From owner-freebsd-ipfw@FreeBSD.ORG Mon Sep 13 11:02:39 2004 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5768D16A4CE for ; Mon, 13 Sep 2004 11:02:39 +0000 (GMT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4C49243D4C for ; Mon, 13 Sep 2004 11:02:39 +0000 (GMT) (envelope-from owner-bugmaster@freebsd.org) Received: from freefall.freebsd.org (peter@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.11/8.12.11) with ESMTP id i8DB2dX3049229 for ; Mon, 13 Sep 2004 11:02:39 GMT (envelope-from owner-bugmaster@freebsd.org) Received: (from peter@localhost) by freefall.freebsd.org (8.12.11/8.12.11/Submit) id i8DB2cwL049223 for ipfw@freebsd.org; Mon, 13 Sep 2004 11:02:38 GMT (envelope-from owner-bugmaster@freebsd.org) Date: Mon, 13 Sep 2004 11:02:38 GMT Message-Id: <200409131102.i8DB2cwL049223@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: peter set sender to owner-bugmaster@freebsd.org using -f From: FreeBSD bugmaster To: ipfw@FreeBSD.org Subject: Current problem reports assigned to you X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Sep 2004 11:02:39 -0000 Current FreeBSD problem reports Critical problems Serious problems S Submitted Tracker Resp. Description ------------------------------------------------------------------------------- o [2003/04/22] kern/51274 ipfw ipfw2 create dynamic rules with parent nu f [2003/04/24] kern/51341 ipfw ipfw rule 'deny icmp from any to any icmp o [2003/12/11] kern/60154 ipfw ipfw core (crash) o [2004/03/03] kern/63724 ipfw IPFW2 Queues dont t work f [2004/03/25] kern/64694 ipfw [ipfw] UID/GID matching in ipfw non-funct 5 problems total. Non-critical problems S Submitted Tracker Resp. Description ------------------------------------------------------------------------------- a [2001/04/13] kern/26534 ipfw Add an option to ipfw to log gid/uid of w o [2002/12/10] kern/46159 ipfw ipfw dynamic rules lifetime feature o [2003/02/11] kern/48172 ipfw ipfw does not log size and flags o [2003/03/10] kern/49086 ipfw [patch] Make ipfw2 log to different syslo o [2003/04/09] bin/50749 ipfw ipfw2 incorrectly parses ports and port r o [2003/08/26] kern/55984 ipfw [patch] time based firewalling support fo o [2003/12/30] kern/60719 ipfw ipfw: Headerless fragments generate cryp o [2004/08/03] kern/69963 ipfw ipfw: install_state warning about already o [2004/09/04] kern/71366 ipfw "ipfw fwd" sometimes rewrites destination 9 problems total. From owner-freebsd-ipfw@FreeBSD.ORG Thu Sep 16 13:58:52 2004 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 61B0C16A4CE for ; Thu, 16 Sep 2004 13:58:52 +0000 (GMT) Received: from gollum.cambrium.nl (mx1.cambrium.nl [217.19.16.130]) by mx1.FreeBSD.org (Postfix) with SMTP id 2DDB643D45 for ; Thu, 16 Sep 2004 13:58:51 +0000 (GMT) (envelope-from sb@gamegates.nl) Received: (qmail 12499 invoked from network); 16 Sep 2004 13:58:49 -0000 Received: from wants.to.be.just.like.bilbo.nl (217.19.24.4) by gollum.cambrium.nl with SMTP; 16 Sep 2004 13:58:49 -0000 From: SB To: ipfw@freebsd.org Date: Thu, 16 Sep 2004 15:59:14 +0200 User-Agent: KMail/1.5.4 Organization: gamegates.nl MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200409161559.14821.sb@gamegates.nl> Subject: ipf and oident X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: sb@gamegates.nl List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Sep 2004 13:58:52 -0000 Goodafternoon everyone, I trying to install oident on my box ( FreeBSD 5.2.1 ) and it's configged perfectly but when something does a ident request the load shoots to 100% on my box and it still returns a unknown as owner. Can somebody identify this problem ? oidentd is installed from ports and port 113 is open on the ipfw. --------- SB A Solution to the problem ? Or a Problem in the Solution ? From owner-freebsd-ipfw@FreeBSD.ORG Thu Sep 16 14:32:10 2004 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ECD3116A4CE for ; Thu, 16 Sep 2004 14:32:10 +0000 (GMT) Received: from gollum.cambrium.nl (mx1.cambrium.nl [217.19.16.130]) by mx1.FreeBSD.org (Postfix) with SMTP id 351F643D48 for ; Thu, 16 Sep 2004 14:32:10 +0000 (GMT) (envelope-from sb@gamegates.nl) Received: (qmail 32151 invoked from network); 16 Sep 2004 14:32:09 -0000 Received: from wants.to.be.just.like.bilbo.nl (217.19.24.4) by gollum.cambrium.nl with SMTP; 16 Sep 2004 14:32:09 -0000 From: SB Organization: gamegates.nl To: "Matthew McGehrin" Date: Thu, 16 Sep 2004 16:32:34 +0200 User-Agent: KMail/1.5.4 References: <200409161559.14821.sb@gamegates.nl> <000a01c49bf6$badd1e50$af00a8c0@orange> In-Reply-To: <000a01c49bf6$badd1e50$af00a8c0@orange> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200409161632.34812.sb@gamegates.nl> cc: ipfw@freebsd.org Subject: Re: ipf and oident X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: sb@gamegates.nl List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Sep 2004 14:32:11 -0000 > Any reason why you don't want to use the built in auth daemon? > > Simply enable in /etc/inetd.conf > auth stream tcp nowait root internal auth -r -f -n -t 90 > > -- Matthew Basicly becuase that isn't working even not after the killall -HUP inetd command. From owner-freebsd-ipfw@FreeBSD.ORG Thu Sep 16 15:19:26 2004 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E626016A4CE for ; Thu, 16 Sep 2004 15:19:26 +0000 (GMT) Received: from gollum.cambrium.nl (mx1.cambrium.nl [217.19.16.130]) by mx1.FreeBSD.org (Postfix) with SMTP id 2C24343D1D for ; Thu, 16 Sep 2004 15:19:26 +0000 (GMT) (envelope-from sb@gamegates.nl) Received: (qmail 32012 invoked from network); 16 Sep 2004 15:19:25 -0000 Received: from wants.to.be.just.like.bilbo.nl (217.19.24.4) by gollum.cambrium.nl with SMTP; 16 Sep 2004 15:19:25 -0000 From: SB Organization: gamegates.nl To: "Matthew McGehrin" Date: Thu, 16 Sep 2004 17:19:50 +0200 User-Agent: KMail/1.5.4 References: <200409161559.14821.sb@gamegates.nl> <200409161632.34812.sb@gamegates.nl> <000c01c49bfe$f9b6c600$af00a8c0@orange> In-Reply-To: <000c01c49bfe$f9b6c600$af00a8c0@orange> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200409161719.50768.sb@gamegates.nl> cc: ipfw@freebsd.org Subject: Re: ipf and oident X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: sb@gamegates.nl List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Sep 2004 15:19:27 -0000 > You mean kill -HUP pid right? > > -- Matthew killall -HUP inetd and kill -HUP pid do accually the same thing . But both aren't working. Even a kill -9 pid and then restart it manually won't help still gives back unknown as ident. From owner-freebsd-ipfw@FreeBSD.ORG Fri Sep 17 08:08:16 2004 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D463A16A4CE for ; Fri, 17 Sep 2004 08:08:16 +0000 (GMT) Received: from puyu.time.net.my (pop.time.net.my [203.121.16.80]) by mx1.FreeBSD.org (Postfix) with SMTP id BDA9443D39 for ; Fri, 17 Sep 2004 08:08:15 +0000 (GMT) (envelope-from zphosis@time.net.my) Received: (qmail 221422 invoked from network); 17 Sep 2004 08:01:43 -0000 Received: from unknown (HELO drsuresh.time.net.my) (203.121.16.111) by 0 with SMTP; 17 Sep 2004 08:01:43 -0000 Message-Id: <6.1.2.0.2.20040917160614.03368990@pop.time.net.my> X-Sender: zphosis@pop.time.net.my X-Mailer: QUALCOMM Windows Eudora Version 6.1.2.0 Date: Fri, 17 Sep 2004 16:08:07 +0800 To: freebsd-ipfw@freebsd.org From: Zphosis De Extrodinaire Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Subject: Performance issue with L2 filtering using ipfw X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Sep 2004 08:08:16 -0000 Hi, I discovered that MAC based filtering takes an average of 37 seconds to start filtering, although removing the accesslist takes immediate effect. I'm currently using FreeBSD 4.10-STABLE kernel and have ipfw2 compiled. Any ideas?