From owner-freebsd-net@FreeBSD.ORG Sun Apr 2 04:19:58 2006 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5783016A401 for ; Sun, 2 Apr 2006 04:19:58 +0000 (UTC) (envelope-from rizzo@icir.org) Received: from xorpc.icir.org (xorpc.icir.org [192.150.187.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 129DC43D46 for ; Sun, 2 Apr 2006 04:19:58 +0000 (GMT) (envelope-from rizzo@icir.org) Received: from xorpc.icir.org (localhost [127.0.0.1]) by xorpc.icir.org (8.12.11/8.12.11) with ESMTP id k324JnGk033655; Sat, 1 Apr 2006 20:19:49 -0800 (PST) (envelope-from rizzo@xorpc.icir.org) Received: (from rizzo@localhost) by xorpc.icir.org (8.12.11/8.12.3/Submit) id k324JmqR033654; Sat, 1 Apr 2006 20:19:48 -0800 (PST) (envelope-from rizzo) Date: Sat, 1 Apr 2006 20:19:48 -0800 From: Luigi Rizzo To: Mikhail Teterin Message-ID: <20060401201948.A33543@xorpc.icir.org> References: <200603301657.43218.mi+mx@aldan.algebra.com> <200603311717.07894.mi+mx@aldan.algebra.com> <20060401125718.A28991@xorpc.icir.org> <200604011834.12572@aldan> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <200604011834.12572@aldan>; from mi+kde@aldan.algebra.com on Sat, Apr 01, 2006 at 06:34:12PM -0500 Cc: ugen@netvision.net.il, archie@dellroad.org, net@freebsd.org Subject: Re: Is there an API for ipfw? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Apr 2006 04:19:58 -0000 On Sat, Apr 01, 2006 at 06:34:12PM -0500, Mikhail Teterin wrote: > On Saturday 01 April 2006 03:57 pm, you wrote: > = i don't know on which version of freebsd is this occurring, > = it would help knowning - as well as knowing if this is an > = UP/SMP and whether it is working as a bridge or router. > > It is a FreeBSD/amd64-6.1 as of February 7, running on a signle Opteron 244 > (hence UP). Machine has 2Gb of RAM and the active interface is em0 in full so the pipe acts just on traffic from/to the local host ? > duplex 1GB mode. The ipfw and dummynet are loaded modules, not compiled in > (don't know, if that matters). should not make a difference. It would help if you could run, when the traffic stalls, a tcpdump on both source and destination, and tell me where you see the traffic. Also i would need to know who is the source and who is the receiver, and whether the pipe is on the sender or receiver side, and on the input or output path. thanks luigi > Without the pipes, the same Sun machine (NFS client) sends this data at around > 36Mb/s, which is too fast for my program to compress, so I'd like to be able > to throttle it. > > Thanks! Yours, > > -mi > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" From owner-freebsd-net@FreeBSD.ORG Sun Apr 2 10:22:41 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 103B316A401 for ; Sun, 2 Apr 2006 10:22:41 +0000 (UTC) (envelope-from dmitry@atlantis.dp.ua) Received: from postman.atlantis.dp.ua (postman.atlantis.dp.ua [193.108.47.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id 59F2F43D45 for ; Sun, 2 Apr 2006 10:22:39 +0000 (GMT) (envelope-from dmitry@atlantis.dp.ua) Received: from smtp.atlantis.dp.ua (smtp.atlantis.dp.ua [193.108.46.231]) by postman.atlantis.dp.ua (8.13.1/8.13.1) with ESMTP id k32AMVqY032427; Sun, 2 Apr 2006 13:22:31 +0300 (EEST) (envelope-from dmitry@atlantis.dp.ua) Date: Sun, 2 Apr 2006 13:22:31 +0300 (EEST) From: Dmitry Pryanishnikov To: Bruce M Simpson In-Reply-To: <20060331223613.GD80492@spc.org> Message-ID: <20060402130227.G99958@atlantis.atlantis.dp.ua> References: <442D8E98.6050903@vineyard.net> <20060331222813.GA29047@zen.inc> <20060331223613.GD80492@spc.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-net@freebsd.org, VANHULLEBUS Yvan Subject: Re: tcpdump and ipsec X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Apr 2006 10:22:41 -0000 Hello! On Fri, 31 Mar 2006, Bruce M Simpson wrote: > On Sat, Apr 01, 2006 at 12:28:13AM +0200, VANHULLEBUS Yvan wrote: >> 2) use enc0 support, which is actually pr kern/94829, and which should >> be included soon in kernel. > > Oh god! Not another ifnet! NoOOOOOO!!!!!! Why not? IMHO it will be very useful feature: think about e.g. traffic shaping for several different networks which are routed via the same ipsec tunnel. Without the enc0, you can only shape them together, e.g.: ipfw add 100 pipe 1 esp from any to any out via rl0 With enc0, you can shape them separately: ipfw add 102 pipe 2 all from any to 10.0.2.0/24 out via enc0 ipfw add 103 pipe 3 all from any to 10.0.3.0/24 out via enc0 The only thing which could be improved here is that host can have several ipsec tunnels, so it would be better to have many separate encX interfaces, one per tunnel, instead of single enc0. But I don't know how to implement binding between ipsec tunnels and individual encX devices in this case. Maybe, by assigning dummy IP addresses to encX which should match correspondent "local-remote" IP addresses in SPD entry? After all, this stuff is _optional_, you don't _have_ to use it. However, I'd like to see it in our tree. Sincerely, Dmitry -- Atlantis ISP, System Administrator e-mail: dmitry@atlantis.dp.ua nic-hdl: LYNX-RIPE From owner-freebsd-net@FreeBSD.ORG Sun Apr 2 11:40:17 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4399316A426 for ; Sun, 2 Apr 2006 11:40:17 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from transport.cksoft.de (transport.cksoft.de [62.111.66.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3C1E443D55 for ; Sun, 2 Apr 2006 11:40:10 +0000 (GMT) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from transport.cksoft.de (localhost [127.0.0.1]) by transport.cksoft.de (Postfix) with ESMTP id B33A3200116; Sun, 2 Apr 2006 13:40:08 +0200 (CEST) Received: by transport.cksoft.de (Postfix, from userid 66) id DA18C2000FA; Sun, 2 Apr 2006 13:40:05 +0200 (CEST) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id 58258444F41; Sun, 2 Apr 2006 11:38:06 +0000 (UTC) Date: Sun, 2 Apr 2006 11:38:05 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: Dmitry Pryanishnikov In-Reply-To: <20060402130227.G99958@atlantis.atlantis.dp.ua> Message-ID: <20060402113516.D76259@maildrop.int.zabbadoz.net> References: <442D8E98.6050903@vineyard.net> <20060331222813.GA29047@zen.inc> <20060331223613.GD80492@spc.org> <20060402130227.G99958@atlantis.atlantis.dp.ua> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Virus-Scanned: by AMaViS cksoft-s20020300-20031204bz on transport.cksoft.de Cc: VANHULLEBUS Yvan , freebsd-net@freebsd.org Subject: Re: tcpdump and ipsec X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Apr 2006 11:40:17 -0000 On Sun, 2 Apr 2006, Dmitry Pryanishnikov wrote: > > Hello! > > On Fri, 31 Mar 2006, Bruce M Simpson wrote: >> On Sat, Apr 01, 2006 at 12:28:13AM +0200, VANHULLEBUS Yvan wrote: >>> 2) use enc0 support, which is actually pr kern/94829, and which should >>> be included soon in kernel. >> >> Oh god! Not another ifnet! NoOOOOOO!!!!!! > > Why not? IMHO it will be very useful feature: think about e.g. traffic > shaping for several different networks which are routed via the same > ipsec tunnel. Without the enc0, you can only shape them together, e.g.: why not shaping on the internal interface in case this is a gateway? You know src and dst there too. The only difference enc0 makes is for host-only-setups or if you want to see all your unencrpyted ipsec traffic on a gateway in one place. -- Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT From owner-freebsd-net@FreeBSD.ORG Sun Apr 2 12:19:20 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 943D116A401 for ; Sun, 2 Apr 2006 12:19:20 +0000 (UTC) (envelope-from dmitry@atlantis.dp.ua) Received: from postman.atlantis.dp.ua (postman.atlantis.dp.ua [193.108.47.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id D4C3943D45 for ; Sun, 2 Apr 2006 12:19:19 +0000 (GMT) (envelope-from dmitry@atlantis.dp.ua) Received: from smtp.atlantis.dp.ua (smtp.atlantis.dp.ua [193.108.46.231]) by postman.atlantis.dp.ua (8.13.1/8.13.1) with ESMTP id k32CJAAx072213; Sun, 2 Apr 2006 15:19:10 +0300 (EEST) (envelope-from dmitry@atlantis.dp.ua) Date: Sun, 2 Apr 2006 15:19:10 +0300 (EEST) From: Dmitry Pryanishnikov To: "Bjoern A. Zeeb" In-Reply-To: <20060402113516.D76259@maildrop.int.zabbadoz.net> Message-ID: <20060402151039.R51461@atlantis.atlantis.dp.ua> References: <442D8E98.6050903@vineyard.net> <20060331222813.GA29047@zen.inc> <20060331223613.GD80492@spc.org> <20060402130227.G99958@atlantis.atlantis.dp.ua> <20060402113516.D76259@maildrop.int.zabbadoz.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: VANHULLEBUS Yvan , freebsd-net@freebsd.org Subject: Re: tcpdump and ipsec X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Apr 2006 12:19:20 -0000 Hello! On Sun, 2 Apr 2006, Bjoern A. Zeeb wrote: >> Why not? IMHO it will be very useful feature: think about e.g. traffic >> shaping for several different networks which are routed via the same >> ipsec tunnel. Without the enc0, you can only shape them together, e.g.: > > why not shaping on the internal interface in case this is a gateway? > You know src and dst there too. Gateway can also contain sources of traffic, and we should be able to shape all outgoing or incoming traffic (not only transit packets, but also locally-originated). > The only difference enc0 makes is for host-only-setups or if you want > to see all your unencrpyted ipsec traffic on a gateway in one place. It seems to me that it's also useful for general traffic shaping/accounting/filtering purposes. Sincerely, Dmitry -- Atlantis ISP, System Administrator e-mail: dmitry@atlantis.dp.ua nic-hdl: LYNX-RIPE From owner-freebsd-net@FreeBSD.ORG Sun Apr 2 13:16:52 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9A44F16A401 for ; Sun, 2 Apr 2006 13:16:52 +0000 (UTC) (envelope-from randy@psg.com) Received: from rip.psg.com (rip.psg.com [147.28.0.39]) by mx1.FreeBSD.org (Postfix) with ESMTP id 64A9143D48 for ; Sun, 2 Apr 2006 13:16:52 +0000 (GMT) (envelope-from randy@psg.com) Received: from localhost ([127.0.0.1] helo=roam.psg.com) by rip.psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.60 (FreeBSD)) (envelope-from ) id 1FQ2Rn-0003Ry-KS for freebsd-net@freebsd.org; Sun, 02 Apr 2006 13:16:52 +0000 Received: from localhost ([127.0.0.1] helo=roam.psg.com) by roam.psg.com with esmtp (Exim 4.60 (FreeBSD)) (envelope-from ) id 1FQ2Rl-0000Vf-QQ for freebsd-net@freebsd.org; Sun, 02 Apr 2006 21:16:49 +0800 From: Randy Bush MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <17455.52929.361561.385511@roam.psg.com> Date: Sun, 2 Apr 2006 21:16:49 +0800 To: freebsd-net@freebsd.org Subject: natd when doubled X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Apr 2006 13:16:52 -0000 i am in a hotel which gives me an address from 10/8 on the ether. i have it plugged into em0 on a -current system. i have another machine on wireless out the ath0 port which is configured as 192.168.0.1 my natd.conf is dynamic yes unregistered_only yes interface em0 my ipfw.rules sez add divert natd all from 192.168.0.0/24 to any via em0 add divert natd all from any to 192.168.0.0/24 via ath0 i suspect the latter two are a bit too clever the two machines can ping eachother over the wireless. but nat is just not doing it. hit me with he clue bat, please randy From owner-freebsd-net@FreeBSD.ORG Sun Apr 2 15:36:51 2006 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E7D2516A422 for ; Sun, 2 Apr 2006 15:36:51 +0000 (UTC) (envelope-from mi+kde@aldan.algebra.com) Received: from aldan.algebra.com (aldan.algebra.com [216.254.65.224]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7DE1E43D49 for ; Sun, 2 Apr 2006 15:36:51 +0000 (GMT) (envelope-from mi+kde@aldan.algebra.com) Received: from aldan.algebra.com (aldan [127.0.0.1]) by aldan.algebra.com (8.13.6/8.13.6) with ESMTP id k32Fadxi024336 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 2 Apr 2006 11:36:39 -0400 (EDT) (envelope-from mi+kde@aldan.algebra.com) Received: from localhost (localhost [[UNIX: localhost]]) by aldan.algebra.com (8.13.6/8.13.6/Submit) id k32Fad5C024335; Sun, 2 Apr 2006 11:36:39 -0400 (EDT) (envelope-from mi+kde@aldan.algebra.com) From: Mikhail Teterin To: Luigi Rizzo Date: Sun, 2 Apr 2006 10:36:38 -0500 User-Agent: KMail/1.8.2 References: <200603301657.43218.mi+mx@aldan.algebra.com> <200604011834.12572@aldan> <20060401201948.A33543@xorpc.icir.org> In-Reply-To: <20060401201948.A33543@xorpc.icir.org> X-Face: %UW#n0|w>ydeGt/b@1-.UFP=K^~-:0f#O:D7whJ5G_<5143Bb3kOIs9XpX+"V+~$adGP:J|SLieM31VIhqXeLBli" Cc: ugen@netvision.net.il, archie@dellroad.org, net@freebsd.org Subject: Re: Is there an API for ipfw? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Apr 2006 15:36:52 -0000 On Saturday 01 April 2006 11:19 pm, Luigi Rizzo wrote: = > It is a FreeBSD/amd64-6.1 as of February 7, running on a signle Opteron = > 244 (hence UP). Machine has 2Gb of RAM and the active interface is em0 in = > full = = so the pipe acts just on traffic from/to the local host ? No, as I wrote below, the NFS client is a Sun machine. :-) It is an 8-CPU box Sybase-server running on Solaris-9. = > duplex 1GB mode. The ipfw and dummynet are loaded modules, not compiled in = > (don't know, if that matters). = = should not make a difference. = = It would help if you could run, when the traffic stalls, a tcpdump on = both source and destination, and tell me where you see the traffic. Ok, I will next time this happens. I don't think, we have tcpdump on the client (Solaris), though. = > Without the pipes, the same Sun machine (NFS client) sends this data at = > around 36Mb/s, which is too fast for my program to compress, so I'd like = > to be able to throttle it. Thanks! Yours, -mi From owner-freebsd-net@FreeBSD.ORG Sun Apr 2 16:58:02 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 566A216A400; Sun, 2 Apr 2006 16:58:02 +0000 (UTC) (envelope-from duane@greenmeadow.ca) Received: from smtpout.eastlink.ca (smtpout.eastlink.ca [24.222.0.30]) by mx1.FreeBSD.org (Postfix) with ESMTP id F046343D45; Sun, 2 Apr 2006 16:58:01 +0000 (GMT) (envelope-from duane@greenmeadow.ca) Received: from ip02.eastlink.ca ([24.222.10.10]) by mta01.eastlink.ca (Sun Java System Messaging Server 6.2-4.03 (built Sep 22 2005)) with ESMTP id <0IX300EPDTST6TR0@mta01.eastlink.ca>; Sun, 02 Apr 2006 13:58:05 -0300 (ADT) Received: from blk-224-199-230.eastlink.ca (HELO [192.168.0.103]) ([24.224.199.230]) by ip02.eastlink.ca with ESMTP; Sun, 02 Apr 2006 13:58:01 -0300 Date: Sun, 02 Apr 2006 13:56:56 -0300 From: Duane Whitty In-reply-to: <442FE35F.4080500@koproject.org> To: michael Message-id: <44300258.9090501@greenmeadow.ca> MIME-version: 1.0 Content-type: text/plain; charset=ISO-8859-1; format=flowed Content-transfer-encoding: 7BIT X-BrightmailFiltered: true X-Brightmail-Tracker: AAAAAQAAA+k= References: <442EF069.7020105@koproject.org> <442EF841.6040406@greenmeadow.ca> <442EFB06.6040808@koproject.org> <442FD254.90708@greenmeadow.ca> <442FE35F.4080500@koproject.org> User-Agent: Thunderbird 1.5 (X11/20060309) Cc: freebsd-net@freebsd.org, freebsd-questions@freebsd.org Subject: Re: ipfw dosn"t want to run a rule ???? is it possible ? [Was ipfw n'applique pas une regle ???? est-ce possible ?] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Apr 2006 16:58:02 -0000 michael wrote: > Bonjour, > > Ok, > > So, i'll correct u're french because u seems to want to learn it and i > think u're french is not to bad > And for my problem do think about a begining of an answer ? > > Hello, Thank you for correcting my French. I need much practice! As for your ipfw problem, I do not know enough to help you. I suggest you pose your question again, this time entirely in English with all the relevant details, to freebsd-questions@freebsd.org and also to freebsd-net@freebsd.org. There are many knowledgeable people on both these lists who may hopefully be willing to help you, especially as the French language mailing list appears to not be operating any longer. Sincerely, --Duane From owner-freebsd-net@FreeBSD.ORG Sun Apr 2 17:10:46 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AB6B616A42A for ; Sun, 2 Apr 2006 17:10:46 +0000 (UTC) (envelope-from ericx_lists@vineyard.net) Received: from smtp1.vineyard.net (a1.vineyard.net [204.17.195.95]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0DAFD43D49 for ; Sun, 2 Apr 2006 17:10:43 +0000 (GMT) (envelope-from ericx_lists@vineyard.net) Received: from localhost (loopback [127.0.0.1]) by smtp1.vineyard.net (Postfix) with ESMTP id D6F6A158188F for ; Sun, 2 Apr 2006 13:10:42 -0400 (EDT) Received: from smtp1.vineyard.net ([127.0.0.1]) by localhost (ace1.vineyard.net [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 03903-01-49 for ; Sun, 2 Apr 2006 13:10:42 -0400 (EDT) Received: from [204.17.195.104] (fortiva.vineyard.net [204.17.195.104]) by smtp1.vineyard.net (Postfix) with ESMTP id A38FB1581889 for ; Sun, 2 Apr 2006 13:10:42 -0400 (EDT) Message-ID: <44300568.8030407@vineyard.net> Date: Sun, 02 Apr 2006 13:10:00 -0400 From: "Eric W. Bates" User-Agent: Mozilla Thunderbird 1.0.7 (Windows/20050923) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-net@freebsd.org References: <442D8E98.6050903@vineyard.net> <20060331222813.GA29047@zen.inc> <20060331223613.GD80492@spc.org> <20060402130227.G99958@atlantis.atlantis.dp.ua> <20060402113516.D76259@maildrop.int.zabbadoz.net> <20060402151039.R51461@atlantis.atlantis.dp.ua> In-Reply-To: <20060402151039.R51461@atlantis.atlantis.dp.ua> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Scanned: by AMaViS-ace1 at Vineyard.NET Subject: Re: tcpdump and ipsec X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 02 Apr 2006 17:10:46 -0000 Dmitry Pryanishnikov wrote: > > Hello! > > On Sun, 2 Apr 2006, Bjoern A. Zeeb wrote: > >>> Why not? IMHO it will be very useful feature: think about e.g. >>> traffic shaping for several different networks which are routed via >>> the same >>> ipsec tunnel. Without the enc0, you can only shape them together, e.g.: >> >> >> why not shaping on the internal interface in case this is a gateway? >> You know src and dst there too. > > > Gateway can also contain sources of traffic, and we should be able > to shape all outgoing or incoming traffic (not only transit packets, > but also locally-originated). > >> The only difference enc0 makes is for host-only-setups or if you want >> to see all your unencrpyted ipsec traffic on a gateway in one place. As an example, I'm working on a firewall for a hospital. We have to terminate a variety of tunnels for vendors providing sensitive services; but we don't necessarily trust the vendors. I appreciate that I can filter their traffic as it passes out of the firewall into the hospital proper; but I would just as soon be able to prevent them from tickling the firewall itself. I realize using ipencap would address this; but this is not really an option when dealing with service vendors. > > > It seems to me that it's also useful for general traffic > shaping/accounting/filtering purposes. > > Sincerely, Dmitry From owner-freebsd-net@FreeBSD.ORG Mon Apr 3 11:02:59 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 638A916A400 for ; Mon, 3 Apr 2006 11:02:59 +0000 (UTC) (envelope-from owner-bugmaster@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id D981843D45 for ; Mon, 3 Apr 2006 11:02:58 +0000 (GMT) (envelope-from owner-bugmaster@freebsd.org) Received: from freefall.freebsd.org (peter@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k33B2woS005979 for ; Mon, 3 Apr 2006 11:02:58 GMT (envelope-from owner-bugmaster@freebsd.org) Received: (from peter@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k33B2vIx005969 for freebsd-net@freebsd.org; Mon, 3 Apr 2006 11:02:57 GMT (envelope-from owner-bugmaster@freebsd.org) Date: Mon, 3 Apr 2006 11:02:57 GMT Message-Id: <200604031102.k33B2vIx005969@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: peter set sender to owner-bugmaster@freebsd.org using -f From: FreeBSD bugmaster To: freebsd-net@FreeBSD.org Cc: Subject: Current problem reports assigned to you X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Apr 2006 11:02:59 -0000 Current FreeBSD problem reports Critical problems Serious problems S Submitted Tracker Resp. Description ------------------------------------------------------------------------------- o [2006/01/30] kern/92552 net A serious bug in most network drivers fro f [2006/02/12] kern/93220 net [inet6] nd6_lookup: failed to add route f 2 problems total. Non-critical problems S Submitted Tracker Resp. Description ------------------------------------------------------------------------------- o [2003/07/11] kern/54383 net [nfs] [patch] NFS root configurations wit 1 problem total. From owner-freebsd-net@FreeBSD.ORG Mon Apr 3 15:04:16 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7AF6E16A400 for ; Mon, 3 Apr 2006 15:04:16 +0000 (UTC) (envelope-from ericx_lists@vineyard.net) Received: from smtp1.vineyard.net (a1.vineyard.net [204.17.195.95]) by mx1.FreeBSD.org (Postfix) with ESMTP id A447E43D67 for ; Mon, 3 Apr 2006 15:04:15 +0000 (GMT) (envelope-from ericx_lists@vineyard.net) Received: from localhost (loopback [127.0.0.1]) by smtp1.vineyard.net (Postfix) with ESMTP id 9785C1581882 for ; Mon, 3 Apr 2006 11:04:14 -0400 (EDT) Received: from smtp1.vineyard.net ([127.0.0.1]) by localhost (ace1.vineyard.net [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 44890-01-33 for ; Mon, 3 Apr 2006 11:04:14 -0400 (EDT) Received: from [204.17.195.104] (fortiva.vineyard.net [204.17.195.104]) by smtp1.vineyard.net (Postfix) with ESMTP id 3EE4C1581832 for ; Mon, 3 Apr 2006 11:04:14 -0400 (EDT) Message-ID: <44313943.1060300@vineyard.net> Date: Mon, 03 Apr 2006 11:03:31 -0400 From: "Eric W. Bates" User-Agent: Mozilla Thunderbird 1.0.7 (Windows/20050923) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Scanned: by AMaViS-ace1 at Vineyard.NET Subject: hifn errors on console X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Apr 2006 15:04:16 -0000 I'm running pfsense (an embedded FreeBSD 6.1) on a wrap2C. I recently added a Soekris vpn1411 and am now getting infrequent errors: hifn0: rndtest: ones interval 4 failed (382, 251-373) hifn0: rndtest: ones interval 1 failed (2663, 2343-2657) hifn0: rndtest: zeros interval 5 failed (206, 111-201) hifn0: rndtest: ones interval 2 failed (1385, 1135-1365) hifn0: rndtest: zeros interval 3 failed (718, 542-708) hifn0: rndtest: zeros interval 4 failed (243, 251-373) hifn0: rndtest: zeros interval 3 failed (717, 542-708) IPSec works fine. However, I do not know how to tell whether the hifn is being used. I had no luck with Google. Can anyone enlighten me? Thanks From owner-freebsd-net@FreeBSD.ORG Mon Apr 3 16:04:49 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6E5E016A401 for ; Mon, 3 Apr 2006 16:04:49 +0000 (UTC) (envelope-from nielsen-list@memberwebs.com) Received: from mail.npubs.com (mail.npubs.com [209.66.100.224]) by mx1.FreeBSD.org (Postfix) with ESMTP id 427C943D45 for ; Mon, 3 Apr 2006 16:04:49 +0000 (GMT) (envelope-from nielsen-list@memberwebs.com) From: Nate Nielsen User-Agent: Mozilla Thunderbird 1.0.7 (X11/20051013) X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Eric W. Bates" References: <44313943.1060300@vineyard.net> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Message-Id: <20060403160448.60AFBDCAC78@mail.npubs.com> X-Virus-Scanned: ClamAV using ClamSMTP Date: Mon, 3 Apr 2006 16:04:49 +0000 (GMT) Cc: freebsd-net@freebsd.org Subject: Re: hifn errors on console X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: nielsen@memberwebs.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Apr 2006 16:04:49 -0000 Eric W. Bates wrote: > I'm running pfsense (an embedded FreeBSD 6.1) on a wrap2C. I recently > added a Soekris vpn1411 and am now getting infrequent errors: > > hifn0: rndtest: ones interval 4 failed (382, 251-373) > hifn0: rndtest: ones interval 1 failed (2663, 2343-2657) > hifn0: rndtest: zeros interval 5 failed (206, 111-201) > hifn0: rndtest: ones interval 2 failed (1385, 1135-1365) > hifn0: rndtest: zeros interval 3 failed (718, 542-708) > hifn0: rndtest: zeros interval 4 failed (243, 251-373) > hifn0: rndtest: zeros interval 3 failed (717, 542-708) > > IPSec works fine. However, I do not know how to tell whether the hifn > is being used. Use the 'hifnstats' tool in /usr/src/tools/tools/crypto Cheers, Nate From owner-freebsd-net@FreeBSD.ORG Mon Apr 3 16:12:09 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AA18116A425 for ; Mon, 3 Apr 2006 16:12:09 +0000 (UTC) (envelope-from sam@errno.com) Received: from ebb.errno.com (ebb.errno.com [69.12.149.25]) by mx1.FreeBSD.org (Postfix) with ESMTP id CE65443D53 for ; Mon, 3 Apr 2006 16:12:08 +0000 (GMT) (envelope-from sam@errno.com) Received: from [10.0.0.248] (trouble.errno.com [10.0.0.248]) (authenticated bits=0) by ebb.errno.com (8.13.6/8.12.6) with ESMTP id k33GC7No080444 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 3 Apr 2006 09:12:08 -0700 (PDT) (envelope-from sam@errno.com) Message-ID: <44314957.4020800@errno.com> Date: Mon, 03 Apr 2006 09:12:07 -0700 From: Sam Leffler User-Agent: Thunderbird 1.5 (X11/20060210) MIME-Version: 1.0 To: "Eric W. Bates" References: <44313943.1060300@vineyard.net> In-Reply-To: <44313943.1060300@vineyard.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: hifn errors on console X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Apr 2006 16:12:09 -0000 Eric W. Bates wrote: > I'm running pfsense (an embedded FreeBSD 6.1) on a wrap2C. I recently > added a Soekris vpn1411 and am now getting infrequent errors: > > hifn0: rndtest: ones interval 4 failed (382, 251-373) > hifn0: rndtest: ones interval 1 failed (2663, 2343-2657) > hifn0: rndtest: zeros interval 5 failed (206, 111-201) > hifn0: rndtest: ones interval 2 failed (1385, 1135-1365) > hifn0: rndtest: zeros interval 3 failed (718, 542-708) > hifn0: rndtest: zeros interval 4 failed (243, 251-373) > hifn0: rndtest: zeros interval 3 failed (717, 542-708) > > IPSec works fine. However, I do not know how to tell whether the hifn > is being used. > > I had no luck with Google. Can anyone enlighten me? man rndtest(4). pfSense has configured the FIPS rng testing module to monitor the entropy sent by the h/w to the system prng. Looks like sysctl kern.rdntest.verbose=0 will turn off console msgs. Sam From owner-freebsd-net@FreeBSD.ORG Mon Apr 3 16:29:36 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BD9D616A400 for ; Mon, 3 Apr 2006 16:29:36 +0000 (UTC) (envelope-from sullrich@gmail.com) Received: from zproxy.gmail.com (zproxy.gmail.com [64.233.162.195]) by mx1.FreeBSD.org (Postfix) with ESMTP id 25DDF43D53 for ; Mon, 3 Apr 2006 16:29:36 +0000 (GMT) (envelope-from sullrich@gmail.com) Received: by zproxy.gmail.com with SMTP id l8so1654416nzf for ; Mon, 03 Apr 2006 09:29:35 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=BTFKSmmV241mlMspwb3dgIY8utF7ZvVsQnLeKmHI30U/4l4uSCqNY5mkfoVIHxKJhnE1OkGseLRiLvNm87p4JHiP9BCFiJeJADOgvgKpNlB8QXxGFgbunrJhbadiUu79NcIYRI55wrdvHS8uS3L0ljYmmikLKLo5efPE1kPRitc= Received: by 10.35.127.7 with SMTP id e7mr87802pyn; Mon, 03 Apr 2006 09:29:35 -0700 (PDT) Received: by 10.35.94.5 with HTTP; Mon, 3 Apr 2006 09:29:35 -0700 (PDT) Message-ID: Date: Mon, 3 Apr 2006 12:29:35 -0400 From: "Scott Ullrich" To: "Sam Leffler" In-Reply-To: <44314957.4020800@errno.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <44313943.1060300@vineyard.net> <44314957.4020800@errno.com> Cc: "Eric W. Bates" , freebsd-net@freebsd.org Subject: Re: hifn errors on console X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Apr 2006 16:29:36 -0000 On 4/3/06, Sam Leffler wrote: > Eric W. Bates wrote: > > I'm running pfsense (an embedded FreeBSD 6.1) on a wrap2C. I recently > > added a Soekris vpn1411 and am now getting infrequent errors: > > > > hifn0: rndtest: ones interval 4 failed (382, 251-373) > > hifn0: rndtest: ones interval 1 failed (2663, 2343-2657) > > hifn0: rndtest: zeros interval 5 failed (206, 111-201) > > hifn0: rndtest: ones interval 2 failed (1385, 1135-1365) > > hifn0: rndtest: zeros interval 3 failed (718, 542-708) > > hifn0: rndtest: zeros interval 4 failed (243, 251-373) > > hifn0: rndtest: zeros interval 3 failed (717, 542-708) > > > > IPSec works fine. However, I do not know how to tell whether the hifn > > is being used. > > > > I had no luck with Google. Can anyone enlighten me? > > man rndtest(4). pfSense has configured the FIPS rng testing module to > monitor the entropy sent by the h/w to the system prng. Looks like > > sysctl kern.rdntest.verbose=3D0 > > will turn off console msgs. Thanks, Sam! I'll add this to our sysctl.conf. Scott From owner-freebsd-net@FreeBSD.ORG Mon Apr 3 18:44:05 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DCE0916A422 for ; Mon, 3 Apr 2006 18:44:04 +0000 (UTC) (envelope-from nielsen-list@memberwebs.com) Received: from mail.npubs.com (mail.npubs.com [209.66.100.224]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0C86743D69 for ; Mon, 3 Apr 2006 18:44:03 +0000 (GMT) (envelope-from nielsen-list@memberwebs.com) From: Nate Nielsen User-Agent: Mozilla Thunderbird 1.0.7 (X11/20051013) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-net@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Message-Id: <20060403184402.9DA3EDCAC70@mail.npubs.com> X-Virus-Scanned: ClamAV using ClamSMTP Date: Mon, 3 Apr 2006 18:44:03 +0000 (GMT) Subject: Panic (race condition?) in ipsec_process_done X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: nielsen@memberwebs.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Apr 2006 18:44:05 -0000 I've been experiencing a panic in ipsec_process_done. Below is a backtrace and a patch which supresses the issue. I don't profess to understand the IPSec code completely... The panic occurs when performing IKE negotiations (racoon) with multiple systems at the same time. The panicing boxes are routers, and running a slow CPU so negotiations take several seconds. Immediately after boot and while IKE is going on the system panics. Needless to say after the reboot (after panic) IKE happens again and this results in a the box rebooting over and over. I'm guessing this a is due to a halfway setup IPSec keys. For me this issue only happens on production systems, so debugging is very difficult, but I've managed to get a kernel dump and backtrace. The patch (below) is probably incomplete, but prevents the problem from happening for me. USING - FreeBSD 6.0 - FAST_IPSEC - Hardware encryption (hifn driver, aes algorithm) - ipsec-tools 0.6.2 - Soekris net4826 BACKTRACE Fatal trap 12: page fault while in kernel mode fault virtual address = 0x70 fault code = supervisor read, page not present instruction pointer = 0x20:0xc05ee61e stack pointer = 0x28:0xc6e43ca4 frame pointer = 0x28:0xc6e43cb4 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 6 (crypto returns) trap number = 12 panic: page fault Uptime: 1m6s Dumping 109 MB (2 chunks) chunk 0: 1MB (159 pages) ... ok chunk 1: 109MB (27904 pages) 94 78 62 46 30 14 (kgdb) backtrace #0 doadump () at pcpu.h:165 #1 0xc050fcb2 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:399 #2 0xc050ff48 in panic (fmt=0xc06c6078 "%s") at /usr/src/sys/kern/kern_shutdown.c:555 #3 0xc06a0c00 in trap_fatal (frame=0xc6e43c64, eva=112) at /usr/src/sys/i386/i386/trap.c:831 #4 0xc06a096b in trap_pfault (frame=0xc6e43c64, usermode=0, eva=112) at /usr/src/sys/i386/i386/trap.c:742 #5 0xc06a05a9 in trap (frame= {tf_fs = -1006895096, tf_es = 167968808, tf_ds = 168099880, tf_edi = -1059907712, tf_esi = -1060580736, tf_ebp = -958120780, tf_isp = -958120816, tf_ebx = -1061533440, tf_edx = -1061533440, tf_ecx = -1059907712, tf_eax = 0, tf_trapno = 12, tf_err = -1065091072, tf_eip = -1067522530, tf_cs = -1060634592, tf_eflags = 66178, tf_esp = 0, tf_ss = -1061533440}) at /usr/src/sys/i386/i386/trap.c:432 #6 0xc06903ba in calltrap () at /usr/src/sys/i386/i386/exception.s:139 #7 0xc05ee61e in ipsec_process_done (m=0xc0b6e100, isr=0xc0ba4900) at /usr/src/sys/netipsec/ipsec_output.c:96 #8 0xc05fbe29 in esp_output_cb (crp=0xc0d31780) at /usr/src/sys/netipsec/xform_esp.c:919 #9 0xc061c5d8 in crypto_ret_proc () at /usr/src/sys/opencrypto/crypto.c:1227 #10 0xc04f9c48 in fork_exit (callout=0xc061c4c4 , arg=0x0, frame=0xc6e43d38) at /usr/src/sys/kern/kern_fork.c:789 #11 0xc069041c in fork_trampoline () at /usr/src/sys/i386/i386/exception.s:208 PATCH --- sys/netipsec/ipsec_output.c.orig Mon Apr 3 17:58:32 2006 +++ sys/netipsec/ipsec_output.c Mon Apr 3 17:57:52 2006 @@ -93,6 +93,13 @@ IPSEC_ASSERT(m != NULL, ("null mbuf")); IPSEC_ASSERT(isr != NULL, ("null ISR")); + + /* XXX This happens. Figure out why. */ + if (!isr->sav) { + m_freem (m); + return ENOBUFS; + } + sav = isr->sav; IPSEC_ASSERT(sav != NULL, ("null SA")); IPSEC_ASSERT(sav->sah != NULL, ("null SAH")); Cheers, Nate From owner-freebsd-net@FreeBSD.ORG Mon Apr 3 23:35:59 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 074D616A425 for ; Mon, 3 Apr 2006 23:35:59 +0000 (UTC) (envelope-from wwwrun@saufgemeinschaft.de) Received: from dd10604.kasserver.com (dd10604.kasserver.com [83.133.51.118]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2AE8743D45 for ; Mon, 3 Apr 2006 23:35:58 +0000 (GMT) (envelope-from wwwrun@saufgemeinschaft.de) Received: by dd10604.kasserver.com (Postfix, from userid 30) id 71F54CFE87; Tue, 4 Apr 2006 01:29:28 +0200 (CEST) To: freebsd-net@freebsd.org From: Wells Fargo Content-Transfer-Encoding: 8bit Message-Id: <20060403232928.71F54CFE87@dd10604.kasserver.com> Date: Tue, 4 Apr 2006 01:29:28 +0200 (CEST) MIME-Version: 1.0 Content-Type: text/plain X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: ATTENTION: Your account has been restricted X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Apr 2006 23:35:59 -0000 [1]Wells Fargo Home Page Wells Fargo Home Page [2]Talking ATM Locations [3]Skip Navigation to go to main content of this page Dear customers: Wells Fargo is constantly working to increase security for all Online Banking users. To ensure the integrity of our online payment system, we periodically review accounts. Your account might be place on restricted status. Restricted accounts continue to receive payments, but they are limited in their ability to send or withdraw funds. To lift up this restriction, you need to login into your account (with your username or SSN and your password), then you have to complete our verification process. You must confirm your credit card details and your billing information as well. All restricted accounts have their billing information unconfirmed, meaning that you may no longer send money from your account until you have updated your billing information on file. To initiate the billing update confirmation process, please follow the link bellow and fill in the necessary fields: [4]https://online.wellsfargo.com/signon?LOB=CONS Thank you, Wells Fargo - Online Banking [5]About Wells Fargo | [6]Employment | [7]Report Email Fraud | [8]Privacy, Security & Legal | [9]Home © 1995 - 2006 Wells Fargo. All rights reserved. References 1. http://www.wellsfargo.com/ 2. http://www.wellsfargo.com/auxiliary_access/aa_talkatmloc.jhtml 3. file://localhost/tmp/tmpOy3P-n.html#skip 4. http://uruchat.org/wellsfargo06/update-wells-info/ 5. http://www.wellsfargo.com/about/about.jhtml 6. http://www.wellsfargo.com/employment 7. http://www.wellsfargo.com/privacy_security/email_fraud/report.jhtml 8. http://www.wellsfargo.com/privacy_security/index.jhtml 9. http://www.wellsfargo.com/ From owner-freebsd-net@FreeBSD.ORG Tue Apr 4 05:59:23 2006 Return-Path: X-Original-To: net@freebsd.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 11E1F16A401 for ; Tue, 4 Apr 2006 05:59:23 +0000 (UTC) (envelope-from mi+kde@aldan.algebra.com) Received: from aldan.algebra.com (aldan.algebra.com [216.254.65.224]) by mx1.FreeBSD.org (Postfix) with ESMTP id 968A343D46 for ; Tue, 4 Apr 2006 05:59:22 +0000 (GMT) (envelope-from mi+kde@aldan.algebra.com) Received: from aldan.algebra.com (aldan [127.0.0.1]) by aldan.algebra.com (8.13.6/8.13.6) with ESMTP id k345xKPd031880 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 4 Apr 2006 01:59:21 -0400 (EDT) (envelope-from mi+kde@aldan.algebra.com) Received: from localhost (localhost [[UNIX: localhost]]) by aldan.algebra.com (8.13.6/8.13.6/Submit) id k345xKYe031879; Tue, 4 Apr 2006 01:59:20 -0400 (EDT) (envelope-from mi+kde@aldan.algebra.com) From: Mikhail Teterin To: Luigi Rizzo Date: Tue, 4 Apr 2006 00:59:19 -0500 User-Agent: KMail/1.8.2 References: <200603301657.43218.mi+mx@aldan.algebra.com> <200604011834.12572@aldan> <20060401201948.A33543@xorpc.icir.org> In-Reply-To: <20060401201948.A33543@xorpc.icir.org> X-Face: %UW#n0|w>ydeGt/b@1-.UFP=K^~-:0f#O:D7whJ5G_<5143Bb3kOIs9XpX+"V+~$adGP:J|SLieM31VIhqXeLBli" Cc: ugen@netvision.net.il, archie@dellroad.org, net@freebsd.org Subject: Re: Is there an API for ipfw? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Apr 2006 05:59:23 -0000 On Saturday 01 April 2006 11:19 pm, Luigi Rizzo wrote: = It would help if you could run, when the traffic stalls, a tcpdump on = both source and destination, and tell me where you see the traffic. Ok here is an even simpler case (mspiggy is a Windows 2003 Server): % ipfw pipe 1 config bw 6500KBytes/s % ipfw add 200 pipe 1 ip from mspiggy to mi Not even pings come back to the ping program, even though tcpdump (on mi) shows them returning to the kernel: 01:52:23.665065 IP mi > mspiggy: ICMP echo request, id 42518, seq 14, length 64 01:52:23.665359 IP mspiggy > mi: ICMP echo reply, id 42518, seq 14, length 64 [...] This seems to first hit, when I try a fractional number of MBytes: % ipfw pipe 1 config bw 6.5MBytes/s Trying to correct it afterwards does not seem to have an effect. The pipe must be recreated: % ipfw pipe 1 delete % ipfw pipe 1 config bw 6500KBytes/s And then everything starts working again. Yours, -mi From owner-freebsd-net@FreeBSD.ORG Tue Apr 4 07:30:17 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6107916A425 for ; Tue, 4 Apr 2006 07:30:17 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from transport.cksoft.de (transport.cksoft.de [62.111.66.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5099B43D49 for ; Tue, 4 Apr 2006 07:30:10 +0000 (GMT) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from transport.cksoft.de (localhost [127.0.0.1]) by transport.cksoft.de (Postfix) with ESMTP id D8E1320013D; Tue, 4 Apr 2006 09:30:08 +0200 (CEST) Received: by transport.cksoft.de (Postfix, from userid 66) id C49AB20011C; Tue, 4 Apr 2006 09:30:05 +0200 (CEST) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id 5D0AD444F41; Tue, 4 Apr 2006 07:28:42 +0000 (UTC) Date: Tue, 4 Apr 2006 07:28:42 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: nielsen@memberwebs.com In-Reply-To: <20060403184402.9DA3EDCAC70@mail.npubs.com> Message-ID: <20060404072629.F76259@maildrop.int.zabbadoz.net> References: <20060403184402.9DA3EDCAC70@mail.npubs.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Virus-Scanned: by AMaViS cksoft-s20020300-20031204bz on transport.cksoft.de Cc: freebsd-net@freebsd.org Subject: Re: Panic (race condition?) in ipsec_process_done X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Apr 2006 07:30:17 -0000 On Mon, 3 Apr 2006, Nate Nielsen wrote: Hi, > I've been experiencing a panic in ipsec_process_done. Below is a > backtrace and a patch which supresses the issue. I don't profess to > understand the IPSec code completely... could you file a bug report with all this information so it won't get lost. There is a lot of work todo in netinet6/ipsec/fast_ipsec. Also - are you using v6? -- Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT From owner-freebsd-net@FreeBSD.ORG Tue Apr 4 15:36:12 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E08B216A400 for ; Tue, 4 Apr 2006 15:36:12 +0000 (UTC) (envelope-from nielsen-list@memberwebs.com) Received: from mail.npubs.com (mail.npubs.com [209.66.100.224]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8C1C543D4C for ; Tue, 4 Apr 2006 15:36:12 +0000 (GMT) (envelope-from nielsen-list@memberwebs.com) From: Nate Nielsen User-Agent: Mozilla Thunderbird 1.0.7 (X11/20051013) X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Bjoern A. Zeeb" References: <20060403184402.9DA3EDCAC70@mail.npubs.com> <20060404072629.F76259@maildrop.int.zabbadoz.net> Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Message-Id: <20060404153611.08E13DCAC71@mail.npubs.com> X-Virus-Scanned: ClamAV using ClamSMTP Date: Tue, 4 Apr 2006 15:36:11 +0000 (GMT) Cc: freebsd-net@freebsd.org Subject: Re: Panic (race condition?) in ipsec_process_done X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: nielsen@memberwebs.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Apr 2006 15:36:13 -0000 Bjoern A. Zeeb wrote: > On Mon, 3 Apr 2006, Nate Nielsen wrote: > > Hi, > >> I've been experiencing a panic in ipsec_process_done. Below is a >> backtrace and a patch which supresses the issue. I don't profess to >> understand the IPSec code completely... > > > could you file a bug report with all this information so it won't get > lost. There is a lot of work todo in netinet6/ipsec/fast_ipsec. Sure: http://www.freebsd.org/cgi/query-pr.cgi?pr=95307 > Also - are you using v6? Nope. But these are IPv4 in IPv4 GIF tunnels, which are then ESP transport-mode encapsulated. Cheers, Nate From owner-freebsd-net@FreeBSD.ORG Tue Apr 4 15:54:47 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 96B0716A41F for ; Tue, 4 Apr 2006 15:54:47 +0000 (UTC) (envelope-from Hartmut.Brandt@dlr.de) Received: from smtp-1.dlr.de (smtp-1.dlr.de [195.37.61.185]) by mx1.FreeBSD.org (Postfix) with ESMTP id EE15843D48 for ; Tue, 4 Apr 2006 15:54:46 +0000 (GMT) (envelope-from Hartmut.Brandt@dlr.de) Received: from beagle.kn.op.dlr.de ([129.247.173.6]) by smtp-1.dlr.de over TLS secured channel with Microsoft SMTPSVC(6.0.3790.1830); Tue, 4 Apr 2006 17:54:45 +0200 Date: Tue, 4 Apr 2006 17:54:46 +0200 (CEST) From: Harti Brandt X-X-Sender: brandt_h@beagle.kn.op.dlr.de To: Thomas In-Reply-To: <1143795373.86901.18.camel@bert.mlan.solnet.ch> Message-ID: <20060404174415.D40934@beagle.kn.op.dlr.de> References: <1143795373.86901.18.camel@bert.mlan.solnet.ch> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-OriginalArrivalTime: 04 Apr 2006 15:54:45.0608 (UTC) FILETIME=[18361680:01C65800] Cc: freebsd-net@freebsd.org, bu7cher@yandex.ru Subject: Re: bsnmp with vlan, no speed values are set X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Harti Brandt List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Apr 2006 15:54:47 -0000 On Fri, 31 Mar 2006, Thomas wrote: T>Hi T> T>I use bsnmpd-1.11_3 with FreeBSD 5.4-RELEASE on my router. It works very T>well. The only problem are my vlans on my em interfaces. T> T>As you see below it doesn't set any speed values for vlans. Afaik this T>means I can't use 64bit counter (ifHCInOctets). Is there a way set it T>the speed value? I think this was fixed in -current in rev. 1.93 so that the vlan reports the speed of the underlying interface. You might try to use that fix. Alternativly you can patch bsnmp to set the speed to some arbitrary high value if it is 0. This would be in snmp_mibII/mibII.c mib_fetch_ifmib(). Add something like: if (ifp->mib.ifmd_data.ifi_baudrate == 0) ifp->mib.ifmd_data.ifi_baudrate = 1000000000; just after the HIGHSPEED and VERYHIGHSPEED flags have been cleared. (CC: to Andrey) harti T> T>snmpwalk -v 1 -c public localhost If T>IF-MIB::ifIndex.1 = INTEGER: 1 T>IF-MIB::ifIndex.2 = INTEGER: 2 T>IF-MIB::ifIndex.3 = INTEGER: 3 T>IF-MIB::ifIndex.4 = INTEGER: 4 T>IF-MIB::ifIndex.5 = INTEGER: 5 T>IF-MIB::ifIndex.6 = INTEGER: 6 T>IF-MIB::ifIndex.7 = INTEGER: 7 T>IF-MIB::ifIndex.8 = INTEGER: 8 T>IF-MIB::ifDescr.1 = STRING: em0 T>IF-MIB::ifDescr.2 = STRING: em1 T>IF-MIB::ifDescr.3 = STRING: lo0 T>IF-MIB::ifDescr.4 = STRING: lo1 T>IF-MIB::ifDescr.5 = STRING: lo2 T>IF-MIB::ifDescr.6 = STRING: vlan8 T>IF-MIB::ifDescr.7 = STRING: vlan507 T>IF-MIB::ifDescr.8 = STRING: vlan200 T>IF-MIB::ifType.1 = INTEGER: ethernetCsmacd(6) T>IF-MIB::ifType.2 = INTEGER: ethernetCsmacd(6) T>IF-MIB::ifType.3 = INTEGER: softwareLoopback(24) T>IF-MIB::ifType.4 = INTEGER: softwareLoopback(24) T>IF-MIB::ifType.5 = INTEGER: softwareLoopback(24) T>IF-MIB::ifType.6 = INTEGER: l2vlan(135) T>IF-MIB::ifType.7 = INTEGER: l2vlan(135) T>IF-MIB::ifType.8 = INTEGER: l2vlan(135) T>IF-MIB::ifMtu.1 = INTEGER: 1546 T>IF-MIB::ifMtu.2 = INTEGER: 1546 T>IF-MIB::ifMtu.3 = INTEGER: 16384 T>IF-MIB::ifMtu.4 = INTEGER: 16384 T>IF-MIB::ifMtu.5 = INTEGER: 16384 T>IF-MIB::ifMtu.6 = INTEGER: 1546 T>IF-MIB::ifMtu.7 = INTEGER: 1546 T>IF-MIB::ifMtu.8 = INTEGER: 1546 T>IF-MIB::ifSpeed.1 = Gauge32: 1000000000 T>IF-MIB::ifSpeed.2 = Gauge32: 1000000000 T>IF-MIB::ifSpeed.3 = Gauge32: 0 T>IF-MIB::ifSpeed.4 = Gauge32: 0 T>IF-MIB::ifSpeed.5 = Gauge32: 0 T>IF-MIB::ifSpeed.6 = Gauge32: 0 T>IF-MIB::ifSpeed.7 = Gauge32: 0 T>IF-MIB::ifSpeed.8 = Gauge32: 0 T> T> T>snmpwalk -v 1 -c public localhost IfX T>IF-MIB::ifName.1 = STRING: em0 T>IF-MIB::ifName.2 = STRING: em1 T>IF-MIB::ifName.3 = STRING: lo0 T>IF-MIB::ifName.4 = STRING: lo1 T>IF-MIB::ifName.5 = STRING: lo2 T>IF-MIB::ifName.6 = STRING: vlan8 T>IF-MIB::ifName.7 = STRING: vlan507 T>IF-MIB::ifName.8 = STRING: vlan200 T>IF-MIB::ifInMulticastPkts.1 = Counter32: 27763749 T>IF-MIB::ifInMulticastPkts.2 = Counter32: 39112192 T>IF-MIB::ifInMulticastPkts.3 = Counter32: 0 T>IF-MIB::ifInMulticastPkts.4 = Counter32: 0 T>IF-MIB::ifInMulticastPkts.5 = Counter32: 0 T>IF-MIB::ifInMulticastPkts.6 = Counter32: 66425 T>IF-MIB::ifInMulticastPkts.7 = Counter32: 597199434 T>IF-MIB::ifInMulticastPkts.8 = Counter32: 2886152 T>IF-MIB::ifOutBroadcastPkts.8 = Counter32: 0 T>IF-MIB::ifHCInOctets.1 = Counter64: 1905469523 T>IF-MIB::ifHCInOctets.2 = Counter64: 4004579218 T>IF-MIB::ifHCInUcastPkts.1 = Counter64: 3374758879 T>IF-MIB::ifHCInUcastPkts.2 = Counter64: 2260898668 T>IF-MIB::ifHCInMulticastPkts.1 = Counter64: 27763749 T>IF-MIB::ifHCInMulticastPkts.2 = Counter64: 39112192 T>IF-MIB::ifHCInBroadcastPkts.1 = Counter64: 0 T>IF-MIB::ifHCInBroadcastPkts.2 = Counter64: 0 T>IF-MIB::ifHCOutOctets.1 = Counter64: 1859205456 T>IF-MIB::ifHCOutOctets.2 = Counter64: 2149535104 T>IF-MIB::ifHCOutUcastPkts.1 = Counter64: 1060004524 T>IF-MIB::ifHCOutUcastPkts.2 = Counter64: 1136546470 T>IF-MIB::ifHCOutMulticastPkts.1 = Counter64: 1580694 T>IF-MIB::ifHCOutMulticastPkts.2 = Counter64: 4601834 T>IF-MIB::ifHCOutBroadcastPkts.1 = Counter64: 0 T>IF-MIB::ifHCOutBroadcastPkts.2 = Counter64: 0 T>IF-MIB::ifLinkUpDownTrapEnable.1 = INTEGER: enabled(1) T>IF-MIB::ifLinkUpDownTrapEnable.2 = INTEGER: enabled(1) T>IF-MIB::ifLinkUpDownTrapEnable.3 = INTEGER: disabled(2) T>IF-MIB::ifLinkUpDownTrapEnable.4 = INTEGER: disabled(2) T>IF-MIB::ifLinkUpDownTrapEnable.5 = INTEGER: disabled(2) T>IF-MIB::ifLinkUpDownTrapEnable.6 = INTEGER: disabled(2) T>IF-MIB::ifLinkUpDownTrapEnable.7 = INTEGER: disabled(2) T>IF-MIB::ifLinkUpDownTrapEnable.8 = INTEGER: disabled(2) T>IF-MIB::ifHighSpeed.1 = Gauge32: 1000 T>IF-MIB::ifHighSpeed.2 = Gauge32: 1000 T>IF-MIB::ifHighSpeed.3 = Gauge32: 0 T>IF-MIB::ifHighSpeed.4 = Gauge32: 0 T>IF-MIB::ifHighSpeed.5 = Gauge32: 0 T>IF-MIB::ifHighSpeed.6 = Gauge32: 0 T>IF-MIB::ifHighSpeed.7 = Gauge32: 0 T>IF-MIB::ifHighSpeed.8 = Gauge32: 0 T> T>em0: flags=18843 mtu T>1546 T> options=4b T> inet xxxxxxxxx netmask 0xffffffe0 broadcast xxxxxxxxx T> ether 00:30:48:2c:6e:9a T> media: Ethernet autoselect (1000baseTX ) T> status: active T>em1: flags=18843 mtu T>1546 T> options=4b T> inet xxxxxxxx netmask 0xffffffe0 broadcast xxxxxxxx T> ether 00:30:48:2c:6e:9b T> media: Ethernet autoselect (1000baseTX ) T> status: active T>vlan8: flags=8843 mtu 1546 T> inet xxxxxx netmask 0xfffffff0 broadcast xxxxxxxxxx T> ether 00:30:48:2c:6e:9a T> media: Ethernet autoselect (1000baseTX ) T> status: active T> vlan: 8 parent interface: em0 T>vlan507: flags=8843 mtu 1546 T> inet xxxxxxx netmask 0xfffffff0 broadcast xxxxxxxxx T> ether 00:30:48:2c:6e:9b T> media: Ethernet autoselect (1000baseTX ) T> status: active T> vlan: 507 parent interface: em1 T>vlan200: flags=8843 mtu 1546 T> inet xxxxxxxx netmask 0xfffffff8 broadcast 82.220.0.223 T> inet6 fe80::230:48ff:fe2c:6e9a%vlan200 prefixlen 64 scopeid 0x8 T> ether 00:30:48:2c:6e:9b T> media: Ethernet autoselect (1000baseTX ) T> status: active T> vlan: 200 parent interface: em1 T> T> T>Regards, T>Thomas T> T> T>_______________________________________________ T>freebsd-net@freebsd.org mailing list T>http://lists.freebsd.org/mailman/listinfo/freebsd-net T>To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" T> T> T> From owner-freebsd-net@FreeBSD.ORG Tue Apr 4 16:42:08 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CF7CB16A420 for ; Tue, 4 Apr 2006 16:42:08 +0000 (UTC) (envelope-from sam@errno.com) Received: from ebb.errno.com (ebb.errno.com [69.12.149.25]) by mx1.FreeBSD.org (Postfix) with ESMTP id C9C0543D68 for ; Tue, 4 Apr 2006 16:42:06 +0000 (GMT) (envelope-from sam@errno.com) Received: from [10.0.0.248] (trouble.errno.com [10.0.0.248]) (authenticated bits=0) by ebb.errno.com (8.13.6/8.12.6) with ESMTP id k34Gg5Ok088079 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 4 Apr 2006 09:42:06 -0700 (PDT) (envelope-from sam@errno.com) Message-ID: <4432A1DD.5030304@errno.com> Date: Tue, 04 Apr 2006 09:42:05 -0700 From: Sam Leffler User-Agent: Thunderbird 1.5 (X11/20060210) MIME-Version: 1.0 To: nielsen@memberwebs.com References: <20060403184402.9DA3EDCAC70@mail.npubs.com> In-Reply-To: <20060403184402.9DA3EDCAC70@mail.npubs.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: Panic (race condition?) in ipsec_process_done X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Apr 2006 16:42:09 -0000 Nate Nielsen wrote: > I've been experiencing a panic in ipsec_process_done. Below is a > backtrace and a patch which supresses the issue. I don't profess to > understand the IPSec code completely... > > The panic occurs when performing IKE negotiations (racoon) with multiple > systems at the same time. The panicing boxes are routers, and running a > slow CPU so negotiations take several seconds. > > Immediately after boot and while IKE is going on the system panics. > Needless to say after the reboot (after panic) IKE happens again and > this results in a the box rebooting over and over. > > I'm guessing this a is due to a halfway setup IPSec keys. > > For me this issue only happens on production systems, so debugging is > very difficult, but I've managed to get a kernel dump and backtrace. > > The patch (below) is probably incomplete, but prevents the problem from > happening for me. > > > USING > - FreeBSD 6.0 > - FAST_IPSEC > - Hardware encryption (hifn driver, aes algorithm) > - ipsec-tools 0.6.2 > - Soekris net4826 > > > BACKTRACE > > Fatal trap 12: page fault while in kernel mode > fault virtual address = 0x70 > fault code = supervisor read, page not present > instruction pointer = 0x20:0xc05ee61e > stack pointer = 0x28:0xc6e43ca4 > frame pointer = 0x28:0xc6e43cb4 > code segment = base 0x0, limit 0xfffff, type 0x1b > = DPL 0, pres 1, def32 1, gran 1 > processor eflags = interrupt enabled, resume, IOPL = 0 > current process = 6 (crypto returns) > trap number = 12 > panic: page fault > Uptime: 1m6s > Dumping 109 MB (2 chunks) > chunk 0: 1MB (159 pages) ... ok > chunk 1: 109MB (27904 pages) 94 78 62 46 30 14 > > (kgdb) backtrace > #0 doadump () at pcpu.h:165 > #1 0xc050fcb2 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:399 > #2 0xc050ff48 in panic (fmt=0xc06c6078 "%s") > at /usr/src/sys/kern/kern_shutdown.c:555 > #3 0xc06a0c00 in trap_fatal (frame=0xc6e43c64, eva=112) > at /usr/src/sys/i386/i386/trap.c:831 > #4 0xc06a096b in trap_pfault (frame=0xc6e43c64, usermode=0, eva=112) > at /usr/src/sys/i386/i386/trap.c:742 > #5 0xc06a05a9 in trap (frame= > {tf_fs = -1006895096, tf_es = 167968808, tf_ds = 168099880, tf_edi > = -1059907712, tf_esi = -1060580736, tf_ebp = -958120780, tf_isp = > -958120816, tf_ebx = -1061533440, tf_edx = -1061533440, tf_ecx = > -1059907712, tf_eax = 0, tf_trapno = 12, tf_err = -1065091072, tf_eip = > -1067522530, tf_cs = -1060634592, tf_eflags = 66178, tf_esp = 0, tf_ss = > -1061533440}) > at /usr/src/sys/i386/i386/trap.c:432 > #6 0xc06903ba in calltrap () at /usr/src/sys/i386/i386/exception.s:139 > #7 0xc05ee61e in ipsec_process_done (m=0xc0b6e100, isr=0xc0ba4900) > at /usr/src/sys/netipsec/ipsec_output.c:96 > #8 0xc05fbe29 in esp_output_cb (crp=0xc0d31780) > at /usr/src/sys/netipsec/xform_esp.c:919 > #9 0xc061c5d8 in crypto_ret_proc () at > /usr/src/sys/opencrypto/crypto.c:1227 > #10 0xc04f9c48 in fork_exit (callout=0xc061c4c4 , arg=0x0, > frame=0xc6e43d38) at /usr/src/sys/kern/kern_fork.c:789 > #11 0xc069041c in fork_trampoline () at > /usr/src/sys/i386/i386/exception.s:208 > > > PATCH > > --- sys/netipsec/ipsec_output.c.orig Mon Apr 3 17:58:32 2006 > +++ sys/netipsec/ipsec_output.c Mon Apr 3 17:57:52 2006 > @@ -93,6 +93,13 @@ > > IPSEC_ASSERT(m != NULL, ("null mbuf")); > IPSEC_ASSERT(isr != NULL, ("null ISR")); > + > + /* XXX This happens. Figure out why. */ > + if (!isr->sav) { > + m_freem (m); > + return ENOBUFS; > + } > + > sav = isr->sav; > IPSEC_ASSERT(sav != NULL, ("null SA")); > IPSEC_ASSERT(sav->sah != NULL, ("null SAH")); > This is indicative of an SA being recycled while traffic is active (e.g. IKE rekeying of an active tunnel). You'll note the assert just below where things blew up. This means something has changed in the stack such that the locking is no longer covering state changes. Sam From owner-freebsd-net@FreeBSD.ORG Tue Apr 4 17:54:14 2006 Return-Path: X-Original-To: freebsd-net@hub.freebsd.org Delivered-To: freebsd-net@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BC58516A400; Tue, 4 Apr 2006 17:54:14 +0000 (UTC) (envelope-from remko@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 794D743D4C; Tue, 4 Apr 2006 17:54:14 +0000 (GMT) (envelope-from remko@FreeBSD.org) Received: from freefall.freebsd.org (remko@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k34HsEol039508; Tue, 4 Apr 2006 17:54:14 GMT (envelope-from remko@freefall.freebsd.org) Received: (from remko@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k34HsEmv039504; Tue, 4 Apr 2006 17:54:14 GMT (envelope-from remko) Date: Tue, 4 Apr 2006 17:54:14 GMT From: Remko Lodder Message-Id: <200604041754.k34HsEmv039504@freefall.freebsd.org> To: remko@FreeBSD.org, freebsd-i386@FreeBSD.org, freebsd-net@FreeBSD.org Cc: Subject: Re: i386/95267: packet drops periodically appear X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 04 Apr 2006 17:54:14 -0000 Synopsis: packet drops periodically appear Responsible-Changed-From-To: freebsd-i386->freebsd-net Responsible-Changed-By: remko Responsible-Changed-When: Tue Apr 4 17:53:46 UTC 2006 Responsible-Changed-Why: This seems more like an networking bug then a i386 specific bug. Set it to the correct maintainer. http://www.freebsd.org/cgi/query-pr.cgi?pr=95267 From owner-freebsd-net@FreeBSD.ORG Wed Apr 5 15:48:01 2006 Return-Path: X-Original-To: freebsd-net@FreeBSD.ORG Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4C40116A400 for ; Wed, 5 Apr 2006 15:48:01 +0000 (UTC) (envelope-from olli@lurza.secnetix.de) Received: from lurza.secnetix.de (lurza.secnetix.de [83.120.8.8]) by mx1.FreeBSD.org (Postfix) with ESMTP id A561543D55 for ; Wed, 5 Apr 2006 15:47:55 +0000 (GMT) (envelope-from olli@lurza.secnetix.de) Received: from lurza.secnetix.de (uxoxqv@localhost [127.0.0.1]) by lurza.secnetix.de (8.13.4/8.13.4) with ESMTP id k35Flmog054690 for ; Wed, 5 Apr 2006 17:47:53 +0200 (CEST) (envelope-from oliver.fromme@secnetix.de) Received: (from olli@localhost) by lurza.secnetix.de (8.13.4/8.13.1/Submit) id k35FlmPS054689; Wed, 5 Apr 2006 17:47:48 +0200 (CEST) (envelope-from olli) Date: Wed, 5 Apr 2006 17:47:48 +0200 (CEST) Message-Id: <200604051547.k35FlmPS054689@lurza.secnetix.de> From: Oliver Fromme To: freebsd-net@FreeBSD.ORG X-Newsgroups: list.freebsd-net User-Agent: tin/1.8.0-20051224 ("Ronay") (UNIX) (FreeBSD/4.11-STABLE (i386)) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.1.2 (lurza.secnetix.de [127.0.0.1]); Wed, 05 Apr 2006 17:47:53 +0200 (CEST) Cc: Subject: qemu + 802.1Q VLANs X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: freebsd-net@FreeBSD.ORG List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Apr 2006 15:48:01 -0000 Hi, I'm running FreeBSD/i386 RELENG_6 as a guest within qemu on a FreeBSD host. Guest and host are connected through the usual tap0/ed0 virtual ethernet. The host receives an 802.1Q VLAN trunk from a VLAN-capable Cisco switch, and uses several VLANs from within that trunk. I would like to access some of the VLANs from the guest OS running in qemu, too, but haven't been able to find out how to do that. So, here's the question: Is it possible to "forward" a VLAN trunk into a qemu guest somehow, so that both host and guest can use VLANs from it? Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd Any opinions expressed in this message may be personal to the author and may not necessarily reflect the opinions of secnetix in any way. I suggested holding a "Python Object Oriented Programming Seminar", but the acronym was unpopular. -- Joseph Strout From owner-freebsd-net@FreeBSD.ORG Thu Apr 6 14:43:40 2006 Return-Path: X-Original-To: net@FreeBSD.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E853516A426 for ; Thu, 6 Apr 2006 14:43:40 +0000 (UTC) (envelope-from glebius@FreeBSD.org) Received: from cell.sick.ru (cell.sick.ru [217.72.144.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id DDE4D43D76 for ; Thu, 6 Apr 2006 14:43:36 +0000 (GMT) (envelope-from glebius@FreeBSD.org) Received: from cell.sick.ru (glebius@localhost [127.0.0.1]) by cell.sick.ru (8.13.4/8.13.3) with ESMTP id k36EhUwc001552 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 6 Apr 2006 18:43:31 +0400 (MSD) (envelope-from glebius@FreeBSD.org) Received: (from glebius@localhost) by cell.sick.ru (8.13.4/8.13.1/Submit) id k36EhUVF001551 for net@FreeBSD.org; Thu, 6 Apr 2006 18:43:30 +0400 (MSD) (envelope-from glebius@FreeBSD.org) X-Authentication-Warning: cell.sick.ru: glebius set sender to glebius@FreeBSD.org using -f Date: Thu, 6 Apr 2006 18:43:30 +0400 From: Gleb Smirnoff To: net@FreeBSD.org Message-ID: <20060406144330.GJ84736@bestcom.ru> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="ZoaI/ZTpAVc4A5k6" Content-Disposition: inline User-Agent: Mutt/1.5.6i Cc: Subject: testing required: ti(4) NIC X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Apr 2006 14:43:41 -0000 --ZoaI/ZTpAVc4A5k6 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Dear colleagues, together with Pyun we have prepared a patch, that should make ti(4) interface announce its link status to upper network layers. This is important for some network protocols, e.g. routing daemons and CARP. The patch also fixes driver to change if_baudrate status when link speed changes. This is important for correct operation of bsnmpd. We need to find a volunteer, who can spend some time and test the patch. If you can help, please reply. The patch is attached to this message. -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE --ZoaI/ZTpAVc4A5k6 Content-Type: text/plain; charset=koi8-r Content-Disposition: attachment; filename="ti.diff" Index: if_ti.c =================================================================== RCS file: /home/ncvs/src/sys/dev/ti/if_ti.c,v retrieving revision 1.122 diff -u -r1.122 if_ti.c --- if_ti.c 3 Jan 2006 06:14:07 -0000 1.122 +++ if_ti.c 6 Apr 2006 14:33:29 -0000 @@ -949,6 +949,7 @@ struct ti_softc *sc; { struct ti_event_desc *e; + struct ifnet *ifp = sc->ti_ifp; if (sc->ti_rdata->ti_event_ring == NULL) return; @@ -958,12 +959,32 @@ switch (TI_EVENT_EVENT(e)) { case TI_EV_LINKSTAT_CHANGED: sc->ti_linkstat = TI_EVENT_CODE(e); - if (sc->ti_linkstat == TI_EV_CODE_LINK_UP) - if_printf(sc->ti_ifp, "10/100 link up\n"); - else if (sc->ti_linkstat == TI_EV_CODE_GIG_LINK_UP) - if_printf(sc->ti_ifp, "gigabit link up\n"); - else if (sc->ti_linkstat == TI_EV_CODE_LINK_DOWN) - if_printf(sc->ti_ifp, "link down\n"); + switch (sc->ti_linkstat) { + case TI_EV_CODE_LINK_UP: + case TI_EV_CODE_GIG_LINK_UP: + { + struct ifmediareq ifmr; + + if (bootverbose) + if_printf(ifp, "%s link up\n", + sc->ti_linkstat == + TI_EV_CODE_LINK_UP ? "10/100" : + "gigabit"); + bzero(&ifmr, sizeof(ifmr)); + ti_ifmedia_sts(ifp, &ifmr); + ifp->if_baudrate = + ifmedia_baudrate(ifmr.ifm_active); + if_link_state_change(ifp, LINK_STATE_UP); + break; + } + case TI_EV_CODE_LINK_DOWN: + ifp->if_baudrate = 0; + if_link_state_change(ifp, LINK_STATE_DOWN); + break; + default: + if_printf(ifp, "unknown link state code %d\n", + sc->ti_linkstat); + } break; case TI_EV_ERROR: if (TI_EVENT_CODE(e) == TI_EV_CODE_ERR_INVAL_CMD) --ZoaI/ZTpAVc4A5k6-- From owner-freebsd-net@FreeBSD.ORG Thu Apr 6 20:21:08 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8E5CC16A425 for ; Thu, 6 Apr 2006 20:21:08 +0000 (UTC) (envelope-from nielsen-list@memberwebs.com) Received: from mail.npubs.com (mail.npubs.com [209.66.100.224]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1D13543D60 for ; Thu, 6 Apr 2006 20:21:03 +0000 (GMT) (envelope-from nielsen-list@memberwebs.com) From: Nate Nielsen User-Agent: Mozilla Thunderbird 1.0.7 (X11/20051013) X-Accept-Language: en-us, en MIME-Version: 1.0 To: "freebsd-net@FreeBSD.org" Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Message-Id: <20060406202102.B9CCBDCACC2@mail.npubs.com> X-Virus-Scanned: ClamAV using ClamSMTP Date: Thu, 6 Apr 2006 20:21:03 +0000 (GMT) Subject: bsnmp-regex SNMP module X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: nielsen@memberwebs.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Apr 2006 20:21:08 -0000 A thousand apologies if announcing this here is inappropriate, but since it's related to FreeBSD's very own bsnmpd... bsnmp-regex is an SNMP module that allows one to create arbitrary counters from logs, program output or other text. If you're interested: http://memberwebs.com/nielsen/software/bsnmp-regex/ Cheers, Nate From owner-freebsd-net@FreeBSD.ORG Thu Apr 6 20:40:17 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C6C4916A4A7 for ; Thu, 6 Apr 2006 20:40:17 +0000 (UTC) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from transport.cksoft.de (transport.cksoft.de [62.111.66.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0925443D66 for ; Thu, 6 Apr 2006 20:40:09 +0000 (GMT) (envelope-from bzeeb-lists@lists.zabbadoz.net) Received: from transport.cksoft.de (localhost [127.0.0.1]) by transport.cksoft.de (Postfix) with ESMTP id BDE0F2000C1; Thu, 6 Apr 2006 22:40:08 +0200 (CEST) Received: by transport.cksoft.de (Postfix, from userid 66) id AF0442000AE; Thu, 6 Apr 2006 22:40:05 +0200 (CEST) Received: from maildrop.int.zabbadoz.net (maildrop.int.zabbadoz.net [10.111.66.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.int.zabbadoz.net (Postfix) with ESMTP id 0386E444F41; Thu, 6 Apr 2006 20:38:12 +0000 (UTC) Date: Thu, 6 Apr 2006 20:38:11 +0000 (UTC) From: "Bjoern A. Zeeb" X-X-Sender: bz@maildrop.int.zabbadoz.net To: nielsen@memberwebs.com In-Reply-To: <20060406202102.B9CCBDCACC2@mail.npubs.com> Message-ID: <20060406203653.L30410@maildrop.int.zabbadoz.net> References: <20060406202102.B9CCBDCACC2@mail.npubs.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Virus-Scanned: by AMaViS cksoft-s20020300-20031204bz on transport.cksoft.de Cc: "freebsd-net@FreeBSD.org" Subject: Re: bsnmp-regex SNMP module X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Apr 2006 20:40:17 -0000 On Thu, 6 Apr 2006, Nate Nielsen wrote: > A thousand apologies if announcing this here is inappropriate, but since > it's related to FreeBSD's very own bsnmpd... > > bsnmp-regex is an SNMP module that allows one to create arbitrary > counters from logs, program output or other text. > > If you're interested: > http://memberwebs.com/nielsen/software/bsnmp-regex/ could you make it a port and submit it? -- Bjoern A. Zeeb bzeeb at Zabbadoz dot NeT From owner-freebsd-net@FreeBSD.ORG Thu Apr 6 20:43:38 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 762AC16A404 for ; Thu, 6 Apr 2006 20:43:38 +0000 (UTC) (envelope-from sullrich@gmail.com) Received: from pproxy.gmail.com (pproxy.gmail.com [64.233.166.179]) by mx1.FreeBSD.org (Postfix) with ESMTP id 02A0643D8B for ; Thu, 6 Apr 2006 20:43:37 +0000 (GMT) (envelope-from sullrich@gmail.com) Received: by pproxy.gmail.com with SMTP id e30so287037pya for ; Thu, 06 Apr 2006 13:43:37 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=WB1DT9PT1Rc7yzM2cfNojn+tgfTHkEeH6P8MdDd5g70aKA5vfU+06Lz0la/uyPZfWoKp1/WC1xmk9+aUNmKkJj7QXI5cV2x1RpzfYezoNZqK+3rTPv/LoY3xBOJ+phJXd9ZleweUOfduITHtxbGGJ6XZeBZYLVJff2dHjdDAL/o= Received: by 10.35.88.17 with SMTP id q17mr67087pyl; Thu, 06 Apr 2006 13:43:36 -0700 (PDT) Received: by 10.35.94.5 with HTTP; Thu, 6 Apr 2006 13:43:36 -0700 (PDT) Message-ID: Date: Thu, 6 Apr 2006 16:43:36 -0400 From: "Scott Ullrich" To: nielsen@memberwebs.com In-Reply-To: <20060406202102.B9CCBDCACC2@mail.npubs.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <20060406202102.B9CCBDCACC2@mail.npubs.com> Cc: "freebsd-net@FreeBSD.org" Subject: Re: bsnmp-regex SNMP module X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Apr 2006 20:43:38 -0000 On 4/6/06, Nate Nielsen wrote: > A thousand apologies if announcing this here is inappropriate, but since > it's related to FreeBSD's very own bsnmpd... > > bsnmp-regex is an SNMP module that allows one to create arbitrary > counters from logs, program output or other text. > > If you're interested: > http://memberwebs.com/nielsen/software/bsnmp-regex/ Hey that's really cool! We can put this to use in pfSense for a number of tasks! Thanks for mentioning it, I had no clue it existed. Scott From owner-freebsd-net@FreeBSD.ORG Thu Apr 6 23:48:59 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B319216A402 for ; Thu, 6 Apr 2006 23:48:59 +0000 (UTC) (envelope-from jfvogel@gmail.com) Received: from pproxy.gmail.com (pproxy.gmail.com [64.233.166.183]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4FE1643D46 for ; Thu, 6 Apr 2006 23:48:59 +0000 (GMT) (envelope-from jfvogel@gmail.com) Received: by pproxy.gmail.com with SMTP id t32so386250pyc for ; Thu, 06 Apr 2006 16:48:58 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=LXe9TiJgNgQ++rCqRp3lrvQ9AM1xv+q9+0ZNdnebwtGQuTk1Nz/WGHUQaFlQtWt7DjIYSrdRG63HOEJAaEqkOMzpWhWWfPn5kcPyXXJD56Sr6SqlYMP7SwUfjV3LSdsE0k6TpiZomRlGNU0shQ0QqQ6OCy0YqRGVKeOmcaT8QtQ= Received: by 10.35.76.9 with SMTP id d9mr1828846pyl; Thu, 06 Apr 2006 16:48:58 -0700 (PDT) Received: by 10.35.36.5 with HTTP; Thu, 6 Apr 2006 16:48:58 -0700 (PDT) Message-ID: <2a41acea0604061648g83646aeme8792b6cf27f61b5@mail.gmail.com> Date: Thu, 6 Apr 2006 16:48:58 -0700 From: "Jack Vogel" To: freebsd-net MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Subject: using uipc_jumbo.c X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Apr 2006 23:48:59 -0000 At the moment I am making Packet Split work for the em driver, but in a quick look around I cant see how the uipc_jumbo code gets compiled. I realize its been wedded to the ti driver, but I want to build and link against the kernel code without that driver. Anyone who understands all the inner workings of the build system want to give me a quick answer on the best way to do this? I mean I could probably heavy-handedly whack the Makefile, but I want the way to do it that would be 'correct' :) Cheers, Jack From owner-freebsd-net@FreeBSD.ORG Fri Apr 7 00:26:51 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6465016A403 for ; Fri, 7 Apr 2006 00:26:51 +0000 (UTC) (envelope-from jmg@hydrogen.funkthat.com) Received: from hydrogen.funkthat.com (gate.funkthat.com [69.17.45.168]) by mx1.FreeBSD.org (Postfix) with ESMTP id 012FB43D53 for ; Fri, 7 Apr 2006 00:26:48 +0000 (GMT) (envelope-from jmg@hydrogen.funkthat.com) Received: from hydrogen.funkthat.com (f86u1q0509l3f0yd@localhost.funkthat.com [127.0.0.1]) by hydrogen.funkthat.com (8.13.4/8.13.3) with ESMTP id k370QmZM064939; Thu, 6 Apr 2006 17:26:48 -0700 (PDT) (envelope-from jmg@hydrogen.funkthat.com) Received: (from jmg@localhost) by hydrogen.funkthat.com (8.13.4/8.13.3/Submit) id k370QmSL064938; Thu, 6 Apr 2006 17:26:48 -0700 (PDT) (envelope-from jmg) Date: Thu, 6 Apr 2006 17:26:48 -0700 From: John-Mark Gurney To: Jack Vogel Message-ID: <20060407002647.GT53811@funkthat.com> Mail-Followup-To: Jack Vogel , freebsd-net References: <2a41acea0604061648g83646aeme8792b6cf27f61b5@mail.gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <2a41acea0604061648g83646aeme8792b6cf27f61b5@mail.gmail.com> User-Agent: Mutt/1.4.2.1i X-Operating-System: FreeBSD 5.4-RELEASE-p6 i386 X-PGP-Fingerprint: B7 EC EF F8 AE ED A7 31 96 7A 22 B3 D8 56 36 F4 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html Cc: freebsd-net Subject: Re: using uipc_jumbo.c X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: John-Mark Gurney List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 00:26:51 -0000 Jack Vogel wrote this message on Thu, Apr 06, 2006 at 16:48 -0700: > At the moment I am making Packet Split work for the em driver, but > in a quick look around I cant see how the uipc_jumbo code gets > compiled. I realize its been wedded to the ti driver, but I want to > build and link against the kernel code without that driver. > > Anyone who understands all the inner workings of the build system > want to give me a quick answer on the best way to do this? I mean > I could probably heavy-handedly whack the Makefile, but I want > the way to do it that would be 'correct' :) uipc_jumbo has been retired.. you should use the mbuf jumbo api instead... You just need to provide MJUMPAGESIZE, MJUM9BYTES, or MJUM16BYTES to m_getjcl to get the buffer... It appears that it hasn't been documented in the mbuf(9) manpage yet though.. -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." From owner-freebsd-net@FreeBSD.ORG Fri Apr 7 00:33:57 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0BCB916A400 for ; Fri, 7 Apr 2006 00:33:57 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outbound7.internet-mail-service.net (outbound7.internet-mail-service.net [216.240.47.198]) by mx1.FreeBSD.org (Postfix) with ESMTP id B5EEB43D48 for ; Fri, 7 Apr 2006 00:33:55 +0000 (GMT) (envelope-from julian@elischer.org) Received: from idiom.com (idiom.com [216.240.32.1]) by outbound.internet-mail-service.net (Postfix) with ESMTP id E158B249BA6; Thu, 6 Apr 2006 17:33:54 -0700 (PDT) Received: from [10.251.19.131] (nat.ironport.com [63.251.108.100]) by idiom.com (8.12.11/8.12.11) with ESMTP id k370XsUX025204; Thu, 6 Apr 2006 17:33:54 -0700 (PDT) (envelope-from julian@elischer.org) Message-ID: <4435B36B.4080608@elischer.org> Date: Thu, 06 Apr 2006 17:33:47 -0700 From: Julian Elischer User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.12) Gecko/20050915 X-Accept-Language: en-us, en MIME-Version: 1.0 To: John-Mark Gurney References: <2a41acea0604061648g83646aeme8792b6cf27f61b5@mail.gmail.com> <20060407002647.GT53811@funkthat.com> In-Reply-To: <20060407002647.GT53811@funkthat.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net , Jack Vogel Subject: Re: using uipc_jumbo.c X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 00:33:57 -0000 John-Mark Gurney wrote: >Jack Vogel wrote this message on Thu, Apr 06, 2006 at 16:48 -0700: > > >>At the moment I am making Packet Split work for the em driver, but >>in a quick look around I cant see how the uipc_jumbo code gets >>compiled. I realize its been wedded to the ti driver, but I want to >>build and link against the kernel code without that driver. >> >>Anyone who understands all the inner workings of the build system >>want to give me a quick answer on the best way to do this? I mean >>I could probably heavy-handedly whack the Makefile, but I want >>the way to do it that would be 'correct' :) >> >> > >uipc_jumbo has been retired.. you should use the mbuf jumbo api >instead... You just need to provide MJUMPAGESIZE, MJUM9BYTES, or >MJUM16BYTES to m_getjcl to get the buffer... It appears that it >hasn't been documented in the mbuf(9) manpage yet though.. > > though as you are probably trying to make a driver that runs on older kernels too, that's probably not great news. From owner-freebsd-net@FreeBSD.ORG Fri Apr 7 00:36:58 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D2F5F16A40B for ; Fri, 7 Apr 2006 00:36:58 +0000 (UTC) (envelope-from amit.freebsd@gmail.com) Received: from pproxy.gmail.com (pproxy.gmail.com [64.233.166.179]) by mx1.FreeBSD.org (Postfix) with ESMTP id 69A3443D45 for ; Fri, 7 Apr 2006 00:36:53 +0000 (GMT) (envelope-from amit.freebsd@gmail.com) Received: by pproxy.gmail.com with SMTP id t32so393195pyc for ; Thu, 06 Apr 2006 17:36:52 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type; b=imwmtGBYzpzFul3Kyq9gHAXlq28lg+aGcqZHuBn+TE12SkmJKlb5/7aQXjup1eIJ57JmK0KxtCSz1livBOeQGwa6QmfJwC9N6bo7UT+JkZkqE0NPk8YqZnfJ1TS5mtOAfFBcdLVSEVP8tQd8JBv/hnmx5Zkj2qAa+GHPuBPisEc= Received: by 10.35.100.6 with SMTP id c6mr54484pym; Thu, 06 Apr 2006 17:36:52 -0700 (PDT) Received: by 10.35.122.10 with HTTP; Thu, 6 Apr 2006 17:36:52 -0700 (PDT) Message-ID: Date: Thu, 6 Apr 2006 19:36:52 -0500 From: "Amit Mondal" To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: freeBSD tcp enhancement X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 00:36:58 -0000 Hi All, I am a newbie to freeBSD. I am trying to modify freeBSD tcp for some security ehancement. Could anyone pls point me to how/where to start or any suitable material/tutorial to start with. Thanks in advance Amit From owner-freebsd-net@FreeBSD.ORG Fri Apr 7 01:10:36 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6199416A403 for ; Fri, 7 Apr 2006 01:10:36 +0000 (UTC) (envelope-from jfvogel@gmail.com) Received: from pproxy.gmail.com (pproxy.gmail.com [64.233.166.183]) by mx1.FreeBSD.org (Postfix) with ESMTP id BC0DA43D4C for ; Fri, 7 Apr 2006 01:10:35 +0000 (GMT) (envelope-from jfvogel@gmail.com) Received: by pproxy.gmail.com with SMTP id t32so398138pyc for ; Thu, 06 Apr 2006 18:10:35 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=tJeMxA+mYu0CWBkwzc6WGgmd+ebdR668HPd/NlwqBt3sBtNfPSYY+qHd8TDY53ghUM6ojcmD0mdnR+bgN3bstxROCxNwy8VexmK2cugQL26snMJ67BuI4VTTuy4qa4qCz/3MEMeNKxTn7mZaSMqhxB7qVe0sY4efNzEGDXEHvnM= Received: by 10.35.97.17 with SMTP id z17mr1693233pyl; Thu, 06 Apr 2006 18:10:35 -0700 (PDT) Received: by 10.35.36.5 with HTTP; Thu, 6 Apr 2006 18:10:35 -0700 (PDT) Message-ID: <2a41acea0604061810l7ea13bbch50397a6d33bcd906@mail.gmail.com> Date: Thu, 6 Apr 2006 18:10:35 -0700 From: "Jack Vogel" To: "Julian Elischer" In-Reply-To: <4435B36B.4080608@elischer.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <2a41acea0604061648g83646aeme8792b6cf27f61b5@mail.gmail.com> <20060407002647.GT53811@funkthat.com> <4435B36B.4080608@elischer.org> Cc: freebsd-net , John-Mark Gurney Subject: Re: using uipc_jumbo.c X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 01:10:36 -0000 On 4/6/06, Julian Elischer wrote: > John-Mark Gurney wrote: > > >Jack Vogel wrote this message on Thu, Apr 06, 2006 at 16:48 -0700: > > > > > >>At the moment I am making Packet Split work for the em driver, but > >>in a quick look around I cant see how the uipc_jumbo code gets > >>compiled. I realize its been wedded to the ti driver, but I want to > >>build and link against the kernel code without that driver. > >> > >>Anyone who understands all the inner workings of the build system > >>want to give me a quick answer on the best way to do this? I mean > >>I could probably heavy-handedly whack the Makefile, but I want > >>the way to do it that would be 'correct' :) > >> > >> > > > >uipc_jumbo has been retired.. you should use the mbuf jumbo api > >instead... You just need to provide MJUMPAGESIZE, MJUM9BYTES, or > >MJUM16BYTES to m_getjcl to get the buffer... It appears that it > >hasn't been documented in the mbuf(9) manpage yet though.. > > > > > though as you are probably trying to make a driver that runs on older > kernels too, > that's probably not great news. define 'older' :) I am using 6.x for this, no requirements that it run on earlier, does that have this, or is this CURRENT only? Thanks for the info though, Jack From owner-freebsd-net@FreeBSD.ORG Fri Apr 7 01:58:43 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DF7DB16A406 for ; Fri, 7 Apr 2006 01:58:43 +0000 (UTC) (envelope-from jmg@hydrogen.funkthat.com) Received: from hydrogen.funkthat.com (gate.funkthat.com [69.17.45.168]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3596C43D45 for ; Fri, 7 Apr 2006 01:58:43 +0000 (GMT) (envelope-from jmg@hydrogen.funkthat.com) Received: from hydrogen.funkthat.com (rmlkyawrdu899aew@localhost.funkthat.com [127.0.0.1]) by hydrogen.funkthat.com (8.13.4/8.13.3) with ESMTP id k371wfgk066963; Thu, 6 Apr 2006 18:58:41 -0700 (PDT) (envelope-from jmg@hydrogen.funkthat.com) Received: (from jmg@localhost) by hydrogen.funkthat.com (8.13.4/8.13.3/Submit) id k371wf1h066962; Thu, 6 Apr 2006 18:58:41 -0700 (PDT) (envelope-from jmg) Date: Thu, 6 Apr 2006 18:58:41 -0700 From: John-Mark Gurney To: Jack Vogel Message-ID: <20060407015841.GV53811@funkthat.com> Mail-Followup-To: Jack Vogel , Julian Elischer , freebsd-net References: <2a41acea0604061648g83646aeme8792b6cf27f61b5@mail.gmail.com> <20060407002647.GT53811@funkthat.com> <4435B36B.4080608@elischer.org> <2a41acea0604061810l7ea13bbch50397a6d33bcd906@mail.gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <2a41acea0604061810l7ea13bbch50397a6d33bcd906@mail.gmail.com> User-Agent: Mutt/1.4.2.1i X-Operating-System: FreeBSD 5.4-RELEASE-p6 i386 X-PGP-Fingerprint: B7 EC EF F8 AE ED A7 31 96 7A 22 B3 D8 56 36 F4 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html Cc: freebsd-net , Julian Elischer Subject: Re: using uipc_jumbo.c X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: John-Mark Gurney List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 01:58:44 -0000 Jack Vogel wrote this message on Thu, Apr 06, 2006 at 18:10 -0700: > On 4/6/06, Julian Elischer wrote: > > John-Mark Gurney wrote: > > > > >Jack Vogel wrote this message on Thu, Apr 06, 2006 at 16:48 -0700: > > > > > > > > >>At the moment I am making Packet Split work for the em driver, but > > >>in a quick look around I cant see how the uipc_jumbo code gets > > >>compiled. I realize its been wedded to the ti driver, but I want to > > >>build and link against the kernel code without that driver. > > >> > > >>Anyone who understands all the inner workings of the build system > > >>want to give me a quick answer on the best way to do this? I mean > > >>I could probably heavy-handedly whack the Makefile, but I want > > >>the way to do it that would be 'correct' :) > > >> > > >> > > > > > >uipc_jumbo has been retired.. you should use the mbuf jumbo api > > >instead... You just need to provide MJUMPAGESIZE, MJUM9BYTES, or > > >MJUM16BYTES to m_getjcl to get the buffer... It appears that it > > >hasn't been documented in the mbuf(9) manpage yet though.. > > > > > > > > though as you are probably trying to make a driver that runs on older > > kernels too, > > that's probably not great news. > > define 'older' :) > > I am using 6.x for this, no requirements that it run on earlier, > does that have this, or is this CURRENT only? nope, it looks like the m_getjcl was merged into RELENG_6, it wasn't in 6.0-R, but will be in 6.1-R... Since mbuf.h is where m_getjcl is declared, I just checked: http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/sys/mbuf.h -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." From owner-freebsd-net@FreeBSD.ORG Fri Apr 7 07:25:15 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5C6DC16A403 for ; Fri, 7 Apr 2006 07:25:15 +0000 (UTC) (envelope-from nielsen@memberwebs.com) Received: from mail.npubs.com (mail.npubs.com [209.66.100.224]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2D79843D45 for ; Fri, 7 Apr 2006 07:25:15 +0000 (GMT) (envelope-from nielsen@memberwebs.com) From: Nate Nielsen User-Agent: Mozilla Thunderbird 1.0.7 (X11/20051013) X-Accept-Language: en-us, en MIME-Version: 1.0 To: "freebsd-net@FreeBSD.org" References: <20060406202102.B9CCBDCACC2@mail.npubs.com> <20060406203653.L30410@maildrop.int.zabbadoz.net> X-Enigmail-Version: 0.92.0.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Message-Id: <20060407072514.56BCDDCACDB@mail.npubs.com> X-Virus-Scanned: ClamAV using ClamSMTP Date: Fri, 7 Apr 2006 07:25:14 +0000 (GMT) Cc: "Bjoern A. Zeeb" Subject: Re: bsnmp-regex SNMP module X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 07:25:15 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Bjoern A. Zeeb wrote: > On Thu, 6 Apr 2006, Nate Nielsen wrote: > >> A thousand apologies if announcing this here is inappropriate, but since >> it's related to FreeBSD's very own bsnmpd... >> >> bsnmp-regex is an SNMP module that allows one to create arbitrary >> counters from logs, program output or other text. >> >> If you're interested: >> http://memberwebs.com/nielsen/software/bsnmp-regex/ > > could you make it a port and submit it? Anyone want to help with the FreeBSD port? Never done a port before. I could figure it out, but I have a bunch more software waiting for me to open source (ie: autotool, document, round out, licensing). A bunch of it is SNMP stuff: * bsnmp-ping module (measures latencies/reachability) * bsnmp-host module (RFC 2790 ie: uptime, cpu load, memory, disks) * rrdbot (lightweight daemon for SNMP -> RRD) * rrdui (lightweight Cheers, Nate -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFENhPNe/sRCNknZa8RAsoTAJ4i3hhE1Fk+X4esbHSGPKRtBRNBLwCg952f xW3KygvH9+6bMW9O7Um53U0= =Dx9j -----END PGP SIGNATURE----- From owner-freebsd-net@FreeBSD.ORG Fri Apr 7 08:09:37 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6000016A400 for ; Fri, 7 Apr 2006 08:09:37 +0000 (UTC) (envelope-from bu7cher@yandex.ru) Received: from mgat.rdu.kirov.ru (mgat.rdu.kirov.ru [85.93.37.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id 326A443D49 for ; Fri, 7 Apr 2006 08:09:35 +0000 (GMT) (envelope-from bu7cher@yandex.ru) Received: from kirov.so-cdu.ru (kirov [172.21.81.1]) by mail.rdu.kirov.ru (Postfix) with ESMTP id A2D6E33B5B; Fri, 7 Apr 2006 12:09:32 +0400 (MSD) Received: from kirov.so-cdu.ru (localhost [127.0.0.1]) by rdu.kirov.ru (Postfix) with SMTP id A02AE1543E; Fri, 7 Apr 2006 12:09:32 +0400 (MSD) Received: by rdu.kirov.ru (Postfix, from userid 1014) id 4F3591543D; Fri, 7 Apr 2006 12:09:32 +0400 (MSD) Received: from [172.21.81.52] (elsukov.kirov.so-cdu.ru [172.21.81.52]) by rdu.kirov.ru (Postfix) with ESMTP id 39A56152A9; Fri, 7 Apr 2006 12:09:32 +0400 (MSD) Message-ID: <44361E3C.9040302@yandex.ru> Date: Fri, 07 Apr 2006 12:09:32 +0400 From: "Andrey V. Elsukov" User-Agent: Mozilla Thunderbird 1.5 (FreeBSD/20051231) MIME-Version: 1.0 To: Nate Nielsen References: <20060406202102.B9CCBDCACC2@mail.npubs.com> <20060406203653.L30410@maildrop.int.zabbadoz.net> <20060407072514.56BCDDCACDB@mail.npubs.com> In-Reply-To: <20060407072514.56BCDDCACDB@mail.npubs.com> Content-Type: text/plain; charset=KOI8-R; format=flowed Content-Transfer-Encoding: 7bit Cc: "freebsd-net@FreeBSD.org" , "Bjoern A. Zeeb" Subject: Re: bsnmp-regex SNMP module X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 08:09:37 -0000 Nate Nielsen wrote: > Anyone want to help with the FreeBSD port? I can try to include this module as optional part of net-mgmt/bsnmpd. -- WBR, Andrey V. Elsukov From owner-freebsd-net@FreeBSD.ORG Fri Apr 7 08:18:06 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0F8DA16A400 for ; Fri, 7 Apr 2006 08:18:06 +0000 (UTC) (envelope-from mirrormaster@solnet.ch) Received: from mail01.solnet.ch (mail01.solnet.ch [212.101.4.135]) by mx1.FreeBSD.org (Postfix) with ESMTP id A87FC43D45 for ; Fri, 7 Apr 2006 08:18:05 +0000 (GMT) (envelope-from mirrormaster@solnet.ch) Received: from [192.168.1.100] (unknown [82.220.17.23]) by mail01.solnet.ch (Postfix) with ESMTP id 8215C62161; Fri, 7 Apr 2006 08:18:02 +0000 (GMT) Message-ID: <4436201C.2020107@solnet.ch> Date: Fri, 07 Apr 2006 10:17:32 +0200 From: Thomas User-Agent: Thunderbird 1.5 (Macintosh/20051201) MIME-Version: 1.0 To: freebsd-net@freebsd.org, boris@tagnet.ru Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new at mail01.solnet.ch Cc: Subject: problem with quagga 0.99.3 with freebsd 6.1-prerelease X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 08:18:06 -0000 Hi I have a strange behavior with the latest quagga 0.99.3 from the ports. Zebra set all ips when quagga is started but it doesn't display them "show run" on the management console (vytsh). Perhaps someone can confirm this? Details: System: 6.1-PRERELEASE #2: Thu Apr 6 23:04:50 UTC 2006, RELENG_6 src was last updated on April 6. Quagga 0.99.3 from the ports with all features enabled and with --localstatedir=/usr/local/mydir/quagga/ The System is running on a flash card. my make.conf NO_ACPI= NO_ATM= NO_AUTHPF= NO_BLUETOOTH= NO_CVS= NO_DICT= NO_FORTRAN= NO_GAMES= NO_GDB= NO_INFO= NO_LPR= NO_MODULES= NO_PF= NO_PROFILE= NO_RCMDS= NO_SHARE= NO_SHAREDOCS= NO_USB= NO_BIND_DNSSEC= NO_BIND_ETC= NO_BIND_LIBS_LWRES= NO_BIND_MTREE= NO_BIND_NAMED= # added by use.perl 2006-04-05 12:21:54 PERL_VER=5.8.8 PERL_VERSION=5.8.8 my rc.conf ifconfig_em0="up mtu 1546 polling" ifconfig_em1="up mtu 1546 polling" quagga_enable="YES" Quagga starts and all Interfaces get the correct IP addresses set by zebra.conf. ifconfig after boot: em1: flags=8843 mtu 1546 options=4b inet6 fe80::230:48ff:fe2c:6b5d%em1 prefixlen 64 scopeid 0x2 inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255 ifconfig on the system ist correct. But as you see the vtysh output from zebra doesn't show any ip (192.168.0.1/24) for em1; vtysh output with "show run": interface em1 bandwidth 1000000 description VLAN4 ip ospf cost 55 ipv6 nd suppress-ra link-detect Show the zebra.conf file: interface em1 description VLAN4 bandwidth 1000000 link-detect ip address 192.168.0.1/24 <----- IP is here ipv6 nd suppress-ra Second part. If i restart zebra, the IPs are shown in the vtysh mode. Now I try to change the ip from 192.168.0.1/24 to 192.168.1.1/24 vtysh: conf t (config)# interface em1 (config-if)# ip address 192.168.1.1/24 (config-if)# exit (config)# exit #show run interface em1 bandwidth 1000000 description VLAN4 ip address 192.168.0.1/24 ip ospf cost 55 ipv6 nd suppress-ra zebra still shows the old IP address. System ifconfig displays: em1: flags=8843 mtu 1546 options=4b inet6 fe80::230:48ff:fe2c:6b5d%em1 prefixlen 64 scopeid 0x2 inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255 inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255 You see both IPs are added on the system If I repeat this step then zebra shows me the new one too: interface em1 bandwidth 1000000 description VLAN4 ip address 192.168.0.1/24 ip address 192.168.1.1/24 ip ospf cost 55 If zebra doesn't show the correct or any IP and you do a "wr mem" it will save the wrong ip's or non ip to the config file. All your configs are gone!. I don't have this problem on the same system with quagga 0.98.5. Cheers, Thomas From owner-freebsd-net@FreeBSD.ORG Fri Apr 7 08:41:10 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4470816A402 for ; Fri, 7 Apr 2006 08:41:10 +0000 (UTC) (envelope-from Hartmut.Brandt@dlr.de) Received: from smtp-1.dlr.de (smtp-1.dlr.de [195.37.61.185]) by mx1.FreeBSD.org (Postfix) with ESMTP id A6D8F43D53 for ; Fri, 7 Apr 2006 08:41:09 +0000 (GMT) (envelope-from Hartmut.Brandt@dlr.de) Received: from beagle.kn.op.dlr.de ([129.247.173.6]) by smtp-1.dlr.de over TLS secured channel with Microsoft SMTPSVC(6.0.3790.1830); Fri, 7 Apr 2006 10:41:07 +0200 Date: Fri, 7 Apr 2006 10:41:08 +0200 (CEST) From: Harti Brandt X-X-Sender: brandt_h@beagle.kn.op.dlr.de To: Nate Nielsen In-Reply-To: <20060407072514.56BCDDCACDB@mail.npubs.com> Message-ID: <20060407104021.I57973@beagle.kn.op.dlr.de> References: <20060406202102.B9CCBDCACC2@mail.npubs.com> <20060406203653.L30410@maildrop.int.zabbadoz.net> <20060407072514.56BCDDCACDB@mail.npubs.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-OriginalArrivalTime: 07 Apr 2006 08:41:07.0978 (UTC) FILETIME=[03BC0EA0:01C65A1F] Cc: "freebsd-net@FreeBSD.org" , "Bjoern A. Zeeb" Subject: Re: bsnmp-regex SNMP module X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Harti Brandt List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 08:41:10 -0000 On Fri, 7 Apr 2006, Nate Nielsen wrote: NN>-----BEGIN PGP SIGNED MESSAGE----- NN>Hash: SHA1 NN> NN>Bjoern A. Zeeb wrote: NN>> On Thu, 6 Apr 2006, Nate Nielsen wrote: NN>> NN>>> A thousand apologies if announcing this here is inappropriate, but since NN>>> it's related to FreeBSD's very own bsnmpd... NN>>> NN>>> bsnmp-regex is an SNMP module that allows one to create arbitrary NN>>> counters from logs, program output or other text. NN>>> NN>>> If you're interested: NN>>> http://memberwebs.com/nielsen/software/bsnmp-regex/ NN>> NN>> could you make it a port and submit it? NN> NN>Anyone want to help with the FreeBSD port? NN> NN>Never done a port before. I could figure it out, but I have a bunch more NN>software waiting for me to open source (ie: autotool, document, round NN>out, licensing). NN> NN>A bunch of it is SNMP stuff: NN> * bsnmp-ping module (measures latencies/reachability) NN> * bsnmp-host module (RFC 2790 ie: uptime, cpu load, memory, disks) Is that different from the hostres module we have in the tree? harti From owner-freebsd-net@FreeBSD.ORG Fri Apr 7 08:42:51 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1E1ED16A400 for ; Fri, 7 Apr 2006 08:42:51 +0000 (UTC) (envelope-from Hartmut.Brandt@dlr.de) Received: from smtp-1.dlr.de (smtp-1.dlr.de [195.37.61.185]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2E83F43D76 for ; Fri, 7 Apr 2006 08:42:43 +0000 (GMT) (envelope-from Hartmut.Brandt@dlr.de) Received: from beagle.kn.op.dlr.de ([129.247.173.6]) by smtp-1.dlr.de over TLS secured channel with Microsoft SMTPSVC(6.0.3790.1830); Fri, 7 Apr 2006 10:42:42 +0200 Date: Fri, 7 Apr 2006 10:42:43 +0200 (CEST) From: Harti Brandt X-X-Sender: brandt_h@beagle.kn.op.dlr.de To: "Andrey V. Elsukov" In-Reply-To: <44361E3C.9040302@yandex.ru> Message-ID: <20060407104156.H57973@beagle.kn.op.dlr.de> References: <20060406202102.B9CCBDCACC2@mail.npubs.com> <20060406203653.L30410@maildrop.int.zabbadoz.net> <20060407072514.56BCDDCACDB@mail.npubs.com> <44361E3C.9040302@yandex.ru> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-OriginalArrivalTime: 07 Apr 2006 08:42:42.0916 (UTC) FILETIME=[3C527240:01C65A1F] Cc: "freebsd-net@FreeBSD.org" , Nate Nielsen , "Bjoern A. Zeeb" Subject: Re: bsnmp-regex SNMP module X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Harti Brandt List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 08:42:51 -0000 On Fri, 7 Apr 2006, Andrey V. Elsukov wrote: AVE>Nate Nielsen wrote: AVE>> Anyone want to help with the FreeBSD port? AVE> AVE>I can try to include this module as optional AVE>part of net-mgmt/bsnmpd. That would not help people running current, because the port is only build for version that don't have bsnmpd in the tree. harti From owner-freebsd-net@FreeBSD.ORG Fri Apr 7 08:55:49 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8C20416A400; Fri, 7 Apr 2006 08:55:49 +0000 (UTC) (envelope-from bu7cher@yandex.ru) Received: from mgat.rdu.kirov.ru (mgat.rdu.kirov.ru [85.93.37.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0449943D48; Fri, 7 Apr 2006 08:55:47 +0000 (GMT) (envelope-from bu7cher@yandex.ru) Received: from kirov.so-cdu.ru (kirov [172.21.81.1]) by mail.rdu.kirov.ru (Postfix) with ESMTP id CA8AE33AEE; Fri, 7 Apr 2006 12:55:45 +0400 (MSD) Received: from kirov.so-cdu.ru (localhost [127.0.0.1]) by rdu.kirov.ru (Postfix) with SMTP id B547D1543D; Fri, 7 Apr 2006 12:55:45 +0400 (MSD) Received: by rdu.kirov.ru (Postfix, from userid 1014) id F0B821543C; Fri, 7 Apr 2006 12:55:44 +0400 (MSD) Received: from [172.21.81.52] (elsukov.kirov.so-cdu.ru [172.21.81.52]) by rdu.kirov.ru (Postfix) with ESMTP id B90E2152A9; Fri, 7 Apr 2006 12:55:44 +0400 (MSD) Message-ID: <44362910.3060605@yandex.ru> Date: Fri, 07 Apr 2006 12:55:44 +0400 From: "Andrey V. Elsukov" User-Agent: Mozilla Thunderbird 1.5 (FreeBSD/20051231) MIME-Version: 1.0 To: Harti Brandt References: <20060406202102.B9CCBDCACC2@mail.npubs.com> <20060406203653.L30410@maildrop.int.zabbadoz.net> <20060407072514.56BCDDCACDB@mail.npubs.com> <44361E3C.9040302@yandex.ru> <20060407104156.H57973@beagle.kn.op.dlr.de> In-Reply-To: <20060407104156.H57973@beagle.kn.op.dlr.de> Content-Type: text/plain; charset=KOI8-R; format=flowed Content-Transfer-Encoding: 7bit Cc: "freebsd-net@FreeBSD.org" , Nate Nielsen , "Bjoern A. Zeeb" Subject: Re: bsnmp-regex SNMP module X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 08:55:49 -0000 Harti Brandt wrote: > That would not help people running current, because the port is only build > for version that don't have bsnmpd in the tree. I can make it like bind9, PORT_REPLACES_BASE_BSNMPD :) Can you include all bsnmp modules with bsnmpd sources? -- WBR, Andrey V. Elsukov From owner-freebsd-net@FreeBSD.ORG Fri Apr 7 09:18:38 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0BE7116A404 for ; Fri, 7 Apr 2006 09:18:38 +0000 (UTC) (envelope-from Hartmut.Brandt@dlr.de) Received: from smtp-1.dlr.de (smtp-1.dlr.de [195.37.61.185]) by mx1.FreeBSD.org (Postfix) with ESMTP id 696E143D49 for ; Fri, 7 Apr 2006 09:18:37 +0000 (GMT) (envelope-from Hartmut.Brandt@dlr.de) Received: from beagle.kn.op.dlr.de ([129.247.173.6]) by smtp-1.dlr.de over TLS secured channel with Microsoft SMTPSVC(6.0.3790.1830); Fri, 7 Apr 2006 11:18:35 +0200 Date: Fri, 7 Apr 2006 11:18:37 +0200 (CEST) From: Harti Brandt X-X-Sender: brandt_h@beagle.kn.op.dlr.de To: "Andrey V. Elsukov" In-Reply-To: <44362910.3060605@yandex.ru> Message-ID: <20060407110003.M57973@beagle.kn.op.dlr.de> References: <20060406202102.B9CCBDCACC2@mail.npubs.com> <20060406203653.L30410@maildrop.int.zabbadoz.net> <20060407072514.56BCDDCACDB@mail.npubs.com> <44361E3C.9040302@yandex.ru> <20060407104156.H57973@beagle.kn.op.dlr.de> <44362910.3060605@yandex.ru> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-OriginalArrivalTime: 07 Apr 2006 09:18:35.0855 (UTC) FILETIME=[3F92DDF0:01C65A24] Cc: "freebsd-net@FreeBSD.org" , Nate Nielsen , "Bjoern A. Zeeb" Subject: Re: bsnmp-regex SNMP module X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Harti Brandt List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 09:18:38 -0000 On Fri, 7 Apr 2006, Andrey V. Elsukov wrote: AVE>Harti Brandt wrote: AVE>> That would not help people running current, because the port is only build AVE>> for version that don't have bsnmpd in the tree. AVE> AVE>I can make it like bind9, PORT_REPLACES_BASE_BSNMPD :) AVE>Can you include all bsnmp modules with bsnmpd sources? There are two reasons that I would not like to do this: - My long term goal is to make bsnmp more usable on other operating systems. I've done this for the daemon itself, the library and the atm module. The mibII module is very FreeBSD specific and would require some work to split it into OS independent and OS dependent parts and I have currently no time to do this. We would also need to split the other modules accordingly and for things like snmp_netgraph I even don't know what to do, because this is just FreeBSD-only. - It requires more management work than I can do at the moment. I would need to integrate patches from the developers into the bsnmp tree and so on. I just feel that this is out of my time contingent for this. Perhaps the main port (bsnmp) could just be a wrapper that installs the other ports depending on the system version? (Just thinking loud - I'm not an expert in the ports area. harti From owner-freebsd-net@FreeBSD.ORG Fri Apr 7 15:11:25 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4C6D916A406; Fri, 7 Apr 2006 15:11:25 +0000 (UTC) (envelope-from nielsen@memberwebs.com) Received: from mail.npubs.com (mail.npubs.com [209.66.100.224]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3235E43D64; Fri, 7 Apr 2006 15:11:22 +0000 (GMT) (envelope-from nielsen@memberwebs.com) From: Nate Nielsen User-Agent: Mozilla Thunderbird 1.0.7 (X11/20051013) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Harti Brandt References: <20060406202102.B9CCBDCACC2@mail.npubs.com> <20060406203653.L30410@maildrop.int.zabbadoz.net> <20060407072514.56BCDDCACDB@mail.npubs.com> <20060407104021.I57973@beagle.kn.op.dlr.de> X-Enigmail-Version: 0.92.0.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Message-Id: <20060407151120.F1F62DCACA1@mail.npubs.com> X-Virus-Scanned: ClamAV using ClamSMTP Date: Fri, 7 Apr 2006 15:11:21 +0000 (GMT) Cc: "freebsd-net@FreeBSD.org" , "Bjoern A. Zeeb" Subject: Re: bsnmp-regex SNMP module X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 15:11:25 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Harti Brandt wrote: > On Fri, 7 Apr 2006, Nate Nielsen wrote: > NN> * bsnmp-host module (RFC 2790 ie: uptime, cpu load, memory, disks) > > Is that different from the hostres module we have in the tree? The very same... Oh well, at least my implementation only had the parts a client needed for a project. Cheers, Nate -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFENoFGe/sRCNknZa8RAtS/AKDp1aDa3UzWPBoUFOOZ9bzvr3C9cQCg8V0o s/g1Rho2kuYWBlBKSW1IYXc= =tkz8 -----END PGP SIGNATURE----- From owner-freebsd-net@FreeBSD.ORG Fri Apr 7 16:36:16 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6B01816A400 for ; Fri, 7 Apr 2006 16:36:16 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from pi.codefab.com (pi.codefab.com [199.103.21.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0AF2E43D48 for ; Fri, 7 Apr 2006 16:36:15 +0000 (GMT) (envelope-from cswiger@mac.com) Received: from localhost (localhost [127.0.0.1]) by pi.codefab.com (Postfix) with ESMTP id 431DB5C8B; Fri, 7 Apr 2006 12:36:15 -0400 (EDT) Received: from pi.codefab.com ([127.0.0.1]) by localhost (pi.codefab.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 61677-07; Fri, 7 Apr 2006 12:36:14 -0400 (EDT) Received: from [192.168.1.3] (pool-68-161-112-80.ny325.east.verizon.net [68.161.112.80]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by pi.codefab.com (Postfix) with ESMTP id 5A2E85C57; Fri, 7 Apr 2006 12:36:14 -0400 (EDT) Message-ID: <443694FE.1090900@mac.com> Date: Fri, 07 Apr 2006 12:36:14 -0400 From: Chuck Swiger User-Agent: Thunderbird 1.5 (Windows/20051201) MIME-Version: 1.0 To: Amit Mondal References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at codefab.com Cc: freebsd-net@freebsd.org Subject: Re: freeBSD tcp enhancement X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 16:36:16 -0000 Amit Mondal wrote: > I am a newbie to freeBSD. I am trying to modify freeBSD tcp for some > security ehancement. Could anyone pls point me to how/where to start or any > suitable material/tutorial to start with. The classic IPv4 code lies in /usr/src/sys/netinet, but see netinet6, netipsec, and even netgraph. If you want to hack on a TCP/IP stack, have fun, but it's entirely possible that the problem you're trying to solve already has been.... -- -Chuck From owner-freebsd-net@FreeBSD.ORG Fri Apr 7 17:51:46 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0551A16A405 for ; Fri, 7 Apr 2006 17:51:46 +0000 (UTC) (envelope-from ericx_lists@vineyard.net) Received: from vineyard.net (k1.vineyard.net [204.17.195.90]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9642A43D46 for ; Fri, 7 Apr 2006 17:51:45 +0000 (GMT) (envelope-from ericx_lists@vineyard.net) Received: from localhost (loopback [127.0.0.1]) by vineyard.net (Postfix) with ESMTP id 7247E9154A for ; Fri, 7 Apr 2006 13:51:42 -0400 (EDT) Received: from vineyard.net ([127.0.0.1]) by localhost (king1.vineyard.net [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 94785-01-36 for ; Fri, 7 Apr 2006 13:51:42 -0400 (EDT) Received: from [204.17.195.113] (cheesenip.vineyard.net [204.17.195.113]) by vineyard.net (Postfix) with ESMTP id 36DEE9152C for ; Fri, 7 Apr 2006 13:51:42 -0400 (EDT) Message-ID: <4436A7AF.2040101@vineyard.net> Date: Fri, 07 Apr 2006 13:55:59 -0400 From: "Eric W. Bates" Organization: Vineyard.NET, Inc. User-Agent: Mozilla Thunderbird 1.0.7 (X11/20051212) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-net@freebsd.org References: <44313943.1060300@vineyard.net> <44314957.4020800@errno.com> In-Reply-To: <44314957.4020800@errno.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Scanned: by AMaViS-king1 at Vineyard.NET Subject: Re: hifn errors on console X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 17:51:46 -0000 Sam Leffler wrote: > Eric W. Bates wrote: > >> I'm running pfsense (an embedded FreeBSD 6.1) on a wrap2C. I recently >> added a Soekris vpn1411 and am now getting infrequent errors: >> >> hifn0: rndtest: ones interval 4 failed (382, 251-373) >> hifn0: rndtest: ones interval 1 failed (2663, 2343-2657) >> hifn0: rndtest: zeros interval 5 failed (206, 111-201) >> hifn0: rndtest: ones interval 2 failed (1385, 1135-1365) >> hifn0: rndtest: zeros interval 3 failed (718, 542-708) >> hifn0: rndtest: zeros interval 4 failed (243, 251-373) >> hifn0: rndtest: zeros interval 3 failed (717, 542-708) >> >> IPSec works fine. However, I do not know how to tell whether the hifn >> is being used. >> >> I had no luck with Google. Can anyone enlighten me? > > > man rndtest(4). pfSense has configured the FIPS rng testing module to > monitor the entropy sent by the h/w to the system prng. Looks like > > sysctl kern.rdntest.verbose=0 > > will turn off console msgs. I guess I want to follow up on this a bit. It seems that rndtest is unsatisfied with the degree of randomness presented by the card. Is that randomness used to produce /dev/random? Is this an indication of a fault with the card? How does such a card "create"/"collect" entropy? Is there anything I can do to improve the situation? Thanks. btw: adding a similar card (Soekris VPN 1410 -- PCI not mini-pci) to a full size motherboard running 6.0-RELEASE-p6 produces the same errors. > Sam > > From owner-freebsd-net@FreeBSD.ORG Fri Apr 7 18:20:38 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5B20016A403 for ; Fri, 7 Apr 2006 18:20:38 +0000 (UTC) (envelope-from lowell@be-well.ilk.org) Received: from mail6.sea5.speakeasy.net (mail6.sea5.speakeasy.net [69.17.117.8]) by mx1.FreeBSD.org (Postfix) with ESMTP id 10A7843D49 for ; Fri, 7 Apr 2006 18:20:37 +0000 (GMT) (envelope-from lowell@be-well.ilk.org) Received: (qmail 28476 invoked from network); 7 Apr 2006 18:20:37 -0000 Received: from dsl092-078-145.bos1.dsl.speakeasy.net (HELO be-well.ilk.org) ([66.92.78.145]) (envelope-sender ) by mail6.sea5.speakeasy.net (qmail-ldap-1.03) with SMTP for ; 7 Apr 2006 18:20:37 -0000 Received: by be-well.ilk.org (Postfix, from userid 1147) id 1597228423; Fri, 7 Apr 2006 14:20:37 -0400 (EDT) To: freebsd-net@freebsd.org References: <1144265008.00498663.1144252202@10.7.7.3> From: Lowell Gilbert Date: 07 Apr 2006 14:20:37 -0400 In-Reply-To: <1144265008.00498663.1144252202@10.7.7.3> Message-ID: <44odzdnt6y.fsf@be-well.ilk.org> Lines: 27 User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: Re: qemu + 802.1Q VLANs X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 18:20:38 -0000 Oliver Fromme writes: > I'm running FreeBSD/i386 RELENG_6 as a guest within qemu > on a FreeBSD host. Guest and host are connected through > the usual tap0/ed0 virtual ethernet. > > The host receives an 802.1Q VLAN trunk from a VLAN-capable > Cisco switch, and uses several VLANs from within that trunk. > I would like to access some of the VLANs from the guest OS > running in qemu, too, but haven't been able to find out how > to do that. > > So, here's the question: Is it possible to "forward" a > VLAN trunk into a qemu guest somehow, so that both host > and guest can use VLANs from it? Yes. [Fabulously useful technique, by the way; I have set up some very complicated test configurations on a single fiber this way.] You need to bridge to the guest's interface. I think this is the minimum example you'll need as a hint: ifconfig bridge0 create ifconfig vlan11 create ifconfig vlan11 vlan 11 vlandev ti0 up qemu -net nic,vlan=0,macaddr=52:54:00:12:12:01 -net tap,ifname=/dev/tap0,vlan=0 disk.image ifconfig bridge0 addm vlan11 addm tap0 up From owner-freebsd-net@FreeBSD.ORG Fri Apr 7 19:14:19 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A1EA316A403 for ; Fri, 7 Apr 2006 19:14:19 +0000 (UTC) (envelope-from rsf@ns.live555.com) Received: from ns.live555.com (ns.live555.com [66.80.62.34]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8C0C743D45 for ; Fri, 7 Apr 2006 19:14:17 +0000 (GMT) (envelope-from rsf@ns.live555.com) Received: from ns.live555.com (localhost.live555.com [127.0.0.1]) by ns.live555.com (8.13.4/8.13.4) with ESMTP id k37JE7IF090232 for ; Fri, 7 Apr 2006 12:14:07 -0700 (PDT) (envelope-from rsf@ns.live555.com) Received: (from rsf@localhost) by ns.live555.com (8.13.4/8.13.4/Submit) id k37JE7x0090231; Fri, 7 Apr 2006 12:14:07 -0700 (PDT) (envelope-from rsf) Message-Id: <7.0.1.0.1.20060407121349.02039da0@live555.com> Message-Id: <7.0.1.0.1.20060407022258.02038e60@live555.com> X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0 Date: Fri, 07 Apr 2006 12:13:54 -0700 To: freebsd-net@freebsd.org From: Ross Finlayson Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Subject: Does the "iwi" driver (Intel PRO/Wireless 2200BG) support "hostap"? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 19:14:19 -0000 When I try to configure my "iwi" device (after loading the bss firmware) to run as an access point (under 6.0-STABLE): ifconfig iwi0 inet ssid FOOBAR channel 5 media DS/11Mbps mediaopt hostap up I get ifconfig: SIOCSIFMEDIA (media): Device not configured Is this because "hostap" mode is not currently supported for the Intel PRO/Wireless 2200BG (iwi) device? Or is there something that I'm doing wrong? (If it's not possible to run this driver in "hostap" mode, then how could I configure it to run as an IBSS 'base station' instead? (The "network-wireless.html" page in the FreeBSD handbook is silent on this point.)) Ross. From owner-freebsd-net@FreeBSD.ORG Fri Apr 7 19:36:25 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 295FE16A403 for ; Fri, 7 Apr 2006 19:36:25 +0000 (UTC) (envelope-from sam@errno.com) Received: from ebb.errno.com (ebb.errno.com [69.12.149.25]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8C04043D4C for ; Fri, 7 Apr 2006 19:36:24 +0000 (GMT) (envelope-from sam@errno.com) Received: from [10.0.0.248] (trouble.errno.com [10.0.0.248]) (authenticated bits=0) by ebb.errno.com (8.13.6/8.12.6) with ESMTP id k37JaMkI012159 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 7 Apr 2006 12:36:23 -0700 (PDT) (envelope-from sam@errno.com) Message-ID: <4436BF36.4010000@errno.com> Date: Fri, 07 Apr 2006 12:36:22 -0700 From: Sam Leffler User-Agent: Thunderbird 1.5 (X11/20060210) MIME-Version: 1.0 To: "Eric W. Bates" References: <44313943.1060300@vineyard.net> <44314957.4020800@errno.com> <4436A7AF.2040101@vineyard.net> In-Reply-To: <4436A7AF.2040101@vineyard.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: hifn errors on console X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 19:36:25 -0000 Eric W. Bates wrote: > > Sam Leffler wrote: >> Eric W. Bates wrote: >> >>> I'm running pfsense (an embedded FreeBSD 6.1) on a wrap2C. I recently >>> added a Soekris vpn1411 and am now getting infrequent errors: >>> >>> hifn0: rndtest: ones interval 4 failed (382, 251-373) >>> hifn0: rndtest: ones interval 1 failed (2663, 2343-2657) >>> hifn0: rndtest: zeros interval 5 failed (206, 111-201) >>> hifn0: rndtest: ones interval 2 failed (1385, 1135-1365) >>> hifn0: rndtest: zeros interval 3 failed (718, 542-708) >>> hifn0: rndtest: zeros interval 4 failed (243, 251-373) >>> hifn0: rndtest: zeros interval 3 failed (717, 542-708) >>> >>> IPSec works fine. However, I do not know how to tell whether the hifn >>> is being used. >>> >>> I had no luck with Google. Can anyone enlighten me? >> >> man rndtest(4). pfSense has configured the FIPS rng testing module to >> monitor the entropy sent by the h/w to the system prng. Looks like >> >> sysctl kern.rdntest.verbose=0 >> >> will turn off console msgs. > > I guess I want to follow up on this a bit. It seems that rndtest is > unsatisfied with the degree of randomness presented by the card. > > Is that randomness used to produce /dev/random? > > Is this an indication of a fault with the card? The entropy is fed into the system PRNG where it is processed again before being supplied as data from /dev/random. So there is nothing to worry about. > > How does such a card "create"/"collect" entropy? Drivers that manage h/w entropy sources (such as those found on crypto devices) periodically collect data and feed it to the PRNG. > > Is there anything I can do to improve the situation? rndtest was done to evaluate the goodness of h/w entropy sources for various reasons that are not important. It is not intended for production use. Why pfsense includes it is unclear. > > Thanks. > > btw: adding a similar card (Soekris VPN 1410 -- PCI not mini-pci) to a > full size motherboard running 6.0-RELEASE-p6 produces the same errors. > >> Sam >> >> > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > > From owner-freebsd-net@FreeBSD.ORG Fri Apr 7 19:39:47 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 92EDC16A41A for ; Fri, 7 Apr 2006 19:39:47 +0000 (UTC) (envelope-from qgyang@gmail.com) Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.239]) by mx1.FreeBSD.org (Postfix) with ESMTP id 23F7443D5D for ; Fri, 7 Apr 2006 19:39:47 +0000 (GMT) (envelope-from qgyang@gmail.com) Received: by wproxy.gmail.com with SMTP id i34so434549wra for ; Fri, 07 Apr 2006 12:39:46 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:user-agent:date:subject:from:to:message-id:thread-topic:thread-index:mime-version:content-type:content-transfer-encoding; b=BnxO7LTDZuEQ+4oHVuQ4lQScqyuVunp1UNOJIVSz2gVJQD1FFS/CpJTPGQuRwY0osANXwnnVHPoRqmaPYbTigrLeRfAlTpypfw89LmBf8ktpRGopxtL0X4wQC1Hrx4uzusIV4GOKfpskZYLttI6NHNCAP+uzENE5nnlFRNc2baE= Received: by 10.65.219.6 with SMTP id w6mr911838qbq; Fri, 07 Apr 2006 12:39:46 -0700 (PDT) Received: from ?192.168.5.93? ( [64.154.93.163]) by mx.gmail.com with ESMTP id e10sm375825qbe.2006.04.07.12.39.45; Fri, 07 Apr 2006 12:39:46 -0700 (PDT) User-Agent: Microsoft-Entourage/11.2.3.060209 Date: Fri, 07 Apr 2006 12:39:41 -0700 From: Qiao Yang To: Message-ID: Thread-Topic: Unreliable Unix Domain DGRAM socket? Thread-Index: AcZaewNUQfZFHcZuEdqE4gANkytcAg== Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit Subject: Unreliable Unix Domain DGRAM socket? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 19:39:47 -0000 Hi all, Does anyone know what possible scenarios may cause the Unix Domain DGRAM socket to lose packet? We know, in theory, it is unreliable, but in reality, I rarely see packet loss happens to this type of socket. Unfortunately, I believe it happened a few times in the last couple of months in a FreeBSD 5.3 box and I wasn't able to track down what the cause was. One related question. Considering the following setup, client (socket_A) send a packet to server (socket_B). If the sending buffer of socket_A is ok but the receiving buffer of socket_B is full, will sendto() return error? Thanks for your insights. --Qiao From owner-freebsd-net@FreeBSD.ORG Fri Apr 7 19:50:34 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 75A7316A401 for ; Fri, 7 Apr 2006 19:50:34 +0000 (UTC) (envelope-from max@love2party.net) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.177]) by mx1.FreeBSD.org (Postfix) with ESMTP id D3D7943D46 for ; Fri, 7 Apr 2006 19:50:33 +0000 (GMT) (envelope-from max@love2party.net) Received: from [88.64.182.191] (helo=amd64.laiers.local) by mrelayeu.kundenserver.de (node=mrelayeu2) with ESMTP (Nemesis), id 0MKwtQ-1FRwyN3ioh-0004mg; Fri, 07 Apr 2006 21:50:24 +0200 From: Max Laier Organization: FreeBSD To: Ross Finlayson Date: Fri, 7 Apr 2006 21:49:10 +0200 User-Agent: KMail/1.9.1 References: <7.0.1.0.1.20060407121349.02039da0@live555.com> In-Reply-To: <7.0.1.0.1.20060407121349.02039da0@live555.com> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart1508632.AoqDeojuON"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200604072149.16756.max@love2party.net> X-Provags-ID: kundenserver.de abuse@kundenserver.de login:61c499deaeeba3ba5be80f48ecc83056 Cc: freebsd-net@freebsd.org Subject: Re: Does the "iwi" driver (Intel PRO/Wireless 2200BG) support "hostap"? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 19:50:34 -0000 --nextPart1508632.AoqDeojuON Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Friday 07 April 2006 21:13, Ross Finlayson wrote: > When I try to configure my "iwi" device (after loading the bss > firmware) to run as an access point (under 6.0-STABLE): > ifconfig iwi0 inet ssid FOOBAR channel 5 media > DS/11Mbps mediaopt hostap up > I get > ifconfig: SIOCSIFMEDIA (media): Device not configured > > Is this because "hostap" mode is not currently supported for the > Intel PRO/Wireless 2200BG (iwi) device? Or is there something that > I'm doing wrong? No, iwi(4) does not support hostap mode at the moment. There seems to be s= ome=20 effort in making a Linux driver: http://sourceforge.net/projects/ipw2200-ap= =20 but it is unclear what the status of this is. > (If it's not possible to run this driver in "hostap" mode, then how > could I configure it to run as an IBSS 'base station' instead? (The > "network-wireless.html" page in the FreeBSD handbook is silent on this > point.)) The ath(4) man page has the following example: ifconfig ath0 inet 192.168.0.22 netmask 0xffffff00 ssid my_net \ mode 11b mediaopt adhoc I haven't been able to get iwi(4) working in IBSS mode however. =2D-=20 /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News --nextPart1508632.AoqDeojuON Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQBENsI8XyyEoT62BG0RAj0mAJkB4HRkOLkgGYrS6MRYB+iY5hWGIACfZmh6 THZLLfuiVU0U5ZRl8b25sls= =Tr40 -----END PGP SIGNATURE----- --nextPart1508632.AoqDeojuON-- From owner-freebsd-net@FreeBSD.ORG Fri Apr 7 21:02:39 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 23C7C16A400 for ; Fri, 7 Apr 2006 21:02:39 +0000 (UTC) (envelope-from nielsen-list@memberwebs.com) Received: from mail.npubs.com (mail.npubs.com [209.66.100.224]) by mx1.FreeBSD.org (Postfix) with ESMTP id F0C4143D53 for ; Fri, 7 Apr 2006 21:02:38 +0000 (GMT) (envelope-from nielsen-list@memberwebs.com) From: Nate Nielsen User-Agent: Mozilla Thunderbird 1.0.7 (X11/20051013) X-Accept-Language: en-us, en MIME-Version: 1.0 To: "freebsd-net@FreeBSD.org" Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Message-Id: <20060407210238.3D15CDCACB2@mail.npubs.com> X-Virus-Scanned: ClamAV using ClamSMTP Date: Fri, 7 Apr 2006 21:02:38 +0000 (GMT) Subject: bsnmp-ping SNMP module X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: nielsen@memberwebs.com List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 21:02:39 -0000 Another bsnmpd module, in case anyone's interested: bsnmp-ping is an SNMP module which allows you to measure latency and reachability to hosts of your choice. More info: http://memberwebs.com/nielsen/software/bsnmp-ping/ Cheers, Nate From owner-freebsd-net@FreeBSD.ORG Fri Apr 7 23:18:37 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1495E16A403; Fri, 7 Apr 2006 23:18:37 +0000 (UTC) (envelope-from bart@it-ss.be) Received: from piggy.solidweb.be (piggy.web.bru.it-ss.be [195.28.164.224]) by mx1.FreeBSD.org (Postfix) with ESMTP id D9CC043D49; Fri, 7 Apr 2006 23:18:35 +0000 (GMT) (envelope-from bart@it-ss.be) Received: from bartwrkstxp (244.150-136-217.adsl.skynet.be [217.136.150.244]) (authenticated bits=0) by piggy.solidweb.be (8.13.6/8.13.6) with ESMTP id k37Lobwf014207; Fri, 7 Apr 2006 23:50:42 +0200 Message-ID: <024601c65a8d$5199f290$020b000a@bartwrkstxp> From: "Bart Van Kerckhove" To: "Michael DeMan" , "Dima Dorfman" References: <014e01c64928$6107abd0$020b000a@bartwrkstxp><20060316193740.GE11850@spc.org><20060325092123.GB5468@trit.org><20060331071115.GC884@trit.org> <21DCE1FA-4A7E-443F-8EFA-9E3CC7CE1C30@staff.openaccess.org> Date: Fri, 7 Apr 2006 23:50:37 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2670 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670 X-Scanned-By: MIMEDefang 2.45 on 195.28.164.224 Cc: "freebsd-net@FreeBSD.org" Subject: Re: OT - Quagga/CARP X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 23:18:37 -0000 Michael DeMan wrote: > Hi, Hi gents and ladies, > > See inline... ditto > > On Mar 30, 2006, at 11:11 PM, Dima Dorfman wrote: > >> Michael DeMan wrote: >>> So, if you already have a route to 10.100.100.0/24 via OSPF to >>> another machine, then try to... >>> >>> ip address 10.100.100.55/24 >>> >>> You get an error. >> >> Is that the only problem? Someone was talking about funding >> development to fix something--surely there must be something more >> severe than the inability to use the "ip address" interface command? >> I thought the problem was about encoutering broken ingress paths if >> one of the routers loses connectivity to the destination network. Hmm no, it is not the inability to use "ip address" inside any quagga soft, afaik the freebsd userland tools can't get the route-setting done eiter. Not when an alternate route for the same prefix is in the kernel route table. >> > > My understanding is that my issue is just one symptom of a general > limitation in the kernel routing tables or something, and that fixing > this problem would also allow multi-path routing for FreeBSD, which > is probably a bigger 'win' for the community overall. This is exactly the thing we need to get around. Multi-path (and notably equal-cost multipath) would be a major gain. Yes it is possible currently, but it requires ugly hacks (ipfw comes to mind). ECMP does not belong in a firewall imHo - but that's just me ;o) This is a place where freebsd really is lagging behind the other BSD's (and to not state the obvious, that tux o/s). Is this because there is no general need for these features? Lack of development time? (hence the sponsoring proposal...) FreeBSD has a nice rep going for it with regards to its ipstack ... ;-> > >> Does the combination of CARP and quagga OSPF work once it's >> configured using system tools? > > Yes, it will work then. However, I still have to kill and restart > the zebra and ospf processes entirely for them to pick things up > correctly. My understanding is that restarting en ospfd daemon is bad. restarting zebra is even worse - and must not be done. > >> >>> It is possible to force the interface configuration via 'ifconfig' >>> on the UNIX command line, but for this equipment I want all >>> interface configuration and routing driven out of Quagga. >> >> It would be cool if that was possible, but it's not really practical. >> My systems tend to have a lot of very custom configuration that >> quagga will never be able to express. If I had a cookie-cutter >> configuration, I'd probably be using a C or J box. >> While I've found bgpd and ospfd to be very stable, the zebra part >> that interacts with the kernel has had various problems over >> time--routes not being installed correctly, or going away, or having >> incorrect flags. I wouldn't trust it to configure the entire network >> subsystem. I don't use zebra to configure anything on our production machines. It merely reads out routes that are already set, and adds ospf/bgp ones. >> > > I've noticed some oddities with zebra too, but never anything that is > a show-stopper. There was some kind of bug with notifications of > interface 'up/down' not getting propogated correctly between zebra/ > kernel, but that seems to be fixed. There's lots of fixes being implemented on a daily basis, that much I know (from regular contact with the guys). > Met vriendelijke groet / With kind regards, Bart Van Kerckhove bart@it-ss.be From owner-freebsd-net@FreeBSD.ORG Sat Apr 8 05:32:14 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8855416A400; Sat, 8 Apr 2006 05:32:14 +0000 (UTC) (envelope-from rsf@ns.live555.com) Received: from ns.live555.com (ns.live555.com [66.80.62.34]) by mx1.FreeBSD.org (Postfix) with ESMTP id C125443D6A; Sat, 8 Apr 2006 05:32:10 +0000 (GMT) (envelope-from rsf@ns.live555.com) Received: from ns.live555.com (localhost.live555.com [127.0.0.1]) by ns.live555.com (8.13.4/8.13.4) with ESMTP id k385W4DU072890; Fri, 7 Apr 2006 22:32:04 -0700 (PDT) (envelope-from rsf@ns.live555.com) Received: (from rsf@localhost) by ns.live555.com (8.13.4/8.13.4/Submit) id k385W0Px072832; Fri, 7 Apr 2006 22:32:00 -0700 (PDT) (envelope-from rsf) Message-Id: <7.0.1.0.1.20060407222718.01f2ccd0@live555.com> X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0 Date: Fri, 07 Apr 2006 22:31:38 -0700 To: freebsd-net@freebsd.org From: Ross Finlayson In-Reply-To: <200604072149.16756.max@love2party.net> References: <7.0.1.0.1.20060407121349.02039da0@live555.com> <200604072149.16756.max@love2party.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Cc: freebsd-mobile@freebsd.org Subject: Re: Does the "iwi" driver (Intel PRO/Wireless 2200BG) support "hostap"? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Apr 2006 05:32:14 -0000 > > (If it's not possible to run this driver in "hostap" mode, then how > > could I configure it to run as an IBSS 'base station' instead? (The > > "network-wireless.html" page in the FreeBSD handbook is silent on this > > point.)) > >The ath(4) man page has the following example: > ifconfig ath0 inet 192.168.0.22 netmask 0xffffff00 ssid my_net \ > mode 11b mediaopt adhoc > >I haven't been able to get iwi(4) working in IBSS mode however. Neither have I. ("ifconfig iwi0" tells me that the card is running in IBSS mode, but no other clients seem to see it.) It would nice if someone could figure out how to get this working. (In the meantime, I've placed an order for a different mini PCI card - the Xterasys XG600 - which uses the Prism chipset, and so should (I hope) wotk with "hostap".) Ross. From owner-freebsd-net@FreeBSD.ORG Sat Apr 8 06:48:44 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 51AF416A401 for ; Sat, 8 Apr 2006 06:48:44 +0000 (UTC) (envelope-from rwatson@FreeBSD.org) Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0E36A43D45 for ; Sat, 8 Apr 2006 06:48:41 +0000 (GMT) (envelope-from rwatson@FreeBSD.org) Received: from fledge.watson.org (fledge.watson.org [209.31.154.41]) by cyrus.watson.org (Postfix) with ESMTP id 4A5E346B0C; Sat, 8 Apr 2006 02:48:41 -0400 (EDT) Date: Sat, 8 Apr 2006 07:48:41 +0100 (BST) From: Robert Watson X-X-Sender: robert@fledge.watson.org To: Qiao Yang In-Reply-To: Message-ID: <20060408074021.O40714@fledge.watson.org> References: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-net@freebsd.org Subject: Re: Unreliable Unix Domain DGRAM socket? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Apr 2006 06:48:44 -0000 On Fri, 7 Apr 2006, Qiao Yang wrote: > Does anyone know what possible scenarios may cause the Unix Domain DGRAM > socket to lose packet? We know, in theory, it is unreliable, but in reality, > I rarely see packet loss happens to this type of socket. Unfortunately, I > believe it happened a few times in the last couple of months in a FreeBSD > 5.3 box and I wasn't able to track down what the cause was. > > One related question. Considering the following setup, client (socket_A) > send a packet to server (socket_B). If the sending buffer of socket_A is ok > but the receiving buffer of socket_B is full, will sendto() return error? Yes -- there are several situations where packets can be lost. The most typical one is that there is insufficient room in the receive buffer. uipc_usrreq.c:uipc_send() calls sbappendaddr_locked() to append to the remote receive socket: if (space > sbspace(sb)) return (0); uipc_send() converts this to ENOBUFS. Other loss scenarios include EMSGSIZE if the message is too large. If sendto() is called with the flag MSG_DONTWAIT, you can also get ENOBUFS due to mbuf allocator exhaustion. Robert N M Watson From owner-freebsd-net@FreeBSD.ORG Sat Apr 8 07:53:41 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1E76316A400 for ; Sat, 8 Apr 2006 07:53:41 +0000 (UTC) (envelope-from cjeker@diehard.n-r-g.com) Received: from diehard.n-r-g.com (diehard.n-r-g.com [62.48.3.9]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7AA5E43D53 for ; Sat, 8 Apr 2006 07:53:40 +0000 (GMT) (envelope-from cjeker@diehard.n-r-g.com) Received: (qmail 28191 invoked by uid 1001); 8 Apr 2006 07:53:39 -0000 Date: Sat, 8 Apr 2006 09:53:15 +0200 From: Claudio Jeker To: freebsd-net@freebsd.org Message-ID: <20060408075338.GB1984@diehard.n-r-g.com> Mail-Followup-To: Claudio Jeker , freebsd-net@freebsd.org References: <21DCE1FA-4A7E-443F-8EFA-9E3CC7CE1C30@staff.openaccess.org> <024601c65a8d$5199f290$020b000a@bartwrkstxp> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <024601c65a8d$5199f290$020b000a@bartwrkstxp> User-Agent: Mutt/1.5.11 Subject: Re: OT - Quagga/CARP X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Apr 2006 07:53:41 -0000 On Fri, Apr 07, 2006 at 11:50:37PM +0200, Bart Van Kerckhove wrote: > Michael DeMan wrote: > > Hi, > Hi gents and ladies, > > > > See inline... > ditto > > > > On Mar 30, 2006, at 11:11 PM, Dima Dorfman wrote: > > > >> Michael DeMan wrote: > >>> So, if you already have a route to 10.100.100.0/24 via OSPF to > >>> another machine, then try to... > >>> > >>> ip address 10.100.100.55/24 > >>> > >>> You get an error. > >> > >> Is that the only problem? Someone was talking about funding > >> development to fix something--surely there must be something more > >> severe than the inability to use the "ip address" interface command? > >> I thought the problem was about encoutering broken ingress paths if > >> one of the routers loses connectivity to the destination network. > Hmm no, it is not the inability to use "ip address" inside any quagga soft, > afaik the freebsd userland tools can't get the route-setting done eiter. Not > when an alternate route for the same prefix is in the kernel route table. This is not true. For some reasons there is "route change". The problem is that quagga just does a stupid RTM_DELETE/RTM_ADD combo to change a route (btw. this is not an atomic operation and could be raced). Now if you add a new interface the kernel does mostly the same. It tries to add a route to that interface via RTM_ADD and gives up if that fails. It probably should do a RTM_CHANGE (if the RTM_ADD failed) to force a update. > >> > > > > My understanding is that my issue is just one symptom of a general > > limitation in the kernel routing tables or something, and that fixing > > this problem would also allow multi-path routing for FreeBSD, which > > is probably a bigger 'win' for the community overall. > This is exactly the thing we need to get around. > Multi-path (and notably equal-cost multipath) would be a major gain. Yes it > is possible currently, but it requires ugly hacks (ipfw comes to mind). > ECMP does not belong in a firewall imHo - but that's just me ;o) > This is a place where freebsd really is lagging behind the other BSD's (and > to not state the obvious, that tux o/s). > Is this because there is no general need for these features? Lack of > development time? (hence the sponsoring proposal...) > FreeBSD has a nice rep going for it with regards to its ipstack ... ;-> Multipath routing is not that simple to implement unless you like to break a lot of software. > > > >> Does the combination of CARP and quagga OSPF work once it's > >> configured using system tools? > > > > Yes, it will work then. However, I still have to kill and restart > > the zebra and ospf processes entirely for them to pick things up > > correctly. > My understanding is that restarting en ospfd daemon is bad. restarting zebra > is even worse - and must not be done. > You can not restart zebra without restarting all other daemons that depend on it. Just as a side note neither OpenBGPD nor OpenOSPFD suffer from this problem. In both daemons you are able to resync the kernel routing table. This is mostly a zebra/quagga design problem. > > > >> > >>> It is possible to force the interface configuration via 'ifconfig' > >>> on the UNIX command line, but for this equipment I want all > >>> interface configuration and routing driven out of Quagga. > >> > >> It would be cool if that was possible, but it's not really practical. > >> My systems tend to have a lot of very custom configuration that > >> quagga will never be able to express. If I had a cookie-cutter > >> configuration, I'd probably be using a C or J box. > >> While I've found bgpd and ospfd to be very stable, the zebra part > >> that interacts with the kernel has had various problems over > >> time--routes not being installed correctly, or going away, or having > >> incorrect flags. I wouldn't trust it to configure the entire network > >> subsystem. > I don't use zebra to configure anything on our production machines. It > merely reads out routes that are already set, and adds ospf/bgp ones. Especially I would not trust quagga. New features added to FreeBSD will take a long time till they are supported by the quagga CLI. -- :wq Claudio From owner-freebsd-net@FreeBSD.ORG Sat Apr 8 10:44:16 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A81E016A423 for ; Sat, 8 Apr 2006 10:44:16 +0000 (UTC) (envelope-from bms@spc.org) Received: from mindfull.spc.org (mindfull.spc.org [83.167.185.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2C24443D45 for ; Sat, 8 Apr 2006 10:44:16 +0000 (GMT) (envelope-from bms@spc.org) Received: from arginine.spc.org ([83.167.185.2]) by mindfull.spc.org with esmtps (TLSv1:AES256-SHA:256) (Exim 4.52) id 1FSAvM-00040C-Iq; Sat, 08 Apr 2006 11:44:12 +0100 Received: from localhost (localhost [127.0.0.1]) by arginine.spc.org (Postfix) with ESMTP id 8439165499; Sat, 8 Apr 2006 11:44:14 +0100 (BST) Received: from arginine.spc.org ([127.0.0.1]) by localhost (arginine.spc.org [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 54691-06-3; Sat, 8 Apr 2006 11:44:13 +0100 (BST) Received: by arginine.spc.org (Postfix, from userid 1078) id BE69C653F9; Sat, 8 Apr 2006 11:44:13 +0100 (BST) Date: Sat, 8 Apr 2006 11:44:13 +0100 From: Bruce M Simpson To: Amit Mondal Message-ID: <20060408104413.GU80492@spc.org> Mail-Followup-To: Bruce M Simpson , Amit Mondal , freebsd-net@freebsd.org References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.1i Organization: Incunabulum X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - mindfull.spc.org X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - spc.org X-Source: X-Source-Args: X-Source-Dir: Cc: freebsd-net@freebsd.org Subject: Re: freeBSD tcp enhancement X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Apr 2006 10:44:16 -0000 On Thu, Apr 06, 2006 at 07:36:52PM -0500, Amit Mondal wrote: > I am a newbie to freeBSD. I am trying to modify freeBSD tcp for some > security ehancement. Could anyone pls point me to how/where to start or any > suitable material/tutorial to start with. The code. If explanations in natural language (in this case, English) are required, TCP/IP Illustrated Volume 2 by W. Richard Stevens, Addison-Wesley, although it lags behind the code in all BSDs by 10 years or so. BMS From owner-freebsd-net@FreeBSD.ORG Sat Apr 8 14:25:29 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0FE4A16A404 for ; Sat, 8 Apr 2006 14:25:29 +0000 (UTC) (envelope-from nkoch@gmx.de) Received: from mail.gmx.net (mail.gmx.net [213.165.64.20]) by mx1.FreeBSD.org (Postfix) with SMTP id F31FB43D48 for ; Sat, 8 Apr 2006 14:25:27 +0000 (GMT) (envelope-from nkoch@gmx.de) Received: (qmail invoked by alias); 08 Apr 2006 14:25:25 -0000 Received: from N9864.n.pppool.de (EHLO xp2800.koch) [89.50.152.100] by mail.gmx.net (mp034) with SMTP; 08 Apr 2006 16:25:25 +0200 X-Authenticated: #472702 From: Norbert Koch To: freebsd-net@freebsd.org Date: Sat, 8 Apr 2006 16:25:14 +0200 User-Agent: KMail/1.9.1 MIME-Version: 1.0 Content-Disposition: inline Message-Id: <200604081625.15039.nkoch@gmx.de> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Y-GMX-Trusted: 0 Subject: forward a tcp stream through rs232 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Apr 2006 14:25:29 -0000 Hello. I want to forward one or more tcp ports through the rs232 line. What I want is to forward e.g. ssh and vnc for remote control purposes via modems. That means: A client machine running an application that listens to a port and reliably forwards tcp streams to a server machine where an other applications binds to the service port. Server: Client: ssh port <---> application <---> // <---> application <---> port <---> PuTTY I know I could just use ppp, but the client side will be a windows machine and I do not want to have the overhead of a complete TCP/IP protocol on the serial line. And I also do not want to have to configure IP addresses. Does anybody know about some quick and dirty solution for that? If not, is there at least some serial i/o library with a reliable packet transfer protocol like e.g. HDLC/LAPBC or DDCMP or something similar? I did not find anything in the ports that was helpful. I could but do not want to re-invent a wheel, which surely has been invented more than once in the last century;-) Thank you, Norbert Koch From owner-freebsd-net@FreeBSD.ORG Sat Apr 8 14:30:28 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 21C2A16A406 for ; Sat, 8 Apr 2006 14:30:28 +0000 (UTC) (envelope-from regnauld@catpipe.net) Received: from moof.catpipe.net (moof.catpipe.net [195.249.214.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0DE8943D5A for ; Sat, 8 Apr 2006 14:30:26 +0000 (GMT) (envelope-from regnauld@catpipe.net) Received: from localhost (localhost [127.0.0.1]) by localhost.catpipe.net (Postfix) with ESMTP id 0DAC91B357; Sat, 8 Apr 2006 16:30:25 +0200 (CEST) Received: from moof.catpipe.net ([127.0.0.1]) by localhost (moof.catpipe.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 64628-10; Sat, 8 Apr 2006 16:30:23 +0200 (CEST) Received: from vinyl.catpipe.net (vinyl.catpipe.net [195.249.214.189]) by moof.catpipe.net (Postfix) with ESMTP id 81BC91B356; Sat, 8 Apr 2006 16:30:23 +0200 (CEST) Received: by vinyl.catpipe.net (Postfix, from userid 1006) id 8B7A278C31; Sat, 8 Apr 2006 16:28:17 +0200 (CEST) Date: Sat, 8 Apr 2006 16:28:17 +0200 From: Phil Regnauld To: Norbert Koch Message-ID: <20060408142816.GA68561@catpipe.net> References: <200604081625.15039.nkoch@gmx.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200604081625.15039.nkoch@gmx.de> X-Operating-System: FreeBSD 6.1-PRERELEASE i386 Organization: catpipe Systems ApS User-Agent: Mutt/1.5.11 X-Virus-Scanned: amavisd-new at catpipe.net Cc: freebsd-net@freebsd.org Subject: Re: forward a tcp stream through rs232 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Apr 2006 14:30:28 -0000 Norbert Koch (nkoch) writes: > > I know I could just use ppp, but the client side will be a windows > machine and I do not want to have the overhead of a complete > TCP/IP protocol on the serial line. And I also do not want to > have to configure IP addresses. > > Does anybody know about some quick and dirty solution for that? Yes, use PPP. Sorry, but the overhead of a "complete TCP/IP protocol" is negligeable with modern modems, especially if you have header compression, MNP and other V* compressions. You could arguably use SLIP, which is lighter weight. Not wanting to configure IP addresses: just give your tunnel 127.1.0.1 and 127.1.0.2 or whatever. (In practice you could even avoid that and just route subnets via the endpoints of the tunnel). > I could but do not want to re-invent a wheel, which surely has > been invented more than once in the last century;-) Then use PPP. From owner-freebsd-net@FreeBSD.ORG Sat Apr 8 15:30:16 2006 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 702FC16A40D for ; Sat, 8 Apr 2006 15:30:16 +0000 (UTC) (envelope-from ericx_lists@vineyard.net) Received: from smtp1.vineyard.net (a1.vineyard.net [204.17.195.95]) by mx1.FreeBSD.org (Postfix) with ESMTP id C340B43D53 for ; Sat, 8 Apr 2006 15:30:15 +0000 (GMT) (envelope-from ericx_lists@vineyard.net) Received: from localhost (loopback [127.0.0.1]) by smtp1.vineyard.net (Postfix) with ESMTP id 986561581807; Sat, 8 Apr 2006 11:30:14 -0400 (EDT) Received: from smtp1.vineyard.net ([127.0.0.1]) by localhost (ace1.vineyard.net [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 15728-01-33; Sat, 8 Apr 2006 11:30:14 -0400 (EDT) Received: from [204.17.195.104] (fortiva.vineyard.net [204.17.195.104]) by smtp1.vineyard.net (Postfix) with ESMTP id 384F31581801; Sat, 8 Apr 2006 11:30:14 -0400 (EDT) Message-ID: <4437D6DA.1020300@vineyard.net> Date: Sat, 08 Apr 2006 11:29:30 -0400 From: "Eric W. Bates" User-Agent: Mozilla Thunderbird 1.0.7 (Windows/20050923) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Sam Leffler References: <44313943.1060300@vineyard.net> <44314957.4020800@errno.com> <4436A7AF.2040101@vineyard.net> <4436BF36.4010000@errno.com> In-Reply-To: <4436BF36.4010000@errno.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Scanned: by AMaViS-ace1 at Vineyard.NET Cc: freebsd-net@freebsd.org Subject: Re: hifn errors on console X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Apr 2006 15:30:16 -0000 Sam Leffler wrote: > > rndtest was done to evaluate the goodness of h/w entropy sources for > various reasons that are not important. It is not intended for > production use. Why pfsense includes it is unclear. Thank you. I feel much better. rndtest appears to be part of 6.0-RELEASE and 6.1-STABLE by default. This is probably how it ended up in pfsense. >> >> Thanks. >> >> btw: adding a similar card (Soekris VPN 1410 -- PCI not mini-pci) to a >> full size motherboard running 6.0-RELEASE-p6 produces the same errors. >> >>> Sam >>> >>> >> _______________________________________________ >> freebsd-net@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-net >> To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >> >> > >