/dos.txt ) I have found that there > are two nice mechanisms to thwart a large number of ack and syn floods. > > First, it turns out (from the paper I mention above) that most of the SYN > flood tools out there send the SYNs with no MSS. > > Second, it turns out that the default stream.c has ACK numbers of zero on > every packet. So although I realize that since ipfw is stateless I cannot > put in the _real_ fix (with ipfilter): ipfw has been stateful since early 2000, so you can implement exactly the same thing mentioned below in ipfw as well. Read the ipfw manpage for details cheers luigi > -- start rule set -- > block in quick proto tcp from any to any head 100 > pass in quick proto tcp from any to any flags S keep state group 100 > pass in all > -- end rule set -- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Jan 12 11: 7:39 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5B6DE37B405 for ; Sun, 12 Jan 2003 11:07:35 -0800 (PST) Received: from morphy.iki.fi (baana-pppoes-213-139-166-84.suomi.net [213.139.166.84]) by mx1.FreeBSD.org (Postfix) with SMTP id 0906343F1E for ; Sun, 12 Jan 2003 11:07:34 -0800 (PST) (envelope-from morphy@morphy.iki.fi) Received: (qmail 16509 invoked by uid 1000); 12 Jan 2003 19:07:31 -0000 Date: Sun, 12 Jan 2003 21:07:31 +0200 From: "Mikko S. Hyvarinen" To: freebsd-net@freebsd.org Cc: freebsd-current@freebsd.org Subject: Asus A7N8X Deluxe, nForce2 chipset, 3com MAC, Broadcom/Altima PHY Message-ID: <20030112190731.GB14895@morphy.iki.fi> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="UugvWAfsgieZRqgk" Content-Disposition: inline User-Agent: Mutt/1.4i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --UugvWAfsgieZRqgk Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hi, I recently acquired one of these motherboards and suitable CPU + memory for it. The on-board 3com MAC and Broadcom/Altima PHY are not being detected by the xl(4) driver in -current (cvsup done yesterday evening). In the Award BIOS there is only one setting for the 3com device, a supposed on/off switch with only values Disabled and Auto; I have used Auto. Output with stock drivers: pcib2: at device 12.0 on pci0 pci2: on pcib2 pci2: at device 1.0 (no driver attached) pciconf -lv output: none9@pci2:1:0: class=0x020000 card=0x80ab1043 chip=0x920110b7 rev=0x40 hdr=0x00 vendor = '3COM Corp, Networking Division' class = network subclass = ethernet Output after adding the chip in question to if_xlreg.h and if_xl.c probe table: pcib2: at device 12.0 on pci0 pci2: on pcib2 xl1: <3Com 3c905C-TX on nVidia nForce2 chipset> port 0xb000-0xb07f mem 0xd3000000-0xd300007f irq 11 at device 1.0 on pci2 xl1: Ethernet address: 00:26:54:07:e5:95 xl1: no PHY found! device_probe_and_attach: xl1 attach returned 6 So far, so good. The on-board PHY is a Broadcom/Altime AC101L, which is not listed in miidevs. I added it there and to acphy_probe() just to see if it would work. I also added a printf() to acphy_probe() to output the mii_id1 and mii_id2 values before checking for the supported models so that I could see if the probe was even getting that far. Probe doesn't get that far since the printf() is never executed; I believe probe halts in mii_phy_probe() since acphy_probe() would be called by bus_generic_attach() if a PHY was found on the miibus and that in turn would show up in the kernel boot messages because of the printf() I added. FWIW, the diff for the files mentioned is attached, in case someone wants to continue from here. Specifications for the Altima PHY are available at: http://www.altimacom.com/products/ac101L.html I could not find any specifications on nVidia site for the integration of the 3com MAC into the nForce2 chipset; neither could I find any documents on Asus site about the power control for the Broadcom/Altima MAC in case it is somehow powered off by default. Regards, MSH -- All opinions expressed above are mine alone and do not express the views of my employer or any other organizations that I am affiliated with. --UugvWAfsgieZRqgk Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="nforce2-xl.patch" Index: sys/dev/mii/miidevs =================================================================== RCS file: /data/cvs/freebsd/src/sys/dev/mii/miidevs,v retrieving revision 1.21 diff -u -r1.21 miidevs --- sys/dev/mii/miidevs 8 Sep 2002 19:12:02 -0000 1.21 +++ sys/dev/mii/miidevs 4 Jan 2003 23:00:40 -0000 @@ -98,6 +98,7 @@ /* Altima Communications PHYs */ model xxALTIMA AC101 0x0021 AC101 10/100 media interface +model xxALTIMA AC101L 0x0012 AC101L 10/100 media interface /* Advanced Micro Devices PHYs */ model xxAMD 79C873 0x0000 Am79C873 10/100 media interface Index: sys/dev/mii/acphy.c =================================================================== RCS file: /data/cvs/freebsd/src/sys/dev/mii/acphy.c,v retrieving revision 1.10 diff -u -r1.10 acphy.c --- sys/dev/mii/acphy.c 14 Oct 2002 22:31:52 -0000 1.10 +++ sys/dev/mii/acphy.c 12 Jan 2003 18:51:40 -0000 @@ -129,6 +129,9 @@ if (MII_OUI(ma->mii_id1, ma->mii_id2) == MII_OUI_xxALTIMA && MII_MODEL(ma->mii_id2) == MII_MODEL_xxALTIMA_AC101) { device_set_desc(dev, MII_STR_xxALTIMA_AC101); + } else if(MII_OUI(ma->mii_id1, ma->mii_id2) == MII_OUI_xxALTIMA && + MII_MODEL(ma->mii_id2) == MII_MODEL_xxALTIMA_AC101L) { + device_set_desc(dev, MII_STR_xxALTIMA_AC101L); } else return (ENXIO); Index: sys/pci/if_xl.c =================================================================== RCS file: /data/cvs/freebsd/src/sys/pci/if_xl.c,v retrieving revision 1.120 diff -u -r1.120 if_xl.c --- sys/pci/if_xl.c 10 Jan 2003 08:09:58 -0000 1.120 +++ sys/pci/if_xl.c 12 Jan 2003 11:47:13 -0000 @@ -183,6 +183,8 @@ "3Com 3c905B-COMBO Fast Etherlink XL" }, { TC_VENDORID, TC_DEVICEID_TORNADO_10_100BT, "3Com 3c905C-TX Fast Etherlink XL" }, + { TC_VENDORID, TC_DEVICEID_TORNADO_10_100BT_NVIDIA, + "3Com 3c905C-TX on nVidia nForce2 chipset" }, { TC_VENDORID, TC_DEVICEID_HURRICANE_10_100BT_SERV, "3Com 3c980 Fast Etherlink XL" }, { TC_VENDORID, TC_DEVICEID_TORNADO_10_100BT_SERV, Index: sys/pci/if_xlreg.h =================================================================== RCS file: /data/cvs/freebsd/src/sys/pci/if_xlreg.h,v retrieving revision 1.40 diff -u -r1.40 if_xlreg.h --- sys/pci/if_xlreg.h 6 Jan 2003 00:46:03 -0000 1.40 +++ sys/pci/if_xlreg.h 8 Jan 2003 19:55:18 -0000 @@ -676,6 +676,7 @@ #define TC_DEVICEID_CYCLONE_10_100_COMBO 0x9058 #define TC_DEVICEID_CYCLONE_10_100FX 0x905A #define TC_DEVICEID_TORNADO_10_100BT 0x9200 +#define TC_DEVICEID_TORNADO_10_100BT_NVIDIA 0x9201 #define TC_DEVICEID_HURRICANE_10_100BT_SERV 0x9800 #define TC_DEVICEID_TORNADO_10_100BT_SERV 0x9805 #define TC_DEVICEID_HURRICANE_SOHO100TX 0x7646 --UugvWAfsgieZRqgk-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Jan 12 13: 5:58 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8258937B401; Sun, 12 Jan 2003 13:05:57 -0800 (PST) Received: from dragon.nuxi.com (trang.nuxi.com [66.93.134.19]) by mx1.FreeBSD.org (Postfix) with ESMTP id CC37443F5B; Sun, 12 Jan 2003 13:05:53 -0800 (PST) (envelope-from obrien@NUXI.com) Received: from dragon.nuxi.com (obrien@localhost [127.0.0.1]) by dragon.nuxi.com (8.12.6/8.12.2) with ESMTP id h0CL5jEZ063866; Sun, 12 Jan 2003 13:05:45 -0800 (PST) (envelope-from obrien@dragon.nuxi.com) Received: (from obrien@localhost) by dragon.nuxi.com (8.12.6/8.12.6/Submit) id h0CL4UF5063831; Sun, 12 Jan 2003 13:04:30 -0800 (PST) Date: Sun, 12 Jan 2003 13:04:30 -0800 From: "David O'Brien" To: "Mikko S. Hyvarinen" Cc: freebsd-net@freebsd.org, freebsd-current@freebsd.org Subject: Re: Asus A7N8X Deluxe, nForce2 chipset, 3com MAC, Broadcom/Altima PHY Message-ID: <20030112210430.GA63537@dragon.nuxi.com> Reply-To: obrien@freebsd.org References: <20030112190731.GB14895@morphy.iki.fi> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030112190731.GB14895@morphy.iki.fi> User-Agent: Mutt/1.4i X-Operating-System: FreeBSD 5.0-CURRENT Organization: The NUXI BSD Group X-Pgp-Rsa-Fingerprint: B7 4D 3E E9 11 39 5F A3 90 76 5D 69 58 D9 98 7A X-Pgp-Rsa-Keyid: 1024/34F9F9D5 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sun, Jan 12, 2003 at 09:07:31PM +0200, Mikko S. Hyvarinen wrote: > The on-board 3com MAC and Broadcom/Altima PHY are not being detected by the > xl(4) driver in -current (cvsup done yesterday evening). > In the Award BIOS there is only one setting for the 3com device, a supposed > on/off switch with only values Disabled and Auto; I have used Auto. ... > FWIW, the diff for the files mentioned is attached, in case someone wants > to continue from here. Thanks! I committed this patch so it didn't get lost and maybe someone else with one of these boards can take it all the way. -- David To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Jan 12 17:44:48 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B689D37B401 for ; Sun, 12 Jan 2003 17:44:46 -0800 (PST) Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id 065E743F1E for ; Sun, 12 Jan 2003 17:44:46 -0800 (PST) (envelope-from billf@elvis.mu.org) Received: by elvis.mu.org (Postfix, from userid 1098) id B1BBDAE211; Sun, 12 Jan 2003 17:44:37 -0800 (PST) Date: Sun, 12 Jan 2003 17:44:37 -0800 From: Bill Fumerola To: Luigi Rizzo Cc: Josh Brooks , freebsd-net@FreeBSD.ORG Subject: Re: ipfw rules - SYN w/o MSS, and ACK with 0 sequence number Message-ID: <20030113014437.GI35166@elvis.mu.org> References: <20030111163433.S78856-100000@mail.econolodgetulsa.com> <20030112101128.C10609@xorpc.icir.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030112101128.C10609@xorpc.icir.org> User-Agent: Mutt/1.4i X-Operating-System: FreeBSD 4.7-MUORG-20021112 i386 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sun, Jan 12, 2003 at 10:11:28AM -0800, Luigi Rizzo wrote: > On Sat, Jan 11, 2003 at 04:40:53PM -0800, Josh Brooks wrote: > ... > > Second, it turns out that the default stream.c has ACK numbers of zero on > > every packet. So although I realize that since ipfw is stateless I cannot > > put in the _real_ fix (with ipfilter): > > ipfw has been stateful since early 2000, so you can implement > exactly the same thing mentioned below in ipfw as well. Read the ipfw > manpage for details also, ipfw can match packets by ack#. i've used this as criteria for a dummynet pipe rule in the past. -- - bill fumerola / fumerola@yahoo-inc.com / billf@FreeBSD.org / billf@mu.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Jan 12 17:47:30 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 95BC737B401 for ; Sun, 12 Jan 2003 17:47:29 -0800 (PST) Received: from mail.econolodgetulsa.com (mail.econolodgetulsa.com [198.78.66.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2BFF643EB2 for ; Sun, 12 Jan 2003 17:47:29 -0800 (PST) (envelope-from user@mail.econolodgetulsa.com) Received: from mail (user@mail [198.78.66.163]) by mail.econolodgetulsa.com (8.12.3/8.12.3) with ESMTP id h0D1lTZb044697; Sun, 12 Jan 2003 17:47:29 -0800 (PST) (envelope-from user@mail.econolodgetulsa.com) Date: Sun, 12 Jan 2003 17:47:29 -0800 (PST) From: Josh Brooks To: Bill Fumerola Cc: Luigi Rizzo , Subject: Re: ipfw rules - SYN w/o MSS, and ACK with 0 sequence number In-Reply-To: <20030113014437.GI35166@elvis.mu.org> Message-ID: <20030112174652.C78856-100000@mail.econolodgetulsa.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > also, ipfw can match packets by ack#. i've used this as criteria for a > dummynet pipe rule in the past. Great - that is just what I am looking for - so I can drop all packets with an ack of zero. Can someone show me an example rule of said behavior ? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 13 6:24: 8 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5EF4C37B401 for ; Mon, 13 Jan 2003 06:24:07 -0800 (PST) Received: from overlord.e-gerbil.net (e-gerbil.net [64.186.142.66]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9E92E43E4A for ; Mon, 13 Jan 2003 06:24:06 -0800 (PST) (envelope-from ras@overlord.e-gerbil.net) Received: from overlord.e-gerbil.net (ras@localhost.globali.net [127.0.0.1]) by overlord.e-gerbil.net (8.12.6/8.12.6) with ESMTP id h0DENuTg048950; Mon, 13 Jan 2003 09:23:56 -0500 (EST) (envelope-from ras@overlord.e-gerbil.net) Received: (from ras@localhost) by overlord.e-gerbil.net (8.12.6/8.12.6/Submit) id h0DENosb048949; Mon, 13 Jan 2003 09:23:50 -0500 (EST) (envelope-from ras) Date: Mon, 13 Jan 2003 09:23:50 -0500 From: Richard A Steenbergen To: "."@babolo.ru Cc: Josh Brooks , Jess Kitchen , freebsd-net@FreeBSD.ORG Subject: Re: What is my next step as a script kiddie ? (DDoS) Message-ID: <20030113142350.GI78231@overlord.e-gerbil.net> References: <20030111221206.GF78231@overlord.e-gerbil.net> <1042331596.782866.69020.nullmailer@cicuta.babolo.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1042331596.782866.69020.nullmailer@cicuta.babolo.ru> User-Agent: Mutt/1.5.1i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sun, Jan 12, 2003 at 03:33:16AM +0300, .@babolo.ru wrote: > > much less CPU and plenty of places to strike. Protecting your network > > infrastructure is certainly the next place to go after you protect your > > high-target hosts. > > > > For some examples, see http://www.e-gerbil.net/ras/projects/dos/dos.txt > remember disposition: > small net(s) connected via low band (less then 10M) > link to one upstream. Obviously if you have a low speed connection, your pipe will fill before the hosts or routers ever have a chance to fall over (unless you have a REALLY low end router :P). But if the point of this discussion is to protect the hosts from falling over, then the network must be able to deliver a sufficiently large attack. And nothing sucks quite like watching a GSR fall over under a 20Mbit SYN flood. :) -- Richard A Steenbergen http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 13 8:31:12 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 17CCE37B401 for ; Mon, 13 Jan 2003 08:31:10 -0800 (PST) Received: from morphy.iki.fi (baana-pppoes-213-139-166-84.suomi.net [213.139.166.84]) by mx1.FreeBSD.org (Postfix) with SMTP id C076B43ED8 for ; Mon, 13 Jan 2003 08:31:08 -0800 (PST) (envelope-from morphy@morphy.iki.fi) Received: (qmail 783 invoked by uid 1000); 13 Jan 2003 16:31:01 -0000 Date: Mon, 13 Jan 2003 18:31:01 +0200 From: "Mikko S. Hyvarinen" To: freebsd-net@freebsd.org, freebsd-current@freebsd.org Cc: obrien@freebsd.org Subject: Re: Asus A7N8X Deluxe, nForce2 chipset, 3com MAC, Broadcom/Altima PHY Message-ID: <20030113163101.GA714@morphy.iki.fi> References: <20030112190731.GB14895@morphy.iki.fi> <20030112210430.GA63537@dragon.nuxi.com> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="7JfCtLOvnd9MIVvH" Content-Disposition: inline In-Reply-To: <20030112210430.GA63537@dragon.nuxi.com> User-Agent: Mutt/1.4i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --7JfCtLOvnd9MIVvH Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Sun, Jan 12, 2003 at 01:04:30PM -0800, David O'Brien wrote: > On Sun, Jan 12, 2003 at 09:07:31PM +0200, Mikko S. Hyvarinen wrote: > > The on-board 3com MAC and Broadcom/Altima PHY are not being detected by the > > xl(4) driver in -current (cvsup done yesterday evening). > > In the Award BIOS there is only one setting for the 3com device, a supposed > > on/off switch with only values Disabled and Auto; I have used Auto. > ... > > FWIW, the diff for the files mentioned is attached, in case someone wants > > to continue from here. > > Thanks! I committed this patch so it didn't get lost and maybe someone > else with one of these boards can take it all the way. As usual, it had to be something simple. With the attached change on top of the previous set the Altima AC101L PHY is detected correctly. I'm not so sure whether that xl_choose_xcvr() modification is actually necessary, but one can never be too sure. Tested with 10baseT/UTP and it works normally. Regards, MSH -- All opinions expressed above are mine alone and do not express the views of my employer or any other organizations that I am affiliated with. --7JfCtLOvnd9MIVvH Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="nforce2-xl-2.patch" Index: sys/pci/if_xl.c =================================================================== RCS file: /data/cvs/freebsd/src/sys/pci/if_xl.c,v retrieving revision 1.121 diff -u -r1.121 if_xl.c --- sys/pci/if_xl.c 12 Jan 2003 21:03:38 -0000 1.121 +++ sys/pci/if_xl.c 13 Jan 2003 16:24:50 -0000 @@ -1245,6 +1245,7 @@ case TC_DEVICEID_HURRICANE_656: /* 3c656 */ case TC_DEVICEID_HURRICANE_656B: /* 3c656B */ case TC_DEVICEID_TORNADO_656C: /* 3c656C */ + case TC_DEVICEID_TORNADO_10_100BT_NVIDIA: /* nVidia nForce2 integrated */ sc->xl_media = XL_MEDIAOPT_MII; sc->xl_xcvr = XL_XCVR_MII; if (verbose) @@ -1340,6 +1341,8 @@ pci_get_device(dev) == TC_DEVICEID_HURRICANE_656B) sc->xl_flags |= XL_FLAG_INVERT_MII_PWR | XL_FLAG_INVERT_LED_PWR; + if (pci_get_device(dev) == TC_DEVICEID_TORNADO_10_100BT_NVIDIA) + sc->xl_flags |= XL_FLAG_PHYOK; /* * If this is a 3c905B, we have to check one extra thing. --7JfCtLOvnd9MIVvH-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 13 13:51:54 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AA55637B405 for ; Mon, 13 Jan 2003 13:51:51 -0800 (PST) Received: from mail.gmx.net (mail.gmx.net [213.165.65.60]) by mx1.FreeBSD.org (Postfix) with SMTP id 5B87043F18 for ; Mon, 13 Jan 2003 13:51:49 -0800 (PST) (envelope-from tmoestl@gmx.net) Received: (qmail 11931 invoked by uid 0); 13 Jan 2003 21:51:47 -0000 Received: from p508e4d64.dip.t-dialin.net (HELO galatea.local) (80.142.77.100) by mail.gmx.net (mp004-rz3) with SMTP; 13 Jan 2003 21:51:47 -0000 Received: from localhost ([127.0.0.1] helo=galatea.local) by galatea.local with esmtp (Exim 4.12 #1) id 18YCWJ-0000w5-00; Mon, 13 Jan 2003 22:53:24 +0100 Received: (from tmm@localhost) by galatea.local (8.12.6/8.12.6/Submit) id h0DLrJtL003596; Mon, 13 Jan 2003 22:53:19 +0100 (CET) Date: Mon, 13 Jan 2003 22:53:18 +0100 From: Thomas Moestl To: Martin Blapp Cc: current@freebsd.org, net@freebsd.org Subject: Re: PANIC in tcp_syncache.c sonewconn() line 562 Message-ID: <20030113215318.GA278@crow.dom2ip.de> Mail-Followup-To: Martin Blapp , current@freebsd.org, net@freebsd.org References: <20030113173957.T73725@levais.imp.ch> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030113173957.T73725@levais.imp.ch> User-Agent: Mutt/1.4i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 2003/01/13 at 17:47:11 +0100, Martin Blapp wrote: > #10 0xc03df350 in trap (frame= > {tf_fs = 24, tf_es = -65520, tf_ds = 16, tf_edi = 2, tf_esi = -1031597312, > tf_ebp = -854635944, tf_isp = -854635988, tf_ebx = -1031595264, tf_edx = 4, > tf_ecx = 0, tf_eax = 0, tf_trapno = 12, tf_err = 2, tf_eip = -1071076206, tf_cs > = 8, tf_eflags = 66050, tf_esp = -1031595264, tf_ss = > 0}) at /usr/src/sys/i386/i386/trap.c:445 > #11 0xc03cf9f8 in calltrap () at {standard input}:98 > #12 0xc02e1f3f in syncache_socket (sc=0xc2831300, lso=0xc2831300, m=0xc0ed9c00) > at /usr/src/sys/netinet/tcp_syncache.c:562 > #13 0xc02e23e8 in syncache_expand (inc=0xcd0f4b4c, th=0xc0ed9c68, > sop=0xcd0f4b18, m=0xc0ed9c00) > at /usr/src/sys/netinet/tcp_syncache.c:781 > #14 0xc02db779 in tcp_input (m=0xc0ed9c68, off0=20) at > /usr/src/sys/netinet/tcp_input.c:703 > #15 0xc02d409b in ip_input (m=0xc0ed9c00) at /usr/src/sys/netinet/ip_input.c:923 > #16 0xc02d4192 in ipintr () at /usr/src/sys/netinet/ip_input.c:941 > #17 0xc02c1713 in swi_net (dummy=0x0) at /usr/src/sys/net/netisr.c:97 > #18 0xc0238df1 in ithread_loop (arg=0xc0eba000) at > /usr/src/sys/kern/kern_intr.c:535 > #19 0xc0237cf3 in fork_exit (callout=0xc0238c20 , arg=0x0, > frame=0x0) > at /usr/src/sys/kern/kern_fork.c:873 > > 562 so = sonewconn(lso, SS_ISCONNECTED); This seems to actually be a quite old bug: we allow listen() to be called on connected sockets, which messes up the state of the socket (it will get SO_ACCEPTCONN set). Before syncache, this would likely only lead to the connection becoming catatonic, unless a matching SYN packet came along (in a state where the initial SYN of the connection was already received). With syncache however, a panic can be triggered by normal ACK packets. In your example, the listen is buried in the bowels of the RPC code. The solution should be to reject the listen() with EINVAL (which seems to be that standard-mandated error for connected sockets); patch attached. Any thoughts on this? - Thomas -- Thomas Moestl http://www.tu-bs.de/~y0015675/ http://people.FreeBSD.org/~tmm/ PGP fingerprint: 1C97 A604 2BD0 E492 51D0 9C0F 1FE6 4F1D 419C 776C Index: kern/uipc_socket.c =================================================================== RCS file: /ncvs/src/sys/kern/uipc_socket.c,v retrieving revision 1.140 diff -u -r1.140 uipc_socket.c --- kern/uipc_socket.c 5 Jan 2003 11:14:04 -0000 1.140 +++ kern/uipc_socket.c 13 Jan 2003 21:43:52 -0000 @@ -266,6 +266,10 @@ int s, error; s = splnet(); + if (so->so_state & (SS_ISCONNECTED | SS_ISCONNECTING)) { + splx(s); + return (EINVAL); + } error = (*so->so_proto->pr_usrreqs->pru_listen)(so, td); if (error) { splx(s); To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 13 14:11:22 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3404B37B401; Mon, 13 Jan 2003 14:11:21 -0800 (PST) Received: from mail.imp.ch (mail.imp.ch [157.161.1.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id C3E6643ED8; Mon, 13 Jan 2003 14:11:19 -0800 (PST) (envelope-from mb@imp.ch) Received: from levais.imp.ch (levais.imp.ch [157.161.4.66]) by mail.imp.ch (8.12.6/8.12.3) with ESMTP id h0DMBDae060058; Mon, 13 Jan 2003 23:11:13 +0100 (CET) (envelope-from Martin.Blapp@imp.ch) Date: Mon, 13 Jan 2003 23:11:20 +0100 (CET) From: Martin Blapp To: Thomas Moestl Cc: current@freebsd.org, "" Subject: Re: PANIC in tcp_syncache.c sonewconn() line 562 In-Reply-To: <20030113215318.GA278@crow.dom2ip.de> Message-ID: <20030113230616.B74437@levais.imp.ch> References: <20030113173957.T73725@levais.imp.ch> <20030113215318.GA278@crow.dom2ip.de> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi Thomas, > The solution should be to reject the listen() with EINVAL (which seems > to be that standard-mandated error for connected sockets); patch > attached. Cool, thank you for the proposed solution. I suspected something like this; rpcgen does generate quite broken code sometimes, and nobody cared about fixing these old bugs. :-( Since rpcgen in STABLE is broken too, it's not my fault ;) I'll provide a rpcgen patch too which has the call to listen() removed (in the inetd case) after the socket is already connected. I guess a "rpcgen -I" generated server should knew about this issue and test properly if it is run standalone or from inetd. The solution I think would be to reuse the socket. I'll provide a fix for this ! Martin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 13 16:42:23 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3A2A537B401 for ; Mon, 13 Jan 2003 16:42:22 -0800 (PST) Received: from ns1.interbgc.com (mail.interbgc.com [217.9.224.3]) by mx1.FreeBSD.org (Postfix) with SMTP id ABA784400D for ; Mon, 13 Jan 2003 16:42:17 -0800 (PST) (envelope-from rado@cablebg.net) Received: (qmail 55448 invoked by uid 1005); 14 Jan 2003 00:42:06 -0000 Received: from rado@cablebg.net by keeper.interbgc.com by uid 1002 with qmail-scanner-1.14 (uvscan: v4.1.60/v4242. Clear:. Processed in 6.293849 secs); 14 Jan 2003 00:42:06 -0000 Received: from deckland.cablebg.net (HELO deckland) (217.9.227.19) by mail.cablebg.net with SMTP; 14 Jan 2003 00:42:00 -0000 Message-ID: <000501c2bb5d$53dfbe40$13e309d9@deckland> From: "Radoslav Vasilev" To: Cc: Subject: kld && inetsw.pr_protocol overriding + old reuse Date: Tue, 14 Jan 2003 02:41:40 +0300 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2720.3000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I'm interested in whether the following could be acomplished: there's KLD module, installing some new syscalls in the kernel, as well as installing new ``struct ipprotosw'' for some protocol or another(let's assume IPPROTO_UDP). Could we just add some code in the begging of the new protocol handler (counting, statistics , etc...) and call the old one after doing that. If possible, what should be the preparation for that last call ? Any help appreciated! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 13 16:42:24 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6E3A637B401 for ; Mon, 13 Jan 2003 16:42:23 -0800 (PST) Received: from ns1.interbgc.com (mail.interbgc.com [217.9.224.3]) by mx1.FreeBSD.org (Postfix) with SMTP id DCB2943ED8 for ; Mon, 13 Jan 2003 16:42:19 -0800 (PST) (envelope-from rado@cablebg.net) Received: (qmail 55448 invoked by uid 1005); 14 Jan 2003 00:42:06 -0000 Received: from rado@cablebg.net by keeper.interbgc.com by uid 1002 with qmail-scanner-1.14 (uvscan: v4.1.60/v4242. Clear:. Processed in 6.293849 secs); 14 Jan 2003 00:42:06 -0000 Received: from deckland.cablebg.net (HELO deckland) (217.9.227.19) by mail.cablebg.net with SMTP; 14 Jan 2003 00:42:00 -0000 Message-ID: <000501c2bb5d$53dfbe40$13e309d9@deckland> From: "Radoslav Vasilev" To: Cc: Subject: kld && inetsw.pr_protocol overriding + old reuse Date: Tue, 14 Jan 2003 02:41:40 +0300 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2720.3000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I'm interested in whether the following could be acomplished: there's KLD module, installing some new syscalls in the kernel, as well as installing new ``struct ipprotosw'' for some protocol or another(let's assume IPPROTO_UDP). Could we just add some code in the begging of the new protocol handler (counting, statistics , etc...) and call the old one after doing that. If possible, what should be the preparation for that last call ? Any help appreciated! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 13 16:53:34 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3DF6337B401 for ; Mon, 13 Jan 2003 16:53:33 -0800 (PST) Received: from ns1.interbgc.com (mail.interbgc.com [217.9.224.3]) by mx1.FreeBSD.org (Postfix) with SMTP id 7E90143F18 for ; Mon, 13 Jan 2003 16:53:29 -0800 (PST) (envelope-from rado@cablebg.net) Received: (qmail 56789 invoked by uid 1005); 14 Jan 2003 00:53:24 -0000 Received: from rado@cablebg.net by keeper.interbgc.com by uid 1002 with qmail-scanner-1.14 (uvscan: v4.1.60/v4242. Clear:. Processed in 0.965109 secs); 14 Jan 2003 00:53:24 -0000 Received: from deckland.cablebg.net (HELO deckland) (217.9.227.19) by mail.cablebg.net with SMTP; 14 Jan 2003 00:53:23 -0000 Message-ID: <000b01c2bb5e$eb42f8f0$13e309d9@deckland> From: "Radoslav Vasilev" To: Cc: Subject: kld && inetsw.pr_protocol overriding + old reuse Date: Tue, 14 Jan 2003 02:53:05 +0300 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2720.3000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I'm interested in whether the following could be acomplished: there's KLD module, installing some new syscalls in the kernel, as well as installing new ``struct ipprotosw'' for some protocol or another(let's assume IPPROTO_UDP). Could we just add some code in the begging of the new protocol handler (counting, statistics , etc...) and call the old one after doing that. If possible, what should be the preparation for that last call ? Any help appreciated! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 13 19: 0:11 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 69F3537B401; Mon, 13 Jan 2003 19:00:10 -0800 (PST) Received: from flavatown.mail.pas.earthlink.net (flavatown.mail.pas.earthlink.net [207.217.120.148]) by mx1.FreeBSD.org (Postfix) with ESMTP id D915043E4A; Mon, 13 Jan 2003 19:00:09 -0800 (PST) (envelope-from tlambert2@mindspring.com) Received: from stork (stork.mail.pas.earthlink.net [207.217.120.188]) by flavatown.mail.pas.earthlink.net (8.11.6+Sun/8.11.6) with ESMTP id h0E2iqV07347; Mon, 13 Jan 2003 18:44:52 -0800 (PST) Received: from pool0171.cvx21-bradley.dialup.earthlink.net ([209.179.192.171] helo=mindspring.com) by stork with asmtp (SSLv3:RC4-MD5:128) (Exim 3.33 #1) id 18YH3u-0006bp-00; Mon, 13 Jan 2003 18:44:23 -0800 Message-ID: <3E237930.FC51AB75@mindspring.com> Date: Mon, 13 Jan 2003 18:42:56 -0800 From: Terry Lambert X-Mailer: Mozilla 4.79 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Radoslav Vasilev Cc: freebsd-net@freebsd.org, freebsd-hackers@freebsd.org Subject: Re: kld && inetsw.pr_protocol overriding + old reuse References: <000b01c2bb5e$eb42f8f0$13e309d9@deckland> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-ELNK-Trace: b1a02af9316fbb217a47c185c03b154d40683398e744b8a47d619ed94123ae94c607727ffcde9a6aa8438e0f32a48e08350badd9bab72f9c350badd9bab72f9c Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Radoslav Vasilev wrote: > I'm interested in whether the following could be acomplished: > there's KLD module, installing some new syscalls in the kernel, as well as > installing new ``struct ipprotosw'' for some protocol or another(let's > assume IPPROTO_UDP). > Could we just add some code in the begging of the new protocol handler > (counting, statistics , etc...) and call the old one after doing that. If > possible, what should be the preparation for that last call ? > Any help appreciated! This can't really be done, without actually hacking over top of the location that contained the code associated with the previous symbol. The reason for this is that the input path sometimes ends up making direct calls, assuming that the protocol stack is stacked the way it's expected to be stacked (e.g. direct calls to routines that are in struct ipprotosw). If you need to hack over the function, you need a lot more knowledge of assembly language; it is occasionally useful for profiling an existing system. The usual reason for wanting to do this is to make TCP/IP connections that are invisible to the OS, in order to attempt to turn FreeBSD boxes into DDOS robots, without the knowledge of their owners. 8-|. If you have a specific reason for this, you can replace the entry points with explicit entry points for your own routines, that call the real (renamed) routines, indirectly, and then replace the pointers. This will work fine on systems which legitimately belong to you, and for which you are willing to recompile the kernel, in order to make your modules work. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Jan 13 22: 2:48 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7E1BB37B401; Mon, 13 Jan 2003 22:02:46 -0800 (PST) Received: from mel-rto6.wanadoo.fr (smtp-out-6.wanadoo.fr [193.252.19.25]) by mx1.FreeBSD.org (Postfix) with ESMTP id 79DE143F3F; Mon, 13 Jan 2003 22:02:45 -0800 (PST) (envelope-from vjardin@wanadoo.fr) Received: from mel-rta9.wanadoo.fr (193.252.19.69) by mel-rto6.wanadoo.fr (6.7.015) id 3E0C343F009E5F6E; Tue, 14 Jan 2003 07:02:37 +0100 Received: from there (217.128.206.128) by mel-rta9.wanadoo.fr (6.7.015) id 3E075B46009F1F35; Tue, 14 Jan 2003 07:02:37 +0100 Message-ID: <3E075B46009F1F35@mel-rta9.wanadoo.fr> (added by postmaster@wanadoo.fr) Content-Type: text/plain; charset="iso-8859-1" From: Vincent Jardin To: "Radoslav Vasilev" , Subject: Re: kld && inetsw.pr_protocol overriding + old reuse Date: Tue, 14 Jan 2003 07:22:05 +0100 X-Mailer: KMail [version 1.3.2] Cc: References: <000b01c2bb5e$eb42f8f0$13e309d9@deckland> In-Reply-To: <000b01c2bb5e$eb42f8f0$13e309d9@deckland> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org It is not very simple. However Netgraph/ng_socket.c does something similar. net_add_domain is called from ngs_mod_event(). However, it is not possible to remove this module because the feature to remove a domain is missing. switch (event) { case MOD_LOAD: /* Register protocol domain */ net_add_domain(&ngdomain); break; case MOD_UNLOAD: /* Insure there are no open netgraph sockets */ if (!LIST_EMPTY(&ngsocklist)) { error = EBUSY; break; } #ifdef NOTYET if ((LIST_EMPTY(&ngsocklist)) && (typestruct.refs == 0)) { /* Unregister protocol domain XXX can't do this yet.. */ if ((error = net_rm_domain(&ngdomain)) != 0) break; } else #endif error = EBUSY; break; I would be interested in this feature too ;-) However there is no reference counter within the protosw structure, neither within the domain structure. It seems to be difficult to remove them. Moreover, how can the domains, that require a "routing layer", be loaded ? rn_init is called only during the boot process in order to find the max_keylen = MAX(dom->dom_maxrtkey). Vincent Le Mardi 14 Janvier 2003 00:53, Radoslav Vasilev a écrit : > I'm interested in whether the following could be acomplished: > there's KLD module, installing some new syscalls in the kernel, as well as > installing new ``struct ipprotosw'' for some protocol or another(let's > assume IPPROTO_UDP). > Could we just add some code in the begging of the new protocol handler > (counting, statistics , etc...) and call the old one after doing that. If > possible, what should be the preparation for that last call ? > Any help appreciated! > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 14 1:32:39 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4994F37B401; Tue, 14 Jan 2003 01:32:38 -0800 (PST) Received: from mail.imp.ch (mail.imp.ch [157.161.1.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id B843443EB2; Tue, 14 Jan 2003 01:32:36 -0800 (PST) (envelope-from mb@imp.ch) Received: from levais.imp.ch (levais.imp.ch [157.161.4.66]) by mail.imp.ch (8.12.6/8.12.3) with ESMTP id h0E9WUae057911; Tue, 14 Jan 2003 10:32:30 +0100 (CET) (envelope-from Martin.Blapp@imp.ch) Date: Tue, 14 Jan 2003 10:32:36 +0100 (CET) From: Martin Blapp To: Thomas Moestl Cc: current@freebsd.org, "" Subject: Re: PANIC in tcp_syncache.c sonewconn() line 562 In-Reply-To: <20030113215318.GA278@crow.dom2ip.de> Message-ID: <20030114100620.W76016@levais.imp.ch> References: <20030113173957.T73725@levais.imp.ch> <20030113215318.GA278@crow.dom2ip.de> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi Thomas, > s = splnet(); > + if (so->so_state & (SS_ISCONNECTED | SS_ISCONNECTING)) { > + splx(s); > + return (EINVAL); > + } > error = (*so->so_proto->pr_usrreqs->pru_listen)(so, td); > if (error) { > splx(s); > Can you commit this ? The fix looks appropriate, but the manpage should also be changed to reflect the change. ERRORS Listen() will fail if: [EBADF] The argument s is not a valid descriptor. [ENOTSOCK] The argument s is not a socket. [EOPNOTSUPP] The socket is not of a type that supports the operation listen(). [EINVAL] Listen() has been already called on the socket. Any objections from others ? Martin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 14 2:52:34 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DDB6037B401; Tue, 14 Jan 2003 02:52:32 -0800 (PST) Received: from bluejay.mail.pas.earthlink.net (bluejay.mail.pas.earthlink.net [207.217.120.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6930C43F13; Tue, 14 Jan 2003 02:52:32 -0800 (PST) (envelope-from tlambert2@mindspring.com) Received: from pool0016.cvx40-bradley.dialup.earthlink.net ([216.244.42.16] helo=mindspring.com) by bluejay.mail.pas.earthlink.net with asmtp (SSLv3:RC4-MD5:128) (Exim 3.33 #1) id 18YOgA-0004H3-00; Tue, 14 Jan 2003 02:52:23 -0800 Message-ID: <3E23EB97.694EC9BB@mindspring.com> Date: Tue, 14 Jan 2003 02:51:03 -0800 From: Terry Lambert X-Mailer: Mozilla 4.79 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Martin Blapp Cc: Thomas Moestl , current@freebsd.org, net@freebsd.org Subject: Re: PANIC in tcp_syncache.c sonewconn() line 562 References: <20030113173957.T73725@levais.imp.ch> <20030113215318.GA278@crow.dom2ip.de> <20030114100620.W76016@levais.imp.ch> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-ELNK-Trace: b1a02af9316fbb217a47c185c03b154d40683398e744b8a4b69f0fd50f242a60a260b1b1df9a76542601a10902912494350badd9bab72f9c350badd9bab72f9c Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Martin Blapp wrote: > Can you commit this ? The fix looks appropriate, but the manpage should > also be changed to reflect the change. > > ERRORS > Listen() will fail if: > > [EBADF] The argument s is not a valid descriptor. > [ENOTSOCK] The argument s is not a socket. > [EOPNOTSUPP] The socket is not of a type that > supports the operation listen(). > [EINVAL] Listen() has been already called on the socket. > > Any objections from others ? It seems to me that calling listen() on a socket to change the listen queue depth is a reasonable thing to do; this is true before it's bound, after it's bound, before listen() has been called on it, and after listen() has been called on it once (or more). Am I missing something here? Is there a good technical reason to not permit an application to change the listen queue depth? Or is there some way that an application can do this, using a call other than listen()? That it causes a panic when the SYN cache is enabled isn't really a technical reason, it's a circumstantial reason. I can think of a lot of programs that might be based on FreeBSD, which would have a CLI that would let you change the wait queue (e.g. a Layer 7 load balancer, or an application proxy), where closing and reopening it -- and losing the pending connections which have performed the SYN/SYN-ACK/ACK, but have not had accept called on them yt), where it would not just be a legitimate use, it would be a required feature. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 14 3:45: 6 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BC38A37B401 for ; Tue, 14 Jan 2003 03:45:04 -0800 (PST) Received: from mail.gmx.net (mail.gmx.net [213.165.64.20]) by mx1.FreeBSD.org (Postfix) with SMTP id A963743F3F for ; Tue, 14 Jan 2003 03:45:02 -0800 (PST) (envelope-from tmoestl@gmx.net) Received: (qmail 26740 invoked by uid 0); 14 Jan 2003 11:45:00 -0000 Received: from p508e5426.dip.t-dialin.net (HELO galatea.local) (80.142.84.38) by mail.gmx.net (mp018-rz3) with SMTP; 14 Jan 2003 11:45:00 -0000 Received: from localhost ([127.0.0.1] helo=galatea.local) by galatea.local with esmtp (Exim 4.12 #1) id 18YPWg-0000OH-00; Tue, 14 Jan 2003 12:46:38 +0100 Received: (from tmm@localhost) by galatea.local (8.12.6/8.12.6/Submit) id h0EBkWwu001504; Tue, 14 Jan 2003 12:46:32 +0100 (CET) Date: Tue, 14 Jan 2003 12:46:32 +0100 From: Thomas Moestl To: Terry Lambert Cc: Martin Blapp , current@freebsd.org, net@freebsd.org Subject: Re: PANIC in tcp_syncache.c sonewconn() line 562 Message-ID: <20030114114632.GA280@crow.dom2ip.de> Mail-Followup-To: Terry Lambert , Martin Blapp , current@freebsd.org, net@freebsd.org References: <20030113173957.T73725@levais.imp.ch> <20030113215318.GA278@crow.dom2ip.de> <20030114100620.W76016@levais.imp.ch> <3E23EB97.694EC9BB@mindspring.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3E23EB97.694EC9BB@mindspring.com> User-Agent: Mutt/1.4i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 2003/01/14 at 02:51:03 -0800, Terry Lambert wrote: > Martin Blapp wrote: > > Can you commit this ? The fix looks appropriate, but the manpage should > > also be changed to reflect the change. > > > > ERRORS > > Listen() will fail if: > > > > [EBADF] The argument s is not a valid descriptor. > > [ENOTSOCK] The argument s is not a socket. > > [EOPNOTSUPP] The socket is not of a type that > > supports the operation listen(). > > [EINVAL] Listen() has been already called on the socket. > > > > Any objections from others ? > > It seems to me that calling listen() on a socket to change the > listen queue depth is a reasonable thing to do; this is true > before it's bound, after it's bound, before listen() has been > called on it, and after listen() has been called on it once (or > more). > > Am I missing something here? Is there a good technical reason > to not permit an application to change the listen queue depth? > Or is there some way that an application can do this, using a > call other than listen()? > > That it causes a panic when the SYN cache is enabled isn't really > a technical reason, it's a circumstantial reason. The manpage change does not reflect the change in the patch :) It should be: [EINVAL] The socket is connected. - Thomas -- Thomas Moestl http://www.tu-bs.de/~y0015675/ http://people.FreeBSD.org/~tmm/ PGP fingerprint: 1C97 A604 2BD0 E492 51D0 9C0F 1FE6 4F1D 419C 776C To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 14 3:47:33 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8277337B401; Tue, 14 Jan 2003 03:47:32 -0800 (PST) Received: from flavatown.mail.pas.earthlink.net (flavatown.mail.pas.earthlink.net [207.217.120.148]) by mx1.FreeBSD.org (Postfix) with ESMTP id EBD3043F18; Tue, 14 Jan 2003 03:47:31 -0800 (PST) (envelope-from tlambert2@mindspring.com) Received: from stork (stork.mail.pas.earthlink.net [207.217.120.188]) by flavatown.mail.pas.earthlink.net (8.11.6+Sun/8.11.6) with ESMTP id h0EBkmV11662; Tue, 14 Jan 2003 03:46:48 -0800 (PST) Received: from pool0016.cvx40-bradley.dialup.earthlink.net ([216.244.42.16] helo=mindspring.com) by stork with asmtp (SSLv3:RC4-MD5:128) (Exim 3.33 #1) id 18YPWX-0006de-00; Tue, 14 Jan 2003 03:46:29 -0800 Message-ID: <3E23F83B.3DB2D576@mindspring.com> Date: Tue, 14 Jan 2003 03:44:59 -0800 From: Terry Lambert X-Mailer: Mozilla 4.79 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Thomas Moestl Cc: Martin Blapp , current@freebsd.org, net@freebsd.org Subject: Re: PANIC in tcp_syncache.c sonewconn() line 562 References: <20030113173957.T73725@levais.imp.ch> <20030113215318.GA278@crow.dom2ip.de> <20030114100620.W76016@levais.imp.ch> <3E23EB97.694EC9BB@mindspring.com> <20030114114632.GA280@crow.dom2ip.de> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-ELNK-Trace: b1a02af9316fbb217a47c185c03b154d40683398e744b8a449560a48fbfb5e8ac102ec571bf3479693caf27dac41a8fd350badd9bab72f9c350badd9bab72f9c Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Thomas Moestl wrote: > > > [EINVAL] Listen() has been already called on the socket. > The manpage change does not reflect the change in the patch :) > It should be: > > [EINVAL] The socket is connected. Oh. That's very different. Never mind. 8-). -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 14 6:31:38 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CC98237B401 for ; Tue, 14 Jan 2003 06:31:37 -0800 (PST) Received: from hanoi.cronyx.ru (hanoi.cronyx.ru [144.206.181.53]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3835643F6D for ; Tue, 14 Jan 2003 06:31:36 -0800 (PST) (envelope-from rik@cronyx.ru) Received: by hanoi.cronyx.ru id RAA32049 for freebsd-net@freebsd.org.checked; (8.9.3/vak/2.1) Tue, 14 Jan 2003 17:29:04 +0300 (MSK) (envelope-from rik@cronyx.ru) Received: from cronyx.ru by hanoi.cronyx.ru with ESMTP id RAA31961 for ; (8.9.3/vak/2.1) Tue, 14 Jan 2003 17:26:33 +0300 (MSK) (envelope-from rik@cronyx.ru) Message-ID: <3E241F63.9060307@cronyx.ru> Date: Tue, 14 Jan 2003 17:32:03 +0300 From: Roman Kurakin User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0.1) Gecko/20020826 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: ng_sppp version 1.1 Content-Type: text/plain; charset=KOI8-R; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I just release new version of ng_sppp. Have anybody try this driver? Changes: Fixed: It was wrong to stop sending packets if an interface is not !running or !up. Added: Manual page was added. Best regards, Roman Kurakin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 14 6:31:44 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 321CC37B401 for ; Tue, 14 Jan 2003 06:31:41 -0800 (PST) Received: from hanoi.cronyx.ru (hanoi.cronyx.ru [144.206.181.53]) by mx1.FreeBSD.org (Postfix) with ESMTP id 27A9B43F83 for ; Tue, 14 Jan 2003 06:31:40 -0800 (PST) (envelope-from rik@cronyx.ru) Received: by hanoi.cronyx.ru id RAA32072 for freebsd-net@freebsd.org.checked; (8.9.3/vak/2.1) Tue, 14 Jan 2003 17:29:09 +0300 (MSK) (envelope-from rik@cronyx.ru) Received: from cronyx.ru by hanoi.cronyx.ru with ESMTP id RAA32000 for ; (8.9.3/vak/2.1) Tue, 14 Jan 2003 17:27:39 +0300 (MSK) (envelope-from rik@cronyx.ru) Message-ID: <3E241FA5.1020904@cronyx.ru> Date: Tue, 14 Jan 2003 17:33:09 +0300 From: Roman Kurakin User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0.1) Gecko/20020826 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: ng_sppp version 1.1 Content-Type: multipart/mixed; boundary="------------070702040508030203040702" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is a multi-part message in MIME format. --------------070702040508030203040702 Content-Type: text/plain; charset=KOI8-R; format=flowed Content-Transfer-Encoding: 7bit Hi, I just release new version of ng_sppp. Have anybody try this driver? Changes: Fixed: It was wrong to stop sending packets if an interface is not !running or !up. Added: Manual page was added. Best regards, Roman Kurakin --------------070702040508030203040702 Content-Type: application/x-compressed; name="ng_sppp-1.1.tgz" Content-Transfer-Encoding: base64 Content-Disposition: inline; filename="ng_sppp-1.1.tgz" H4sIAKcaJD4AA+07/XPTSLL8av0VfWGXi4Pj2KyBrYRwaxwH/Ehsl+0sx+2+UinS2NaLLGn1 kZDb5f3tr7tH35ITuAP2qp6mILZnenq6e/pzNLJXqu+67sGDr9g6nV7n+dOn+Nnp/NDr8Se2 +FN+f/6s2+10nz7pPX/Q6Xa7z54/gKdfk6i4hX6geQAPPPPqTribtRDWtyDo2zY72v/os61/ hTU63U7nWbTv5f1/0sPRZP9x6xH+yfNnzx5A5yvQUmr/z/f/YE+BPUh2H8YiWHmau4bAgTl2 wcYxQku0EYoAB45765mrdQC7gyY8wd3bxz8/wMBz7NsPMLRXpi2EZ9orOAsMmgX9MFg73iHM nI1mw9vQ065MG16gvH/SeVbbC19G6Bdr0wffWQY3micAvxumH3jmZRgIA27MYA3jCbzrz2b9 8WI0nLfAdgIQ18KGYI3wG9cyhUGIcL6n2YEpfFg6HpwPZ4M3OKf/anQ2WrwH7DodLcbD+RxO JzPow7Q/W4wGF2f9GUwvZtPJfBhzLMn3YUX4QLNvwcG1PHCF5zu2T6gcb6XZpq8FJnVoNLQx fR9/kRRDX7QIEQrSXN4iBgM8kfKFlOd4tvF76OmCAS9NW/NuiYWNz0g0HywHhYufPG8jfF9b saiuhBtIGZEsYoQt0CwLDNySa6TvWrBwHO+KCWeSUGJwjcwQ8THT342Mw1QpWtfQbXfbvfYT 2vEfDjrdg24Pur3Dbuew+xxwJ2H4wYXvcOaBojw0bd0KDQEv/Fv/wNU8bdNevyx04/+golt4 nu2Uu6+EZwur3L9B3hy9ov8yXH4yct/Rr8wt/SKoJN1yVuV+y7wkOmkgM2KL4MAsECP71ODW FX7FiB14v5W7L91qLLxFpTVNiak8wMZN3j7SnBLOCCD6sm14peLG+ltnr7JkLQ2xhPFrdT5E K+svhup5/+xsMlDkh3oyPB2Nh7vn6ni4eD3rT9+o8+l02oKdGB3j2sl0AHWg6eOaO80j5aGw fKE8xFWQayjgyfxGQBv1XVEO9mBMk102CgGGFmikumiSoR7Eeq/Gw78rDTnS4HX3XPeo0UAc k9BDcw2Et9TQXHF+A381QtsMcJwARskgdYIdbi7RcRAg0a66/BHBErKEP2aN4NaOc4Vw9BHB vcGvNPTxSCH9IdFuIXuPvqjuEfObkrIR6M8MX/KLLkGHa8c0GvFsiobo3COc5hJpgj1z6aKc I3BiMoY2HT2wKqBbEKrsp/SN0QJdMwxPDVjOTUlPEmbK5CBuHV0Ro3RwWrJYpvcoA+zp1xt/ lYGTHVkQfx0GhnNjZ4DiriyYLW5Y4ClU1FNYjvjIr0c9WSB070itLfQgA5d2ShlMyYKAdpFj VGEbUZjaRmTkwuxnoNgA1aX5QRgUS7DHtJdOYb7sOyYdJgtEg1BHp/3BUB33z8kQ/w6PoUvK dPcqTGQBM/cx5keV1NB4Sw4WCeIFUQJnGAXBWeKiG8wNUAso5q2dGwqbSAhGJYy43ircCDvA gOccLD1nA/35YDS6QzCocxYhTvRmY/i//LckFf8B+qJzKYrBZPJ2NGzl+l4PFygiEg/376zQ mTLlOxLu4uyMvxT5InaVxkcc+x068DFmkR0Ni8oQvu6ZLmpvhvaUaobhkCC74j3DlEX9eTib jybjVrqJ48nJUF28nxKREUkVZpLplUaR6YgNINMVaXuKsoA5UvRMT6rSWQJQ3sR+4odH49Fi l4Za8CjlkDzB+eTk4myIIWA6HJ/AboShBfJvV/6LXMY7gSmOcDG/ujSDjeaiIzJMHaWIbuZm berrrJdFVcJkaukJylwB/iE8B12NZvucHGXdMWZOBNYCxxYRiBn8FeG0K2G3M1sV2r65sjFZ 0tea19iLuSVcPu4WyeqoGjYHqlqYrR5DZzusBDNtFTNHCanILP0UOWb6l6aH+k1k51ghL6Jh FLlJwxJn4CNb94RGvoYSQ/OfgmwukUMkTcwocR8pKfBu20qGbxVJsTCyqiqhVWJm0C6YUtjF Xtijr03ld46BtDPiQ4swHymNHH+w0Xx0p0qDaN1lOGZRToEXUJIV2Rpa26P8yC8Mj0aNkz+c nkbzHz9GXWmYywTzcRlfE37nQCo+BJgOANUJtxxrC4TuoRx5EDEyU/gbp9Mv/Cd/IOm7T9Ly KbvIYxY0ynk3rylEYENmPqjv0RItKKyN1sRsR8vsbUPWKqY73DF51x8teCESRbwISYOUtIn9 DU8EoWfD7nA8OR+eM+yljrVdYoNygRYkJMYUlXR5K3ES6z/J9FIiHpcxFJjdrxBnwkvO6P6S Yeh0NhyWiC8Ih9EU7Ta7zVWGmmz7R6VBygvHlZp4FKk06rxU6F0GfoTui+jEDhxB/cRVeODl y2Po4qS3/fl8OFvALs/Ezg7pOn1/AeNXr943W9IAdne+9w+pcjOOv6e6MMAPzIlVdRnauqq2 KoliE+R9qDSeP1B9u/DiBUMhEBsx6bS0nj1JAG6ZNOSCa3r8GPtiPerg/I+JnyLHhI7I4VpV UGKLiaqR9VXbPAzloomLIQeX8TFbXQz1SEfCwAdMNxIn94L7vo/7EnlvdTg5gVMvCRz7iwKn oVaFrjZzu1op+EcZuUv1qFw0Ck2lVbfv6KNj+N/slpY2bX8/cpClOINENCnl+BctKQ1rZROT oRENiDXkCzUy+tF4MZxROgvzxcXpKerUF2oHsSpPPYdiIiamIGsdMnI+a4ojbFaRs/Hx/tJI Jr2F8ijWb+F5uJKM/o34RxYxo0pwRKUVby1Dk6OJjJN/E5r878Rc+dDNc0I6NAB/7YSWgRaL yTdcCiTOsvhI7UDJ1osJm1vrRSUpm4GOY2BvcyQ5IxPLsteQdSpX49iDc/df0rmGswx0HFUo WA/WQr/KFNtLS1txzYiDaDkRD2vMYXwT822xXGJK6rdhFJAR0SHhynHQoAyhUW3hB44LPp0G 4D6gyG4EI6GUkWAvpjiTepMeL7RtzjNRQIFpWXBDh4GEiXKIs8EUkLINI3E1Ojby2/TjACXM W7IbcyUJR/sfnZ6qF9M/6GN2MR6Pxq+lJ6ge+F2iinbwSP76SPxH6U4BPc2e9AeL0c/DVBFk 6kLgfyFZ77+kZL88nMWEESKDinQIM21LIEObWB0N8VsoQsE0SBY4JrMreTU9Vc8X/WmkrZtm lD1JX7HZf7lR3atgbXjtNLPig6LxiXrSX/TVyfjsfaTQLUiJzqBKFZ5XLNBP/jDHQCPL7UcO 6vfM+NI+K/ajQCXcV/Nbg7QIjMsCLES3+apMyYien8+mGJ6NmDNSWeT+sv0MgRKgyNyTU7Kc aR9V+DW07D6d4NJxFZ95Uf2fWnl8kiXxhp6QJh9nzzQstUKlkpGT0F0+9borL/7jXP3HcDaJ naX0OmkiWU6Mk+VokSyHmTXdz1nRTdbLxFvJTFWYLVP0UYruzLSvKBZt0BFhNbaOzhZdVGc+ lmjHXhTFHe2ANCGiAGh/GM1rEXB423pYyQ4s3rdi+bf7SOKUeQnnMjm23GqmPpVpadpFnmN2 E52JNYVPu4hmVFQ+IpkPF+p0Nvq5vxhKzZYK00xkwSiOGVMkjxFyYmoWlcmpTBIVLIuYj+mO oWwaRwXAKLtO5VUEkLE0lTH/LgLJ8J8C8e8i0I0W6GvDWaXJV25Yuroo2EwnmEZN+C9HnfOL s8Vo0J8vmrGCmNfRUyoWFh8iEM/MuObn0yFy9eA6vm9eWqLJ0opKQOlCEqORPzmV9W2UiR0s t8G0ANNizr5Lgi90sRamGS4fzBHR0dZH+KSWUhxCCe2eTV6r7/ozirS80CHmPPZf0Sb030KT 4n9yKo9zf7V3EjSxBwsCTV8XpEB88/ZochTNJKZT0rdl4NJdlgdacHK2UPkwLpZMiHk71wFM wgmdXdGSleUY758TeuBcRbGAYihlL5jfYe4ZpXcVcSE6EMzFhBbIhxIgA7E8fI1OTEgqFDLy GV1sizk7ZNJpm9Cy9I2LnbybsRW9mUzeqieTd+P5Yjbsn6dblnjD0fjn/lnzKM6AqjIagpoP JuNxlCykMEiVPNcnR8Fr5RyFZC12FFvEOhO6IMlqJIPAc6z4Yew2acoj2IIwzUBgEsQfiWQt zQ8kJxR+WcCfJtF8BI5muonP4ZCcnjgjuSvYw6jqpm6iEKJL0PxghaQ24oPy8/lrNFqmHUeY ghszIO3FnyhqoRlY69OZr478mIJDg05HkYUz+EPcoKqp+saQ4SQ/KT2kP4wOjzj52/IIRfOY aM4tz9/OhvPpZDxHqRHrTHgrPcJC2GbhEI31S4opG7cbSVkmIzODNi49oV3x14/0B9GRn91C WJOw7r+UT4+I/sQR4jyMTavEy8X05fvpcEiy/7kOMkMoTafo2jDEUgutgCSassZmlp9AjMU/ MnPKU2Kgj2xmUu4nUmeilD61gRaQLJrSIik7kHCRVhXTgawRkg3yE1x+OCSdWxummi8jk6zH yNvRL93xPEGFqu2GQVz0tu+wWMa8m3N5GZP9dAuN/Qxn/Yyv+XkGmxTRGetLbC8rt9FiGA1Q L0aHuYabfos+GmtomUEnx1NcgsVF47k6fbt4czJrRcdQVPjK8ixzAtWMw+umMmtOvDInjRVJ h6xNL6bNzIlTsuOItZDyDhcUBDIJ4IVryEQvzcy0wC9nZWZUh9MpJU8cOzjNY5/NVX8uVGdL Udx0JP4Y0vgbYXglvCthidtYpZamFUQpclroZqP2Jo7PczoliGYlmYFUwdKEmPlORsvn0bO6 6PLQxrmWaVhaM6EIUOEd3dToplTu8U+lZsdP/yrKvfu1OQ3gmK4YIk5XIpXNZDPRAcF2ANyo u4bTKoE6KyuFTEUThbCK0+NMiZLDWonxjtKB1T0DcjGeDU/T6FuZJvCFjfQ5qenYWzclhcp5 nE/elqyPSVxMIe2RQirS+mffQqzbn9Xi+78b7UqgQxNfY4277/92uj/0nhbv/z57+rS+//st 2kN51zPe/k++6qnMG8dwEPrege/pdCdSUTTLOlQUE/0UfWt8tztvHpSuBOpQ3b+GXzHw85i8 ceynMJwdbR86OI+IT1G02wc+lqQC1dqm/71knZ6ibMdEaexPmyvD9GD/rhUjHGXmMpdmqWZB HH+D737aBr5Owddl8Lt5TafGPWUMd0ghnd7LzTPM5ZKksE9fYD+E+/ZNrwJeb9vkKuBk9z6B 66r5Pbh3y/9sI/sPbsX3P9ZfYY17/P+Tbtn/P3/+Q+3/v0XLv/+xrt//qN//KL7/sf7c9z+W Nl1Lz1dW6hs1uaJfHsnflJUPFpD9jbbi+710dEi4YwSlW7CNxg6/JJCByB0vNhqNbqfX+bHT w8SycCH+kk4W47vWxRXSpzkVS1Q9C8WF5ALnt/KYnTD7VagLR9yInwpyVAuhbXbyl+ST+9GI RtjhRl4NLp2FYnnXbdF5gyzu/O1XyuWF76rB+IEvX/WLzhDvfuxLuOSbFYBLl/aWlvuznVzd trZi/D//CnXgPfG/033eKcT/3pO6/vs27WHe159/dh349nxychwfuinz2WB+DI20OlDayeth l77RvsKQ095cvaxdwn9IK9p/7yuscY/9P+0+65by/26ntv9v0dq/7pST+u35PIF/WkKPkAz9 ZVJ6wvQlcvqYqi+T1ROmfz+tJyz/fl7PErojsY85z7n7XuLnu/f4eZ5+YsB/aXZItD9t8QTs C+KMFnpKe+Ir7TluKaaISnu8iRfC70b01m7uHVd+aY4mzN+PJ9P5aK60RzZUnBsRzMlwPpiN povRZKz07Rx6Rmb6+XtsgaO0/+7JZXsKIiXxgKXd4j4bKLfojSn/1tbXqLdOiHuA2u63YRB6 nrAD6zaLwA9d1/ECH4hV2sUBPa6BNydnA3A9J3B0x2rDO9yoHGm3TgiGQxeK6C0IRkivajKF PWgr79aCnutVskOvbaGZtIpvdYHmukJD9ZXvvRHjOl1TpztXcG1qvIq51B17aa7gR1yljD3G Jd+UozQfiTu5Zm470Eq+d/G7CPSYUIhpS94fTJ+r+64TXalOCKWb5fy80lC06OW1dJALjkuB 1Q1Rca2ZlkYM0KZ4gl5KuEQbCenWXYl+/4glwl/REm60W/nGXub1uNBGFLlnoYv4kakZ+MJa stz86L2r0q02eqSazKX3LiwR3SggCEWzcG+MWxAf0OT9Fhm43Aw9ftGOV0LmNRPdR2izhHEj pm6l8tLddQ18lB5KICkcDUhrwjZc+CEa/S2SxsohHxUSjEl3GnAANd4Q1yaKNtJvvgvBa5YE CJE+M63Jo+2pfEh9Kh9t776anjbbbHxUrc6VRXoLkAr1xCRY6o5lOTe0/bSqfyiXfWXBfqCt YP/GNNCFaZc6lsGrtfk/aOkBoI6lDPL+pI9J4ysbRftEeoYW0zSYjBezyRlGgvm8/3p4N3kr YaOz1IuXtXDrXCsscHBYonvpODHBVHjLQjitvJVZVHHH+hG/YZkqe95CmLeYWNQdje1tJ63J 2UFERfkOEEEG7FsmYtOQMme59HGberZSPQPLeJCX8j6jim8PjUS08zcXfPMiI1IyeJ+3C0Jk Q96lcPn9bUk9n0jE8wpibgPQ7lbdUcj4CBkciw5BIYdwjzuQSn5hWyb6gI1Dr5WnN4T5nWPG TcMFF6wYDilBlQemEZTIhlISZeWAhm4GrZzcIMZe1nK022vyYdiXPr0XxhF4Gq3f4lXFB0xi dDO4V0pSFHzt1JBmNx8OoX82nzDRl+4SQ0YrE5SiH0lQTTrSCNMqBoMYgq4R/yhtezRfTGbv yf7KQmBLuiGHiKmYoDfxefOU9ukHeNrugKSzf7F4M5kp7b5dSAv7v0EuMawLv7rVrW51q1vd 6la3utWtbnWrW93qVre61a1udatb3epWt7rVrW51q1vd6la3utWtbnWrW93qVre61e1fb/8H WUV7mwB4AAA= --------------070702040508030203040702-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 14 7:19:46 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7CB4137B401; Tue, 14 Jan 2003 07:19:44 -0800 (PST) Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id CDFEF43F3F; Tue, 14 Jan 2003 07:19:42 -0800 (PST) (envelope-from bde@zeta.org.au) Received: from katana.zip.com.au (katana.zip.com.au [61.8.7.246]) by mailman.zeta.org.au (8.9.3/8.8.7) with ESMTP id CAA24071; Wed, 15 Jan 2003 02:19:29 +1100 Date: Wed, 15 Jan 2003 02:20:12 +1100 (EST) From: Bruce Evans X-X-Sender: bde@gamplex.bde.org To: Martin Blapp Cc: Thomas Moestl , , Subject: Re: PANIC in tcp_syncache.c sonewconn() line 562 In-Reply-To: <20030114100620.W76016@levais.imp.ch> Message-ID: <20030115020320.L17332-100000@gamplex.bde.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 14 Jan 2003, Martin Blapp wrote: > > Hi Thomas, > > > s = splnet(); > > + if (so->so_state & (SS_ISCONNECTED | SS_ISCONNECTING)) { > > + splx(s); > > + return (EINVAL); > > + } > > error = (*so->so_proto->pr_usrreqs->pru_listen)(so, td); > > if (error) { > > splx(s); > > > > Can you commit this ? The fix looks appropriate, but the manpage should > also be changed to reflect the change. > > ERRORS > Listen() will fail if: > > [EBADF] The argument s is not a valid descriptor. > [ENOTSOCK] The argument s is not a socket. > [EOPNOTSUPP] The socket is not of a type that > supports the operation listen(). > [EINVAL] Listen() has been already called on the socket. > > Any objections from others ? EINVAL is a bogus errno for this, but is standard. POSIX has better wording: "The socket is already connected". The patch also returns EINVAL if the socket is being connected. Is this right? (Maybe we should wait until we can tell if it is connected.) POSIX also specifies the errors EDESTADDRREQ, EACCES, another EINVAL for shut down sockets, and ENOBUFS. The last 3 "may" cause listen() to fail and the others (including the first EINVAL) "shall" cause it to fail. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 14 7:21:27 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DC52637B401 for ; Tue, 14 Jan 2003 07:21:26 -0800 (PST) Received: from otdel-1.org (draculina.otdel-1.org [195.230.89.101]) by mx1.FreeBSD.org (Postfix) with ESMTP id C9C3343F1E for ; Tue, 14 Jan 2003 07:21:25 -0800 (PST) (envelope-from nms+bsd@otdel-1.org) Received: by otdel-1.org (CommuniGate Pro PIPE 4.0.3) with PIPE id 2910057; Tue, 14 Jan 2003 18:21:25 +0300 Date: Tue, 14 Jan 2003 18:21:16 +0300 From: Nikolai SAOUKH To: freebsd-net@FreeBSD.org Subject: Re: PPTP tunneling over PPPoE link Message-ID: <20030114152116.GA2766@otdel1.org> Mail-Followup-To: freebsd-net@FreeBSD.org References: <4.3.2.7.2.20030109191546.02975920@localhost> <200301120138.h0C1cfSw030935@arch20m.dellroad.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200301120138.h0C1cfSw030935@arch20m.dellroad.org> User-Agent: Mutt/1.5.3i X-Mailer: CommuniGate Pro CLI mailer Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org | That bug has been fixed, in sys/netgraph/ng_pptpgre.c revisions | 1.26 and 1.2.2.13. | | http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netgraph/ng_pptpgre.c Any plans to commit relevant patches to -stable branch? Thanks To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 14 17:53:15 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 99C8637B401 for ; Tue, 14 Jan 2003 17:53:13 -0800 (PST) Received: from mail.sandvine.com (sandvine.com [199.243.201.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1E2F243EB2 for ; Tue, 14 Jan 2003 17:53:13 -0800 (PST) (envelope-from don@sandvine.com) Received: by mail.sandvine.com with Internet Mail Service (5.5.2653.19) id ; Tue, 14 Jan 2003 20:53:12 -0500 Message-ID: From: Don Bowman To: "'freebsd-net@freebsd.org'" Subject: 3COM 3C996-SX (bge) fibre support? Date: Tue, 14 Jan 2003 20:53:11 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I see in the cvs comments that this card is supported (1.11 of if_bge.c). The relevant change seems to be: + /* + * Figure out what sort of media we have by checking the + * hardware config word in the EEPROM. Note: on some BCM5700 + * cards, this value appears to be unset. If that's the + * case, we have to rely on identifying the NIC by its PCI + * subsystem ID, as we do below for the SysKonnect SK-9D41. + */ + bge_read_eeprom(sc, (caddr_t)&hwcfg, + BGE_EE_HWCFG_OFFSET, sizeof(hwcfg)); + if ((ntohl(hwcfg) & BGE_HWCFG_MEDIA) == BGE_MEDIA_FIBER) + sc->bge_tbi = 1; sadly, I have a phy-id of 0, so I think I have to use the hackish method the SK... uses, just below it: /* The SysKonnect SK-9D41 is a 1000baseSX card. */ if ((pci_read_config(dev, BGE_PCI_SUBSYS, 4) >> 16) == SK_SUBSYSID_9D41) sc->bge_tbi = 1; I have the subsystem etc (side-node: there's a bug in the above code, it should check the vendor id as well): PCI sub-devid 0x1004 PCI PCI sub-vid 0x10b7 So I added a line of the SK_... type above, to set the 'bge_tbi' to one for my 1000baseSX card. However, I see this interface 'flapping', I get snowed with messages to my console about 'link up' (but never link down). I tried forcing the media & mediaopts to 1000Mbps and full-duplex. The other end of the link sees nothing (no link). Anyone have a suggestion on where to start? I suspect this is related to the comment about "One thing that confuses me still is that the 'link state change' bit in the status block seems to change state an awful lot." (1.10). --don To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 14 19:57:59 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A980C37B401 for ; Tue, 14 Jan 2003 19:57:58 -0800 (PST) Received: from corpmail.outblaze.com (202-77-223-51.outblaze.com [202.77.223.51]) by mx1.FreeBSD.org (Postfix) with ESMTP id 204AE43ED8 for ; Tue, 14 Jan 2003 19:57:58 -0800 (PST) (envelope-from yusufg@outblaze.com) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by corpmail.outblaze.com (Postfix) with ESMTP id 95A2C826C for ; Wed, 15 Jan 2003 03:59:50 +0000 (GMT) Received: from yusufg.portal2.com (202-77-223-125.outblaze.com [202.77.223.125]) by corpmail.outblaze.com (Postfix) with SMTP id 28656520FB for ; Wed, 15 Jan 2003 03:59:50 +0000 (GMT) Received: (qmail 15601 invoked by uid 500); 15 Jan 2003 03:59:23 -0000 Date: Wed, 15 Jan 2003 11:59:23 +0800 From: Yusuf Goolamabbas To: freebsd-net@freebsd.org Cc: forrestc@imach.com, gshapiro@freebsd.org Subject: PR/47044 Message-ID: <20030115035923.GA15505@outblaze.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4i X-AntiVirus: checked by Vexira MailArmor (version: 2.0.1.6; VAE: 6.17.0.2; VDF: 6.17.0.17; host: corpmail.outblaze.com) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, We are facing similar issues mention in PR/47044. This is on a 4.6-stable box running sendmail 8.12.6 http://www.freebsd.org/cgi/query-pr.cgi?pr=47044 One more data point I would like to mention. When I do a telnet to a host:port where no service is running. Sometimes I get "Connection refused", sometimes I get "Can't assign requested address" so I am not certain if this is a sendmail issue # telnet 208.23.118.222 smtp Trying 208.23.118.222... telnet: connect to address 208.23.118.222: Connection refused telnet: Unable to connect to remote host # telnet 208.23.118.222 smtp Trying 208.23.118.222... telnet: connect to address 208.23.118.222: Can't assign requested address telnet: Unable to connect to remote host -- Yusuf Goolamabbas yusufg@outblaze.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 14 20:10:53 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BE68237B401; Tue, 14 Jan 2003 20:10:51 -0800 (PST) Received: from workhorse.imach.com (barbwire.iMach.com [206.127.77.82]) by mx1.FreeBSD.org (Postfix) with ESMTP id B676643E4A; Tue, 14 Jan 2003 20:10:50 -0800 (PST) (envelope-from forrestc@imach.com) Received: from localhost (forrestc@localhost) by workhorse.imach.com (8.11.6/8.11.6) with ESMTP id h0F4AdT04319; Tue, 14 Jan 2003 21:10:40 -0700 (MST) (envelope-from forrestc@imach.com) Date: Tue, 14 Jan 2003 21:10:38 -0700 (MST) From: "Forrest W. Christian" To: Yusuf Goolamabbas Cc: freebsd-net@freebsd.org, Subject: Re: PR/47044 In-Reply-To: <20030115035923.GA15505@outblaze.com> Message-ID: <20030114210731.F3061-100000@workhorse.imach.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 15 Jan 2003, Yusuf Goolamabbas wrote: > http://www.freebsd.org/cgi/query-pr.cgi?pr=47044 > One more data point I would like to mention. When I do a telnet to a > host:port where no service is running. Sometimes I get "Connection > refused", sometimes I get "Can't assign requested address" so I am not > certain if this is a sendmail issue > > # telnet 208.23.118.222 smtp > Trying 208.23.118.222... > telnet: connect to address 208.23.118.222: Connection refused > telnet: Unable to connect to remote host > # telnet 208.23.118.222 smtp > Trying 208.23.118.222... > telnet: connect to address 208.23.118.222: Can't assign requested address > telnet: Unable to connect to remote host This is almost certaintly related to not having your network devices properly configured. Do a google groups search on "Can't assign requested address" and you will likely find what I am talking about. Long story short, if lo0 and/or the ethernet port is mangled and/or the dns is mangled, etc. You will have these problems. My PR is on a box which I fully believe is configured correctly (although I can't vouch for it). Drop me a copy of "ifconfig -a" and "netstat -rn" and also a copy of /etc/rc.conf and I will see If I can see anything. - Forrest W. Christian (forrestc@imach.com) AC7DE ---------------------------------------------------------------------- The Innovation Machine Ltd. P.O. Box 5749 http://www.imach.com/ Helena, MT 59604 Home of PacketFlux Technologies and BackupDNS.com (406)-442-6648 ---------------------------------------------------------------------- Protect your personal freedoms - visit http://www.lp.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Jan 14 21:30:34 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 321FF37B401 for ; Tue, 14 Jan 2003 21:30:32 -0800 (PST) Received: from mail.econolodgetulsa.com (mail.econolodgetulsa.com [198.78.66.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id A765D43F43 for ; Tue, 14 Jan 2003 21:30:31 -0800 (PST) (envelope-from user@mail.econolodgetulsa.com) Received: from mail (user@mail [198.78.66.163]) by mail.econolodgetulsa.com (8.12.3/8.12.3) with ESMTP id h0F5USZb049134 for ; Tue, 14 Jan 2003 21:30:28 -0800 (PST) (envelope-from user@mail.econolodgetulsa.com) Date: Tue, 14 Jan 2003 21:30:28 -0800 (PST) From: Josh Brooks To: freebsd-net@freebsd.org Subject: ipfw: blocking syn floods - two proposed rules Message-ID: <20030114212944.A39623-100000@mail.econolodgetulsa.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org My goal is to create an ipfw rule that stops normal syn floods by blocking ALL syn packets that have no MSS set. My understanding is that there is no legitimate packet that is a SYN and has no MSS, and further, most of the kiddie tools in existence for syn flooding do indeed send syn packets with no MSS. Here is what I came up with: ipfw add 00001 deny tcp from any to any tcpoptions !mss setup the rationale here is that I am blocking all tcp connections with no MSS, provided that they are in the setup phase - and the man page for ipfw states: setup TCP packets only. Match packets that have the SYN bit set but no ACK bit. So therefore I would get all the no mss syn packets, and I wouldn't inadvertantly get a syn+ack packet ... I am mainly worried about this because I do not know for sure if a syn+ack packet with no MSS is legitimate...just in case there are some, I thought this would be a good rule. Next: ipfw add 00001 deny tcp from any to any tcpoptions !mss tcpflags syn Same idea, but I explicitly define it to match _any_ packet that contains a syn and has no MSS - so theoretically there could be other flags besides syn set as well and I would still drop it. Again, I am worried because, although I know that there are no syn-only packets with no MSS, I am not sure if there are ever (in the wild) syn+(other flags) packets with no MSS. Comments ? Finally: ipfw add 00001 deny tcp from any to any tcpoptions !mss tcpflags syn !ack I am fairly certain that this rule is _functionally identical_ to the first rule which used the setup keyword. ----------- So, any comments ? Which of these is best ? And given my original goal: "to create an ipfw rule that stops normal syn floods by blocking ALL syn packets that have no MSS set." will whatever rule above is the best one accomplish that goal ? Will there be unintended consequences like all sorts of lost traffic and customers complaining and me locked out of my firewall etc ? I specify 00001 in all those rules above because I really do plan on putting it as my first (or so) rule... comments appreciated. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 15 5:41:43 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EA29737B401; Wed, 15 Jan 2003 05:41:41 -0800 (PST) Received: from myra.cc.metu.edu.tr (myra.cc.metu.edu.tr [144.122.199.93]) by mx1.FreeBSD.org (Postfix) with ESMTP id E0A8343E4A; Wed, 15 Jan 2003 05:41:33 -0800 (PST) (envelope-from eryol@metu.edu) Received: from metu.edu (yelken.cc.metu.edu.tr [144.122.3.235]) by myra.cc.metu.edu.tr (8.11.6/8.11.6) with ESMTP id h0FDfQZ14662; Wed, 15 Jan 2003 15:41:28 +0200 (EET) Message-ID: <3E2580CC.30509@metu.edu> Date: Wed, 15 Jan 2003 17:39:56 +0200 From: Gokhan ERYOL Organization: Middle East Tech. University, Computer Center User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20021003 X-Accept-Language: en-us, en, tr MIME-Version: 1.0 To: freebsd-net@freebsd.org, freebsd-stable@freebsd.org Subject: freebsd 4.7-stable kernel gre support for squid's wccp cisco interaction Content-Type: text/plain; charset=ISO-8859-9; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi all, I need any suggestions about GRE support of 4.7 stable series of FreeBSD, because of the fact that squid's WCCP communication to Cisco devices over GRE is NOT working. At squid side, a patch for FreeBSD is available, but after the incorporation of GRE into STABLE on 1st December, it's not applicable. On the other hand, creating GRE interface, tunneling between Cisco device and BSD box, is not working for WCCP. Henrik Nordstrom from squid-cache.org, warn me about WCCP/GRE encapsulation may not be included in FreeBSD STABLE. Is it possible to add WCCP support on existing GRE module? Regards, Gokhan ERYOL To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 15 6:26:30 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C8DE037B405 for ; Wed, 15 Jan 2003 06:26:29 -0800 (PST) Received: from whizzo.transsys.com (whizzo.TransSys.COM [144.202.42.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id E6A7243F13 for ; Wed, 15 Jan 2003 06:26:28 -0800 (PST) (envelope-from louie@whizzo.transsys.com) Received: from whizzo.transsys.com (#6@localhost.transsys.com [127.0.0.1]) by whizzo.transsys.com (8.12.6/8.12.6) with ESMTP id h0FEQS4E027966; Wed, 15 Jan 2003 09:26:28 -0500 (EST) (envelope-from louie@whizzo.transsys.com) Message-Id: <200301151426.h0FEQS4E027966@whizzo.transsys.com> X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: Josh Brooks Cc: freebsd-net@FreeBSD.ORG X-Image-URL: http://www.transsys.com/louie/images/louie-mail.jpg From: "Louis A. Mamakos" Subject: Re: ipfw: blocking syn floods - two proposed rules References: <20030114212944.A39623-100000@mail.econolodgetulsa.com> In-reply-to: Your message of "Tue, 14 Jan 2003 21:30:28 PST." <20030114212944.A39623-100000@mail.econolodgetulsa.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 15 Jan 2003 09:26:28 -0500 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > > My goal is to create an ipfw rule that stops normal syn floods by blocking > ALL syn packets that have no MSS set. > > My understanding is that there is no legitimate packet that is a SYN and > has no MSS, and further, most of the kiddie tools in existence for syn > flooding do indeed send syn packets with no MSS. Strictly speaking, a TCP stack is not REQUIRED to include an MSS option on the TCP SYN segment. It's the only time one can be specified, but if the TCP is happy with the 536 byte default, it needn't bother. Even older versions of the 4.3BSD-based TCP/IP stack had this issue, and didn't include an MSS option if the interface MTU was sufficiently small. In practice, I'm not sure how much of an issue this might be these days, but you should probably check to see if really see NO legitimate connections before you really start filtering. louie To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 15 6:38:55 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 083D837B401 for ; Wed, 15 Jan 2003 06:38:54 -0800 (PST) Received: from mailtoaster1.pipeline.ch (mailtoaster1.pipeline.ch [62.48.0.70]) by mx1.FreeBSD.org (Postfix) with SMTP id AFF1943F6B for ; Wed, 15 Jan 2003 06:38:52 -0800 (PST) (envelope-from oppermann@pipeline.ch) Received: (qmail 90342 invoked from network); 15 Jan 2003 14:37:56 -0000 Received: from unknown (HELO pipeline.ch) ([62.48.0.53]) (envelope-sender ) by mailtoaster1.pipeline.ch (qmail-ldap-1.03) with SMTP for ; 15 Jan 2003 14:37:56 -0000 Message-ID: <3E2571EC.339F829F@pipeline.ch> Date: Wed, 15 Jan 2003 15:36:28 +0100 From: Andre Oppermann X-Mailer: Mozilla 4.76 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: "Louis A. Mamakos" Cc: Josh Brooks , freebsd-net@FreeBSD.ORG Subject: Re: ipfw: blocking syn floods - two proposed rules References: <20030114212944.A39623-100000@mail.econolodgetulsa.com> <200301151426.h0FEQS4E027966@whizzo.transsys.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org "Louis A. Mamakos" wrote: > > > > > My goal is to create an ipfw rule that stops normal syn floods by blocking > > ALL syn packets that have no MSS set. > > > > My understanding is that there is no legitimate packet that is a SYN and > > has no MSS, and further, most of the kiddie tools in existence for syn > > flooding do indeed send syn packets with no MSS. > > Strictly speaking, a TCP stack is not REQUIRED to include an MSS option > on the TCP SYN segment. It's the only time one can be specified, but > if the TCP is happy with the 536 byte default, it needn't bother. > > Even older versions of the 4.3BSD-based TCP/IP stack had this issue, > and didn't include an MSS option if the interface MTU was sufficiently > small. > > In practice, I'm not sure how much of an issue this might be these > days, but you should probably check to see if really see NO legitimate > connections before you really start filtering. In a recent study my diploma students found that out of a dataset of 9 million TCP SYN in real life traffic (Sunsite Switzerland, five popular newspaper sites) approximatly 5% did not have the MSS option set. We did not manage to figure the OS of those SYN packets. -- Andre To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 15 10:37: 4 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9746737B401 for ; Wed, 15 Jan 2003 10:37:03 -0800 (PST) Received: from overlord.e-gerbil.net (e-gerbil.net [64.186.142.66]) by mx1.FreeBSD.org (Postfix) with ESMTP id CD77743E4A for ; Wed, 15 Jan 2003 10:37:02 -0800 (PST) (envelope-from ras@overlord.e-gerbil.net) Received: from overlord.e-gerbil.net (ras@localhost.globali.net [127.0.0.1]) by overlord.e-gerbil.net (8.12.6/8.12.6) with ESMTP id h0FIauTg070819; Wed, 15 Jan 2003 13:36:56 -0500 (EST) (envelope-from ras@overlord.e-gerbil.net) Received: (from ras@localhost) by overlord.e-gerbil.net (8.12.6/8.12.6/Submit) id h0FIau3O070818; Wed, 15 Jan 2003 13:36:56 -0500 (EST) (envelope-from ras) Date: Wed, 15 Jan 2003 13:36:56 -0500 From: Richard A Steenbergen To: Andre Oppermann Cc: "Louis A. Mamakos" , Josh Brooks , freebsd-net@FreeBSD.ORG Subject: Re: ipfw: blocking syn floods - two proposed rules Message-ID: <20030115183655.GQ78231@overlord.e-gerbil.net> References: <20030114212944.A39623-100000@mail.econolodgetulsa.com> <200301151426.h0FEQS4E027966@whizzo.transsys.com> <3E2571EC.339F829F@pipeline.ch> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3E2571EC.339F829F@pipeline.ch> User-Agent: Mutt/1.5.1i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, Jan 15, 2003 at 03:36:28PM +0100, Andre Oppermann wrote: > In a recent study my diploma students found that out of a dataset of > 9 million TCP SYN in real life traffic (Sunsite Switzerland, five > popular newspaper sites) approximatly 5% did not have the MSS option > set. We did not manage to figure the OS of those SYN packets. A significant portion of the non DoS SYNs without MSS option that I see are worms, automated port scanners, or otherwise tools which are using raw sockets to construct TCP SYNs for various nefarious purposes (the problem seems to be that the kiddies writing the code can't get the tcp pseudoheader checksum right if they include options :P). If you're willing to deny service to some potentially legitimate users with old or bizaare TCP/IP stacks, blocking non-MSS SYNs can be an effective tool against some of the above activities. Otherwise, I would recommend a small rate limit against those packets. It depends on your application, for example if you are running a web service which is only useful to people with modern Windows browsers already, preventing worms and port scans might be worth blocking some legit users. If you desire full end to end reachability "most of the time", and just want to prevent some DoS, a rate limit is probably more useful. -- Richard A Steenbergen http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Jan 15 14:24:15 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4D26637B405 for ; Wed, 15 Jan 2003 14:24:13 -0800 (PST) Received: from mail.gmx.net (mail.gmx.net [213.165.64.20]) by mx1.FreeBSD.org (Postfix) with SMTP id 88D1843EB2 for ; Wed, 15 Jan 2003 14:24:11 -0800 (PST) (envelope-from tmoestl@gmx.net) Received: (qmail 21410 invoked by uid 0); 15 Jan 2003 22:24:10 -0000 Received: from p508e7cf6.dip.t-dialin.net (HELO galatea.local) (80.142.124.246) by mail.gmx.net (mp020-rz3) with SMTP; 15 Jan 2003 22:24:10 -0000 Received: from localhost ([127.0.0.1] helo=galatea.local) by galatea.local with esmtp (Exim 4.12 #1) id 18Yvys-0000P5-00; Wed, 15 Jan 2003 23:25:54 +0100 Received: (from tmm@localhost) by galatea.local (8.12.6/8.12.6/Submit) id h0FMPm0c001554; Wed, 15 Jan 2003 23:25:48 +0100 (CET) Date: Wed, 15 Jan 2003 23:25:48 +0100 From: Thomas Moestl To: Bruce Evans Cc: Martin Blapp , current@FreeBSD.ORG, net@FreeBSD.ORG Subject: Re: PANIC in tcp_syncache.c sonewconn() line 562 Message-ID: <20030115222548.GC286@crow.dom2ip.de> Mail-Followup-To: Bruce Evans , Martin Blapp , current@FreeBSD.ORG, net@FreeBSD.ORG References: <20030114100620.W76016@levais.imp.ch> <20030115020320.L17332-100000@gamplex.bde.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030115020320.L17332-100000@gamplex.bde.org> User-Agent: Mutt/1.4i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 2003/01/15 at 02:20:12 +1100, Bruce Evans wrote: > On Tue, 14 Jan 2003, Martin Blapp wrote: > > > > > Hi Thomas, > > > > > s = splnet(); > > > + if (so->so_state & (SS_ISCONNECTED | SS_ISCONNECTING)) { > > > + splx(s); > > > + return (EINVAL); > > > + } > > > error = (*so->so_proto->pr_usrreqs->pru_listen)(so, td); > > > if (error) { > > > splx(s); > > > > > > > Can you commit this ? The fix looks appropriate, but the manpage should > > also be changed to reflect the change. > > > > ERRORS > > Listen() will fail if: > > > > [EBADF] The argument s is not a valid descriptor. > > [ENOTSOCK] The argument s is not a socket. > > [EOPNOTSUPP] The socket is not of a type that > > supports the operation listen(). > > [EINVAL] Listen() has been already called on the socket. > > > > Any objections from others ? > > EINVAL is a bogus errno for this, but is standard. POSIX has better > wording: "The socket is already connected". The patch also returns > EINVAL if the socket is being connected. Is this right? (Maybe we > should wait until we can tell if it is connected.) Yes, I think so; calling listen() for SS_ISCONNECTING sockets can also lead to bogus states, although that could of course be avoided in another way. For applications, however, it does not matter much, since sockets can never be safely assumed to be in SS_ISCONNECTING (they can always change to SS_ISCONNECTED or time out behind the application's back). > POSIX also specifies the errors EDESTADDRREQ, EACCES, another EINVAL for > shut down sockets, and ENOBUFS. The last 3 "may" cause listen() to fail > and the others (including the first EINVAL) "shall" cause it to fail. EDESTADDRREQ seems to not be generated, instead e.g. tcp_usr_listen() always chooses a local address (which does not really make much sense, but changing it might break old applications I guess). ENOBUFS does not seem to occur. Shut down sockets seem to not be handled specially. - Thomas -- Thomas Moestl http://www.tu-bs.de/~y0015675/ http://people.FreeBSD.org/~tmm/ PGP fingerprint: 1C97 A604 2BD0 E492 51D0 9C0F 1FE6 4F1D 419C 776C To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 16 6:11:31 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 19E5637B401 for ; Thu, 16 Jan 2003 06:11:28 -0800 (PST) Received: from momotombo.TechFak.Uni-Bielefeld.DE (momotombo.TechFak.Uni-Bielefeld.DE [129.70.136.107]) by mx1.FreeBSD.org (Postfix) with ESMTP id C500943F3F for ; Thu, 16 Jan 2003 06:11:26 -0800 (PST) (envelope-from bfischer@TechFak.Uni-Bielefeld.DE) Received: from popocatepetl.TechFak.Uni-Bielefeld.DE (popocatepetl.TechFak.Uni-Bielefeld.DE [129.70.136.108]) by momotombo.TechFak.Uni-Bielefeld.DE (8.11.6+Sun/8.11.6/TechFak/pk+ro20010720) with ESMTP id h0GEBQU10800 for ; Thu, 16 Jan 2003 15:11:26 +0100 (MET) Received: (from bfischer@localhost) by popocatepetl.TechFak.Uni-Bielefeld.DE (8.11.6+Sun/8.9.1) id h0GEBPU23785 for freebsd-net@FreeBSD.ORG; Thu, 16 Jan 2003 15:11:25 +0100 (MET) Received: from popocatepetl.TechFak.Uni-Bielefeld.DE (popocatepetl.TechFak.Uni-Bielefeld.DE [129.70.136.108]) by momotombo.TechFak.Uni-Bielefeld.DE (8.11.6+Sun/8.11.6/TechFak/pk+ro20010720) with ESMTP id h0GE6EU10500; Thu, 16 Jan 2003 15:06:14 +0100 (MET) From: Bjoern Fischer Received: (from bfischer@localhost) by popocatepetl.TechFak.Uni-Bielefeld.DE (8.11.6+Sun/8.9.1) id h0GE6E023648; Thu, 16 Jan 2003 15:06:14 +0100 (MET) Date: Thu, 16 Jan 2003 15:06:13 +0100 To: freebsd-hackers@FreeBSD.ORG Subject: [PATCH] ipsec esp ipfw interaction Message-ID: <20030116140613.GA23170@popocatepetl.TechFak.Uni-Bielefeld.DE> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="SUOF0GtieIMvvwua" Content-Disposition: inline User-Agent: Mutt/1.4i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --SUOF0GtieIMvvwua Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hello, in early January this year there was a discussion about the way ipfw interacts with ipsec. Last November ipfw was changed to process ipsec datagrams twice: Once before and a second time after the decoding procedure. This makes life easier for people who use gif tunnels with ipsec transport mode, but it makes life harder for people (like myself) who use native ipsec tunnel mode. Someone suggested to make the ipfw behavior adjustable through a sysctl, another approach was to port the Open(/Net)BSD enc0 virtual interface. I made up a refined sysctl solution for a FreeBSD machine that is acting as a IPsec tunnel endpoint for roadwarriors in a WLAN environment. The idea is simple: I introduced a new sysctl "net.inet.ip.fw.ipsec_reinject" which defaults to "1". The value is an integer and defines at which rule number ipsec datagrams should be reinjected into the ipfw ruleset. Set it to "0", and it won't be reinjected at all. Set it to "1" (default) and the datagram would be reinjected at the very beginning. You also can put your post ipsec filter rules put at 10000+ and set the sysctl to "10000". Flexible? This is a first patch against -STABLE to demonstrate the concept. Any comments? I may provide a patch that includes ip_fw2.c and check whether it applies to -CURRENT. " Bjorn Fischer --SUOF0GtieIMvvwua Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="ipfw-ipsec.udif" diff -ur sys/netinet/ip_fw.c /sys/netinet/ip_fw.c --- sys/netinet/ip_fw.c Thu Nov 21 01:27:30 2002 +++ /sys/netinet/ip_fw.c Wed Jan 15 17:48:23 2003 @@ -106,6 +106,8 @@ &fw_verbose, 0, "Log matches to ipfw rules"); SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, verbose_limit, CTLFLAG_RW, &fw_verbose_limit, 0, "Set upper limit of matches of ipfw rules logged"); +SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, ipsec_reinject, CTLFLAG_RW, + &fw_ipsec_reinject, 1, "Reinject decoded IPsec datagrams at this rule"); /* * Extension for stateful ipfw. @@ -1088,7 +1090,7 @@ u_short src_port = 0, dst_port = 0; struct in_addr src_ip, dst_ip; u_int8_t proto= 0, flags = 0; - u_int16_t skipto; + u_int16_t skipto = 0; u_int16_t ip_len=0; int dyn_checked = 0 ; /* set after dyn.rules have been checked. */ @@ -1106,9 +1108,18 @@ } else hlen = ip->ip_hl << 2; +#ifdef IPSEC + if (ipsec_gethist(*m, NULL) && + args->divert_rule == 0 && + fw_ipsec_reinject > 1) + skipto = fw_ipsec_reinject - 1; +#endif + /* Grab and reset cookie */ - skipto = *cookie; - *cookie = 0; + if (*cookie != 0) { + skipto = *cookie; + *cookie = 0; + } #define PULLUP_TO(len) do { \ if ((*m)->m_len < (len)) { \ diff -ur sys/netinet/ip_fw.h /sys/netinet/ip_fw.h --- sys/netinet/ip_fw.h Tue Jul 9 09:11:42 2002 +++ /sys/netinet/ip_fw.h Wed Jan 15 16:56:38 2003 @@ -367,6 +367,7 @@ extern ip_fw_ctl_t *ip_fw_ctl_ptr; extern int fw_one_pass; extern int fw_enable; +extern int fw_ipsec_reinject; extern struct ipfw_flow_id last_pkt; #define IPFW_LOADED (ip_fw_chk_ptr != NULL) #endif /* _KERNEL */ diff -ur sys/netinet/ip_input.c /sys/netinet/ip_input.c --- sys/netinet/ip_input.c Mon Nov 25 05:23:00 2002 +++ /sys/netinet/ip_input.c Wed Jan 15 17:01:58 2003 @@ -193,6 +193,7 @@ ip_fw_chk_t *ip_fw_chk_ptr; int fw_enable = 1 ; int fw_one_pass = 1; +int fw_ipsec_reinject = 1; /* Dummynet hooks */ ip_dn_io_t *ip_dn_io_ptr; @@ -422,6 +423,11 @@ * - Wrap: fake packet's addr/port * - Encapsulate: put it in another IP and send out. */ + +#ifdef IPSEC + if (ipsec_gethist(m, NULL) && fw_ipsec_reinject == 0) + goto pass; +#endif iphack: /* --SUOF0GtieIMvvwua-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 16 8:49:47 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7817D37B401 for ; Thu, 16 Jan 2003 08:49:45 -0800 (PST) Received: from epita.fr (hermes.epita.fr [163.5.255.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3CB6D43F1E for ; Thu, 16 Jan 2003 08:49:44 -0800 (PST) (envelope-from le-hen_j@epita.fr) Received: from carpediem (carpediem [10.42.42.5]) by epita.fr id h0GGnXG04229 for freebsd-net@freebsd.org EPITA Paris France Thu, 16 Jan 2003 17:49:34 +0100 (MET) Date: Thu, 16 Jan 2003 17:49:33 +0100 From: jeremie le-hen To: freebsd-net@freebsd.org Subject: ipnat RDR rules Message-ID: <20030116164933.GA20509@carpediem.epita.fr> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I'm wondering how does ipnat RDR rules operate. I tried to get an answer using Google, but nothing really accurate. I have set a RDR rule like this: rdr tun0 0.0.0.0/0 port 2245 -> 192.168.0.45 port ssh This works perfectly, but when I try prevent theses packets to go through my FreeBSD box (the ont which shares my connection and filter incoming packets) with ipfilter, I encounter a strange behaviour (I cannot explain it in fact). With the following rule, block in quick on tun0 from any to 192.168.0.2/32 absolutly no incoming TCP SYN packet can reach my computer on the internal network. Indeed, even if ipnat -l shows a RDR mapping, the packet seems to be immediatly dropped after translation (RDR rules imply a destination adress translation, in order to go through the kernel IPv4 stack, so it must be done just after being received.) On the other hand, when I use this rule, block out quick on ep0 from ! 192.168.0.0/24 to 192.168.0.2/32 which should drop any packet that doesn't come from the gateway itself, just before going out from my internal interface. With this rule, I assumed that 1) packet arrives on my external interface 2) its IP destination address is modified in order to be correctly routed 3) ipfilter then looks for any rule on tun0 interface to apply before sending the packet to the kernel 4) packet is routed to the correct interface 5) ipfilter looks for any rule on ep0 interface to apply, it should normally stops on the rule above, since the packet source address is not from my internal network and its destination address as been replaced by 192.168.0.2 In my point of view, the packet should be dropped here. But in fact, the packet is not blocked at all. Does anyone can explain the precedence between ipfilter and ipnat, particularly in case of a RDR rule. It seems that the following diagram is not exactly the same than the one applied for RDR rules: ext_if -> dnat -> ipf -> kernel -> ipf -> snat -> int_if Thanks. Regards, -- Jeremie aka T{ata,t}Z le-hen_j@epita.fr To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 16 11:17:36 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6498E37B401 for ; Thu, 16 Jan 2003 11:17:35 -0800 (PST) Received: from mail.flarion.com (mail.flarion.com [63.103.94.23]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7C2BD43F5B for ; Thu, 16 Jan 2003 11:17:34 -0800 (PST) (envelope-from M.Impett@flarion.com) Received: by rrmail01.lab.flarion.com with Internet Mail Service (5.5.2656.59) id ; Thu, 16 Jan 2003 14:17:31 -0500 Message-ID: <748C6D0A58C0F94CA63C198B6674697A1DE77A@ftmail.lab.flarion.com> From: Matt Impett To: "'freebsd-net@freebsd.org'" Subject: routed Date: Thu, 16 Jan 2003 14:17:28 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2656.59) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Not sure this is the correct list, as this question is only semi-technical, but I'm going to try anyway. A quick note though, I don't think there is a charter for this list on the freebsd site. Anyway, I have two questions about routed: 1) Is there a way to force certain interfaces (or RIP as a whole) to only send RIP responses and to not process incoming router responses from other routers? 2) Is it possible to configure individual interfaces so that RIP responses are neither sent or processed, but to still advertise those interfaces when sending RIP responses out other interfaces?? I have read the man page quite thoroughly, as well as searching on the web, but to no avail. thanks, matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Jan 16 11:22: 0 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 275AA37B413 for ; Thu, 16 Jan 2003 11:21:56 -0800 (PST) Received: from ns2.mol.com.mk (ns2.mol.com.mk [212.110.95.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 175AB43F3F for ; Thu, 16 Jan 2003 11:21:51 -0800 (PST) (envelope-from kefi@seir.net.mk) Received: (from uucp@localhost) by ns2.mol.com.mk (8.8.7/8.8.7) id UAA16168 for ; Thu, 16 Jan 2003 20:32:02 +0100 (CET) (envelope-from kefi@seir.net.mk) Received: from chupovski.mol.com.mk(212.110.95.169), claiming to be "chupovski" via SMTP by ns2.mol.com.mk, id smtpd016160; Thu Jan 16 20:31:59 2003 From: "Goran Dimov" To: Subject: Re: freebsd 4.7-stable kernel gre support for squid's wccp cisco interaction Date: Thu, 16 Jan 2003 20:20:57 +0100 Message-ID: <002c01c2bd94$65d0d6f0$a95f6ed4@mol.com.mk> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4920.2300 Importance: Normal Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I know its an ugly hack, but it works for me. Try building the gre interface and than destroying it, and then again rebuild, with enough pause betwine each action. I am running this in a script called from crontab, with timing set @reboot, but i guess its the same if you put it in rc.d or similar place. G-le /bin/sleep 20 /sbin/ifconfig gre0 create /bin/sleep 20 /sbin/ifconfig gre0 212.110.x.y 212.110.m.n netmask 255.255.255.255 link0 up /bin/sleep 20 /sbin/ifconfig gre0 tunnel 212.110.x.y 212.110.m.n /bin/sleep 20 /sbin/ifconfig gre0 destroy /bin/sleep 20 /sbin/ifconfig gre0 create /bin/sleep 20 /sbin/ifconfig gre0 212.110.x.y 212.110.m.n netmask 255.255.255.255 link0 up /bin/sleep 20 /sbin/ifconfig gre0 tunnel 212.110.x.y 212.110.m.n To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 17 0:30: 4 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3031837B401; Fri, 17 Jan 2003 00:30:03 -0800 (PST) Received: from www.svzserv.kemerovo.su (www.svzserv.kemerovo.su [213.184.65.80]) by mx1.FreeBSD.org (Postfix) with ESMTP id DDA3643F1E; Fri, 17 Jan 2003 00:29:59 -0800 (PST) (envelope-from eugen@kuzbass.ru) Received: from kuzbass.ru (kost [213.184.65.82]) by www.svzserv.kemerovo.su (8.12.6/8.12.6) with ESMTP id h0H8TsBt032280; Fri, 17 Jan 2003 15:29:55 +0700 (KRAT) (envelope-from eugen@kuzbass.ru) Message-ID: <3E27BEF5.CBBD834C@kuzbass.ru> Date: Fri, 17 Jan 2003 15:29:41 +0700 From: Eugene Grosbein Organization: SVZServ X-Mailer: Mozilla 4.79 [en] (Win95; U) X-Accept-Language: ru,en MIME-Version: 1.0 To: hardware@freebsd.org Cc: net@freebsd.org Subject: fxp(4) and multiport ethernet controllers Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi! Does fxp(4) support dual-port and similar ethernet controllers (4.7-STABLE)? More precisely, will FreeBSD work with Intel 815E NOVA-7898 Chipset? http://www.voxtechnologies.com/Embedded_Platforms/nova7898.htm Eugene Grosbein P.S. Please CC: me when replying. Thank you. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 17 5:46: 2 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ED99837B405 for ; Fri, 17 Jan 2003 05:45:59 -0800 (PST) Received: from silver.he.iki.fi (silver.he.iki.fi [193.64.42.241]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8067943EB2 for ; Fri, 17 Jan 2003 05:45:58 -0800 (PST) (envelope-from pete@he.iki.fi) Received: from PHE (silver.he.iki.fi [193.64.42.241]) by silver.he.iki.fi (8.12.6/8.11.4) with SMTP id h0HDjtFc039447 for ; Fri, 17 Jan 2003 15:45:56 +0200 (EET) (envelope-from pete@he.iki.fi) Message-ID: <02e401c2be2e$c298c4c0$822a40c1@PHE> From: "Petri Helenius" To: Subject: connect and EINTR Date: Fri, 17 Jan 2003 15:45:55 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This is 4.7-STABLE built on 15 Jan. I have a nonblocking socket where connect is called. Due to timers also running in the same process, that eventually returns EINTR. However it seems that the socket is connected regardless since calling connect again will return EISCONN. This seems to be the "posix behaviour" and thus it might be that only the manpage is incomplete. Quote below: (which is missing from FreeBSD manpage) [EINTR] The attempt to establish a connection was interrupted by delivery of a signal that was caught; the connection will be established asynchronously. Pete To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 17 6:20:11 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C4D0337B401 for ; Fri, 17 Jan 2003 06:20:09 -0800 (PST) Received: from hanoi.cronyx.ru (hanoi.cronyx.ru [144.206.181.53]) by mx1.FreeBSD.org (Postfix) with ESMTP id A76CA43E4A for ; Fri, 17 Jan 2003 06:20:07 -0800 (PST) (envelope-from rik@cronyx.ru) Received: by hanoi.cronyx.ru id RAA31599 for freebsd-net@FreeBSD.org.checked; (8.9.3/vak/2.1) Fri, 17 Jan 2003 17:17:02 +0300 (MSK) (envelope-from rik@cronyx.ru) Received: from cronyx.ru by hanoi.cronyx.ru with ESMTP id RAA31506 for ; (8.9.3/vak/2.1) Fri, 17 Jan 2003 17:14:21 +0300 (MSK) (envelope-from rik@cronyx.ru) Message-ID: <3E28112C.6020102@cronyx.ru> Date: Fri, 17 Jan 2003 17:20:28 +0300 From: Roman Kurakin User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.0.1) Gecko/20020826 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-net@FreeBSD.org Subject: BUG, sppp, FreeBSD 5.x 6.x Content-Type: text/plain; charset=KOI8-R; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, splx was lost --- if_spppsubr.c.orig Fri Jan 17 17:04:49 2003 +++ if_spppsubr.c Fri Jan 17 17:05:53 2003 @@ -973,15 +973,17 @@ splx (s); return (EAFNOSUPPORT); } /* * Queue message on interface, and start output if interface * not yet active. */ if (! IF_HANDOFF_ADJ(ifq, m, ifp, 3)) { ++ifp->if_oerrors; + splx (s); return (rv? rv: ENOBUFS); } + splx (s); /* * Unlike in sppp_input(), we can always bump the timestamp * here since sppp_output() is only called on behalf of Best regards, Roman Kurakin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 17 6:23:20 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B816937B401; Fri, 17 Jan 2003 06:23:19 -0800 (PST) Received: from pasiphae.parad.net (pasiphae.parad.net [63.246.102.141]) by mx1.FreeBSD.org (Postfix) with ESMTP id A700A43EB2; Fri, 17 Jan 2003 06:23:18 -0800 (PST) (envelope-from jdisher@parad.net) Received: from localhost (jdisher@localhost) by pasiphae.parad.net (8.10.2/8.10.2) with ESMTP id h0HEMha04567; Fri, 17 Jan 2003 09:22:44 -0500 Date: Fri, 17 Jan 2003 09:22:43 -0500 (EST) From: Jonathan Disher To: Eugene Grosbein Cc: hardware@FreeBSD.ORG, Subject: Re: fxp(4) and multiport ethernet controllers In-Reply-To: <3E27BEF5.CBBD834C@kuzbass.ru> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, 17 Jan 2003, Eugene Grosbein wrote: > Hi! > > Does fxp(4) support dual-port and similar ethernet controllers (4.7-STABLE)? > More precisely, will FreeBSD work with Intel 815E NOVA-7898 Chipset? > http://www.voxtechnologies.com/Embedded_Platforms/nova7898.htm > > Eugene Grosbein > > P.S. Please CC: me when replying. Thank you. We have a dual-port FXP working just fine in 4.7-RELEASE (and, I'd imagine, 4.7-STABLE). It just shows up as fxp0 and fxp1. I don't have the exact model number, however. -j To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 17 6:31:15 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C194537B401; Fri, 17 Jan 2003 06:31:13 -0800 (PST) Received: from exchange.wan.no (exchange.wan.no [80.86.128.88]) by mx1.FreeBSD.org (Postfix) with ESMTP id A3D7243F18; Fri, 17 Jan 2003 06:31:12 -0800 (PST) (envelope-from sten.daniel.sorsdal@wan.no) Content-Class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Subject: RE: fxp(4) and multiport ethernet controllers X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0 Date: Fri, 17 Jan 2003 15:31:16 +0100 Message-ID: <0AF1BBDF1218F14E9B4CCE414744E70F07D2CB@exchange.wanglobal.net> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: fxp(4) and multiport ethernet controllers Thread-Index: AcK+ArKTyf8qkddrTN+wJYV1pRi8TwAMjOjQ From: =?iso-8859-1?Q?Sten_Daniel_S=F8rsdal?= To: "Eugene Grosbein" , Cc: Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org RELEASE + STABLE - 4.7 - Works like a charm! :) ---------------------------------------=20 Med vennlig hilsen / Best regards=20 Sten Daniel S=F8rsdal=20 ---------------------------------------=20 -----Original Message----- From: Eugene Grosbein [mailto:eugen@kuzbass.ru]=20 Sent: 17. januar 2003 09:30 To: hardware@freebsd.org Cc: net@freebsd.org Subject: fxp(4) and multiport ethernet controllers Hi! Does fxp(4) support dual-port and similar ethernet controllers = (4.7-STABLE)? More precisely, will FreeBSD work with Intel 815E = NOVA-7898 Chipset? = http://www.voxtechnologies.com/Embedded_Platforms/nova7898.htm Eugene Grosbein P.S. Please CC: me when replying. Thank you. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 17 7: 1:28 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 86E1A37B401 for ; Fri, 17 Jan 2003 07:01:26 -0800 (PST) Received: from diomedes.noc.ntua.gr (diomedes.noc.ntua.gr [147.102.222.220]) by mx1.FreeBSD.org (Postfix) with ESMTP id 970F343F6B for ; Fri, 17 Jan 2003 07:01:23 -0800 (PST) (envelope-from past@ajax.noc.ntua.gr) Received: from ajax.noc.ntua.gr (ajax.noc.ntua.gr [147.102.220.1]) by diomedes.noc.ntua.gr (8.11.6/8.11.6) with ESMTP id h0HF00Z50885; Fri, 17 Jan 2003 17:00:00 +0200 (EET) Received: from ajax.noc.ntua.gr (localhost [127.0.0.1]) by ajax.noc.ntua.gr (8.12.6/8.12.6) with ESMTP id h0HF00F3067158; Fri, 17 Jan 2003 17:00:00 +0200 (EET) (envelope-from past@ajax.noc.ntua.gr) Received: (from past@localhost) by ajax.noc.ntua.gr (8.12.6/8.12.6/Submit) id h0HExuLl067157; Fri, 17 Jan 2003 16:59:56 +0200 (EET) Date: Fri, 17 Jan 2003 16:59:56 +0200 From: Panagiotis Astithas To: Brett Glass Cc: Archie Cobbs , Julian Elischer , freebsd-net@FreeBSD.org Subject: Re: PPTP tunneling over PPPoE link Message-ID: <20030117145956.GA64405@noc.ntua.gr> Reply-To: past@noc.ntua.gr References: <4.3.2.7.2.20030109191546.02975920@localhost> <4.3.2.7.2.20030111202854.0278c4a0@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4.3.2.7.2.20030111202854.0278c4a0@localhost> X-Organizational-Unit: Network Management Center X-Organization: National Technical University of Athens, GREECE X-URL: http://www.netmode.ntua.gr/~past/ X-Alt-Email: past@netmode.ntua.gr X-Work-Phone: +30-210-772-3647 X-Work-FAX: +30-210-772-1866 User-Agent: Mutt/1.5.1i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sat, Jan 11, 2003 at 08:34:42PM -0700, Brett Glass wrote: > At 06:38 PM 1/11/2003, Archie Cobbs wrote: > > >That bug has been fixed, in sys/netgraph/ng_pptpgre.c revisions > >1.26 and 1.2.2.13. > > Excellent! In that case, the only other thing I need to be able > to use it just about everywhere is to be able to trigger shell commands > at various points in the scripts, and get output back into variables. > (Right now, the scripting language really doesn't have variables and > doesn't seem to be able to access environment variables.) The reason > I need this is that some of my systems do account timing and expiration. > I need to be able to determine when an account expires and to let the > system know that a user has logged on and logged off. (I can hack this > with the !fg and !bg commands in userland PPP, but can't do it with > mpd.) > > --Brett > > P.S. -- I'm still wondering why userland PPP doesn't seem to pass GRE. > Surely I'm not the first person to run into this? I ran into the same problem using mpd and it proved to be caused by the blocking of gre traffic. My WinXP laptop connects fine to the mpd server when inside the LAN, or through ISP X, but fails to connect when going through ISP Y. The server never received the response from the client and quitted after ~10 sec. The admins from ISP Y informed me that they block gre traffic, which I must admit puzzled me, since I thought that gre packets were not transmitted so soon in the communication sequence. I never got around to reading the pptp rfc to sort it out, though... Panagiotis Astithas Network Management Center National Technical University of Athens, Greece To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 17 11:22: 9 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 76AB137B401 for ; Fri, 17 Jan 2003 11:22:08 -0800 (PST) Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0AC3D43E4A for ; Fri, 17 Jan 2003 11:22:08 -0800 (PST) (envelope-from brdavis@odin.ac.hmc.edu) Received: from odin.ac.hmc.edu (IDENT:brdavis@localhost.localdomain [127.0.0.1]) by odin.ac.hmc.edu (8.12.3/8.12.3) with ESMTP id h0HJLv6F028682; Fri, 17 Jan 2003 11:21:57 -0800 Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.12.3/8.12.3/Submit) id h0HJLvWT028681; Fri, 17 Jan 2003 11:21:57 -0800 Date: Fri, 17 Jan 2003 11:21:57 -0800 From: Brooks Davis To: Roman Kurakin Cc: freebsd-net@FreeBSD.ORG Subject: Re: BUG, sppp, FreeBSD 5.x 6.x Message-ID: <20030117112157.A24691@Odin.AC.HMC.Edu> References: <3E28112C.6020102@cronyx.ru> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="IS0zKkzwUGydFO0o" Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <3E28112C.6020102@cronyx.ru>; from rik@cronyx.ru on Fri, Jan 17, 2003 at 05:20:28PM +0300 X-Virus-Scanned: by amavisd-milter (http://amavis.org/) on odin.ac.hmc.edu Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --IS0zKkzwUGydFO0o Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jan 17, 2003 at 05:20:28PM +0300, Roman Kurakin wrote: > splx was lost The spl*() functions are all no-ops in 5.0 so this isn't really a problem unless it gets MFC'd. -- Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --IS0zKkzwUGydFO0o Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE+KFfUXY6L6fI4GtQRAhTMAJ0VMNYRYu7jhIQ0oW6BfmS+qMEe6wCgwWSI +xviyVEVjxtudMD3bNrVpVw= =vE/A -----END PGP SIGNATURE----- --IS0zKkzwUGydFO0o-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Jan 17 11:45:15 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 784B337B401 for ; Fri, 17 Jan 2003 11:45:14 -0800 (PST) Received: from lariat.org (lariat.org [63.229.157.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9FB3143F3F for ; Fri, 17 Jan 2003 11:45:13 -0800 (PST) (envelope-from brett@lariat.org) Received: from mustang.lariat.org (IDENT:ppp1000.lariat.org@lariat.org [63.229.157.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id MAA22879; Fri, 17 Jan 2003 12:44:55 -0700 (MST) X-message-flag: Warning! Use of Microsoft Outlook renders your system susceptible to Internet worms. Message-Id: <4.3.2.7.2.20030117124245.03cb8680@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Fri, 17 Jan 2003 12:44:41 -0700 To: past@noc.ntua.gr From: Brett Glass Subject: Re: PPTP tunneling over PPPoE link Cc: Archie Cobbs , Julian Elischer , freebsd-net@FreeBSD.org In-Reply-To: <20030117145956.GA64405@noc.ntua.gr> References: <4.3.2.7.2.20030111202854.0278c4a0@localhost> <4.3.2.7.2.20030109191546.02975920@localhost> <4.3.2.7.2.20030111202854.0278c4a0@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 07:59 AM 1/17/2003, Panagiotis Astithas wrote: >I ran into the same problem using mpd and it proved to be caused by the >blocking of gre traffic. I control the upstream router, and we're not blocking GRE. What's more, even if I connect from inside that router, we still have trouble. I'd be willing to hack on mpd to add variables, variable interpolation, shell commands, etc. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 18 8:46:52 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A86FB37B4D9 for ; Sat, 18 Jan 2003 08:46:48 -0800 (PST) Received: from morphy.iki.fi (baana-pppoes-213-139-166-84.suomi.net [213.139.166.84]) by mx1.FreeBSD.org (Postfix) with SMTP id 6B2E743F1E for ; Sat, 18 Jan 2003 08:46:47 -0800 (PST) (envelope-from morphy@morphy.iki.fi) Received: (qmail 86404 invoked by uid 1000); 18 Jan 2003 16:46:40 -0000 Date: Sat, 18 Jan 2003 18:46:40 +0200 From: Mikko Hyvarinen To: freebsd-net@freebsd.org, freebsd-current@freebsd.org Subject: [PATCH] Asus A7N8X Deluxe, nForce2 and 3com MAC, Broadcom/Altima PHY Message-ID: <20030118164640.GD36580@morphy.iki.fi> References: <20030112190731.GB14895@morphy.iki.fi> <20030112210430.GA63537@dragon.nuxi.com> <20030113163101.GA714@morphy.iki.fi> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030113163101.GA714@morphy.iki.fi> User-Agent: Mutt/1.4i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi again,O I find it outright odd that the partial patch that didn't help much got committed quickly but the final fix that makes things work didn't. Is there something wrong with the patch or did it just slip through the cracks somewhere? Regards, MSH On Mon, Jan 13, 2003 at 06:31:01PM +0200, Mikko S. Hyvarinen wrote: > On Sun, Jan 12, 2003 at 01:04:30PM -0800, David O'Brien wrote: > > On Sun, Jan 12, 2003 at 09:07:31PM +0200, Mikko S. Hyvarinen wrote: > > > The on-board 3com MAC and Broadcom/Altima PHY are not being detected by the > > > xl(4) driver in -current (cvsup done yesterday evening). > > > In the Award BIOS there is only one setting for the 3com device, a supposed > > > on/off switch with only values Disabled and Auto; I have used Auto. > > ... > > > FWIW, the diff for the files mentioned is attached, in case someone wants > > > to continue from here. > > > > Thanks! I committed this patch so it didn't get lost and maybe someone > > else with one of these boards can take it all the way. > > As usual, it had to be something simple. With the attached change on top > of the previous set the Altima AC101L PHY is detected correctly. > I'm not so sure whether that xl_choose_xcvr() modification is actually > necessary, but one can never be too sure. > > Tested with 10baseT/UTP and it works normally. > > Regards, > MSH > > -- > All opinions expressed above are mine alone and do not express the views > of my employer or any other organizations that I am affiliated with. > Index: sys/pci/if_xl.c > =================================================================== > RCS file: /data/cvs/freebsd/src/sys/pci/if_xl.c,v > retrieving revision 1.121 > diff -u -r1.121 if_xl.c > --- sys/pci/if_xl.c 12 Jan 2003 21:03:38 -0000 1.121 > +++ sys/pci/if_xl.c 13 Jan 2003 16:24:50 -0000 > @@ -1245,6 +1245,7 @@ > case TC_DEVICEID_HURRICANE_656: /* 3c656 */ > case TC_DEVICEID_HURRICANE_656B: /* 3c656B */ > case TC_DEVICEID_TORNADO_656C: /* 3c656C */ > + case TC_DEVICEID_TORNADO_10_100BT_NVIDIA: /* nVidia nForce2 integrated */ > sc->xl_media = XL_MEDIAOPT_MII; > sc->xl_xcvr = XL_XCVR_MII; > if (verbose) > @@ -1340,6 +1341,8 @@ > pci_get_device(dev) == TC_DEVICEID_HURRICANE_656B) > sc->xl_flags |= XL_FLAG_INVERT_MII_PWR | > XL_FLAG_INVERT_LED_PWR; > + if (pci_get_device(dev) == TC_DEVICEID_TORNADO_10_100BT_NVIDIA) > + sc->xl_flags |= XL_FLAG_PHYOK; > > /* > * If this is a 3c905B, we have to check one extra thing. -- All opinions expressed above are mine alone and do not express the views of my employer or any other organizations that I am affiliated with. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 18 13: 8:24 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3F52037B401; Sat, 18 Jan 2003 13:08:23 -0800 (PST) Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0615143F13; Sat, 18 Jan 2003 13:08:23 -0800 (PST) (envelope-from bright@elvis.mu.org) Received: by elvis.mu.org (Postfix, from userid 1192) id 65440AE2DD; Sat, 18 Jan 2003 13:08:14 -0800 (PST) Date: Sat, 18 Jan 2003 13:08:14 -0800 From: Alfred Perlstein To: freebsd-gnats-submit@FreeBSD.org Cc: net@freebsd.org Subject: Re: misc/44361: possible raw socket bug Message-ID: <20030118210814.GY33821@elvis.mu.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org It appears that we expect the ip_len and ip_off feilds to be sent in host byte order as the stack will fix it to network byte order in ip_output. Is this a bug or feature? :) -- -Alfred Perlstein [alfred@freebsd.org] 'Instead of asking why a piece of software is using "1970s technology," start asking why software is ignoring 30 years of accumulated wisdom.' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 18 14:47:57 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5EE0937B401; Sat, 18 Jan 2003 14:47:56 -0800 (PST) Received: from dragon.nuxi.com (trang.nuxi.com [66.93.134.19]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1BDF143F5B; Sat, 18 Jan 2003 14:47:55 -0800 (PST) (envelope-from obrien@NUXI.com) Received: from dragon.nuxi.com (obrien@localhost [127.0.0.1]) by dragon.nuxi.com (8.12.6/8.12.2) with ESMTP id h0IMlsIx077450; Sat, 18 Jan 2003 14:47:54 -0800 (PST) (envelope-from obrien@dragon.nuxi.com) Received: (from obrien@localhost) by dragon.nuxi.com (8.12.6/8.12.6/Submit) id h0IMkcg4077449; Sat, 18 Jan 2003 14:46:38 -0800 (PST) Date: Sat, 18 Jan 2003 14:46:38 -0800 From: "David O'Brien" To: Mikko Hyvarinen Cc: freebsd-net@freebsd.org, freebsd-current@freebsd.org Subject: Re: [PATCH] Asus A7N8X Deluxe, nForce2 and 3com MAC, Broadcom/Altima PHY Message-ID: <20030118224638.GL70151@dragon.nuxi.com> Reply-To: obrien@freebsd.org References: <20030112190731.GB14895@morphy.iki.fi> <20030112210430.GA63537@dragon.nuxi.com> <20030113163101.GA714@morphy.iki.fi> <20030118164640.GD36580@morphy.iki.fi> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030118164640.GD36580@morphy.iki.fi> User-Agent: Mutt/1.4i X-Operating-System: FreeBSD 5.0-CURRENT Organization: The NUXI BSD Group X-Pgp-Rsa-Fingerprint: B7 4D 3E E9 11 39 5F A3 90 76 5D 69 58 D9 98 7A X-Pgp-Rsa-Keyid: 1024/34F9F9D5 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sat, Jan 18, 2003 at 06:46:40PM +0200, Mikko Hyvarinen wrote: > Hi again,O > > I find it outright odd that the partial patch that didn't help much got > committed quickly but the final fix that makes things work didn't. > > Is there something wrong with the patch or did it just slip through the > cracks somewhere? I got busy last week. I just happen to have a few free minutes when the 1st patch came in, and I have a big interest in AMD platforms. I've got too many things on my plate for today to probably get to the 2nd patch. Other committers, please don't think I feel ownership of this patch. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Jan 18 21:45:51 2003 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6045737B405; Sat, 18 Jan 2003 21:45:47 -0800 (PST) Received: from gateway.posi.net (adsl-63-201-91-32.dsl.snfc21.pacbell.net [63.201.91.32]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1091643E4A; Sat, 18 Jan 2003 21:45:41 -0800 (PST) (envelope-from kbyanc@posi.net) Received: from localhost (localhost [127.0.0.1]) by gateway.posi.net (8.12.6/8.12.6) with ESMTP id h0J5jeAl043154; Sat, 18 Jan 2003 21:45:40 -0800 (PST) (envelope-from kbyanc@posi.net) Date: Sat, 18 Jan 2003 21:45:40 -0800 (PST) From: Kelly Yancey To: Alfred Perlstein Cc: freebsd-gnats-submit@FreeBSD.ORG, Subject: Re: misc/44361: possible raw socket bug In-Reply-To: <20030118210814.GY33821@elvis.mu.org> Message-ID: <20030118214247.E43061-100000@gateway.posi.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sat, 18 Jan 2003, Alfred Perlstein wrote: > It appears that we expect the ip_len and ip_off feilds to be sent > in host byte order as the stack will fix it to network byte order > in ip_output. > > Is this a bug or feature? :) > > -- > -Alfred Perlstein [alfred@freebsd.org] Both, no? :) It's a bug documented in Stevens TCP/IP Illustrated 2 as being around since 4.4BSD, but I would expect that fixing it would break a good bit. On the other hand, it is supposedly fixed in OpenBSD. Kelly -- Kelly Yancey -- kbyanc@{posi.net,FreeBSD.org} "The fact that a believer is happier than a skeptic is no more to the point than the fact than a drunken man is happier than a sober one." -- George Bernard Shaw To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message