From owner-freebsd-net Sun Sep 30 9:46:35 2001 Delivered-To: freebsd-net@freebsd.org Received: from web3-1.ability.net (web3-1.ability.net [216.32.69.8]) by hub.freebsd.org (Postfix) with ESMTP id 63DB737B40C for ; Sun, 30 Sep 2001 09:46:28 -0700 (PDT) Received: from iwishihadaname.crosslink.net ([216.181.215.170]) by web3-1.ability.net (8.9.3/8.9.1/Pub) with ESMTP id MAA20417 for ; Sun, 30 Sep 2001 12:46:20 -0400 (EDT) Date: Sun, 30 Sep 2001 12:49:56 -0400 (EDT) From: Rich Fox X-Sender: rich@iwishihadaname.crosslink.net To: freebsd-net@freebsd.org Subject: Natd Frustration! Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I know that the NATD stuff comes up all the time, however I have spent the last two days poring[sp?] over the archives searching for solution to my problem. This is the same problem everyone else has. I want to forward HTTP requests from my external machine to an internal one. Here is my setup: ------------\ /------------------------ 192.168.1.17 +--> 65.x.x.x/192.168.1.12 -> | @home network | DHCP | hub | |Internet | Static IP | 192.168.1.15 +--> 216.x.x.x/192.168.1.1 -> | Crosslink/covad/verizon ------------/ \------------------------ Yes, I have two internet connections. They can see each other without problems. The .17 machine's gateway is 192.168.1.12/65.x.x.x The .15 machine's gateway is 192.168.1.1/216.x.x.x The 216./.1 gateway is performing plain ol' Nat for whatever boxes on the internal network that is using it as a gateway. I can get anywhere on the 'net as needed from the internal machines, including to the 65.x.x.x machine without problems. (That is the firewall says, allow all from any to 65.x.x.x and vice versa.) The 65.x/.12 machine is also performing plain ol' natd for any machines using it as a gateway. I can get anywhere on the 'net as needed from the internal machines, including the 216.x.x.x machine without problems. (That is the firewall says, allow all from any to 216.x.x.x and vice versa.) I want any http requests showing up at the 65. box to be sent to and handled by the internal .17 machine. Here's what I have configured for the 65.x machine... rc.conf: # Adding NATD and IPFW stuff... gateway_enable="YES" firewall_enable="YES" firewall_type="OPEN" natd_enable="YES" natd_interface="ed0" natd_flags="-l -f /etc/natd.conf" natd.conf: interface ed0 same_ports yes dynamic yes use_sockets yes verbose redirect_port tcp 192.168.1.17:80 80 redirect_port udp 192.168.1.17:80 80 (I don't need udp for this but for the sake of thoroughness...) and my firewall (I run this script at the end of rc.conf): # de0 is internal network # ed0 is DHCP configured interface ipfw -q flush ipfw add divert 8668 ip from any to any via ed0 ipfw add allow all from any to 192.168.1.17 ipfw add allow all from 192.168.1.17 to any # Allow all data from my network card and localhost. ipfw add allow ip from any to any via lo0 ipfw add allow ip from any to any via de0 # Allow connections to and from my DSL connection... ipfw add allow all from any to 216.x.x.x ipfw add allow all from 216.x.x.x to any # Allow all connections that I initiate. # Once connections are made, allow them to stay open. ipfw add allow tcp from any to any out xmit ed0 setup ipfw add allow tcp from any to any via ed0 established # This sends a RESET to all ident packets. ipfw add reset log tcp from any to any 113 in recv ed0 # allow ntp from time sync... ipfw add allow udp from any 123 to any 123 ipfw add allow tcp from any 123 to any 123 # Allow outgoing DNS queries ONLY to the specified servers. [snip] # ping and traceroute ipfw add 65435 allow icmp from any to any # deny everything else... ipfw add 65435 deny log ip from any to any In spite of the DHCP interface, the IP address hasn't changed in the months that I have used this service. (Not that that makes any difference, I am just saying). I am using the Verbose option in NATD to try to understand what exactly is happening with the packets that are coming from the .15->216. machine. here's what it looks like when I try to connect from there... In [TCP] [TCP] 216.x.x.x:2961 -> 65.x.x.x:80 aliased to [TCP] 216.x.x.x:2961 -> 192.168.1.17:80 In [TCP] [TCP] 216.x.x.x:2961 -> 65.x.x.x:80 aliased to [TCP] 216.x.x.x:2961 -> 192.168.1.17:80 In [TCP] [TCP] 216.x.x.x:2961 -> 65.x.x.x:80 aliased to [TCP] 216.x.x.x:2961 -> 192.168.1.17:80 In [TCP] [TCP] 216.x.x.x:2961 -> 65.x.x.x:80 aliased to [TCP] 216.x.x.x:2961 -> 192.168.1.17:80 In [TCP] [TCP] 216.x.x.x:2961 -> 65.x.x.x:80 aliased to [TCP] 216.x.x.x:2961 -> 192.168.1.17:80 The requests appear to be aliasing properly, but no response ever comes from the .17 machine at least not that I can see. Shouldn't I get an OUT [TCP] sort of thing from this? (Note: If I connect to the .17 machine's web server from inside the network, it works fine (i.e. if I go to 192.168.1.17 it is alive and well.) (Interestingly I see lots of IP addresses trying to connect to my web server. I really want to get this aliasing thing fixed so that I can put up a page that tells these nosy punks to go blow.) Any thoughts? Thanks, Rich. | rich fox / F2 | rich@f2sys.net | www.f2sys.net | 5927 Ridge View Drive | Alexandria, VA 22310-2074 | t:703.528.9616 | f:703.528.0599 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Sep 30 9:55:53 2001 Delivered-To: freebsd-net@freebsd.org Received: from mx1.dev.itouchnet.net (devco.net [196.15.188.2]) by hub.freebsd.org (Postfix) with ESMTP id B24B837B408 for ; Sun, 30 Sep 2001 09:55:44 -0700 (PDT) Received: from nobody by mx1.dev.itouchnet.net with scanned_ok (Exim 3.16 #1) id 15njt2-000HCE-00 for freebsd-net@freebsd.org; Sun, 30 Sep 2001 18:56:16 +0200 Received: from shell.devco.net ([196.15.188.7]) by mx1.dev.itouchnet.net with esmtp (Exim 3.16 #1) id 15njt1-000HC0-00; Sun, 30 Sep 2001 18:56:15 +0200 Received: from bvi by shell.devco.net with local (Exim 3.20 #2) id 15njto-000JtH-00; Sun, 30 Sep 2001 18:57:04 +0200 Date: Sun, 30 Sep 2001 18:57:04 +0200 From: Barry Irwin To: Rich Fox Cc: freebsd-net@freebsd.org Subject: Re: Natd Frustration! Message-ID: <20010930185704.Q73094@itouchlabs.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from rich@f2sys.net on Sun, Sep 30, 2001 at 12:49:56PM -0400 X-Checked: This message has been scanned for any virusses and unauthorized attachments. X-iScan-ID: 66102-1001868976-66218@mx1.dev.itouchnet.net version $Name: $ Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sun 2001-09-30 (12:49), Rich Fox wrote: > Here is my setup: > > ------------\ /------------------------ > 192.168.1.17 +--> 65.x.x.x/192.168.1.12 -> | @home network > | DHCP | > hub | |Internet > | Static IP | > 192.168.1.15 +--> 216.x.x.x/192.168.1.1 -> | Crosslink/covad/verizon > ------------/ \------------------------ > > Yes, I have two internet connections. They can see each other without > problems. > > The .17 machine's gateway is 192.168.1.12/65.x.x.x > The .15 machine's gateway is 192.168.1.1/216.x.x.x > natd.conf: > interface ed0 > same_ports yes > dynamic yes > use_sockets yes > verbose > redirect_port tcp 192.168.1.17:80 80 > redirect_port udp 192.168.1.17:80 80 > (I don't need udp for this but for the sake of thoroughness...) Why open up a potential hole where you dont need to ? > ipfw add divert 8668 ip from any to any via ed0 > > ipfw add allow all from any to 192.168.1.17 > ipfw add allow all from 192.168.1.17 to any > # deny everything else... > ipfw add 65435 deny log ip from any to any what is showing up in /var/log/security ? If packets are getting denied they should be logged here. Aslo try ipfw zero; try a connect, then ipfw show , this will show you which rules are actually matching packets. > > In [TCP] [TCP] 216.x.x.x:2961 -> 65.x.x.x:80 aliased to > [TCP] 216.x.x.x:2961 -> 192.168.1.17:80 what do you get when doing a tcpdump -n -i ed0 -v -v tcp and port 80 and a tcpdump od the same on de0 ? do the packets actually go out over de0, does stuff come back ? in which case it is most likely your ruleset. > (Interestingly I see lots of IP addresses trying to connect to my web > server. I really want to get this aliasing thing fixed so that I can put > up a page that tells these nosy punks to go blow.) none of them will read it, 99% of it is automated scripts. Rather just blackhole the packets. No need to open yourself up. > > Any thoughts? > > Thanks, > Rich. > > > > > | rich fox / F2 > | rich@f2sys.net > | www.f2sys.net > | 5927 Ridge View Drive > | Alexandria, VA 22310-2074 > | t:703.528.9616 > | f:703.528.0599 > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Sep 30 10:43:29 2001 Delivered-To: freebsd-net@freebsd.org Received: from web3-1.ability.net (web3-1.ability.net [216.32.69.8]) by hub.freebsd.org (Postfix) with ESMTP id 1237437B410 for ; Sun, 30 Sep 2001 10:43:24 -0700 (PDT) Received: from iwishihadaname.crosslink.net ([216.181.215.170]) by web3-1.ability.net (8.9.3/8.9.1/Pub) with ESMTP id NAA24651; Sun, 30 Sep 2001 13:43:13 -0400 (EDT) Date: Sun, 30 Sep 2001 13:46:49 -0400 (EDT) From: Rich Fox X-Sender: rich@iwishihadaname.crosslink.net To: Barry Irwin Cc: freebsd-net@freebsd.org Subject: Re: Natd Frustration! In-Reply-To: <20010930185704.Q73094@itouchlabs.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, Thank you for your advice. I checked the data of tcpdump and realized that the packets were coming in on the external interface aliasing, going out on the internal interface, and the responses looked ok too, in other words everything looked correct, so why wasn't I getting a response? For whatever reason (I should have done this before! double D'oh!), I ran a traceroute from the webserver (a powerbook, the .17 machine) to the 216.x.x.x machine and it reached it directly. The Webserver is a Powerbook running OS 9.2. I had changed the router address to reflect the target gateway 192.168.1.12 (as opposed to what it was set for at the outset of all of the business: 192.168.1.1=216.x.x.x machine). It turns out that although MacOS TCP/IP settings *appear* to change when you change them and close the control panel, they don't always do that. After the traceroute showed a direct route to the 216.x.x.x machine (it should have exited the local network via the 65.x.x.x machine and then hopped across the 'net to the 216. machine), I realized that the default gateway/router settings did not take. I restarted the machine and Voila! I love Macs but they make me crazy sometimes! Again, Thank you for your advice, I just needed someone to make me think in a different way (how ironic: Apple says: Think Different (yeah, a different gateway!)). Rich. | rich fox / F2 | rich@f2sys.net | www.f2sys.net | 5927 Ridge View Drive | Alexandria, VA 22310-2074 | t:703.528.9616 | f:703.528.0599 On Sun, 30 Sep 2001, Barry Irwin wrote: > On Sun 2001-09-30 (12:49), Rich Fox wrote: > > Here is my setup: > > > > ------------\ /------------------------ > > 192.168.1.17 +--> 65.x.x.x/192.168.1.12 -> | @home network > > | DHCP | > > hub | |Internet > > | Static IP | > > 192.168.1.15 +--> 216.x.x.x/192.168.1.1 -> | Crosslink/covad/verizon > > ------------/ \------------------------ > > > > Yes, I have two internet connections. They can see each other without > > problems. > > > > The .17 machine's gateway is 192.168.1.12/65.x.x.x > > The .15 machine's gateway is 192.168.1.1/216.x.x.x > > natd.conf: > > interface ed0 > > same_ports yes > > dynamic yes > > use_sockets yes > > verbose > > redirect_port tcp 192.168.1.17:80 80 > > redirect_port udp 192.168.1.17:80 80 > > (I don't need udp for this but for the sake of thoroughness...) > Why open up a potential hole where you dont need to ? > > > ipfw add divert 8668 ip from any to any via ed0 > > > > ipfw add allow all from any to 192.168.1.17 > > ipfw add allow all from 192.168.1.17 to any > > # deny everything else... > > ipfw add 65435 deny log ip from any to any > > what is showing up in /var/log/security ? > If packets are getting denied they should be logged here. > Aslo try ipfw zero; try a connect, then ipfw show , this will show you which > rules are actually matching packets. > > > > > In [TCP] [TCP] 216.x.x.x:2961 -> 65.x.x.x:80 aliased to > > [TCP] 216.x.x.x:2961 -> 192.168.1.17:80 > > what do you get when doing a tcpdump -n -i ed0 -v -v tcp and port 80 > and a tcpdump od the same on de0 ? do the packets actually go out over de0, > does stuff come back ? in which case it is most likely your ruleset. > > > (Interestingly I see lots of IP addresses trying to connect to my web > > server. I really want to get this aliasing thing fixed so that I can put > > up a page that tells these nosy punks to go blow.) > none of them will read it, 99% of it is automated scripts. Rather just > blackhole the packets. No need to open yourself up. > > > > Any thoughts? > > > > Thanks, > > Rich. > > > > > > > > > > | rich fox / F2 > > | rich@f2sys.net > > | www.f2sys.net > > | 5927 Ridge View Drive > > | Alexandria, VA 22310-2074 > > | t:703.528.9616 > > | f:703.528.0599 > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-net" in the body of the message > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 1 6:37:29 2001 Delivered-To: freebsd-net@freebsd.org Received: from web12302.mail.yahoo.com (web12302.mail.yahoo.com [216.136.173.100]) by hub.freebsd.org (Postfix) with SMTP id 019BC37B41A for ; Mon, 1 Oct 2001 06:34:19 -0700 (PDT) Message-ID: <20011001133418.97976.qmail@web12302.mail.yahoo.com> Received: from [128.107.253.38] by web12302.mail.yahoo.com via HTTP; Mon, 01 Oct 2001 06:34:18 PDT Date: Mon, 1 Oct 2001 06:34:18 -0700 (PDT) From: Ravindra Rathi Subject: doubt in radix.c source-code To: freebsd-net@FreeBSD.ORG Cc: ravindra_rathi@yahoo.com MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi all, I am going through the function int rn_walktree (register struct radix_node *rn, rn_walk_function f, ...) defined in radix.c file. I have doubt about following while loop in that function. /* If at right child go back up, otherwise, go right */ while (rn->rn_p->rn_r == rn && (rn->rn_flags & RNF_ROOT) == 0) rn = rn->rn_p; Looking at the complete function, I think (rn->rn_flags & RNF_ROOT) == 0 check in above while loop is unnecessary. I say this because of following lines down below in the function. if (rn->rn_flags & RNF_ROOT) { return (0); } Am I missing anything? Any insight...? TIA, Rathi __________________________________________________ Do You Yahoo!? Listen to your Yahoo! Mail messages from any phone. http://phone.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 1 9:16:52 2001 Delivered-To: freebsd-net@freebsd.org Received: from cornflake.nickelkid.com (cornflake.nickelkid.com [216.116.135.26]) by hub.freebsd.org (Postfix) with ESMTP id B26A337B41E for ; Mon, 1 Oct 2001 09:14:05 -0700 (PDT) Received: from localhost (jooji@localhost) by cornflake.nickelkid.com (8.9.3/8.9.3) with ESMTP id MAA36774 for ; Mon, 1 Oct 2001 12:14:04 -0400 (EDT) (envelope-from jooji@cornflake.nickelkid.com) Date: Mon, 1 Oct 2001 12:14:04 -0400 (EDT) From: "Jasper O'Malley" To: freebsd-net@freebsd.org Subject: Netgraph bridging: what is LOCAL_IFACE? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I posted this message to -questions last week, but never got a response, so perhaps someone on this list (-net) can help out. I'm trying to learn more about the netgraph bridging module, and I ran across this comment in /usr/share/examples/netgraph/ether.bridge: [quote] # List the names of the interfaces that you want to bridge across # here in ${BRIDGE_IFACES}. If you want to include the local host # machine as well then set ${LOCAL_IFACE} as well (it may also be # listed in ${BRIDGE_IFACES}). Of course, any ${LOCAL_IFACE} must # be ifconfig(8)ured separately. If you don't want a ${LOCAL_IFACE} # then leave it defined as the emtpy string. [end quote] The sentence: If you want to include the local host machine as well then set ${LOCAL_IFACE} as well (it may also be listed in ${BRIDGE_IFACES}). is confusing. Can someone clarify what this says? Include the "local host machine" in what, exactly? What is meant by the "local host machine" in this context? What is the significance of the LOCAL_IFACE interface? Why would one want to define a LOCAL_IFACE, rather than simply using the bridge interface? Unfortunately, I don't yet know enough about netgraph in general to figure it out from reading the rest of the bridge-creation script. Cheers, Mick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 1 9:52:30 2001 Delivered-To: freebsd-net@freebsd.org Received: from spitfire.velocet.net (spitfire.velocet.net [216.138.223.227]) by hub.freebsd.org (Postfix) with ESMTP id 936E637B410 for ; Mon, 1 Oct 2001 09:51:14 -0700 (PDT) Received: from nomad.tor.lets.net (H74.C220.tor.velocet.net [216.138.220.74]) by spitfire.velocet.net (Postfix) with SMTP id 55B5A44AA34 for ; Mon, 1 Oct 2001 16:48:19 +0000 (GMT) Received: (qmail 2479 invoked by uid 1001); 1 Oct 2001 16:43:18 -0000 Date: Mon, 1 Oct 2001 12:43:18 -0400 From: Steve Shorter To: freebsd-net@freebsd.org Subject: netstat shows 192.168.60.5 on lo0 ??? Message-ID: <20011001124318.A2471@nomad.lets.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Howdy! I just went to setup some ifpw on server and it broke dns lookups, which are on 192.168.60.5. So based on the ipfw logs I was prompted to do a netstat -rn and this is what it shows 192.168.60.5 is on lo0??. 0:e0:81:1:bd:70 is the MAC for fxp1, but what is it doing showing Netif as lo0?. All networking works Ok AFAIK and if I allow packets promisciously over lo0 dns is Ok. I am running 4.4 Release. Either way seems like a bug, or some other issue? Hints? Ideas? thanx - steve # netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 64.xx.xx.97 UGSc 29 2 fxp2 127.0.0.1 127.0.0.1 UH 8 329099 lo0 192.168.10 link#1 UC 1 0 fxp0 192.168.10.1 0:e0:81:1:bb:29 UHLW 4 361631 fxp0 483 192.168.30 link#1 UC 2 0 fxp0 192.168.30.1 0:e0:81:1:bb:29 UHLW 2 4118 fxp0 378 192.168.30.4 0:e0:81:1:bf:cb UHLW 2 3780047 fxp0 1099 192.168.60 link#2 UC 4 0 fxp1 192.168.60.1 0:e0:81:1:bb:29 UHLW 1 305 fxp1 882 192.168.60.5 0:e0:81:1:bd:70 UHLW 0 666835 lo0 192.168.60.6 0:e0:81:1:a7:91 UHLW 0 127 fxp1 377 192.168.60.8 0:2:b3:4:6:f7 UHLW 0 11645 fxp1 820 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 1 10: 6: 6 2001 Delivered-To: freebsd-net@freebsd.org Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by hub.freebsd.org (Postfix) with ESMTP id B9DA837B410 for ; Mon, 1 Oct 2001 10:05:49 -0700 (PDT) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.11.6/8.11.2) id f91H5D684618; Mon, 1 Oct 2001 20:05:13 +0300 (EEST) (envelope-from ru) Date: Mon, 1 Oct 2001 20:05:13 +0300 From: Ruslan Ermilov To: Steve Shorter Cc: freebsd-net@FreeBSD.ORG Subject: Re: netstat shows 192.168.60.5 on lo0 ??? Message-ID: <20011001200513.A79437@sunbay.com> References: <20011001124318.A2471@nomad.lets.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20011001124318.A2471@nomad.lets.net>; from steve@nomad.tor.lets.net on Mon, Oct 01, 2001 at 12:43:18PM -0400 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, Oct 01, 2001 at 12:43:18PM -0400, Steve Shorter wrote: > Howdy! > > I just went to setup some ifpw on server and it broke dns > lookups, which are on 192.168.60.5. So based on the ipfw logs I was > prompted to do a netstat -rn and this is what it shows > > 192.168.60.5 is on lo0??. 0:e0:81:1:bd:70 is the MAC for > fxp1, but what is it doing showing Netif as lo0?. All networking > works Ok AFAIK and if I allow packets promisciously over lo0 dns is Ok. > > I am running 4.4 Release. Either way seems like a bug, or > some other issue? Hints? Ideas? > It's not on lo0, it's routed via lo0 because it's one of your local addresses. Kernel handles this. Cheers, -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 1 11:20:18 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id 3694037B40D for ; Mon, 1 Oct 2001 11:20:11 -0700 (PDT) Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id MAA86892; Mon, 1 Oct 2001 12:05:41 -0700 (PDT) Date: Mon, 1 Oct 2001 12:05:39 -0700 (PDT) From: Julian Elischer To: "Jasper O'Malley" Cc: freebsd-net@freebsd.org Subject: Re: Netgraph bridging: what is LOCAL_IFACE? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org The bridging code connects to the lower (i.e. WIRE) part of each interface mentionned an dintercepts all packets coming in. If you want any of these packets to also be passed to the local machine you should select one of the local interfaces (any will do) and add it in the LOCAL_INTERFACE entry. This entry specifies to the bridging code that the upper (i.e. KERNEL side) of that interface should also be added to the list of recipients of the packets being worked on. If you do not do this, the interfaces are linked to each other by the bridging code, but the local machine is not party to the traffic. No copy of the packets is sent up to it.. (this is a vaild configuration...) On Mon, 1 Oct 2001, Jasper O'Malley wrote: > > I posted this message to -questions last week, but never got a response, > so perhaps someone on this list (-net) can help out. > > I'm trying to learn more about the netgraph bridging module, and I ran > across this comment in /usr/share/examples/netgraph/ether.bridge: > > [quote] > > # List the names of the interfaces that you want to bridge across > # here in ${BRIDGE_IFACES}. If you want to include the local host > # machine as well then set ${LOCAL_IFACE} as well (it may also be > # listed in ${BRIDGE_IFACES}). Of course, any ${LOCAL_IFACE} must > # be ifconfig(8)ured separately. If you don't want a ${LOCAL_IFACE} > # then leave it defined as the emtpy string. > > [end quote] > > The sentence: > > If you want to include the local host machine as well then set > ${LOCAL_IFACE} as well (it may also be listed in ${BRIDGE_IFACES}). > > is confusing. Can someone clarify what this says? Include the "local > host machine" in what, exactly? What is meant by the "local host > machine" in this context? What is the significance of the LOCAL_IFACE > interface? Why would one want to define a LOCAL_IFACE, rather than simply > using the bridge interface? Unfortunately, I don't yet know enough about > netgraph in general to figure it out from reading the rest of the > bridge-creation script. > > Cheers, > Mick > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 1 12: 0:17 2001 Delivered-To: freebsd-net@freebsd.org Received: from cornflake.nickelkid.com (cornflake.nickelkid.com [216.116.135.26]) by hub.freebsd.org (Postfix) with ESMTP id C6D6437B40C for ; Mon, 1 Oct 2001 12:00:11 -0700 (PDT) Received: from localhost (jooji@localhost) by cornflake.nickelkid.com (8.9.3/8.9.3) with ESMTP id PAA37648; Mon, 1 Oct 2001 15:00:07 -0400 (EDT) (envelope-from jooji@cornflake.nickelkid.com) Date: Mon, 1 Oct 2001 15:00:07 -0400 (EDT) From: "Jasper O'Malley" To: Julian Elischer Cc: freebsd-net@freebsd.org Subject: Re: Netgraph bridging: what is LOCAL_IFACE? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 1 Oct 2001, Julian Elischer wrote: > If you want any of these packets to also be passed to the local machine > you should select one of the local interfaces (any will do) and add it in > the LOCAL_INTERFACE entry. This entry specifies to the bridging code that > the upper (i.e. KERNEL side) of that interface should also be added to the > list of recipients of the packets being worked on. > > If you do not do this, the interfaces are linked to each other by the > bridging code, but the local machine is not party to the traffic. No copy > of the packets is sent up to it.. (this is a vaild configuration...) Ah. So you can't ifconfig the virtual bridge interface (e.g. bnet0) and configure IP protocol information on it, then? If not, I misunderstood how the bridge interface behaves. I was thinking that it acted more or less like a BVI interface does on a Cisco router. Specifying the LOCAL_INTERFACE will work for me, though. Thanks. Cheers, Mick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 1 13: 5: 1 2001 Delivered-To: freebsd-net@freebsd.org Received: from beppo.feral.com (beppo.feral.com [192.67.166.79]) by hub.freebsd.org (Postfix) with ESMTP id 383CD37B401 for ; Mon, 1 Oct 2001 13:04:56 -0700 (PDT) Received: from mailhost.feral.com (mjacob@mailhost.feral.com [192.67.166.1]) by beppo.feral.com (8.11.3/8.11.3) with ESMTP id f91K4tH84830 for ; Mon, 1 Oct 2001 13:04:55 -0700 (PDT) (envelope-from mjacob@feral.com) Date: Mon, 1 Oct 2001 13:04:55 -0700 (PDT) From: Matthew Jacob X-Sender: mjacob@beppo Reply-To: mjacob@feral.com To: freebsd-net@freebsd.org Subject: review of minor clarifying comments Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This bit me in the butt yet again about FreeBSD and some assumptions about how a NIC's softc is laid out- I don't really it stated elsewhere, so a couple source file comments seem in order.. Frankly, this kind of assumption is dangerous and unnecessary with methods, but at the very least it ought to be commented, no? -matt Index: net/if_var.h =================================================================== RCS file: /home/ncvs/src/sys/net/if_var.h,v retrieving revision 1.37 diff -u -r1.37 if_var.h --- net/if_var.h 2001/09/18 17:41:42 1.37 +++ net/if_var.h 2001/10/01 20:00:08 @@ -105,6 +105,11 @@ * * (Would like to call this struct ``if'', but C isn't PL/1.) */ + +/* + * NB: For FreeBSD, it is assumed that each NIC driver's softc starts with + * one of these structures, typically held within an arpcom structure. + */ struct ifnet { void *if_softc; /* pointer to driver state */ char *if_name; /* name, e.g. ``en'' or ``lo'' */ Index: dev/mii/mii.c =================================================================== RCS file: /home/ncvs/src/sys/dev/mii/mii.c,v retrieving revision 1.9 diff -u -r1.9 mii.c --- dev/mii/mii.c 2001/09/29 18:40:06 1.9 +++ dev/mii/mii.c 2001/10/01 20:00:09 @@ -167,6 +167,9 @@ struct mii_data *mii; mii = device_get_softc(dev); + /* + * Note that each NIC's softc must start with an ifnet structure. + */ mii->mii_ifp = device_get_softc(device_get_parent(dev)); v = device_get_ivars(dev); ifmedia_upd = v[0]; @@ -233,6 +236,9 @@ MIIBUS_LINKCHG(parent); mii = device_get_softc(dev); + /* + * Note that each NIC's softc must start with an ifnet structure. + */ ifp = device_get_softc(parent); if (mii->mii_media_status & IFM_AVALID) { To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 1 13:19:23 2001 Delivered-To: freebsd-net@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id DEB9A37B409 for ; Mon, 1 Oct 2001 13:19:20 -0700 (PDT) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.11.4/8.11.4) id f91KJHd54370; Mon, 1 Oct 2001 16:19:17 -0400 (EDT) (envelope-from wollman) Date: Mon, 1 Oct 2001 16:19:17 -0400 (EDT) From: Garrett Wollman Message-Id: <200110012019.f91KJHd54370@khavrinen.lcs.mit.edu> To: mjacob@feral.com Cc: freebsd-net@FreeBSD.ORG Subject: review of minor clarifying comments In-Reply-To: References: Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org < said: > +/* > + * NB: For FreeBSD, it is assumed that each NIC driver's softc starts with > + * one of these structures, typically held within an arpcom structure. > + */ This has been true since at least 4.2. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 1 13:20: 0 2001 Delivered-To: freebsd-net@freebsd.org Received: from rios.sitaranetworks.com (rios.sitaranetworks.com [199.103.141.78]) by hub.freebsd.org (Postfix) with ESMTP id B71F137B40E for ; Mon, 1 Oct 2001 13:19:54 -0700 (PDT) Received: by rios.sitaranetworks.com with Internet Mail Service (5.5.2653.19) id ; Mon, 1 Oct 2001 16:20:24 -0400 Message-ID: <31269226357BD211979E00A0C9866DAB01BE796A@rios.sitaranetworks.com> From: Jim McGrath To: "'mjacob@feral.com'" , freebsd-net@FreeBSD.ORG Subject: RE: review of minor clarifying comments Date: Mon, 1 Oct 2001 16:20:19 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I ran into this same problem with the wx driver and submitted a pr. http://www.freebsd.org/cgi/query-pr.cgi?pr=29249 Jim -----Original Message----- From: Matthew Jacob [mailto:mjacob@feral.com] Sent: Monday, October 01, 2001 4:05 PM To: freebsd-net@FreeBSD.ORG Subject: review of minor clarifying comments This bit me in the butt yet again about FreeBSD and some assumptions about how a NIC's softc is laid out- I don't really it stated elsewhere, so a couple source file comments seem in order.. Frankly, this kind of assumption is dangerous and unnecessary with methods, but at the very least it ought to be commented, no? -matt Index: net/if_var.h =================================================================== RCS file: /home/ncvs/src/sys/net/if_var.h,v retrieving revision 1.37 diff -u -r1.37 if_var.h --- net/if_var.h 2001/09/18 17:41:42 1.37 +++ net/if_var.h 2001/10/01 20:00:08 @@ -105,6 +105,11 @@ * * (Would like to call this struct ``if'', but C isn't PL/1.) */ + +/* + * NB: For FreeBSD, it is assumed that each NIC driver's softc starts with + * one of these structures, typically held within an arpcom structure. + */ struct ifnet { void *if_softc; /* pointer to driver state */ char *if_name; /* name, e.g. ``en'' or ``lo'' */ Index: dev/mii/mii.c =================================================================== RCS file: /home/ncvs/src/sys/dev/mii/mii.c,v retrieving revision 1.9 diff -u -r1.9 mii.c --- dev/mii/mii.c 2001/09/29 18:40:06 1.9 +++ dev/mii/mii.c 2001/10/01 20:00:09 @@ -167,6 +167,9 @@ struct mii_data *mii; mii = device_get_softc(dev); + /* + * Note that each NIC's softc must start with an ifnet structure. + */ mii->mii_ifp = device_get_softc(device_get_parent(dev)); v = device_get_ivars(dev); ifmedia_upd = v[0]; @@ -233,6 +236,9 @@ MIIBUS_LINKCHG(parent); mii = device_get_softc(dev); + /* + * Note that each NIC's softc must start with an ifnet structure. + */ ifp = device_get_softc(parent); if (mii->mii_media_status & IFM_AVALID) { To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 1 13:20:21 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id 3247637B40F for ; Mon, 1 Oct 2001 13:20:02 -0700 (PDT) Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id OAA87517; Mon, 1 Oct 2001 14:06:58 -0700 (PDT) Date: Mon, 1 Oct 2001 14:06:58 -0700 (PDT) From: Julian Elischer To: "Jasper O'Malley" Cc: freebsd-net@freebsd.org Subject: Re: (more) Netgraph bridging: what is LOCAL_IFACE? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 1 Oct 2001, Jasper O'Malley wrote: > On Mon, 1 Oct 2001, Julian Elischer wrote: > > > If you want any of these packets to also be passed to the local machine > > you should select one of the local interfaces (any will do) and add it in > > the LOCAL_INTERFACE entry. This entry specifies to the bridging code that > > the upper (i.e. KERNEL side) of that interface should also be added to the > > list of recipients of the packets being worked on. > > > > If you do not do this, the interfaces are linked to each other by the > > bridging code, but the local machine is not party to the traffic. No copy > > of the packets is sent up to it.. (this is a vaild configuration...) > > Ah. So you can't ifconfig the virtual bridge interface (e.g. bnet0) and > configure IP protocol information on it, then? Yes you can.. it's the only one you can... teh others will accept addresses but they won't work... > > If not, I misunderstood how the bridge interface behaves. I was thinking > that it acted more or less like a BVI interface does on a Cisco router. > Specifying the LOCAL_INTERFACE will work for me, though. Thanks. > > Cheers, > Mick > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 1 13:20:28 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id 3E6F837B411 for ; Mon, 1 Oct 2001 13:20:05 -0700 (PDT) Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id OAA87527; Mon, 1 Oct 2001 14:12:46 -0700 (PDT) Date: Mon, 1 Oct 2001 14:12:45 -0700 (PDT) From: Julian Elischer To: Matthew Jacob Cc: freebsd-net@freebsd.org Subject: Re: review of minor clarifying comments In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Not only that but the ifnet structure must be the first part of the arpcom struct so that arpcm, ifnet and softc often need to be the same.. I've been gradually trying to remove this requirement over the last 10 years but it's still there.. :-/ Comments can't hurt though.. On Mon, 1 Oct 2001, Matthew Jacob wrote: > > This bit me in the butt yet again about FreeBSD and some assumptions about how > a NIC's softc is laid out- I don't really it stated elsewhere, so a couple > source file comments seem in order.. Frankly, this kind of assumption is > dangerous and unnecessary with methods, but at the very least it ought to be > commented, no? > > -matt > > > Index: net/if_var.h > =================================================================== > RCS file: /home/ncvs/src/sys/net/if_var.h,v > retrieving revision 1.37 > diff -u -r1.37 if_var.h > --- net/if_var.h 2001/09/18 17:41:42 1.37 > +++ net/if_var.h 2001/10/01 20:00:08 > @@ -105,6 +105,11 @@ > * > * (Would like to call this struct ``if'', but C isn't PL/1.) > */ > + > +/* > + * NB: For FreeBSD, it is assumed that each NIC driver's softc starts with > + * one of these structures, typically held within an arpcom structure. > + */ > struct ifnet { > void *if_softc; /* pointer to driver state */ > char *if_name; /* name, e.g. ``en'' or ``lo'' */ > Index: dev/mii/mii.c > =================================================================== > RCS file: /home/ncvs/src/sys/dev/mii/mii.c,v > retrieving revision 1.9 > diff -u -r1.9 mii.c > --- dev/mii/mii.c 2001/09/29 18:40:06 1.9 > +++ dev/mii/mii.c 2001/10/01 20:00:09 > @@ -167,6 +167,9 @@ > struct mii_data *mii; > > mii = device_get_softc(dev); > + /* > + * Note that each NIC's softc must start with an ifnet structure. > + */ > mii->mii_ifp = device_get_softc(device_get_parent(dev)); > v = device_get_ivars(dev); > ifmedia_upd = v[0]; > @@ -233,6 +236,9 @@ > MIIBUS_LINKCHG(parent); > > mii = device_get_softc(dev); > + /* > + * Note that each NIC's softc must start with an ifnet structure. > + */ > ifp = device_get_softc(parent); > > if (mii->mii_media_status & IFM_AVALID) { > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 1 13:20:37 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id 5DA2337B429 for ; Mon, 1 Oct 2001 13:20:07 -0700 (PDT) Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id OAA87515; Mon, 1 Oct 2001 14:05:57 -0700 (PDT) Date: Mon, 1 Oct 2001 14:05:55 -0700 (PDT) From: Julian Elischer To: "Jasper O'Malley" Cc: freebsd-net@freebsd.org Subject: Re: Netgraph bridging: what is LOCAL_IFACE? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org All the interfaces specified will stop working as normal interfaces, as their lower halves will be disconnected from their upper halves.. in other words the lower 'physical' part is run without any connection to the normal networking layer.. The bridging code (netgraph bridging) takes over this function instead. I think that if you send out a packet on one of these interfaces it may still make it out because we don't actually (last time I checked) bother to disconnect that, but all incoming packets will be passed to the bridge module, which will be keeoping track of MAC addresses and doing bridging as required.. Now, if you want to be on that bridged network as well, then you need to nominate which of the NICS should be your representative on that bridged network. The TOP part of that NIC (the bit you assign addresses to) will be joined into the bridging set, just like all the other NICS (logically there is no difference). The bridging code will send it a copy of any packets that have it's MAC address as destination and broadcast packets, just as it would any other segment.. Theoretically wo should remove teh bridged NICs from the ifconfig list but that would be too much work. Basically your NIC is just treated like another bridged segment, but with only one known node on it.. On Mon, 1 Oct 2001, Jasper O'Malley wrote: > On Mon, 1 Oct 2001, Julian Elischer wrote: > > > If you want any of these packets to also be passed to the local machine > > you should select one of the local interfaces (any will do) and add it in > > the LOCAL_INTERFACE entry. This entry specifies to the bridging code that > > the upper (i.e. KERNEL side) of that interface should also be added to the > > list of recipients of the packets being worked on. > > > > If you do not do this, the interfaces are linked to each other by the > > bridging code, but the local machine is not party to the traffic. No copy > > of the packets is sent up to it.. (this is a vaild configuration...) > > Ah. So you can't ifconfig the virtual bridge interface (e.g. bnet0) and > configure IP protocol information on it, then? > > If not, I misunderstood how the bridge interface behaves. I was thinking > that it acted more or less like a BVI interface does on a Cisco router. > Specifying the LOCAL_INTERFACE will work for me, though. Thanks. > > Cheers, > Mick > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 1 13:20:55 2001 Delivered-To: freebsd-net@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id 482A937B40F for ; Mon, 1 Oct 2001 13:20:53 -0700 (PDT) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.11.4/8.11.4) id f91KKoq54397; Mon, 1 Oct 2001 16:20:50 -0400 (EDT) (envelope-from wollman) Date: Mon, 1 Oct 2001 16:20:50 -0400 (EDT) From: Garrett Wollman Message-Id: <200110012020.f91KKoq54397@khavrinen.lcs.mit.edu> To: mjacob@feral.com Cc: freebsd-net@FreeBSD.ORG Subject: review of minor clarifying comments In-Reply-To: <200110012019.f91KJHd54370@khavrinen.lcs.mit.edu> References: <200110012019.f91KJHd54370@khavrinen.lcs.mit.edu> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org < This has been true since at least 4.2. Oops -- this is going to be the source of a lot of confusion. By 4.2 I am referring to 4.2BSD, of course, and not FreeBSD 4.2 which would not be much of a precedent. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 1 13:23:11 2001 Delivered-To: freebsd-net@freebsd.org Received: from beppo.feral.com (beppo.feral.com [192.67.166.79]) by hub.freebsd.org (Postfix) with ESMTP id E9A3637B409 for ; Mon, 1 Oct 2001 13:23:04 -0700 (PDT) Received: from mailhost.feral.com (mjacob@mailhost.feral.com [192.67.166.1]) by beppo.feral.com (8.11.3/8.11.3) with ESMTP id f91KN1H84957; Mon, 1 Oct 2001 13:23:01 -0700 (PDT) (envelope-from mjacob@feral.com) Date: Mon, 1 Oct 2001 13:23:01 -0700 (PDT) From: Matthew Jacob X-Sender: mjacob@beppo Reply-To: mjacob@feral.com To: Jim McGrath Cc: freebsd-net@FreeBSD.ORG Subject: RE: review of minor clarifying comments In-Reply-To: <31269226357BD211979E00A0C9866DAB01BE796A@rios.sitaranetworks.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Huh. Too bad you didn't point me at the bug- it would have saved me a morning's debugging. On Mon, 1 Oct 2001, Jim McGrath wrote: > I ran into this same problem with the wx driver and submitted a pr. > http://www.freebsd.org/cgi/query-pr.cgi?pr=29249 > > Jim > > > -----Original Message----- > From: Matthew Jacob [mailto:mjacob@feral.com] > Sent: Monday, October 01, 2001 4:05 PM > To: freebsd-net@FreeBSD.ORG > Subject: review of minor clarifying comments > > > > This bit me in the butt yet again about FreeBSD and some assumptions about > how > a NIC's softc is laid out- I don't really it stated elsewhere, so a couple > source file comments seem in order.. Frankly, this kind of assumption is > dangerous and unnecessary with methods, but at the very least it ought to be > commented, no? > > -matt > > > Index: net/if_var.h > =================================================================== > RCS file: /home/ncvs/src/sys/net/if_var.h,v > retrieving revision 1.37 > diff -u -r1.37 if_var.h > --- net/if_var.h 2001/09/18 17:41:42 1.37 > +++ net/if_var.h 2001/10/01 20:00:08 > @@ -105,6 +105,11 @@ > * > * (Would like to call this struct ``if'', but C isn't PL/1.) > */ > + > +/* > + * NB: For FreeBSD, it is assumed that each NIC driver's softc starts with > + * one of these structures, typically held within an arpcom structure. > + */ > struct ifnet { > void *if_softc; /* pointer to driver state */ > char *if_name; /* name, e.g. ``en'' or ``lo'' */ > Index: dev/mii/mii.c > =================================================================== > RCS file: /home/ncvs/src/sys/dev/mii/mii.c,v > retrieving revision 1.9 > diff -u -r1.9 mii.c > --- dev/mii/mii.c 2001/09/29 18:40:06 1.9 > +++ dev/mii/mii.c 2001/10/01 20:00:09 > @@ -167,6 +167,9 @@ > struct mii_data *mii; > > mii = device_get_softc(dev); > + /* > + * Note that each NIC's softc must start with an ifnet structure. > + */ > mii->mii_ifp = device_get_softc(device_get_parent(dev)); > v = device_get_ivars(dev); > ifmedia_upd = v[0]; > @@ -233,6 +236,9 @@ > MIIBUS_LINKCHG(parent); > > mii = device_get_softc(dev); > + /* > + * Note that each NIC's softc must start with an ifnet structure. > + */ > ifp = device_get_softc(parent); > > if (mii->mii_media_status & IFM_AVALID) { > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 1 13:28:58 2001 Delivered-To: freebsd-net@freebsd.org Received: from beppo.feral.com (beppo.feral.com [192.67.166.79]) by hub.freebsd.org (Postfix) with ESMTP id 06BA337B40A for ; Mon, 1 Oct 2001 13:28:52 -0700 (PDT) Received: from mailhost.feral.com (mjacob@mailhost.feral.com [192.67.166.1]) by beppo.feral.com (8.11.3/8.11.3) with ESMTP id f91KSjH85007; Mon, 1 Oct 2001 13:28:45 -0700 (PDT) (envelope-from mjacob@feral.com) Date: Mon, 1 Oct 2001 13:28:44 -0700 (PDT) From: Matthew Jacob X-Sender: mjacob@beppo Reply-To: mjacob@feral.com To: Julian Elischer , Garrett Wollman Cc: freebsd-net@freebsd.org Subject: Re: review of minor clarifying comments In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Yes- this may have been true for a long time - but quite a number of Unix variants don't require it, so I forgot :-).. For example, neither OpenBSD nor NetBSD seem to require it. It turns out that this is only stumbled on rarely- but if it's all the same to you, a comment would help a lot. -matt On Mon, 1 Oct 2001, Julian Elischer wrote: > Not only that but the ifnet structure must be the first part of the arpcom > struct so that arpcm, ifnet and softc often need to be the same.. I've > been gradually trying to remove this requirement over the last 10 years > but it's still there.. :-/ > > Comments can't hurt though.. > > > On Mon, 1 Oct 2001, Matthew Jacob wrote: > > > > > This bit me in the butt yet again about FreeBSD and some assumptions about how > > a NIC's softc is laid out- I don't really it stated elsewhere, so a couple > > source file comments seem in order.. Frankly, this kind of assumption is > > dangerous and unnecessary with methods, but at the very least it ought to be > > commented, no? > > > > -matt > > > > > > Index: net/if_var.h > > =================================================================== > > RCS file: /home/ncvs/src/sys/net/if_var.h,v > > retrieving revision 1.37 > > diff -u -r1.37 if_var.h > > --- net/if_var.h 2001/09/18 17:41:42 1.37 > > +++ net/if_var.h 2001/10/01 20:00:08 > > @@ -105,6 +105,11 @@ > > * > > * (Would like to call this struct ``if'', but C isn't PL/1.) > > */ > > + > > +/* > > + * NB: For FreeBSD, it is assumed that each NIC driver's softc starts with > > + * one of these structures, typically held within an arpcom structure. > > + */ > > struct ifnet { > > void *if_softc; /* pointer to driver state */ > > char *if_name; /* name, e.g. ``en'' or ``lo'' */ > > Index: dev/mii/mii.c > > =================================================================== > > RCS file: /home/ncvs/src/sys/dev/mii/mii.c,v > > retrieving revision 1.9 > > diff -u -r1.9 mii.c > > --- dev/mii/mii.c 2001/09/29 18:40:06 1.9 > > +++ dev/mii/mii.c 2001/10/01 20:00:09 > > @@ -167,6 +167,9 @@ > > struct mii_data *mii; > > > > mii = device_get_softc(dev); > > + /* > > + * Note that each NIC's softc must start with an ifnet structure. > > + */ > > mii->mii_ifp = device_get_softc(device_get_parent(dev)); > > v = device_get_ivars(dev); > > ifmedia_upd = v[0]; > > @@ -233,6 +236,9 @@ > > MIIBUS_LINKCHG(parent); > > > > mii = device_get_softc(dev); > > + /* > > + * Note that each NIC's softc must start with an ifnet structure. > > + */ > > ifp = device_get_softc(parent); > > > > if (mii->mii_media_status & IFM_AVALID) { > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-net" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 1 13:40: 6 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id 7F0F937B40A for ; Mon, 1 Oct 2001 13:40:01 -0700 (PDT) Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id OAA87629; Mon, 1 Oct 2001 14:27:41 -0700 (PDT) Date: Mon, 1 Oct 2001 14:27:41 -0700 (PDT) From: Julian Elischer To: Garrett Wollman Cc: mjacob@feral.com, freebsd-net@FreeBSD.ORG Subject: Re: review of minor clarifying comments In-Reply-To: <200110012019.f91KJHd54370@khavrinen.lcs.mit.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 1 Oct 2001, Garrett Wollman wrote: > < said: > > > +/* > > + * NB: For FreeBSD, it is assumed that each NIC driver's softc starts with > > + * one of these structures, typically held within an arpcom structure. > > + */ > > This has been true since at least 4.2. from my memory, I'ts been true (on and off) since BSD4.1 on the Vax. > > -GAWollman > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 1 13:52:19 2001 Delivered-To: freebsd-net@freebsd.org Received: from cornflake.nickelkid.com (www.nickelkid.com [216.116.135.26]) by hub.freebsd.org (Postfix) with ESMTP id 59D0237B407 for ; Mon, 1 Oct 2001 13:52:13 -0700 (PDT) Received: from localhost (jooji@localhost) by cornflake.nickelkid.com (8.9.3/8.9.3) with ESMTP id QAA38305; Mon, 1 Oct 2001 16:52:10 -0400 (EDT) (envelope-from jooji@cornflake.nickelkid.com) Date: Mon, 1 Oct 2001 16:52:10 -0400 (EDT) From: "Jasper O'Malley" To: Julian Elischer Cc: freebsd-net@freebsd.org Subject: Re: Netgraph bridging: what is LOCAL_IFACE? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 1 Oct 2001, Julian Elischer wrote: > I think that if you send out a packet on one of these interfaces it may > still make it out because we don't actually (last time I checked) bother > to disconnect that, but all incoming packets will be passed to the bridge > module, which will be keeoping track of MAC addresses and doing bridging > as required. So, essentially, there's no TOP part of the virtual bnet0 interface to move the packets up the network stack? Or have I got it wrong? > Now, if you want to be on that bridged network as well, then > you need to nominate which of the NICS should be your representative on > that bridged network. The TOP part of that NIC (the bit you assign > addresses to) will be joined into the bridging set, just like all the > other NICS (logically there is no difference). The bridging code will send > it a copy of any packets that have it's MAC address as destination and > broadcast packets, just as it would any other segment.. So the entire point of "nominating" a local interface is just to select the MAC address by which your machine is known on the Ethernet? I'm still a bit confused, though. Do you ifconfig your IP protocol configuration on bnet0 (or whatever you decide to name the interface), or on the LOCAL_IFACE interface? Cheers, Mick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 1 14:20: 2 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id 91DEF37B40E for ; Mon, 1 Oct 2001 14:19:58 -0700 (PDT) Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id PAA87844; Mon, 1 Oct 2001 15:17:18 -0700 (PDT) Date: Mon, 1 Oct 2001 15:17:16 -0700 (PDT) From: Julian Elischer To: "Jasper O'Malley" Cc: freebsd-net@freebsd.org Subject: Re: Netgraph bridging: what is LOCAL_IFACE? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 1 Oct 2001, Jasper O'Malley wrote: > On Mon, 1 Oct 2001, Julian Elischer wrote: > > > I think that if you send out a packet on one of these interfaces it may > > still make it out because we don't actually (last time I checked) bother > > to disconnect that, but all incoming packets will be passed to the bridge > > module, which will be keeoping track of MAC addresses and doing bridging > > as required. > > So, essentially, there's no TOP part of the virtual bnet0 interface to > move the packets up the network stack? Or have I got it wrong? > > > Now, if you want to be on that bridged network as well, then > > you need to nominate which of the NICS should be your representative on > > that bridged network. The TOP part of that NIC (the bit you assign > > addresses to) will be joined into the bridging set, just like all the > > other NICS (logically there is no difference). The bridging code will send > > it a copy of any packets that have it's MAC address as destination and > > broadcast packets, just as it would any other segment.. > > So the entire point of "nominating" a local interface is just to select > the MAC address by which your machine is known on the Ethernet? > > I'm still a bit confused, though. Do you ifconfig your IP protocol > configuration on bnet0 (or whatever you decide to name the interface), > or on the LOCAL_IFACE interface? > > Cheers, > Mick > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 1 14:40: 0 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.elischer.org (c421509-a.pinol1.sfba.home.com [24.7.86.9]) by hub.freebsd.org (Postfix) with ESMTP id 36C6837B40F for ; Mon, 1 Oct 2001 14:39:56 -0700 (PDT) Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id PAA87892; Mon, 1 Oct 2001 15:26:25 -0700 (PDT) Date: Mon, 1 Oct 2001 15:26:23 -0700 (PDT) From: Julian Elischer To: "Jasper O'Malley" Cc: freebsd-net@freebsd.org Subject: Re: Netgraph bridging: what is LOCAL_IFACE? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 1 Oct 2001, Jasper O'Malley wrote: > On Mon, 1 Oct 2001, Julian Elischer wrote: > > > I think that if you send out a packet on one of these interfaces it may > > still make it out because we don't actually (last time I checked) bother > > to disconnect that, but all incoming packets will be passed to the bridge > > module, which will be keeoping track of MAC addresses and doing bridging > > as required. > > So, essentially, there's no TOP part of the virtual bnet0 interface to > move the packets up the network stack? Or have I got it wrong? The tops of all the NICS specified are basically disabled. You specifically re-enable ONE of them to act as your connection to the bridged virtual network. bnet 0 is a logical name for the bridging node in the netgraph namespace.. it is not an interface. You can have several separate bridges in the same machine.. just give each one a different bridge name.. > > > Now, if you want to be on that bridged network as well, then > > you need to nominate which of the NICS should be your representative on > > that bridged network. The TOP part of that NIC (the bit you assign > > addresses to) will be joined into the bridging set, just like all the > > other NICS (logically there is no difference). The bridging code will send > > it a copy of any packets that have it's MAC address as destination and > > broadcast packets, just as it would any other segment.. > > So the entire point of "nominating" a local interface is just to select > the MAC address by which your machine is known on the Ethernet? yes.. and to give an interface through which your routing tables can reach the bridged virtual network. > > I'm still a bit confused, though. Do you ifconfig your IP protocol > configuration on bnet0 (or whatever you decide to name the interface), > or on the LOCAL_IFACE interface? you give the IP address to the selected LOCAL_IFACE.. > > Cheers, > Mick > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 1 15: 7:33 2001 Delivered-To: freebsd-net@freebsd.org Received: from alicia.nttmcl.com (alicia.nttmcl.com [216.69.69.10]) by hub.freebsd.org (Postfix) with ESMTP id 4B3F837B40B for ; Mon, 1 Oct 2001 15:07:28 -0700 (PDT) Received: from ntt27f48otgmw8 (dhcp246.nttmcl.com [216.69.69.246]) by alicia.nttmcl.com (8.10.1/8.10.1) with SMTP id f91M7Rv28975 for ; Mon, 1 Oct 2001 15:07:27 -0700 (PDT) Reply-To: From: "Anuranjan" To: Subject: an and wi drivers installation on freeBSD 4.3 Date: Mon, 1 Oct 2001 15:08:08 -0700 Message-ID: <000b01c14ac5$8e508960$f64545d8@ntt27f48otgmw8> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2910.0) Importance: Normal In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I need to install the WLAN card (either a Cisco Aironet 350, or a Lucent WaveLAN) and I think the drivers are "an" and "wi" resp. How can I install these cards and the respective drivers? My kernel seems to be configured for it as I can see entries for both uncommented in my /usr/src/i386/conf/NEWKER file. -----Original Message----- From: owner-freebsd-net@FreeBSD.ORG [mailto:owner-freebsd-net@FreeBSD.ORG]On Behalf Of Julian Elischer Sent: Monday, October 01, 2001 2:28 PM To: Garrett Wollman Cc: mjacob@feral.com; freebsd-net@FreeBSD.ORG Subject: Re: review of minor clarifying comments On Mon, 1 Oct 2001, Garrett Wollman wrote: > < said: > > > +/* > > + * NB: For FreeBSD, it is assumed that each NIC driver's softc starts with > > + * one of these structures, typically held within an arpcom structure. > > + */ > > This has been true since at least 4.2. from my memory, I'ts been true (on and off) since BSD4.1 on the Vax. > > -GAWollman > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 1 17:53:46 2001 Delivered-To: freebsd-net@freebsd.org Received: from fgwmail5.fujitsu.co.jp (fgwmail5.fujitsu.co.jp [192.51.44.35]) by hub.freebsd.org (Postfix) with ESMTP id 3ED5437B40B for ; Mon, 1 Oct 2001 17:53:43 -0700 (PDT) Received: from m3.gw.fujitsu.co.jp by fgwmail5.fujitsu.co.jp (8.9.3/3.7W-MX0109-Fujitsu Gateway) id JAA02390; Tue, 2 Oct 2001 09:53:27 +0900 (JST) (envelope-from tsuchiya@flab.fujitsu.co.jp) Received: from dm.kawasaki.flab.fujitsu.co.jp by m3.gw.fujitsu.co.jp (8.9.3/3.7W-0110-Fujitsu Domain Master) id JAA28670; Tue, 2 Oct 2001 09:53:26 +0900 (JST) (envelope-from tsuchiya@flab.fujitsu.co.jp) Received: from mailserv.kawasaki.flab.fujitsu.co.jp by dm.kawasaki.flab.fujitsu.co.jp (8.9.3/3.7W-010315-Fujitsu Labs. Kawasaki Domain Mail Master) id JAA24875; Tue, 2 Oct 2001 09:53:25 +0900 (JST) Received: from flab.fujitsu.co.jp (const.kawasaki.flab.fujitsu.co.jp [10.25.159.164]) by mailserv.kawasaki.flab.fujitsu.co.jp (8.8.8+Sun/8.8.8) with ESMTP id JAA00021; Tue, 2 Oct 2001 09:53:24 +0900 (JST) Message-ID: <3BB91007.1040609@flab.fujitsu.co.jp> Date: Tue, 02 Oct 2001 09:53:27 +0900 From: Tsuchiya Yoshihiro User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.2) Gecko/20010727 X-Accept-Language: en-us MIME-Version: 1.0 To: jayanth Cc: net@FreeBSD.ORG, silby@silby.com, jlemon@flugsvamp.com Subject: Re: TCP performance question References: <200109270652.PAA03232@const.kawasaki.flab.fujitsu.co.jp> <20010928124325.B36879@yahoo-inc.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Yoshi, >I have attached a patch. Let me know if this fixes the problem. > >jayanth > Jayanth, thanks for the patch. I tested with it, and the system performs nicely. I appreciate your help. Yoshi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Oct 1 18: 7:32 2001 Delivered-To: freebsd-net@freebsd.org Received: from elvis.mu.org (elvis.mu.org [216.33.66.196]) by hub.freebsd.org (Postfix) with ESMTP id 2702D37B41A; Mon, 1 Oct 2001 18:07:20 -0700 (PDT) Received: by elvis.mu.org (Postfix, from userid 1098) id D6F3781D05; Mon, 1 Oct 2001 20:07:14 -0500 (CDT) Date: Mon, 1 Oct 2001 20:07:14 -0500 From: Bill Fumerola To: Anuranjan Cc: questions@freebsd.org Subject: Re: an and wi drivers installation on freeBSD 4.3 Message-ID: <20011001200714.E51024@elvis.mu.org> References: <000b01c14ac5$8e508960$f64545d8@ntt27f48otgmw8> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <000b01c14ac5$8e508960$f64545d8@ntt27f48otgmw8>; from anu@nttmcl.com on Mon, Oct 01, 2001 at 03:08:08PM -0700 X-Operating-System: FreeBSD 4.4-FEARSOME-20010909 i386 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org [ -net removed, -questions added ] On Mon, Oct 01, 2001 at 03:08:08PM -0700, Anuranjan wrote: > I need to install the WLAN card (either a Cisco Aironet 350, or a Lucent > WaveLAN) and I think the drivers are "an" and "wi" resp. How can I install > these cards and the respective drivers? My kernel seems to be configured for > it as I can see entries for both uncommented in my /usr/src/i386/conf/NEWKER > file. what a fine example of a question better asked on questions@freebsd.org rather then taking a technical thread on a technical mailinglist and polluting it with newbie questions. -- - bill fumerola / fumerola@yahoo-inc.com / billf@FreeBSD.org / billf@mu.org - my anger management counselor can beat up your self-affirmation therapist To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 2 8:47:43 2001 Delivered-To: freebsd-net@freebsd.org Received: from smtp.uc3m.es (smtp02.uc3m.es [163.117.136.122]) by hub.freebsd.org (Postfix) with ESMTP id C9BD737B407 for ; Tue, 2 Oct 2001 08:47:39 -0700 (PDT) Received: from smtp02.uc3m.es (localhost [127.0.0.1]) by smtp.uc3m.es (Postfix) with ESMTP id 80E8243130 for ; Tue, 2 Oct 2001 17:47:38 +0200 (CEST) Received: from arpa.it.uc3m.es (arpa.it.uc3m.es [163.117.139.120]) by smtp02.uc3m.es (Postfix) with ESMTP id ED81999E03 for ; Tue, 2 Oct 2001 17:47:37 +0200 (CEST) Received: from it.uc3m.es (alacran.it.uc3m.es [163.117.139.44]) by arpa.it.uc3m.es (8.9.3/8.9.3) with ESMTP id RAA23112 for ; Tue, 2 Oct 2001 17:47:37 +0200 Message-ID: <3BB9E199.D7CC5EC9@it.uc3m.es> Date: Tue, 02 Oct 2001 17:47:37 +0200 From: Juan Fco Rodriguez Hervella X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Lista Subject: How to increase TCP and UDP buffers (for IPv4/IPv6) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi: It's possible to increase the TCP and UDP buffers ? I've had problems with UDP packets of 64 bytes discarded with a bandwith of 2-3 Mbits, using a FreeBSD-4.3 router in a link of 10 Mbits. Thanks. -- ********************************* Juan F. Rodriguez Hervella Universidad Carlos III de Madrid ******************************** To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 2 8:54:40 2001 Delivered-To: freebsd-net@freebsd.org Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id A29EA37B401 for ; Tue, 2 Oct 2001 08:54:37 -0700 (PDT) Received: (from rizzo@localhost) by iguana.aciri.org (8.11.3/8.11.1) id f92Fpjr25843; Tue, 2 Oct 2001 08:51:45 -0700 (PDT) (envelope-from rizzo) From: Luigi Rizzo Message-Id: <200110021551.f92Fpjr25843@iguana.aciri.org> Subject: Re: How to increase TCP and UDP buffers (for IPv4/IPv6) In-Reply-To: <3BB9E199.D7CC5EC9@it.uc3m.es> from Juan Fco Rodriguez Hervella at "Oct 2, 2001 5:47:37 pm" To: jrh@it.uc3m.es (Juan Fco Rodriguez Hervella) Date: Tue, 2 Oct 2001 08:51:45 -0700 (PDT) Cc: freebsd-net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > Hi: > > It's possible to increase the TCP and UDP buffers ? > > I've had problems with UDP packets of 64 bytes discarded with a bandwith > of 2-3 Mbits, using a FreeBSD-4.3 router in a link of 10 Mbits. a router does not buffer through traffic in a socket buffer (which is what "TCP and UDP buffers" are) but on the interface queues and ipintrq, which are typically 50 packets. If this is the case you should see ipintrq drops listed with sysctl net.inet.ip.intr_queue_drops and you could try to increase the size of that queue with something like sysctl -w net.inet.ip.intr_queue_maxlen=100 cheers luigi ----------------------------------+----------------------------------------- Luigi RIZZO, luigi@iet.unipi.it . ACIRI/ICSI (on leave from Univ. di Pisa) http://www.iet.unipi.it/~luigi/ . 1947 Center St, Berkeley CA 94704 Phone: (510) 666 2927 ----------------------------------+----------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 2 9:23:27 2001 Delivered-To: freebsd-net@freebsd.org Received: from samuel.interplex.ca (abi.ca [216.18.127.185]) by hub.freebsd.org (Postfix) with ESMTP id 881B537B408 for ; Tue, 2 Oct 2001 09:23:21 -0700 (PDT) Received: from there (deejay2@smart-x.ctlc.interplex.ca [209.71.202.73]) by samuel.interplex.ca (8.11.3/8.11.3) with SMTP id f92GQMA21072 for ; Tue, 2 Oct 2001 12:26:23 -0400 (EDT) (envelope-from db@interplex.ca) Message-Id: <200110021626.f92GQMA21072@samuel.interplex.ca> Content-Type: text/plain; charset="iso-8859-1" From: Dominic Blais To: freebsd-net@freebsd.org Subject: Unable to listen to more than 51 VLANS with isc-dhcpd 2 Date: Tue, 2 Oct 2001 12:26:52 -0400 X-Mailer: KMail [version 1.3] MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I reported this problem to isc and freebsd-net because I don't know if my problem comes from a configuration in freebsd or a problem with dhcpd... :/ So here's the problem: I can't listen to more than 51 vlans (vlan0 to vlan50) with isc-dhcpd 2. With no parameters, it starts and listen to all vlans up to 50 but don't listen up to 94 (i have vlan0 to vlan94). If I supply parameters (95 vlans vlan0 to vlan94) , it tells me vlan94 not found.. If I supply vlans up to 54 as parameter, it tells me vlan54 not found.. So the last vlan supplied is considered not found...and dhcpd doesn't run. It is only possible to start it with a maximum of 51 VLANS...:/ Thanks for your support! -- Dominic Blais Administrateur reseau Interplex telecom -=[ http://www.interplex.ca ]=- Email: db@interplex.ca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 2 9:30:39 2001 Delivered-To: freebsd-net@freebsd.org Received: from newmail.skyrunner.net (newmail.skyrunner.net [208.133.44.6]) by hub.freebsd.org (Postfix) with ESMTP id 86A1937B409 for ; Tue, 2 Oct 2001 09:30:34 -0700 (PDT) Received: from skyrunne6e8soa (booray.new-era.com [208.150.25.130]) by newmail.skyrunner.net (8.11.2/8.11.0/SuSE Linux 8.11.0-0.4) with SMTP id f92GUWs29536 for ; Tue, 2 Oct 2001 12:30:32 -0400 From: "Peter Brezny" To: Subject: dual dns resolution problem Date: Tue, 2 Oct 2001 12:27:08 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 Importance: Normal Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org The Problem: Applications seem unable to resolve dns information. ssh and sendmail are examples. Example: %ssh novell.com ssh: novell.com: Non-recoverable failure in name resolution %nslookup novell.com Server: localhost.inside-polk.skyrunner.net Address: 127.0.0.1 Name: novell.com Address: 192.233.80.9 I've got a system running two versions of bind, to handle resolution of public address and their component private addresses for public ip's that use static nat to hit an internal address. dig and nslookup work fine, and you can choose which instance of bind to use to lookup since they each only listen on particular ip's. Has anyone seen this problem before? I feel sure that it arises from having two instances of bind running on the same machine. I've attached the options section of each independent instance's named.conf file at the bottom of this message. Thanks for your help! Peter Brezny Skyrunner.net Internal instance: // $FreeBSD: src/etc/namedb/named.conf,v 1.6.2.2 2001/03/05 13:34:52 asmodai Exp $ // options { directory "/etc/namedb-int"; forwarders { 63.167.198.158; 205.152.121.3; 205.152.121.2; }; allow-query { 10.0.0.0/8; 127.0.0.1; }; query-source address 10.3.0.1 port 53; allow-transfer { 10.0.0.0/8; }; transfer-source 10.3.0.1; listen-on { 10.3.0.1; 10.100.100.1; 127.0.0.1; }; dump-file "s/named_dump.db"; pid-file "s/named.pid"; }; //end of options controls { unix "/var/run/ndc-internal" perm 0660 owner 0 group 53; }; External Instance: // $FreeBSD: src/etc/namedb/named.conf,v 1.6.2.2 2001/03/05 13:34:52 asmodai Exp $ // options { directory "/etc/namedb"; forwarders { 205.152.121.3; 205.152.121.2; }; query-source address 63.167.198.158 port 53; transfer-source 63.167.198.158; allow-transfer { none; }; listen-on { 63.167.198.158; 63.167.198.153; }; dump-file "s/named_dump.db"; pid-file "s/named.pid"; }; //end of options controls { unix "/var/run/ndc-external" perm 0660 owner 0 group 53; }; To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 2 9:41: 4 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail4.bigmailbox.com (mail4.bigmailbox.com [209.132.220.35]) by hub.freebsd.org (Postfix) with ESMTP id 568E837B411 for ; Tue, 2 Oct 2001 09:40:58 -0700 (PDT) Received: œby mail4.bigmailbox.com (8.8.7/8.8.7) id JAA18367; Tue, 2 Oct 2001 09:40:58 -0700 Date: Tue, 2 Oct 2001 09:40:58 -0700 Message-Id: <200110021640.JAA18367@mail4.bigmailbox.com> Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary X-Mailer: MIME-tools 4.104 (Entity 4.116) Mime-Version: 1.0 X-Originating-Ip: [200.229.133.210] From: "irado@nettaxi.com" To: peter@skyrunner.net, freebsd-net@freebsd.org Cc: peter@skyrunner.net Subject: RE: dual dns resolution problem Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I tried here bymyself and there are no troubles to connect to my own server., neither connecting from home - name resolves nicely. And that is the culprit: 'failure in name resolution'.. means that your name server cannot resolve name-to-ipaddr. Resume: you *must* go back to your named files, mainly the ones which says that novell.com is the 192.168.something. Or (if is the case) your named must get the ip-adrress from the forwarders (from world). > >%ssh novell.com >ssh: novell.com: Non-recoverable failure in name resolution > saudações, irado furioso com tudo linux user 179402 deus é construído à imagem e semelhança do homem. Principalmente em seus defeitos. por favor, clique aqui: http://www.thehungersite.com e aqui também: http://cf6.uol.com.br/umminuto/ ------------------------------------------------------------ Nettaxi would like to ask for your help in donations to the RED CROSS today! http://www.nyredcross.org/donate/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 2 11:53:56 2001 Delivered-To: freebsd-net@freebsd.org Received: from newmail.skyrunner.net (newmail.skyrunner.net [208.133.44.6]) by hub.freebsd.org (Postfix) with ESMTP id 68FFF37B407 for ; Tue, 2 Oct 2001 11:53:51 -0700 (PDT) Received: from skyrunne6e8soa (booray.new-era.com [208.150.25.130]) by newmail.skyrunner.net (8.11.2/8.11.0/SuSE Linux 8.11.0-0.4) with SMTP id f92Iris05857; Tue, 2 Oct 2001 14:53:44 -0400 From: "Peter Brezny" To: Cc: Subject: RE: dual dns resolution problem -- Solved Date: Tue, 2 Oct 2001 14:50:19 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 Importance: Normal In-Reply-To: <200110021640.JAA18367@mail4.bigmailbox.com> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Something which appears to clear up the problem was a modification of the host.conf file (did i mention this was a base 4.3-release install?) I changed the resolv.conf file from this: # $FreeBSD: src/etc/host.conf,v 1.6 1999/08/27 23:23:41 peter Exp $ # First try the /etc/hosts file order hosts,bind # Now try the nameserver next. #bind # If you have YP/NIS configured, uncomment the next line # nis To this: # $FreeBSD: src/etc/host.conf,v 1.6 1999/08/27 23:23:41 peter Exp $ # First try the /etc/hosts file order hosts #order hosts,bind # Now try the nameserver next. bind # If you have YP/NIS configured, uncomment the next line # nis Thanks for your consideration. Peter Brezny Skyrunner.net -----Original Message----- From: irado@nettaxi.com [mailto:irado@nettaxi.com] Sent: Tuesday, October 02, 2001 12:41 PM To: peter@skyrunner.net; freebsd-net@freebsd.org Cc: peter@skyrunner.net Subject: RE: dual dns resolution problem I tried here bymyself and there are no troubles to connect to my own server., neither connecting from home - name resolves nicely. And that is the culprit: 'failure in name resolution'.. means that your name server cannot resolve name-to-ipaddr. Resume: you *must* go back to your named files, mainly the ones which says that novell.com is the 192.168.something. Or (if is the case) your named must get the ip-adrress from the forwarders (from world). > >%ssh novell.com >ssh: novell.com: Non-recoverable failure in name resolution > saudações, irado furioso com tudo linux user 179402 deus é construído à imagem e semelhança do homem. Principalmente em seus defeitos. por favor, clique aqui: http://www.thehungersite.com e aqui também: http://cf6.uol.com.br/umminuto/ ------------------------------------------------------------ Nettaxi would like to ask for your help in donations to the RED CROSS today! http://www.nyredcross.org/donate/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 2 13: 2:41 2001 Delivered-To: freebsd-net@freebsd.org Received: from smtp.uc3m.es (smtp02.uc3m.es [163.117.136.122]) by hub.freebsd.org (Postfix) with ESMTP id E729937B408 for ; Tue, 2 Oct 2001 13:02:33 -0700 (PDT) Received: from smtp02.uc3m.es (localhost [127.0.0.1]) by smtp.uc3m.es (Postfix) with ESMTP id EEBC343194 for ; Tue, 2 Oct 2001 22:02:28 +0200 (CEST) Received: from arpa.it.uc3m.es (arpa.it.uc3m.es [163.117.139.120]) by smtp02.uc3m.es (Postfix) with ESMTP id 8A88199E03 for ; Tue, 2 Oct 2001 22:02:28 +0200 (CEST) Received: from it.uc3m.es (alacran.it.uc3m.es [163.117.139.44]) by arpa.it.uc3m.es (8.9.3/8.9.3) with ESMTP id WAA06307 for ; Tue, 2 Oct 2001 22:02:28 +0200 Message-ID: <3BBA1D53.B0C9C133@it.uc3m.es> Date: Tue, 02 Oct 2001 22:02:27 +0200 From: Juan Fco Rodriguez Hervella X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Lista Subject: Re: How to increase TCP and UDP buffers (for IPv4/IPv6) References: <200110021551.f92Fpjr25843@iguana.aciri.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Luigi Rizzo wrote: > > > Hi: > > > > It's possible to increase the TCP and UDP buffers ? > > > > I've had problems with UDP packets of 64 bytes discarded with a bandwith > > of 2-3 Mbits, using a FreeBSD-4.3 router in a link of 10 Mbits. > > a router does not buffer through traffic in a socket buffer (which is > what "TCP and UDP buffers" are) but on the interface queues and ipintrq, > which are typically 50 packets. > If this is the case you should see ipintrq drops listed > with > > sysctl net.inet.ip.intr_queue_drops > > and you could try to increase the size of that queue with something like > > sysctl -w net.inet.ip.intr_queue_maxlen=100 > > cheers > luigi What's the meaning of "ipintrq" ? and it's possible to modify the interface queues in Linux ? How many queues exists between the interface and the application ? Are the same to transmit and to receive ? Thank you very much. -- ********************************* Juan F. Rodriguez Hervella Universidad Carlos III de Madrid ******************************** To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 2 15: 7: 8 2001 Delivered-To: freebsd-net@freebsd.org Received: from volatile.chemikals.org (ci391991-a.grnvle1.sc.home.com [24.37.154.83]) by hub.freebsd.org (Postfix) with ESMTP id CD41137B401; Tue, 2 Oct 2001 15:06:59 -0700 (PDT) Received: (from morganw@localhost) by volatile.chemikals.org (8.11.5/8.11.5) id f92M6wC40185; Tue, 2 Oct 2001 18:06:58 -0400 (EDT) (envelope-from morganw) Date: Tue, 2 Oct 2001 18:06:58 -0400 (EDT) From: Wesley Morgan To: Cc: , Subject: dc hangs kernel Message-ID: <20011002180526.Q40165-100000@volatile.chemikals.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org For about a week in -current, attempts to set up a Xircom Realport RBE-100 (cardbus, dc) adapter hangs the kernel solid. Anyone else seeing this problem? -- _ __ ___ ____ ___ ___ ___ Wesley N Morgan _ __ ___ | _ ) __| \ morganw@chemikals.org _ __ | _ \._ \ |) | FreeBSD: The Power To Serve _ |___/___/___/ 6bone: 3ffe:1ce3:7::b4ff:fe53:c297 Hi! I'm a .signature virus! Copy me into your ~/.signature to help me spread! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 2 18: 4:24 2001 Delivered-To: freebsd-net@freebsd.org Received: from tomts7-srv.bellnexxia.net (tomts7.bellnexxia.net [209.226.175.40]) by hub.freebsd.org (Postfix) with ESMTP id B0CD037B405 for ; Tue, 2 Oct 2001 18:04:20 -0700 (PDT) Received: from xena.gsicomp.on.ca ([65.93.38.74]) by tomts7-srv.bellnexxia.net (InterMail vM.4.01.03.16 201-229-121-116-20010115) with ESMTP id <20011003010419.UDTG2701.tomts7-srv.bellnexxia.net@xena.gsicomp.on.ca>; Tue, 2 Oct 2001 21:04:19 -0400 Received: from hermes (hermes.gsicomp.on.ca [192.168.0.18]) by xena.gsicomp.on.ca (8.11.1/8.11.1) with SMTP id f930vXu09325; Tue, 2 Oct 2001 20:57:34 -0400 (EDT) (envelope-from matt@gsicomp.on.ca) Message-ID: <009701c14ba6$478a39e0$1200a8c0@gsicomp.on.ca> From: "Matthew Emmerton" To: Cc: Subject: Diagnostics question with PPPoE Date: Tue, 2 Oct 2001 20:56:45 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4807.1700 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Folks, I'm supporting a retail store setup where stores connect to the head office using IPSec over PPPoE links, handled by a FreeBSD 4.3 server. Both IPSec and PPPoE are working fine. However, lately we've been having problems where PPP will disconnect for some reason and reconnect. Since I'm very confident that FreeBSD's PPPoE is rock solid, I'm trying to pin it down on the ISP, which has a track record of making unannounced service outages. Here's a log snippet of a typical disconnect: Oct 2 13:03:43 belmont ppp[144]: tun0: Phase: deflink: open -> lcp Oct 2 13:03:43 belmont ppp[144]: tun0: IPCP: deflink: LayerDown: 209.167.75.124 Oct 2 13:03:43 belmont ppp[144]: tun0: IPCP: deflink: State change Opened --> Starting Oct 2 13:03:43 belmont ppp[144]: tun0: IPCP: deflink: LayerFinish. Oct 2 13:03:43 belmont ppp[144]: tun0: IPCP: Connect time: 15841 secs: 20512841 octets in, 3999315 octets out Oct 2 13:03:43 belmont ppp[144]: tun0: IPCP: : 25041 packets in, 21506 packetsout Oct 2 13:03:43 belmont ppp[144]: tun0: IPCP: total 1547 bytes/sec, peak 71398 bytes/sec on Tue Oct 2 13:03:43 2001 Oct 2 13:03:43 belmont ppp[144]: tun0: IPCP: deflink: State change Starting --> Initial Oct 2 13:03:43 belmont ppp[144]: tun0: Phase: bundle: Terminate Oct 2 13:03:46 belmont ppp[144]: tun0: Phase: deflink: Disconnected! Oct 2 13:03:46 belmont ppp[144]: tun0: Phase: deflink: lcp -> logout Oct 2 13:03:46 belmont ppp[144]: tun0: Phase: deflink: logout -> hangup Oct 2 13:03:46 belmont ppp[144]: tun0: Phase: deflink: Disconnected! How can I tell who is instigating the disconnect? -- Matt Emmerton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 2 18:59:15 2001 Delivered-To: freebsd-net@freebsd.org Received: from sasami.jurai.net (sasami.jurai.net [64.0.106.45]) by hub.freebsd.org (Postfix) with ESMTP id AF89A37B401 for ; Tue, 2 Oct 2001 18:59:01 -0700 (PDT) Received: from localhost (winter@localhost) by sasami.jurai.net (8.9.3/8.8.7) with ESMTP id VAA56297; Tue, 2 Oct 2001 21:58:20 -0400 (EDT) Date: Tue, 2 Oct 2001 21:58:20 -0400 (EDT) From: "Matthew N. Dodd" To: Matthew Jacob Cc: Julian Elischer , Garrett Wollman , freebsd-net@FreeBSD.ORG Subject: Re: review of minor clarifying comments In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 1 Oct 2001, Matthew Jacob wrote: > Yes- this may have been true for a long time - but quite a number of > Unix variants don't require it, so I forgot :-).. For example, neither > OpenBSD nor NetBSD seem to require it. > > It turns out that this is only stumbled on rarely- but if it's all the same to > you, a comment would help a lot. It looks like storing a pointer to struct arpcom in struct ifnet might solve most of the cases where ifp->if_softc == struct arpcom/struct ifnet. I'm not exactly sure how to deal with the miibus stuff at this point; the following, in mii.c:miibus_linkchg(): mii = device_get_softc(dev); ifp = device_get_softc(parent); can be changed to: mii = device_get_softc(dev); ifp = mii->mii_ifp; I'm thinking we could pass struct ifnet in to mii.c:mii_phy_probe() and attach it to the device ivars. > On Mon, 1 Oct 2001, Julian Elischer wrote: > > > Not only that but the ifnet structure must be the first part of the arpcom > > struct so that arpcm, ifnet and softc often need to be the same.. I've > > been gradually trying to remove this requirement over the last 10 years > > but it's still there.. :-/ > > > > Comments can't hurt though.. > > > > > > On Mon, 1 Oct 2001, Matthew Jacob wrote: > > > > > > > > This bit me in the butt yet again about FreeBSD and some assumptions about how > > > a NIC's softc is laid out- I don't really it stated elsewhere, so a couple > > > source file comments seem in order.. Frankly, this kind of assumption is > > > dangerous and unnecessary with methods, but at the very least it ought to be > > > commented, no? > > > > > > -matt > > > > > > > > > Index: net/if_var.h > > > =================================================================== > > > RCS file: /home/ncvs/src/sys/net/if_var.h,v > > > retrieving revision 1.37 > > > diff -u -r1.37 if_var.h > > > --- net/if_var.h 2001/09/18 17:41:42 1.37 > > > +++ net/if_var.h 2001/10/01 20:00:08 > > > @@ -105,6 +105,11 @@ > > > * > > > * (Would like to call this struct ``if'', but C isn't PL/1.) > > > */ > > > + > > > +/* > > > + * NB: For FreeBSD, it is assumed that each NIC driver's softc starts with > > > + * one of these structures, typically held within an arpcom structure. > > > + */ > > > struct ifnet { > > > void *if_softc; /* pointer to driver state */ > > > char *if_name; /* name, e.g. ``en'' or ``lo'' */ > > > Index: dev/mii/mii.c > > > =================================================================== > > > RCS file: /home/ncvs/src/sys/dev/mii/mii.c,v > > > retrieving revision 1.9 > > > diff -u -r1.9 mii.c > > > --- dev/mii/mii.c 2001/09/29 18:40:06 1.9 > > > +++ dev/mii/mii.c 2001/10/01 20:00:09 > > > @@ -167,6 +167,9 @@ > > > struct mii_data *mii; > > > > > > mii = device_get_softc(dev); > > > + /* > > > + * Note that each NIC's softc must start with an ifnet structure. > > > + */ > > > mii->mii_ifp = device_get_softc(device_get_parent(dev)); > > > v = device_get_ivars(dev); > > > ifmedia_upd = v[0]; > > > @@ -233,6 +236,9 @@ > > > MIIBUS_LINKCHG(parent); > > > > > > mii = device_get_softc(dev); > > > + /* > > > + * Note that each NIC's softc must start with an ifnet structure. > > > + */ > > > ifp = device_get_softc(parent); > > > > > > if (mii->mii_media_status & IFM_AVALID) { > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-net" in the body of the message > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > -- | Matthew N. Dodd | '78 Datsun 280Z | '75 Volvo 164E | FreeBSD/NetBSD | | winter@jurai.net | 2 x '84 Volvo 245DL | ix86,sparc,pmax | | http://www.jurai.net/~winter | For Great Justice! | ISO8802.5 4ever | To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 2 19: 5:33 2001 Delivered-To: freebsd-net@freebsd.org Received: from beppo.feral.com (beppo.feral.com [192.67.166.79]) by hub.freebsd.org (Postfix) with ESMTP id EA53937B401 for ; Tue, 2 Oct 2001 19:05:30 -0700 (PDT) Received: from wonky.feral.com (wonky.feral.com [192.67.166.7]) by beppo.feral.com (8.11.3/8.11.3) with ESMTP id f9325NH96944; Tue, 2 Oct 2001 19:05:23 -0700 (PDT) (envelope-from mjacob@feral.com) Date: Tue, 2 Oct 2001 19:04:40 -0700 (PDT) From: Matthew Jacob Reply-To: To: "Matthew N. Dodd" Cc: Julian Elischer , Garrett Wollman , Subject: Re: review of minor clarifying comments In-Reply-To: Message-ID: <20011002190406.W4030-100000@wonky.feral.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 2 Oct 2001, Matthew N. Dodd wrote: > On Mon, 1 Oct 2001, Matthew Jacob wrote: > > Yes- this may have been true for a long time - but quite a number of > > Unix variants don't require it, so I forgot :-).. For example, neither > > OpenBSD nor NetBSD seem to require it. > > > > It turns out that this is only stumbled on rarely- but if it's all the same to > > you, a comment would help a lot. > > It looks like storing a pointer to struct arpcom in struct ifnet might > solve most of the cases where ifp->if_softc == struct arpcom/struct > ifnet. I'm not exactly sure how to deal with the miibus stuff at this > point; the following, in mii.c:miibus_linkchg(): > > mii = device_get_softc(dev); > ifp = device_get_softc(parent); > > can be changed to: > > mii = device_get_softc(dev); > ifp = mii->mii_ifp; > > I'm thinking we could pass struct ifnet in to mii.c:mii_phy_probe() and > attach it to the device ivars. > I would think that the latter makes the most sense. It all doesn't matter *too* much as long as what the requirements are are reasonably documented or known. -matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 2 19:12:55 2001 Delivered-To: freebsd-net@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id 02A6D37B405 for ; Tue, 2 Oct 2001 19:12:47 -0700 (PDT) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.11.4/8.11.4) id f932Ci777014; Tue, 2 Oct 2001 22:12:44 -0400 (EDT) (envelope-from wollman) Date: Tue, 2 Oct 2001 22:12:44 -0400 (EDT) From: Garrett Wollman Message-Id: <200110030212.f932Ci777014@khavrinen.lcs.mit.edu> To: "Matthew N. Dodd" Cc: Matthew Jacob , Julian Elischer , freebsd-net@FreeBSD.ORG Subject: Re: review of minor clarifying comments In-Reply-To: References: Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org < said: > can be changed to: > mii = device_get_softc(dev); > ifp = mii->mii_ifp; I don't see anything wrong with the way things are. Perhaps some more documentation is necessary, but as noted upthread this has a 20-year history in the BSD networking stack and it's not like it's a particular imposition. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Oct 2 20:29:39 2001 Delivered-To: freebsd-net@freebsd.org Received: from sasami.jurai.net (sasami.jurai.net [64.0.106.45]) by hub.freebsd.org (Postfix) with ESMTP id 7912D37B403 for ; Tue, 2 Oct 2001 20:29:25 -0700 (PDT) Received: from localhost (winter@localhost) by sasami.jurai.net (8.9.3/8.8.7) with ESMTP id XAA57350; Tue, 2 Oct 2001 23:29:17 -0400 (EDT) Date: Tue, 2 Oct 2001 23:29:16 -0400 (EDT) From: "Matthew N. Dodd" To: Garrett Wollman Cc: Matthew Jacob , Julian Elischer , freebsd-net@FreeBSD.ORG Subject: Re: review of minor clarifying comments In-Reply-To: <200110030212.f932Ci777014@khavrinen.lcs.mit.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 2 Oct 2001, Garrett Wollman wrote: > < said: > > > can be changed to: > > > mii = device_get_softc(dev); > > ifp = mii->mii_ifp; > > I don't see anything wrong with the way things are. Perhaps some more > documentation is necessary, but as noted upthread this has a 20-year > history in the BSD networking stack and it's not like it's a > particular imposition. Its a layering violation in IMHO (in newbus anyway.) -- | Matthew N. Dodd | '78 Datsun 280Z | '75 Volvo 164E | FreeBSD/NetBSD | | winter@jurai.net | 2 x '84 Volvo 245DL | ix86,sparc,pmax | | http://www.jurai.net/~winter | For Great Justice! | ISO8802.5 4ever | To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 3 2:48:41 2001 Delivered-To: freebsd-net@freebsd.org Received: from web20010.mail.yahoo.com (web20010.mail.yahoo.com [216.136.225.73]) by hub.freebsd.org (Postfix) with SMTP id 8CDF037B406 for ; Wed, 3 Oct 2001 02:48:32 -0700 (PDT) Message-ID: <20011003094832.34929.qmail@web20010.mail.yahoo.com> Received: from [193.123.204.66] by web20010.mail.yahoo.com via HTTP; Wed, 03 Oct 2001 10:48:32 BST Date: Wed, 3 Oct 2001 10:48:32 +0100 (BST) From: =?iso-8859-1?q?Gavin=20Kenny?= Subject: Arp and two pccard NICs To: hackers@freebsd.org, net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I have upgraded to 4.4 and I am trying to get my two pccard NICs to work at the same time. I've done some investigateing, but I'm not sure where to go next. both cards are the same make; Xircom 10/100 and both are detected and correctly configured upon insertion. I can assign IP addresses to both and ping each and get a response. xe0 works fine. xe1 has problems; first of all arp does not seem to run on this card, all I get if I try to ping another machine is a pause and then "host is down" - using tcpdump I see a single "who-has" message go out - the other machines gets it and replies but the reply is not recieved. If I manually update the arp table using arp -s and then try to ping, the echo request goes out, the other machine recieves it and responds but again the response does not seem to get through. While this is happening I get "xe1: watchdog timeout; resetting card" repeating in the console window. I've swapped cards, cables and slots (xe0 and xe1 are dependant on which card is inserted first). what am I getting wrong? Gavin p.s. please cc me as I am not a member of this list. ____________________________________________________________ Do You Yahoo!? Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk or your free @yahoo.ie address at http://mail.yahoo.ie To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 3 2:49:35 2001 Delivered-To: freebsd-net@freebsd.org Received: from Awfulhak.org (gw.Awfulhak.org [217.204.245.18]) by hub.freebsd.org (Postfix) with ESMTP id CB0FE37B407 for ; Wed, 3 Oct 2001 02:49:27 -0700 (PDT) Received: from hak.lan.Awfulhak.org (root@hak.lan.Awfulhak.org [172.16.1.12]) by Awfulhak.org (8.11.6/8.11.6) with ESMTP id f939nPs38964; Wed, 3 Oct 2001 10:49:25 +0100 (BST) (envelope-from brian@freebsd-services.com) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.11.6/8.11.6) with ESMTP id f939nGl08229; Wed, 3 Oct 2001 10:49:16 +0100 (BST) (envelope-from brian@freebsd-services.com) Message-Id: <200110030949.f939nGl08229@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: "Matthew Emmerton" Cc: brian@Awfulhak.org, net@FreeBSD.ORG, brian@freebsd-services.com Subject: Re: Diagnostics question with PPPoE In-Reply-To: Message from "Matthew Emmerton" of "Tue, 02 Oct 2001 20:56:45 EDT." <009701c14ba6$478a39e0$1200a8c0@gsicomp.on.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 03 Oct 2001 10:49:16 +0100 From: Brian Somers Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > Folks, > > I'm supporting a retail store setup where stores connect to the head office > using IPSec over PPPoE links, handled by a FreeBSD 4.3 server. Both IPSec > and PPPoE are working fine. However, lately we've been having problems > where PPP will disconnect for some reason and reconnect. Since I'm very > confident that FreeBSD's PPPoE is rock solid, I'm trying to pin it down on > the ISP, which has a track record of making unannounced service outages. > > Here's a log snippet of a typical disconnect: > > Oct 2 13:03:43 belmont ppp[144]: tun0: Phase: deflink: open -> lcp > Oct 2 13:03:43 belmont ppp[144]: tun0: IPCP: deflink: LayerDown: > 209.167.75.124 > Oct 2 13:03:43 belmont ppp[144]: tun0: IPCP: deflink: State change > Opened --> Starting > Oct 2 13:03:43 belmont ppp[144]: tun0: IPCP: deflink: LayerFinish. > Oct 2 13:03:43 belmont ppp[144]: tun0: IPCP: Connect time: 15841 secs: > 20512841 octets in, 3999315 octets out > Oct 2 13:03:43 belmont ppp[144]: tun0: IPCP: : 25041 packets in, 21506 > packetsout > Oct 2 13:03:43 belmont ppp[144]: tun0: IPCP: total 1547 bytes/sec, peak > 71398 bytes/sec on Tue Oct 2 13:03:43 2001 > Oct 2 13:03:43 belmont ppp[144]: tun0: IPCP: deflink: State change > Starting --> Initial > Oct 2 13:03:43 belmont ppp[144]: tun0: Phase: bundle: Terminate > Oct 2 13:03:46 belmont ppp[144]: tun0: Phase: deflink: Disconnected! > Oct 2 13:03:46 belmont ppp[144]: tun0: Phase: deflink: lcp -> logout > Oct 2 13:03:46 belmont ppp[144]: tun0: Phase: deflink: logout -> hangup > Oct 2 13:03:46 belmont ppp[144]: tun0: Phase: deflink: Disconnected! > > How can I tell who is instigating the disconnect? I think something should have come up just before the quoted log entry. Maybe you need to enable more logging ? Maybe ``set log phase lcp ipcp command chat tun ccp'' ? If nothing still shows up, adding ``debug'' to the above list should help (although it'll make for somewhat more verbose logs...). > -- > Matt Emmerton -- Brian http://www.freebsd-services.com/ Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 3 3: 0:18 2001 Delivered-To: freebsd-net@freebsd.org Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id D7D4137B407 for ; Wed, 3 Oct 2001 03:00:15 -0700 (PDT) Received: (from rizzo@localhost) by iguana.aciri.org (8.11.3/8.11.1) id f939vLI32338; Wed, 3 Oct 2001 02:57:21 -0700 (PDT) (envelope-from rizzo) From: Luigi Rizzo Message-Id: <200110030957.f939vLI32338@iguana.aciri.org> Subject: Re: How to increase TCP and UDP buffers (for IPv4/IPv6) In-Reply-To: <3BBA1D53.B0C9C133@it.uc3m.es> from Juan Fco Rodriguez Hervella at "Oct 2, 2001 10: 2:27 pm" To: jrh@it.uc3m.es (Juan Fco Rodriguez Hervella) Date: Wed, 3 Oct 2001 02:57:21 -0700 (PDT) Cc: freebsd-net@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > Luigi Rizzo wrote: > > > > > Hi: > > > > > > It's possible to increase the TCP and UDP buffers ? > > > > > > I've had problems with UDP packets of 64 bytes discarded with a bandwith > > > of 2-3 Mbits, using a FreeBSD-4.3 router in a link of 10 Mbits. > > > > a router does not buffer through traffic in a socket buffer (which is > > what "TCP and UDP buffers" are) but on the interface queues and ipintrq, > > which are typically 50 packets. > > If this is the case you should see ipintrq drops listed > > with > > > > sysctl net.inet.ip.intr_queue_drops > > > > and you could try to increase the size of that queue with something like > > > > sysctl -w net.inet.ip.intr_queue_maxlen=100 > > > > cheers > > luigi > > What's the meaning of "ipintrq" ? it is a queue used to store incoming IP packets. > and it's possible to modify the interface queues in Linux ? no idea. > How many queues exists between the interface and the application ? basically 3 on input (device queue, ipintrq and socket buffer), and 1 or 2 on output (device queue and in some cases the socket buffer) > Are the same to transmit and to receive ? no cheers luigi ----------------------------------+----------------------------------------- Luigi RIZZO, luigi@iet.unipi.it . ACIRI/ICSI (on leave from Univ. di Pisa) http://www.iet.unipi.it/~luigi/ . 1947 Center St, Berkeley CA 94704 Phone: (510) 666 2927 ----------------------------------+----------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 3 4: 0:20 2001 Delivered-To: freebsd-net@freebsd.org Received: from gvr.gvr.org (gvr.gvr.org [212.61.40.17]) by hub.freebsd.org (Postfix) with ESMTP id 5F75D37B406 for ; Wed, 3 Oct 2001 04:00:17 -0700 (PDT) Received: by gvr.gvr.org (Postfix, from userid 657) id D4A74586C; Wed, 3 Oct 2001 13:00:15 +0200 (CEST) Date: Wed, 3 Oct 2001 13:00:15 +0200 From: Guido van Rooij To: freebsd-net@freebsd.org Subject: IPsec rekey question (bug in racoon?) Message-ID: <20011003130015.A68282@gvr.gvr.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I am using Ipsec in tunnel mode. Everything works okay. Then I decide to flush my SAD entries, on _one_ side of the tunnel. Naturally, I see a key exchange going on. Afterwards I see that the system on which I flushed the SAD entries does have new ones. However the other side of the tunnel is still using the old one for its tunnel to me. I would guess that that SAD would be replaced as well? Is there a config ite I overlooked? Tcpdump showing what I just said: 12:33:31.189986 aaa.bbb.ccc.198 > aaa.bbb.ccc.193: ESP(spi=0x00169b89,seq=0x35) [tos 0x10] 12:33:31.322963 aaa.bbb.ccc.193 > aaa.bbb.ccc.198: ESP(spi=0x05c83a78,seq=0x35) [tos 0x10] 12:33:54.695274 aaa.bbb.ccc.198.500 > aaa.bbb.ccc.193.500: isakmp: phase 1 I agg: [|sa] 12:33:55.433767 aaa.bbb.ccc.193.500 > aaa.bbb.ccc.198.500: isakmp: phase 1 R agg: [|sa] 12:33:55.494034 aaa.bbb.ccc.198.500 > aaa.bbb.ccc.193.500: isakmp: phase 1 I agg: (hash: len=20) 12:33:55.524092 aaa.bbb.ccc.198.500 > aaa.bbb.ccc.193.500: isakmp: phase 2/others I oakley-quick[E]: [|hash] 12:33:55.731783 aaa.bbb.ccc.193.500 > aaa.bbb.ccc.198.500: isakmp: phase 2/others R oakley-quick[E]: [|hash] 12:33:55.733311 aaa.bbb.ccc.198.500 > aaa.bbb.ccc.193.500: isakmp: phase 2/others I oakley-quick[E]: [|hash] 12:33:59.650507 aaa.bbb.ccc.198 > aaa.bbb.ccc.193: ESP(spi=0x0aff2f79,seq=0x1) 12:33:59.659407 aaa.bbb.ccc.193 > aaa.bbb.ccc.198: ESP(spi=0x05c83a78,seq=0x36) 12:34:04.660544 aaa.bbb.ccc.198 > aaa.bbb.ccc.193: ESP(spi=0x0aff2f79,seq=0x2) 12:34:04.669431 aaa.bbb.ccc.193 > aaa.bbb.ccc.198: ESP(spi=0x05c83a78,seq=0x37) -Guido To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 3 6:24:37 2001 Delivered-To: freebsd-net@freebsd.org Received: from smtp.uc3m.es (smtp01.uc3m.es [163.117.136.121]) by hub.freebsd.org (Postfix) with ESMTP id B2C7D37B409 for ; Wed, 3 Oct 2001 06:24:33 -0700 (PDT) Received: from smtp01.uc3m.es (localhost [127.0.0.1]) by smtp.uc3m.es (Postfix) with ESMTP id 722D043146 for ; Wed, 3 Oct 2001 15:24:32 +0200 (CEST) Received: from arpa.it.uc3m.es (arpa.it.uc3m.es [163.117.139.120]) by smtp01.uc3m.es (Postfix) with ESMTP id 7D1B899E03 for ; Wed, 3 Oct 2001 15:24:31 +0200 (CEST) Received: from it.uc3m.es (alacran.it.uc3m.es [163.117.139.44]) by arpa.it.uc3m.es (8.9.3/8.9.3) with ESMTP id PAA06793 for ; Wed, 3 Oct 2001 15:24:30 +0200 Message-ID: <3BBB118D.774F22A0@it.uc3m.es> Date: Wed, 03 Oct 2001 15:24:30 +0200 From: Juan Fco Rodriguez Hervella X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Lista Subject: Re: How to increase TCP and UDP buffers (for IPv4/IPv6) References: <200110021551.f92Fpjr25843@iguana.aciri.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello: It does exist something like "ifconfig txqueuelen" in FreeBSD to change the transmit queue of a device ? note: Im not talking about "ipintrq", the IP input queue. I mean "transmit queue of device". Thanks! -- ********************************* Juan F. Rodriguez Hervella Universidad Carlos III de Madrid ******************************** To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 3 8:18:50 2001 Delivered-To: freebsd-net@freebsd.org Received: from shuttle.wide.toshiba.co.jp (shuttle.wide.toshiba.co.jp [202.249.10.124]) by hub.freebsd.org (Postfix) with ESMTP id 4954537B401 for ; Wed, 3 Oct 2001 08:18:46 -0700 (PDT) Received: from localhost ([3ffe:501:100f:10c1:200:39ff:fe97:3f1e]) by shuttle.wide.toshiba.co.jp (8.9.1+3.1W/8.9.1) with ESMTP id AAA25385; Thu, 4 Oct 2001 00:20:02 +0900 (JST) Date: Thu, 04 Oct 2001 00:18:22 +0900 Message-ID: From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= To: "George V. Neville-Neil" Cc: freebsd-net@FreeBSD.ORG Subject: Re: Questions... In-Reply-To: <200109290424.VAA2685096@meer.meer.net> References: <200109290424.VAA2685096@meer.meer.net> User-Agent: Wanderlust/2.6.0 (Twist And Shout-pre) Emacs/21.0 Mule/5.0 (SAKAKI) Organization: Research & Development Center, Toshiba Corp., Kawasaki, Japan. MIME-Version: 1.0 (generated by SEMI 1.13.7 - "Awazu") Content-Type: text/plain; charset=US-ASCII X-Dispatcher: imput version 980905(IM100) Lines: 20 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >>>>> On Fri, 28 Sep 2001 21:25:02 -0700, >>>>> "George V. Neville-Neil" said: > 4) Will y'all continue to periodically integrate the Kame code as you v6 > solution? At least, we (the KAME project) are willing to continue the integrate effort. Whether or not the KAME code will continuously be the base for IPv6/IPsec in the future is, of course, up to the FreeBSD team. (I hope it will, though.) > 5) Will the v6 code by multi-threaded? I'm not really sure, but there should be no problem about multi-thread specific to the IPv6 code. JINMEI, Tatuya Communication Platform Lab. Corporate R&D Center, Toshiba Corp. jinmei@isl.rdc.toshiba.co.jp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 3 8:47: 4 2001 Delivered-To: freebsd-net@freebsd.org Received: from smtp.uc3m.es (smtp03.uc3m.es [163.117.136.123]) by hub.freebsd.org (Postfix) with ESMTP id 28FCF37B405 for ; Wed, 3 Oct 2001 08:47:00 -0700 (PDT) Received: from smtp03.uc3m.es (localhost [127.0.0.1]) by smtp.uc3m.es (Postfix) with ESMTP id A43D04314E for ; Wed, 3 Oct 2001 17:46:58 +0200 (CEST) Received: from arpa.it.uc3m.es (arpa.it.uc3m.es [163.117.139.120]) by smtp03.uc3m.es (Postfix) with ESMTP id A47E599E0F for ; Wed, 3 Oct 2001 17:46:57 +0200 (CEST) Received: from it.uc3m.es (alacran.it.uc3m.es [163.117.139.44]) by arpa.it.uc3m.es (8.9.3/8.9.3) with ESMTP id RAA30401 for ; Wed, 3 Oct 2001 17:46:57 +0200 Message-ID: <3BBB32F1.B5B2582F@it.uc3m.es> Date: Wed, 03 Oct 2001 17:46:57 +0200 From: Juan Fco Rodriguez Hervella X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Lista Subject: test Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org test -- ********************************* Juan F. Rodriguez Hervella Universidad Carlos III de Madrid ******************************** To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 3 13:22:41 2001 Delivered-To: freebsd-net@freebsd.org Received: from robin.mail.pas.earthlink.net (robin.mail.pas.earthlink.net [207.217.120.65]) by hub.freebsd.org (Postfix) with ESMTP id 7B9CC37B407 for ; Wed, 3 Oct 2001 13:22:39 -0700 (PDT) Received: from blossom.cjclark.org (dialup-209.247.136.53.Dial1.SanJose1.Level3.net [209.247.136.53]) by robin.mail.pas.earthlink.net (8.11.5/8.9.3) with ESMTP id f93KMbP21505; Wed, 3 Oct 2001 13:22:37 -0700 (PDT) Received: (from cjc@localhost) by blossom.cjclark.org (8.11.6/8.11.3) id f93KMZ109181; Wed, 3 Oct 2001 13:22:35 -0700 (PDT) (envelope-from cjc) Date: Wed, 3 Oct 2001 13:22:35 -0700 From: "Crist J. Clark" To: Guido van Rooij Cc: freebsd-net@FreeBSD.ORG Subject: Re: IPsec rekey question (bug in racoon?) Message-ID: <20011003132235.C8391@blossom.cjclark.org> Reply-To: cjclark@alum.mit.edu References: <20011003130015.A68282@gvr.gvr.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20011003130015.A68282@gvr.gvr.org>; from guido@gvr.org on Wed, Oct 03, 2001 at 01:00:15PM +0200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, Oct 03, 2001 at 01:00:15PM +0200, Guido van Rooij wrote: > I am using Ipsec in tunnel mode. Everything works okay. Then I decide > to flush my SAD entries, on _one_ side of the tunnel. > Naturally, I see a key exchange going on. > Afterwards I see that the system on which I flushed the SAD entries does > have new ones. However the other side of the tunnel is still using > the old one for its tunnel to me. I would guess that that SAD would be replaced > as well? Why would it? The two simplex channels of a IPsec "connection" really have very little to do with each other. -- Crist J. Clark cjclark@alum.mit.edu cjclark@jhu.edu cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 3 13:57: 7 2001 Delivered-To: freebsd-net@freebsd.org Received: from gvr.gvr.org (gvr.gvr.org [212.61.40.17]) by hub.freebsd.org (Postfix) with ESMTP id 882F737B403 for ; Wed, 3 Oct 2001 13:57:03 -0700 (PDT) Received: by gvr.gvr.org (Postfix, from userid 657) id C616A586C; Wed, 3 Oct 2001 22:57:01 +0200 (CEST) Date: Wed, 3 Oct 2001 22:57:01 +0200 From: Guido van Rooij To: "Crist J. Clark" Cc: freebsd-net@FreeBSD.ORG Subject: Re: IPsec rekey question (bug in racoon?) Message-ID: <20011003225701.A71045@gvr.gvr.org> References: <20011003130015.A68282@gvr.gvr.org> <20011003132235.C8391@blossom.cjclark.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20011003132235.C8391@blossom.cjclark.org>; from cristjc@earthlink.net on Wed, Oct 03, 2001 at 01:22:35PM -0700 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, Oct 03, 2001 at 01:22:35PM -0700, Crist J. Clark wrote: > On Wed, Oct 03, 2001 at 01:00:15PM +0200, Guido van Rooij wrote: > > I am using Ipsec in tunnel mode. Everything works okay. Then I decide > > to flush my SAD entries, on _one_ side of the tunnel. > > Naturally, I see a key exchange going on. > > Afterwards I see that the system on which I flushed the SAD entries does > > have new ones. However the other side of the tunnel is still using > > the old one for its tunnel to me. I would guess that that SAD would be replaced > > as well? > > Why would it? The two simplex channels of a IPsec "connection" really > have very little to do with each other. Why? Because if one system reboots, the key is gone so there is no way to decrypt the incoming traffic any more? -Guido To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 3 20:21: 2 2001 Delivered-To: freebsd-net@freebsd.org Received: from pintail.mail.pas.earthlink.net (pintail.mail.pas.earthlink.net [207.217.120.122]) by hub.freebsd.org (Postfix) with ESMTP id C2A1E37B403 for ; Wed, 3 Oct 2001 20:20:58 -0700 (PDT) Received: from blossom.cjclark.org (dialup-209.247.140.64.Dial1.SanJose1.Level3.net [209.247.140.64]) by pintail.mail.pas.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id UAA16054; Wed, 3 Oct 2001 20:20:55 -0700 (PDT) Received: (from cjc@localhost) by blossom.cjclark.org (8.11.6/8.11.3) id f943Ksw10615; Wed, 3 Oct 2001 20:20:54 -0700 (PDT) (envelope-from cjc) Date: Wed, 3 Oct 2001 20:20:53 -0700 From: "Crist J. Clark" To: Guido van Rooij Cc: freebsd-net@FreeBSD.ORG Subject: Re: IPsec rekey question (bug in racoon?) Message-ID: <20011003202053.J8391@blossom.cjclark.org> Reply-To: cjclark@alum.mit.edu References: <20011003130015.A68282@gvr.gvr.org> <20011003132235.C8391@blossom.cjclark.org> <20011003225701.A71045@gvr.gvr.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20011003225701.A71045@gvr.gvr.org>; from guido@gvr.org on Wed, Oct 03, 2001 at 10:57:01PM +0200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, Oct 03, 2001 at 10:57:01PM +0200, Guido van Rooij wrote: > On Wed, Oct 03, 2001 at 01:22:35PM -0700, Crist J. Clark wrote: > > On Wed, Oct 03, 2001 at 01:00:15PM +0200, Guido van Rooij wrote: > > > I am using Ipsec in tunnel mode. Everything works okay. Then I decide > > > to flush my SAD entries, on _one_ side of the tunnel. > > > Naturally, I see a key exchange going on. > > > Afterwards I see that the system on which I flushed the SAD entries does > > > have new ones. However the other side of the tunnel is still using > > > the old one for its tunnel to me. I would guess that that SAD would be replaced > > > as well? > > > > Why would it? The two simplex channels of a IPsec "connection" really > > have very little to do with each other. > > Why? Because if one system reboots, the key is gone so there is no way > to decrypt the incoming traffic any more? "The key?" What key? Again, each direction is independent from the other. Different keys will be used for each. The remote end doesn't care about the state of the machine that was reset. As far as its SAD is concerned nothing has changed. Therefore, no need to change the SPI. For a general discussion of the concept see RFC2401 Sec. 4 especially 4.1 and 4.4 (4.4.3). -- Crist J. Clark cjclark@alum.mit.edu cjclark@jhu.edu cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Oct 3 22:22:27 2001 Delivered-To: freebsd-net@freebsd.org Received: from shuttle.wide.toshiba.co.jp (shuttle.wide.toshiba.co.jp [202.249.10.124]) by hub.freebsd.org (Postfix) with ESMTP id 7283137B407 for ; Wed, 3 Oct 2001 22:22:23 -0700 (PDT) Received: from localhost ([3ffe:501:100f:10c1:200:39ff:fe97:3f1e]) by shuttle.wide.toshiba.co.jp (8.9.1+3.1W/8.9.1) with ESMTP id OAA00733; Thu, 4 Oct 2001 14:23:29 +0900 (JST) Date: Thu, 04 Oct 2001 14:21:50 +0900 Message-ID: From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= To: Guido van Rooij Cc: freebsd-net@FreeBSD.ORG Subject: Re: IPsec rekey question (bug in racoon?) In-Reply-To: <20011003225701.A71045@gvr.gvr.org> References: <20011003130015.A68282@gvr.gvr.org> <20011003132235.C8391@blossom.cjclark.org> <20011003225701.A71045@gvr.gvr.org> User-Agent: Wanderlust/2.6.0 (Twist And Shout-pre) Emacs/21.0 Mule/5.0 (SAKAKI) Organization: Research & Development Center, Toshiba Corp., Kawasaki, Japan. MIME-Version: 1.0 (generated by SEMI 1.13.7 - "Awazu") Content-Type: text/plain; charset=US-ASCII X-Dispatcher: imput version 980905(IM100) Lines: 17 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >>>>> On Wed, 3 Oct 2001 22:57:01 +0200, >>>>> Guido van Rooij said: >> Why would it? The two simplex channels of a IPsec "connection" really >> have very little to do with each other. > Why? Because if one system reboots, the key is gone so there is no way > to decrypt the incoming traffic any more? Please clarify, are you using automatic key negotiation (e.g. using IKE), or are you manually configuring the keys? The situation may differ according to the configuration. JINMEI, Tatuya Communication Platform Lab. Corporate R&D Center, Toshiba Corp. jinmei@isl.rdc.toshiba.co.jp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 1:47:59 2001 Delivered-To: freebsd-net@freebsd.org Received: from mine.kame.net (kame195.kame.net [203.178.141.195]) by hub.freebsd.org (Postfix) with ESMTP id 6AD0E37B403 for ; Thu, 4 Oct 2001 01:47:56 -0700 (PDT) Received: from localhost ([3ffe:501:4819:cafe:260:1dff:fef7:1d80]) by mine.kame.net (8.11.1/3.7W) with ESMTP id f948qoH00912; Thu, 4 Oct 2001 17:52:50 +0900 (JST) To: guido@gvr.org Cc: freebsd-net@freebsd.org Subject: Re: IPsec rekey question (bug in racoon?) In-Reply-To: Your message of "Wed, 3 Oct 2001 13:00:15 +0200" <20011003130015.A68282@gvr.gvr.org> References: <20011003130015.A68282@gvr.gvr.org> X-Mailer: Cue version 0.6 (010810-1737/sakane) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Message-Id: <20011004174748J.sakane@kame.net> Date: Thu, 04 Oct 2001 17:47:48 +0900 From: Shoichi Sakane X-Dispatcher: imput version 20000228(IM140) Lines: 14 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > I am using Ipsec in tunnel mode. Everything works okay. Then I decide > to flush my SAD entries, on _one_ side of the tunnel. > Naturally, I see a key exchange going on. > Afterwards I see that the system on which I flushed the SAD entries does > have new ones. However the other side of the tunnel is still using > the old one for its tunnel to me. I would guess that that SAD would be > replaced as well? the freebsd's ipsec stack always uses old SA when there are some SAs for the communication. so the other side system used old SA even when the one had new SA. latest KAME has the flag, net.key.prefered_oldsa, which makes the kernel to be used new SA or old one. if the flag is not 0, the kernel uses new one. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 2:17:53 2001 Delivered-To: freebsd-net@freebsd.org Received: from ringworld.nanolink.com (straylight.ringlet.net [217.75.134.254]) by hub.freebsd.org (Postfix) with SMTP id 9D88837B409 for ; Thu, 4 Oct 2001 02:17:39 -0700 (PDT) Received: (qmail 7829 invoked by uid 1000); 4 Oct 2001 09:16:40 -0000 Date: Thu, 4 Oct 2001 12:16:40 +0300 From: Peter Pentchev To: freebsd-net@FreeBSD.org Cc: freebsd-audit@FreeBSD.org Subject: [CFR] whois(1) out-of-bound access patch Message-ID: <20011004121640.C1959@ringworld.oblivion.bg> Mail-Followup-To: freebsd-net@FreeBSD.org, freebsd-audit@FreeBSD.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, As described in PR bin/30968, whois(1) may access invalid data when the whois server returns a non-newline-terminated string. While it is true that the whois server maintainers should do a better job of following standards and such, still the 'be liberal in what you accept' mindset might be applied in this case, to fix what is ultimately a subtle fgetln(3) use bug :) Any harm in committing the attached patch? And this - or something like this - should be done soon; all FreeBSD whois clients currently display weird behavior when querying .biz domains :\ G'luck, Peter -- because I didn't think of a good beginning of it. Index: src/usr.bin/whois/whois.c =================================================================== RCS file: /home/ncvs/src/usr.bin/whois/whois.c,v retrieving revision 1.24 diff -u -r1.24 whois.c --- src/usr.bin/whois/whois.c 2001/08/05 19:37:12 1.24 +++ src/usr.bin/whois/whois.c 2001/10/04 14:03:33 @@ -51,6 +51,7 @@ #include #include #include +#include #include #include #include @@ -251,7 +252,7 @@ { FILE *sfi, *sfo; struct addrinfo *res2; - char *buf, *nhost, *p; + char *abuf, *buf, *nhost, *p; int i, nomatch, s; size_t len; @@ -275,6 +276,16 @@ nhost = NULL; nomatch = 0; while ((buf = fgetln(sfi, &len)) != NULL) { + abuf = NULL; + if ((len == 0) || !isspace(buf[len - 1])) { + abuf = calloc(1, len + 1); + if (abuf == NULL) { + errno = ENOMEM; + err(1, "reallocating"); + } + memcpy(abuf, buf, len); + buf = abuf; + } while (len && isspace(buf[len - 1])) buf[--len] = '\0'; @@ -304,6 +315,7 @@ nomatch = 1; } printf("%s\n", buf); + free(abuf); } /* Do second lookup as needed. */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 2:28:28 2001 Delivered-To: freebsd-net@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id E27BF37B406; Thu, 4 Oct 2001 02:28:21 -0700 (PDT) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id f949S4165066; Thu, 4 Oct 2001 13:28:05 +0400 (MSD) (envelope-from ache) Date: Thu, 4 Oct 2001 13:28:02 +0400 From: "Andrey A. Chernov" To: Peter Pentchev Cc: freebsd-net@FreeBSD.ORG, freebsd-audit@FreeBSD.ORG Subject: Re: [CFR] whois(1) out-of-bound access patch Message-ID: <20011004132801.A64960@nagual.pp.ru> References: <20011004121640.C1959@ringworld.oblivion.bg> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20011004121640.C1959@ringworld.oblivion.bg> User-Agent: Mutt/1.3.21i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Oct 04, 2001 at 12:16:40 +0300, Peter Pentchev wrote: > + if ((len == 0) || !isspace(buf[len - 1])) { Must be isspace((unsigned char)....) -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 2:30:54 2001 Delivered-To: freebsd-net@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 9B00C37B401; Thu, 4 Oct 2001 02:30:48 -0700 (PDT) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id f949UiG65117; Thu, 4 Oct 2001 13:30:44 +0400 (MSD) (envelope-from ache) Date: Thu, 4 Oct 2001 13:30:42 +0400 From: "Andrey A. Chernov" To: Peter Pentchev Cc: freebsd-net@FreeBSD.ORG, freebsd-audit@FreeBSD.ORG Subject: Re: [CFR] whois(1) out-of-bound access patch Message-ID: <20011004133041.B64960@nagual.pp.ru> References: <20011004121640.C1959@ringworld.oblivion.bg> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20011004121640.C1959@ringworld.oblivion.bg> User-Agent: Mutt/1.3.21i Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Oct 04, 2001 at 12:16:40 +0300, Peter Pentchev wrote: > + abuf = calloc(1, len + 1); > + if (abuf == NULL) { > + errno = ENOMEM; > + err(1, "reallocating"); > + } To overwrite errno set by calloc() is wrong. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 2:44:10 2001 Delivered-To: freebsd-net@freebsd.org Received: from ringworld.nanolink.com (straylight.ringlet.net [217.75.134.254]) by hub.freebsd.org (Postfix) with SMTP id C4D0A37B403 for ; Thu, 4 Oct 2001 02:44:02 -0700 (PDT) Received: (qmail 8110 invoked by uid 1000); 4 Oct 2001 09:43:07 -0000 Date: Thu, 4 Oct 2001 12:43:07 +0300 From: Peter Pentchev To: "Andrey A. Chernov" Cc: freebsd-net@FreeBSD.ORG, freebsd-audit@FreeBSD.ORG Subject: Re: [CFR] whois(1) out-of-bound access patch Message-ID: <20011004124307.D1959@ringworld.oblivion.bg> Mail-Followup-To: "Andrey A. Chernov" , freebsd-net@FreeBSD.ORG, freebsd-audit@FreeBSD.ORG References: <20011004121640.C1959@ringworld.oblivion.bg> <20011004133041.B64960@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20011004133041.B64960@nagual.pp.ru>; from ache@nagual.pp.ru on Thu, Oct 04, 2001 at 01:30:42PM +0400 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Oct 04, 2001 at 01:28:02PM +0400, Andrey A. Chernov wrote: > On Thu, Oct 04, 2001 at 12:16:40 +0300, Peter Pentchev wrote: > > + if ((len == 0) || !isspace(buf[len - 1])) { > > Must be isspace((unsigned char)....) On Thu, Oct 04, 2001 at 01:30:42PM +0400, Andrey A. Chernov wrote: > On Thu, Oct 04, 2001 at 12:16:40 +0300, Peter Pentchev wrote: > > + abuf = calloc(1, len + 1); > > + if (abuf == NULL) { > > + errno = ENOMEM; > > + err(1, "reallocating"); > > + } > > To overwrite errno set by calloc() is wrong. Oops to both :\ OK, here's an updated patch. G'luck, Peter -- If the meanings of 'true' and 'false' were switched, then this sentence wouldn't be false. Index: src/usr.bin/whois/whois.c =================================================================== RCS file: /home/ncvs/src/usr.bin/whois/whois.c,v retrieving revision 1.24 diff -u -r1.24 whois.c --- src/usr.bin/whois/whois.c 2001/08/05 19:37:12 1.24 +++ src/usr.bin/whois/whois.c 2001/10/04 14:39:24 @@ -251,7 +251,7 @@ { FILE *sfi, *sfo; struct addrinfo *res2; - char *buf, *nhost, *p; + char *abuf, *buf, *nhost, *p; int i, nomatch, s; size_t len; @@ -275,7 +275,15 @@ nhost = NULL; nomatch = 0; while ((buf = fgetln(sfi, &len)) != NULL) { - while (len && isspace(buf[len - 1])) + abuf = NULL; + if ((len == 0) || !isspace((unsigned char)buf[len - 1])) { + abuf = calloc(1, len + 1); + if (abuf == NULL) + err(1, "reallocating"); + memcpy(abuf, buf, len); + buf = abuf; + } + while (len && isspace((unsigned char)buf[len - 1])) buf[--len] = '\0'; if ((flags & WHOIS_RECURSE) && nhost == NULL) { @@ -304,6 +312,7 @@ nomatch = 1; } printf("%s\n", buf); + free(abuf); } /* Do second lookup as needed. */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 3:15:38 2001 Delivered-To: freebsd-net@freebsd.org Received: from gvr.gvr.org (gvr.gvr.org [212.61.40.17]) by hub.freebsd.org (Postfix) with ESMTP id 7B30E37B405 for ; Thu, 4 Oct 2001 03:15:36 -0700 (PDT) Received: by gvr.gvr.org (Postfix, from userid 657) id C21A5586C; Thu, 4 Oct 2001 12:15:34 +0200 (CEST) Date: Thu, 4 Oct 2001 12:15:34 +0200 From: Guido van Rooij To: "JINMEI Tatuya / ?$B?@L@C#:H?(B" Cc: freebsd-net@FreeBSD.ORG Subject: Re: IPsec rekey question (bug in racoon?) Message-ID: <20011004121534.A74306@gvr.gvr.org> References: <20011003130015.A68282@gvr.gvr.org> <20011003132235.C8391@blossom.cjclark.org> <20011003225701.A71045@gvr.gvr.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: ; from jinmei@isl.rdc.toshiba.co.jp on Thu, Oct 04, 2001 at 02:21:50PM +0900 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Oct 04, 2001 at 02:21:50PM +0900, JINMEI Tatuya / ?$B?@L@C#:H?(B wrote: > > Please clarify, are you using automatic key negotiation (e.g. using > IKE), or are you manually configuring the keys? The situation may > differ according to the configuration. Manual keys. -Guido To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 3:18:26 2001 Delivered-To: freebsd-net@freebsd.org Received: from gvr.gvr.org (gvr.gvr.org [212.61.40.17]) by hub.freebsd.org (Postfix) with ESMTP id 49A3737B406 for ; Thu, 4 Oct 2001 03:18:20 -0700 (PDT) Received: by gvr.gvr.org (Postfix, from userid 657) id A2708586E; Thu, 4 Oct 2001 12:18:18 +0200 (CEST) Date: Thu, 4 Oct 2001 12:18:18 +0200 From: Guido van Rooij To: "Crist J. Clark" Cc: freebsd-net@FreeBSD.ORG Subject: Re: IPsec rekey question (bug in racoon?) Message-ID: <20011004121818.B74306@gvr.gvr.org> References: <20011003130015.A68282@gvr.gvr.org> <20011003132235.C8391@blossom.cjclark.org> <20011003225701.A71045@gvr.gvr.org> <20011003202053.J8391@blossom.cjclark.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20011003202053.J8391@blossom.cjclark.org>; from cristjc@earthlink.net on Wed, Oct 03, 2001 at 08:20:53PM -0700 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, Oct 03, 2001 at 08:20:53PM -0700, Crist J. Clark wrote: > > > > Why? Because if one system reboots, the key is gone so there is no way > > to decrypt the incoming traffic any more? > > "The key?" What key? Again, each direction is independent from the > other. Different keys will be used for each. The remote end doesn't > care about the state of the machine that was reset. As far as its SAD > is concerned nothing has changed. Therefore, no need to change the > SPI. host A -> B: key k1 host B -> A: key k2 Host B reboots and looses k1 and k2. Now Host B goes into negotiation again, and the fllowing situation arises: host B's point of view: host A -> B: key l1 host B -> A: key l2 Host A's point of view: host A -> B: key k1 host B -> A: key l2 So A and B are using different keys for A -> B packets, and thus B cannot decrypt anymore. -Guido To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 3:39: 8 2001 Delivered-To: freebsd-net@freebsd.org Received: from gvr.gvr.org (gvr.gvr.org [212.61.40.17]) by hub.freebsd.org (Postfix) with ESMTP id AC9D537B406 for ; Thu, 4 Oct 2001 03:39:06 -0700 (PDT) Received: by gvr.gvr.org (Postfix, from userid 657) id 45299586C; Thu, 4 Oct 2001 12:39:05 +0200 (CEST) Date: Thu, 4 Oct 2001 12:39:05 +0200 From: Guido van Rooij To: Shoichi Sakane Cc: freebsd-net@freebsd.org Subject: Re: IPsec rekey question (bug in racoon?) Message-ID: <20011004123905.C74306@gvr.gvr.org> References: <20011003130015.A68282@gvr.gvr.org> <20011004174748J.sakane@kame.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20011004174748J.sakane@kame.net>; from sakane@kame.net on Thu, Oct 04, 2001 at 05:47:48PM +0900 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Oct 04, 2001 at 05:47:48PM +0900, Shoichi Sakane wrote: > the freebsd's ipsec stack always uses old SA when there are some SAs for > the communication. so the other side system used old SA even when the one > had new SA. > latest KAME has the flag, net.key.prefered_oldsa, which makes the kernel > to be used new SA or old one. if the flag is not 0, the kernel uses > new one. With that I can fix my case. Is there a special reason to default to the old one, because that breaks rebooting systems, doesn't it? -Guido To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 3:57:19 2001 Delivered-To: freebsd-net@freebsd.org Received: from sasami.jurai.net (sasami.jurai.net [64.0.106.45]) by hub.freebsd.org (Postfix) with ESMTP id 8F46E37B405 for ; Thu, 4 Oct 2001 03:57:13 -0700 (PDT) Received: from localhost (winter@localhost) by sasami.jurai.net (8.9.3/8.8.7) with ESMTP id GAA79335 for ; Thu, 4 Oct 2001 06:57:12 -0400 (EDT) Date: Thu, 4 Oct 2001 06:57:12 -0400 (EDT) From: "Matthew N. Dodd" To: freebsd-net@freebsd.org Subject: review request: new function sys/net/route.c:rt_resolv() Message-ID: MIME-Version: 1.0 Content-Type: MULTIPART/MIXED; BOUNDARY="0-1450228721-1002193032=:38937" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mime@docserver.cac.washington.edu for more info. --0-1450228721-1002193032=:38937 Content-Type: TEXT/PLAIN; charset=US-ASCII Find attached for your review a patch implementing the rt_resolv() (better name requested if you can think of one.) function. This is intended to replace the ~25 lines of duplicated code currently in if_ethersubr.c, if_fddisubr.c, and if_iso88025subr.c in the respective output functions. Only the modification to if_ethersubr.c is included in this patch as I've got local changes to the other files that aren't relevant and most people aren't likely to have FDDI or Token Ring stuff they want to test this on anyway. It appears to work for me though I'm sure I've missed something obvious. Comments? -- | Matthew N. Dodd | '78 Datsun 280Z | '75 Volvo 164E | FreeBSD/NetBSD | | winter@jurai.net | 2 x '84 Volvo 245DL | ix86,sparc,pmax | | http://www.jurai.net/~winter | For Great Justice! | ISO8802.5 4ever | --0-1450228721-1002193032=:38937 Content-Type: TEXT/PLAIN; charset=US-ASCII; name="rt_resolv.patch" Content-Transfer-Encoding: BASE64 Content-ID: Content-Description: Content-Disposition: attachment; filename="rt_resolv.patch" SW5kZXg6IHJvdXRlLmMNCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0NClJDUyBm aWxlOiAvY3ZzL3NyYy9zeXMvbmV0L3JvdXRlLmMsdg0KcmV0cmlldmluZyBy ZXZpc2lvbiAxLjY0DQpkaWZmIC11IC1yMS42NCByb3V0ZS5jDQotLS0gcm91 dGUuYwkyNSBKdWwgMjAwMSAyMDoxNToyOCAtMDAwMAkxLjY0DQorKysgcm91 dGUuYwk0IE9jdCAyMDAxIDEwOjQ5OjE0IC0wMDAwDQpAQCAtMTA5NCw1ICsx MDk0LDQ5IEBADQogCXJldHVybiAoZXJyb3IpOw0KIH0NCiANCitpbnQNCity dF9yZXNvbHYocnQsIHJ0MCwgZHN0KQ0KKwlzdHJ1Y3QgcnRlbnRyeSAqKnJ0 Ow0KKwlzdHJ1Y3QgcnRlbnRyeSAqKnJ0MDsNCisJc3RydWN0IHNvY2thZGRy ICpkc3Q7DQorew0KKwlpbnQgZXJyb3I7DQorDQorCWVycm9yID0gMDsNCisJ KnJ0ID0gKnJ0MDsNCisNCisJaWYgKCpydCAhPSBOVUxMKSB7DQorCQlpZiAo KCgqcnQpLT5ydF9mbGFncyAmIFJURl9VUCkgPT0gMCkgew0KKwkJCSpydDAg PSAqcnQgPSBydGFsbG9jMShkc3QsIDEsIDBVTCk7DQorCQkJaWYgKCpydDAg IT0gTlVMTCkNCisJCQkJKCpydCktPnJ0X3JlZmNudC0tOw0KKwkJCWVsc2UN CisJCQkJc2VuZGVycihFSE9TVFVOUkVBQ0gpOw0KKwkJfQ0KKwkJaWYgKCgq cnQpLT5ydF9mbGFncyAmIFJURl9HQVRFV0FZKSB7DQorCQkJaWYgKCgqcnQp LT5ydF9nd3JvdXRlID09IE5VTEwpDQorCQkJCWdvdG8gbG9va3VwOw0KKw0K KwkJCSpydCA9ICgqcnQpLT5ydF9nd3JvdXRlOw0KKwkJCWlmICgoKCpydCkt PnJ0X2ZsYWdzICYgUlRGX1VQKSA9PSAwKSB7DQorCQkJCXJ0ZnJlZSgqcnQp Ow0KKwkJCQkqcnQgPSAqcnQwOw0KKwkJCWxvb2t1cDoNCisJCQkJKCpydCkt PnJ0X2d3cm91dGUgPSBydGFsbG9jMSgoKnJ0KS0+cnRfZ2F0ZXdheSwgMSwg MFVMKTsNCisJCQkJKnJ0ID0gKCpydCktPnJ0X2d3cm91dGU7DQorCQkJCWlm ICgqcnQgPT0gTlVMTCkNCisJCQkJCXNlbmRlcnIoRUhPU1RVTlJFQUNIKTsN CisJCQl9DQorCQl9DQorCQlpZiAoKCpydCktPnJ0X2ZsYWdzICYgUlRGX1JF SkVDVCkNCisJCQlpZiAoKCpydCktPnJ0X3JteC5ybXhfZXhwaXJlID09IDAg fHwNCisJCQkJdGltZV9zZWNvbmQgPCAoKnJ0KS0+cnRfcm14LnJteF9leHBp cmUpDQorCQkJCXNlbmRlcnIoKnJ0ID09ICpydDAgPyBFSE9TVERPV04gOiBF SE9TVFVOUkVBQ0gpOw0KKwl9DQorDQorYmFkOg0KKwlyZXR1cm4gKGVycm9y KTsNCit9DQorDQogLyogVGhpcyBtdXN0IGJlIGJlZm9yZSBpcDZfaW5pdDIo KSwgd2hpY2ggaXMgbm93IFNJX09SREVSX01JRERMRSAqLw0KIFNZU0lOSVQo cm91dGUsIFNJX1NVQl9QUk9UT19ET01BSU4sIFNJX09SREVSX1RISVJELCBy b3V0ZV9pbml0LCAwKTsNCkluZGV4OiByb3V0ZS5oDQo9PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09DQpSQ1MgZmlsZTogL2N2cy9zcmMvc3lzL25ldC9yb3V0ZS5o LHYNCnJldHJpZXZpbmcgcmV2aXNpb24gMS4zOQ0KZGlmZiAtdSAtcjEuMzkg cm91dGUuaA0KLS0tIHJvdXRlLmgJMTIgU2VwIDIwMDEgMDg6Mzc6NTIgLTAw MDAJMS4zOQ0KKysrIHJvdXRlLmgJNCBPY3QgMjAwMSAxMDo0ODo0NyAtMDAw MA0KQEAgLTI5MCw2ICsyOTAsOCBAQA0KIAkgICAgc3RydWN0IHNvY2thZGRy ICosIGludCwgc3RydWN0IHNvY2thZGRyICosIHN0cnVjdCBydGVudHJ5ICoq KSk7DQogaW50CSBydHJlcXVlc3QgX19QKChpbnQsIHN0cnVjdCBzb2NrYWRk ciAqLA0KIAkgICAgc3RydWN0IHNvY2thZGRyICosIHN0cnVjdCBzb2NrYWRk ciAqLCBpbnQsIHN0cnVjdCBydGVudHJ5ICoqKSk7DQorDQoraW50CSBydF9y ZXNvbHYgX19QKChzdHJ1Y3QgcnRlbnRyeSAqKiwgc3RydWN0IHJ0ZW50cnkg KiosIHN0cnVjdCBzb2NrYWRkciAqKSk7DQogI2VuZGlmDQogDQogI2VuZGlm DQpJbmRleDogaWZfZXRoZXJzdWJyLmMNCj09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT0NClJDUyBmaWxlOiAvY3ZzL3NyYy9zeXMvbmV0L2lmX2V0aGVyc3Vici5j LHYNCnJldHJpZXZpbmcgcmV2aXNpb24gMS45Nw0KZGlmZiAtdSAtcjEuOTcg aWZfZXRoZXJzdWJyLmMNCi0tLSBpZl9ldGhlcnN1YnIuYwkxMCBTZXAgMjAw MSAwMTozMzowMyAtMDAwMAkxLjk3DQorKysgaWZfZXRoZXJzdWJyLmMJNCBP Y3QgMjAwMSAxMDozNzoyMCAtMDAwMA0KQEAgLTEzNywzOSArMTM3LDE5IEBA DQogCXNob3J0IHR5cGU7DQogCWludCBlcnJvciA9IDAsIGhkcmNtcGx0ID0g MDsNCiAgCXVfY2hhciBlc3JjWzZdLCBlZHN0WzZdOw0KLQlyZWdpc3RlciBz dHJ1Y3QgcnRlbnRyeSAqcnQ7DQotCXJlZ2lzdGVyIHN0cnVjdCBldGhlcl9o ZWFkZXIgKmVoOw0KKwlzdHJ1Y3QgcnRlbnRyeSAqcnQ7DQorCXN0cnVjdCBl dGhlcl9oZWFkZXIgKmVoOw0KIAlpbnQgb2ZmLCBsb29wX2NvcHkgPSAwOw0K IAlpbnQgaGxlbjsJLyogbGluayBsYXllciBoZWFkZXIgbGVuZ2h0ICovDQog CXN0cnVjdCBhcnBjb20gKmFjID0gSUZQMkFDKGlmcCk7DQogDQogCWlmICgo aWZwLT5pZl9mbGFncyAmIChJRkZfVVB8SUZGX1JVTk5JTkcpKSAhPSAoSUZG X1VQfElGRl9SVU5OSU5HKSkNCiAJCXNlbmRlcnIoRU5FVERPV04pOw0KLQly dCA9IHJ0MDsNCi0JaWYgKHJ0KSB7DQotCQlpZiAoKHJ0LT5ydF9mbGFncyAm IFJURl9VUCkgPT0gMCkgew0KLQkJCXJ0MCA9IHJ0ID0gcnRhbGxvYzEoZHN0 LCAxLCAwVUwpOw0KLQkJCWlmIChydDApDQotCQkJCXJ0LT5ydF9yZWZjbnQt LTsNCi0JCQllbHNlDQotCQkJCXNlbmRlcnIoRUhPU1RVTlJFQUNIKTsNCi0J CX0NCi0JCWlmIChydC0+cnRfZmxhZ3MgJiBSVEZfR0FURVdBWSkgew0KLQkJ CWlmIChydC0+cnRfZ3dyb3V0ZSA9PSAwKQ0KLQkJCQlnb3RvIGxvb2t1cDsN Ci0JCQlpZiAoKChydCA9IHJ0LT5ydF9nd3JvdXRlKS0+cnRfZmxhZ3MgJiBS VEZfVVApID09IDApIHsNCi0JCQkJcnRmcmVlKHJ0KTsgcnQgPSBydDA7DQot CQkJbG9va3VwOiBydC0+cnRfZ3dyb3V0ZSA9IHJ0YWxsb2MxKHJ0LT5ydF9n YXRld2F5LCAxLA0KLQkJCQkJCQkgIDBVTCk7DQotCQkJCWlmICgocnQgPSBy dC0+cnRfZ3dyb3V0ZSkgPT0gMCkNCi0JCQkJCXNlbmRlcnIoRUhPU1RVTlJF QUNIKTsNCi0JCQl9DQotCQl9DQotCQlpZiAocnQtPnJ0X2ZsYWdzICYgUlRG X1JFSkVDVCkNCi0JCQlpZiAocnQtPnJ0X3JteC5ybXhfZXhwaXJlID09IDAg fHwNCi0JCQkgICAgdGltZV9zZWNvbmQgPCBydC0+cnRfcm14LnJteF9leHBp cmUpDQotCQkJCXNlbmRlcnIocnQgPT0gcnQwID8gRUhPU1RET1dOIDogRUhP U1RVTlJFQUNIKTsNCi0JfQ0KKw0KKwllcnJvciA9IHJ0X3Jlc29sdigmcnQs ICZydDAsIGRzdCk7DQorCWlmIChlcnJvcikNCisJCWdvdG8gYmFkOw0KKw0K IAlobGVuID0gRVRIRVJfSERSX0xFTjsNCiAJc3dpdGNoIChkc3QtPnNhX2Zh bWlseSkgew0KICNpZmRlZiBJTkVUDQo= --0-1450228721-1002193032=:38937-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 3:59: 0 2001 Delivered-To: freebsd-net@freebsd.org Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by hub.freebsd.org (Postfix) with ESMTP id B38DE37B405; Thu, 4 Oct 2001 03:58:31 -0700 (PDT) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.11.6/8.11.2) id f94AujP57849; Thu, 4 Oct 2001 13:56:45 +0300 (EEST) (envelope-from ru) Date: Thu, 4 Oct 2001 13:56:45 +0300 From: Ruslan Ermilov To: unix@usww.com Cc: net@FreeBSD.org Subject: ifconfig(8) not counting per-IP-address outgoing statistics (was: Re: ifconfig question on the new 4.4) Message-ID: <20011004135645.E48758@sunbay.com> References: <3BBA0D10.3FA53C30@usww.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3BBA0D10.3FA53C30@usww.com>; from unix@usww.com on Tue, Oct 02, 2001 at 02:53:04PM -0400 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org [Redirected to -net] On Tue, Oct 02, 2001 at 02:53:04PM -0400, unix@usww.com wrote: > I installed the new release 4.4 on one machine to check out a feature I have been waiting for. > That is the ability to track bytes through one interface using several IP numbers. I seem to have > missed something I hope someone out there could help with. It appears to track incomming but not > outgoing bytes. > > When you do a 'netstat -bin' you get a report like: > netstat -bin > Name Mtu Network Address Ipkts Ierrs Ibytes Opkts Oerrs Obytes Coll > rl0 1500 00:48:54:1e:b9:38 13072 0 5142645 13636 0 1345022 0 > rl0 1500 10/24 10.0.0.170 3984 - 4521604 13588 - 1152144 - > rl0 1500 10.0.0.171/32 10.0.0.171 223 - 12331 0 - 0 - > rl0 1500 10.0.0.172/32 10.0.0.172 241 - 14334 0 - 0 - > rl0 1500 10.0.0.173/32 10.0.0.173 8403 - 355006 0 - 0 - > rl0 1500 10.0.0.174/32 10.0.0.174 0 - 0 0 - 0 - > rl0 1500 10.0.0.175/32 10.0.0.175 315 - 16779 0 - 0 - > rl1* 1500 00:50:bf:16:15:50 0 0 0 0 0 0 0 > rl2* 1500 00:50:bf:16:15:5f 0 0 0 0 0 0 0 > rl3* 1500 00:48:54:1e:b7:81 0 0 0 0 0 0 0 > rl4* 1500 00:50:ba:42:7f:be 0 0 0 0 0 0 0 > lp0* 1500 0 0 0 0 0 0 0 > lo0 16384 4 0 187 4 0 187 0 > lo0 16384 127 127.0.0.1 4 - 187 4 - 187 - > ppp0* 1500 0 0 0 0 0 0 0 > sl0* 552 0 0 0 0 0 0 0 > > It is not counting the Outgoing packets or bytes on any /32 ip. > > I added the following to rc.conf which appeared to be what to do from > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/configtuning-virtual-hosts.html > > ifconfig_rl0="inet 10.0.0.170 netmask 255.255.255.0" > ifconfig_rl0_alias0="inet 10.0.0.171 netmask 255.255.255.255" > ifconfig_rl0_alias1="inet 10.0.0.172 netmask 255.255.255.255" > ifconfig_rl0_alias2="inet 10.0.0.173 netmask 255.255.255.255" > ifconfig_rl0_alias3="inet 10.0.0.174 netmask 255.255.255.255" > ifconfig_rl0_alias4="inet 10.0.0.175 netmask 255.255.255.255" > > Everything else seems to be fine it is just not counting the outgoing packets > or bytes. Would some tell me what I missed? > It counts them, but not for the IP address in the IP datagram itself, but rather for IP address on an interfaces recorded with the corresponding route. For example, # ifconfig rl0 inet rl0: flags=8843 mtu 1500 inet 192.168.4.115 netmask 0xffffff00 broadcast 192.168.4.255 inet 192.168.4.200 netmask 0xffffff00 broadcast 192.168.4.255 # route -vn get 192.168.4.65 [...] sockaddrs: 192.168.4.65 0.d0.b7.16.9c.c6 rl0:0.c0.df.3.2d.79 192.168.4.115 ^^^^^^^^^^^^^ The both `ping -S 192.168.4.115 192.168.4.65' and `ping -S 192.168.4.200 192.168.4.65' will count them for 192.168.4.115. If you change your route like this: # route change 192.168.4.65 -ifa 192.168.4.200 # route -vn get 192.168.4.65 [...] sockaddrs: 192.168.4.65 0.d0.b7.16.9c.c6 rl0:0.c0.df.3.2d.79 192.168.4.200 both pings will be counted for 192.168.4.200. The behavior becomes more clear when you consider the case of raw IP packet (which can have an arbitrarily source IP address), or the gateway host forwarding a packet from the attached network. I agree this is confusing. Cheers, -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 5:39: 0 2001 Delivered-To: freebsd-net@freebsd.org Received: from smtp1.sentex.ca (smtp1.sentex.ca [199.212.134.4]) by hub.freebsd.org (Postfix) with ESMTP id 089AF37B407 for ; Thu, 4 Oct 2001 05:38:57 -0700 (PDT) Received: from chimp.simianscience.com (cage.simianscience.com [64.7.134.1]) by smtp1.sentex.ca (8.11.6/8.11.6) with SMTP id f94Ccs315396; Thu, 4 Oct 2001 08:38:54 -0400 (EDT) (envelope-from mike@sentex.net) From: Mike Tancsa To: rizzo@aciri.org (Luigi Rizzo) Cc: freebsd-net@freebsd.org Subject: Re: How to increase TCP and UDP buffers (for IPv4/IPv6) Date: Thu, 04 Oct 2001 08:38:54 -0400 Message-ID: <21morto01so4jkebem9s5t1tf6ohm1uple@4ax.com> References: <3BB9E199.D7CC5EC9@it.uc3m.es> In-Reply-To: X-Mailer: Forte Agent 1.8/32.548 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 2 Oct 2001 15:54:44 +0000 (UTC), in sentex.lists.freebsd.net you wrote: >> Hi: >>=20 >> It's possible to increase the TCP and UDP buffers ? >>=20 >> I've had problems with UDP packets of 64 bytes discarded with a = bandwith >> of 2-3 Mbits, using a FreeBSD-4.3 router in a link of 10 Mbits. > >a router does not buffer through traffic in a socket buffer (which is >what "TCP and UDP buffers" are) but on the interface queues and ipintrq, >which are typically 50 packets. >If this is the case you should see ipintrq drops listed >with > > sysctl net.inet.ip.intr_queue_drops > >and you could try to increase the size of that queue with something like > > sysctl -w net.inet.ip.intr_queue_maxlen=3D100 Hi, Are there any nasty side effects for increasing this value ? Also, how would one go about tracking down why net.inet.ip.intr_queue_drops is incrementing ? ---Mike Mike Tancsa (mdtancsa@sentex.net) =09 Sentex Communications Corp, =09 Waterloo, Ontario, Canada "Given enough time, 100 monkeys on 100 routers=20 could setup a national IP network." (KDW2) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 8:31:46 2001 Delivered-To: freebsd-net@freebsd.org Received: from smtp.uc3m.es (smtp01.uc3m.es [163.117.136.121]) by hub.freebsd.org (Postfix) with ESMTP id 54E9D37B401 for ; Thu, 4 Oct 2001 08:31:40 -0700 (PDT) Received: from smtp01.uc3m.es (localhost [127.0.0.1]) by smtp.uc3m.es (Postfix) with ESMTP id 4DA8443253 for ; Thu, 4 Oct 2001 17:31:39 +0200 (CEST) Received: from arpa.it.uc3m.es (arpa.it.uc3m.es [163.117.139.120]) by smtp01.uc3m.es (Postfix) with ESMTP id C56CD99E21 for ; Thu, 4 Oct 2001 17:31:38 +0200 (CEST) Received: from it.uc3m.es (alacran.it.uc3m.es [163.117.139.44]) by arpa.it.uc3m.es (8.9.3/8.9.3) with ESMTP id RAA22923 for ; Thu, 4 Oct 2001 17:31:38 +0200 Message-ID: <3BBC80DA.4BD4C859@it.uc3m.es> Date: Thu, 04 Oct 2001 17:31:38 +0200 From: Juan Fco Rodriguez Hervella X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: test Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org test -- ********************************* Juan F. Rodriguez Hervella Universidad Carlos III de Madrid ******************************** To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 9:19:38 2001 Delivered-To: freebsd-net@freebsd.org Received: from coffee.q9media.com (coffee.q9media.com [216.94.229.19]) by hub.freebsd.org (Postfix) with ESMTP id A163137B403; Thu, 4 Oct 2001 09:19:29 -0700 (PDT) Received: (from mike@localhost) by coffee.q9media.com (8.11.6/8.11.6) id f94GJXm33690; Thu, 4 Oct 2001 12:19:33 -0400 (EDT) (envelope-from mike) Date: Thu, 4 Oct 2001 12:19:33 -0400 From: Mike Barcroft To: Peter Pentchev Cc: freebsd-net@FreeBSD.ORG, freebsd-audit@FreeBSD.ORG Subject: Re: [CFR] whois(1) out-of-bound access patch Message-ID: <20011004121933.B31795@coffee.q9media.com> References: <20011004121640.C1959@ringworld.oblivion.bg> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="mP3DRpeJDSE+ciuQ" Content-Disposition: inline In-Reply-To: <20011004121640.C1959@ringworld.oblivion.bg>; from roam@ringlet.net on Thu, Oct 04, 2001 at 12:16:40PM +0300 Organization: The FreeBSD Project Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --mP3DRpeJDSE+ciuQ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Peter Pentchev writes: > As described in PR bin/30968, whois(1) may access invalid data when > the whois server returns a non-newline-terminated string. > While it is true that the whois server maintainers should do a better > job of following standards and such, still the 'be liberal in what > you accept' mindset might be applied in this case, to fix what is > ultimately a subtle fgetln(3) use bug :) > > Any harm in committing the attached patch? And this - or something > like this - should be done soon; all FreeBSD whois clients currently > display weird behavior when querying .biz domains :\ Evil! :) You may want to notify the server administrator, as I tried using a variety of different whois clients and most of them have problems with it. [Over-engineered patch removed.] Would you please test the attached patch and confirm that it solves the problem? If it does, I'll commit it today. Best regards, Mike Barcroft --mP3DRpeJDSE+ciuQ Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="whois.20011004.diff" whois.20011004.diff A whois server may return a final line without a new line character. PR: 30968 Index: whois.c =================================================================== RCS file: /cvs/src/usr.bin/whois/whois.c,v retrieving revision 1.24 diff -u -r1.24 whois.c --- whois.c 5 Aug 2001 19:37:12 -0000 1.24 +++ whois.c 4 Oct 2001 15:57:56 -0000 @@ -303,7 +303,7 @@ strchr(name, '.') == NULL) nomatch = 1; } - printf("%s\n", buf); + printf("%.*s\n", (int)len, buf); } /* Do second lookup as needed. */ --mP3DRpeJDSE+ciuQ-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 9:31:29 2001 Delivered-To: freebsd-net@freebsd.org Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id 3FA3637B406 for ; Thu, 4 Oct 2001 09:31:27 -0700 (PDT) Received: (from rizzo@localhost) by iguana.aciri.org (8.11.3/8.11.1) id f94GSXP45008; Thu, 4 Oct 2001 09:28:33 -0700 (PDT) (envelope-from rizzo) From: Luigi Rizzo Message-Id: <200110041628.f94GSXP45008@iguana.aciri.org> Subject: Re: How to increase TCP and UDP buffers (for IPv4/IPv6) In-Reply-To: <21morto01so4jkebem9s5t1tf6ohm1uple@4ax.com> from Mike Tancsa at "Oct 4, 2001 8:38:54 am" To: mike@sentex.net (Mike Tancsa) Date: Thu, 4 Oct 2001 09:28:33 -0700 (PDT) Cc: rizzo@aciri.org, freebsd-net@freebsd.org X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > > sysctl -w net.inet.ip.intr_queue_maxlen=100 > > Hi, > Are there any nasty side effects for increasing this value ? Also, how > would one go about tracking down why net.inet.ip.intr_queue_drops is > incrementing ? In general, if your system is unable to drain ipintrq fast enough then you are hitting some CPU shortage, and increasing the queue size will not help, except perhaps in the short term or in peculiar situations where you have many interfaces, no fast_forwarding (this would help a lot here), or very bursty input traffic. cheers luigi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 9:44:50 2001 Delivered-To: freebsd-net@freebsd.org Received: from smtp1.sentex.ca (smtp1.sentex.ca [199.212.134.4]) by hub.freebsd.org (Postfix) with ESMTP id AC77737B409 for ; Thu, 4 Oct 2001 09:44:45 -0700 (PDT) Received: from simoeon.sentex.net (pyroxene.sentex.ca [199.212.134.18]) by smtp1.sentex.ca (8.11.6/8.11.6) with ESMTP id f94Gig372852; Thu, 4 Oct 2001 12:44:42 -0400 (EDT) (envelope-from mike@sentex.net) Message-Id: <5.1.0.14.0.20011004122716.0408d470@marble.sentex.ca> X-Sender: mdtpop@marble.sentex.ca X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Thu, 04 Oct 2001 12:38:19 -0400 To: Luigi Rizzo From: Mike Tancsa Subject: Re: How to increase TCP and UDP buffers (for IPv4/IPv6) Cc: freebsd-net@freebsd.org In-Reply-To: <200110041628.f94GSXP45008@iguana.aciri.org> References: <21morto01so4jkebem9s5t1tf6ohm1uple@4ax.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 09:28 AM 10/4/01 -0700, Luigi Rizzo wrote: > > > sysctl -w net.inet.ip.intr_queue_maxlen=100 > > > > Hi, > > Are there any nasty side effects for increasing this value ? Also, how > > would one go about tracking down why net.inet.ip.intr_queue_drops is > > incrementing ? > >In general, if your system is unable to drain ipintrq fast enough >then you are hitting some CPU shortage, and increasing the queue >size will not help, except perhaps in the short term or in peculiar >situations where you have many interfaces, no fast_forwarding (this >would help a lot here), or very bursty input traffic. I guess in my case, the load average is general 0.00, but that is just measuring userland activity no ? Is there a way to allocate more CPU to the kernel for routing ? The box in question has some 100,000 routes, so I dont think I can implement fast_forwarding-- or am I thinking of something else? Also, will removing ipv6 from the kernel make it more efficient acting as a router ? Thanks very much for your input. ---Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 9:50:38 2001 Delivered-To: freebsd-net@freebsd.org Received: from xerxes.courtesan.com (sdsl-64-32-146-211.dsl.lax.megapath.net [64.32.146.211]) by hub.freebsd.org (Postfix) with ESMTP id 5355937B403; Thu, 4 Oct 2001 09:50:33 -0700 (PDT) Received: from xerxes.courtesan.com (localhost.courtesan.com [IPv6:::1]) by xerxes.courtesan.com (8.12.1/8.12.1) with ESMTP id f94GoL4W028703; Thu, 4 Oct 2001 10:50:21 -0600 (MDT) Received: from xerxes.courtesan.com (millert@localhost) by xerxes.courtesan.com (8.12.1/8.12.0/Submit) with ESMTP id f94GoL10010161; Thu, 4 Oct 2001 10:50:21 -0600 (MDT) Message-Id: <200110041650.f94GoL10010161@xerxes.courtesan.com> To: Mike Barcroft Cc: Peter Pentchev , freebsd-net@FreeBSD.ORG, freebsd-audit@FreeBSD.ORG Subject: Re: [CFR] whois(1) out-of-bound access patch In-reply-to: Your message of "Thu, 04 Oct 2001 12:19:33 EDT." <20011004121933.B31795@coffee.q9media.com> References: <20011004121640.C1959@ringworld.oblivion.bg> <20011004121933.B31795@coffee.q9media.com> Date: Thu, 04 Oct 2001 10:50:20 -0600 From: "Todd C. Miller" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org In message <20011004121933.B31795@coffee.q9media.com> so spake Mike Barcroft (mike): > Would you please test the attached patch and confirm that it solves > the problem? If it does, I'll commit it today. I doubt that is sufficient as "buf" is treated as a NUL terminated string in the calls to strstr(). Also note that it is not necessary to copy the buffer each time as in the original patch. You can only get a line w/o a newline as the last line before EOF. - todd To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 10: 3: 1 2001 Delivered-To: freebsd-net@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id AA96337B406; Thu, 4 Oct 2001 10:02:57 -0700 (PDT) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.11.4/8.11.4) id f94H2uQ08169; Thu, 4 Oct 2001 13:02:56 -0400 (EDT) (envelope-from wollman) Date: Thu, 4 Oct 2001 13:02:56 -0400 (EDT) From: Garrett Wollman Message-Id: <200110041702.f94H2uQ08169@khavrinen.lcs.mit.edu> To: Mike Barcroft Cc: freebsd-net@FreeBSD.ORG, freebsd-audit@FreeBSD.ORG Subject: Re: [CFR] whois(1) out-of-bound access patch In-Reply-To: <20011004121933.B31795@coffee.q9media.com> References: <20011004121640.C1959@ringworld.oblivion.bg> <20011004121933.B31795@coffee.q9media.com> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org < said: > - printf("%s\n", buf); > + printf("%.*s\n", (int)len, buf); This is a *much* better patch. -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 10: 3:33 2001 Delivered-To: freebsd-net@freebsd.org Received: from iguana.aciri.org (iguana.aciri.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id 640BB37B405 for ; Thu, 4 Oct 2001 10:03:28 -0700 (PDT) Received: (from rizzo@localhost) by iguana.aciri.org (8.11.3/8.11.1) id f94H0ZQ45166; Thu, 4 Oct 2001 10:00:35 -0700 (PDT) (envelope-from rizzo) From: Luigi Rizzo Message-Id: <200110041700.f94H0ZQ45166@iguana.aciri.org> Subject: Re: How to increase TCP and UDP buffers (for IPv4/IPv6) In-Reply-To: <5.1.0.14.0.20011004122716.0408d470@marble.sentex.ca> from Mike Tancsa at "Oct 4, 2001 12:38:19 pm" To: mike@sentex.net (Mike Tancsa) Date: Thu, 4 Oct 2001 10:00:35 -0700 (PDT) Cc: rizzo@aciri.org, freebsd-net@freebsd.org X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > I guess in my case, the load average is general 0.00, but that is just > measuring userland activity no ? Is there a way to allocate more CPU to yes... "top" should tell you how much time you spend in kernel space, though, and that could be an indication. > measuring userland activity no ? Is there a way to allocate more CPU to > the kernel for routing ? The box in question has some 100,000 routes, so I no, currently the kernel will use up to 100% of the CPU for that task. > dont think I can implement fast_forwarding-- or am I thinking of something > else? fast_forwarding helps in the sense that it bypasses the queue and calls directly ip_input at interrupt time. The fact that it also uses a cache for routes is only an optimization. I am not sure how bad would it be to add code for full route lookups in ipflow_fastforwarding, i might try and have a look at this in a week or two once i am done with some (partly related) work i am doing. > Also, will removing ipv6 from the kernel make it more efficient acting as a > router ? probably not much, i guess it is just an additional entry in a switch() statement... cheers luigi ----------------------------------+----------------------------------------- Luigi RIZZO, luigi@iet.unipi.it . ACIRI/ICSI (on leave from Univ. di Pisa) http://www.iet.unipi.it/~luigi/ . 1947 Center St, Berkeley CA 94704 Phone: (510) 666 2927 ----------------------------------+----------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 10:18:52 2001 Delivered-To: freebsd-net@freebsd.org Received: from smtp1.sentex.ca (smtp1.sentex.ca [199.212.134.4]) by hub.freebsd.org (Postfix) with ESMTP id 6E93C37B405 for ; Thu, 4 Oct 2001 10:18:48 -0700 (PDT) Received: from simoeon.sentex.net (pyroxene.sentex.ca [199.212.134.18]) by smtp1.sentex.ca (8.11.6/8.11.6) with ESMTP id f94HIl379109; Thu, 4 Oct 2001 13:18:47 -0400 (EDT) (envelope-from mike@sentex.net) Message-Id: <5.1.0.14.0.20011004130347.04a295a0@marble.sentex.ca> X-Sender: mdtpop@marble.sentex.ca X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Thu, 04 Oct 2001 13:12:24 -0400 To: Luigi Rizzo From: Mike Tancsa Subject: Re: How to increase TCP and UDP buffers (for IPv4/IPv6) Cc: freebsd-net@freebsd.org In-Reply-To: <200110041700.f94H0ZQ45166@iguana.aciri.org> References: <5.1.0.14.0.20011004122716.0408d470@marble.sentex.ca> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 10:00 AM 10/4/01 -0700, Luigi Rizzo wrote: > > I guess in my case, the load average is general 0.00, but that is just > > measuring userland activity no ? Is there a way to allocate more CPU to > >yes... "top" should tell you how much time you spend in kernel space, >though, and that could be an indication. Strange, its idle as well. top is the most active process, and the interrupts are at about 10% at the max. > > dont think I can implement fast_forwarding-- or am I thinking of something > > else? > >fast_forwarding helps in the sense that it bypasses the queue and >calls directly ip_input at interrupt time. The fact that it also >uses a cache for routes is only an optimization. > >I am not sure how bad would it be to add code for full route lookups >in ipflow_fastforwarding, i might try and have a look at this >in a week or two once i am done with some (partly related) >work i am doing. Hmmm... Do you think I should enable it ? Will it hurt in my case for the large routing table ? Thanks again! ---Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 10:24:52 2001 Delivered-To: freebsd-net@freebsd.org Received: from odin.truenet.com.br (truenet.com.br [200.249.253.1]) by hub.freebsd.org (Postfix) with ESMTP id 171D537B407 for ; Thu, 4 Oct 2001 10:24:46 -0700 (PDT) Received: from spoc.dotx.com.br ([200.249.253.230]) by odin.truenet.com.br (8.11.3/8.11.3) with ESMTP id f94HPPS24769 for ; Thu, 4 Oct 2001 14:25:26 -0300 (ADT) Subject: X.25 From: =?ISO-8859-1?Q?Jo=E3o?= Alfredo To: freebsd-net@FreeBSD.ORG Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Mailer: Evolution/0.13 (Preview Release) Date: 04 Oct 2001 14:23:45 -0300 Message-Id: <1002216226.1379.236.camel@spoc> Mime-Version: 1.0 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, Does FreeBSD supports X.25?? Does it supports PAD?? Where I can find info about it? Thanks in advance. --=20 Jo=E3o Alfredo G. Batista ou * dotX Consultoria, Servi=E7os e Conectividade * http://www.dotx.com.br * Departamento de Desenvolvimento To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 10:47:15 2001 Delivered-To: freebsd-net@freebsd.org Received: from coffee.q9media.com (coffee.q9media.com [216.94.229.19]) by hub.freebsd.org (Postfix) with ESMTP id 00F3537B405; Thu, 4 Oct 2001 10:47:10 -0700 (PDT) Received: (from mike@localhost) by coffee.q9media.com (8.11.6/8.11.6) id f94HlBV33920; Thu, 4 Oct 2001 13:47:11 -0400 (EDT) (envelope-from mike) Date: Thu, 4 Oct 2001 13:47:10 -0400 From: Mike Barcroft To: "Todd C. Miller" Cc: Peter Pentchev , freebsd-net@FreeBSD.ORG, freebsd-audit@FreeBSD.ORG Subject: Re: [CFR] whois(1) out-of-bound access patch Message-ID: <20011004134710.C31795@coffee.q9media.com> References: <20011004121640.C1959@ringworld.oblivion.bg> <20011004121933.B31795@coffee.q9media.com> <200110041650.f94GoL10010161@xerxes.courtesan.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200110041650.f94GoL10010161@xerxes.courtesan.com>; from Todd.Miller@courtesan.com on Thu, Oct 04, 2001 at 10:50:20AM -0600 Organization: The FreeBSD Project Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Todd C. Miller writes: > In message <20011004121933.B31795@coffee.q9media.com> > so spake Mike Barcroft (mike): > > > Would you please test the attached patch and confirm that it solves > > the problem? If it does, I'll commit it today. > > I doubt that is sufficient as "buf" is treated as a NUL terminated > string in the calls to strstr(). Also note that it is not necessary > to copy the buffer each time as in the original patch. You can > only get a line w/o a newline as the last line before EOF. We could always implement strnstr(). I think I prefer it to the malloc(3) the final line kludge. BTW, are you interested in syncing OpenBSD's whois(1) with FreeBSD's at some point? I've added some really useful features, particularly the -c option and recursive IP lookups. Best regards, Mike Barcroft To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 11:14:15 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail25.bigmailbox.com (mail25.bigmailbox.com [209.132.220.211]) by hub.freebsd.org (Postfix) with ESMTP id 0C02837B403 for ; Thu, 4 Oct 2001 11:14:13 -0700 (PDT) Received: (from www@localhost) by mail25.bigmailbox.com (8.10.0/8.10.0) id f94IDnf09264; Thu, 4 Oct 2001 11:13:49 -0700 Date: Thu, 4 Oct 2001 11:13:49 -0700 Message-Id: <200110041813.f94IDnf09264@mail25.bigmailbox.com> Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary X-Mailer: MIME-tools 4.104 (Entity 4.116) Mime-Version: 1.0 X-Originating-Ip: [200.229.133.210] From: "irado@nettaxi.com" To: jmcpinto@yahoo.com Subject: kernel welded?? Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I am completely blind and stuck: I was recompiling (2nd time) my kernel, when (make install) suddenly I was surprised with the following message: [...] mv /kernel /kernel.old Operation not permitted So, I cannot rm it, cannot change it, can do nothing to it - and I am root. There are a limit (once a day) for the kernel recompiling?? seriously: What is happening, and how to correct it? saudações, irado furioso com tudo linux user 179402 deus é construído à imagem e semelhança do homem. Principalmente em seus defeitos. por favor, clique aqui: http://www.thehungersite.com e aqui também: http://cf6.uol.com.br/umminuto/ ------------------------------------------------------------ Nettaxi would like to ask for your help in donations to the RED CROSS today! http://www.nyredcross.org/donate/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 11:47:57 2001 Delivered-To: freebsd-net@freebsd.org Received: from taka.swcp.com (taka.swcp.com [198.59.115.12]) by hub.freebsd.org (Postfix) with ESMTP id 9AA2437B407 for ; Thu, 4 Oct 2001 11:47:53 -0700 (PDT) Received: from argotsoft.com (argotsoft.com [198.59.115.127]) by taka.swcp.com (8.10.0.Beta12/8.10.0.Beta12) with ESMTP id f94InJb45154; Thu, 4 Oct 2001 12:49:20 -0600 (MDT) Received: from ATHABASCA (athabasca.argotsoft.com [192.168.3.104]) by argotsoft.com (8.11.3/8.11.3) with SMTP id f94Il7h58575; Thu, 4 Oct 2001 12:47:07 -0600 (MDT) Message-Id: <3.0.3.32.20011004124705.011b0250@mail> X-Sender: msommer@mail X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.3 (32) Date: Thu, 04 Oct 2001 12:47:05 -0600 To: "irado@nettaxi.com" , jmcpinto@yahoo.com From: "Mark J. Sommer" Subject: Re: kernel welded?? Cc: freebsd-net@freebsd.org In-Reply-To: <200110041813.f94IDnf09264@mail25.bigmailbox.com> Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Sounds like you booted it and its locked. Does FreeBSD do that? At 11:13 AM 10/4/2001 -0700, irado@nettaxi.com wrote: >I am completely blind and stuck: I was recompiling (2nd time) my kernel,= when (make install) suddenly I was surprised with the following message: > >[...] >mv /kernel /kernel.old >Operation not permitted > >So, I cannot rm it, cannot change it, can do nothing to it - and I am root. > >There are a limit (once a day) for the kernel recompiling?? > > >seriously: What is happening, and how to correct it? > > > >sauda=E7=F5es, > irado furioso com tudo > linux user 179402 >deus =E9 constru=EDdo =E0 imagem e semelhan=E7a do homem. Principalmente em= seus defeitos. > =20 > por favor, clique aqui: http://www.thehungersite.com > e aqui tamb=E9m: http://cf6.uol.com.br/umminuto/=20 > >------------------------------------------------------------ >Nettaxi would like to ask for your help in donations to the RED CROSS= today! >http://www.nyredcross.org/donate/ > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-net" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 12: 9:27 2001 Delivered-To: freebsd-net@freebsd.org Received: from elvis.mu.org (elvis.mu.org [216.33.66.196]) by hub.freebsd.org (Postfix) with ESMTP id 92F1437B405 for ; Thu, 4 Oct 2001 12:09:20 -0700 (PDT) Received: by elvis.mu.org (Postfix, from userid 1098) id 4E78A81D05; Thu, 4 Oct 2001 14:09:15 -0500 (CDT) Date: Thu, 4 Oct 2001 14:09:15 -0500 From: Bill Fumerola To: "Mark J. Sommer" Cc: "irado@nettaxi.com" , jmcpinto@yahoo.com, freebsd-net@freebsd.org Subject: Re: kernel welded?? Message-ID: <20011004140915.I51024@elvis.mu.org> References: <200110041813.f94IDnf09264@mail25.bigmailbox.com> <3.0.3.32.20011004124705.011b0250@mail> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3.0.3.32.20011004124705.011b0250@mail>; from msommer@argotsoft.com on Thu, Oct 04, 2001 at 12:47:05PM -0600 X-Operating-System: FreeBSD 4.4-FEARSOME-20010909 i386 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Oct 04, 2001 at 12:47:05PM -0600, Mark J. Sommer wrote: > Sounds like you booted it and its locked. Does FreeBSD do that? No, of course not. You can remove the kernel once you've booted and it doesn't matter. At 11:13 AM 10/4/2001 -0700, irado@nettaxi.com wrote: > I am completely blind and stuck: I was recompiling (2nd time) my kernel, when (make install) suddenly I was surprised with the following message: > > [...] > mv /kernel /kernel.old > Operation not permitted > > So, I cannot rm it, cannot change it, can do nothing to it - and I am root. > > There are a limit (once a day) for the kernel recompiling?? > > > seriously: What is happening, and how to correct it? whats happening is you're posting to -net with a newbie question that has nothing to do with networking. correcting this involves you reading the proper charters at: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/eresources.html#ERESOURCES-MAIL and picking a mailing list more appropriate, such as questions@FreeBSD.org, the next time you have a question. as to your actual "problem": -r-xr-xr-x 1 root wheel schg 2265352 Jan 25 2001 /kernel /kernel has the 'schg' flag set. you can learn more about flags in 'man chflags'. if 'make install' doesn't clear this flag before installing (and it does), that's a bug. -- - bill fumerola / fumerola@yahoo-inc.com / billf@FreeBSD.org / billf@mu.org - my anger management counselor can beat up your self-affirmation therapist To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 12:53:35 2001 Delivered-To: freebsd-net@freebsd.org Received: from spork.pantherdragon.org (spork.pantherdragon.org [206.29.168.146]) by hub.freebsd.org (Postfix) with ESMTP id 2D12E37B403 for ; Thu, 4 Oct 2001 12:53:29 -0700 (PDT) Received: from pantherdragon.org (rook.pantherdragon.org [206.29.168.147]) by spork.pantherdragon.org (Postfix) with ESMTP id 6A645471C5; Thu, 4 Oct 2001 12:53:25 -0700 (PDT) Message-ID: <3BBCBE23.1064AE1D@pantherdragon.org> Date: Thu, 04 Oct 2001 12:53:07 -0700 From: dmp@pantherdragon.org X-Mailer: Mozilla 4.76 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Bill Fumerola Cc: "Mark J. Sommer" , "irado@nettaxi.com" , jmcpinto@yahoo.com, freebsd-net@freebsd.org Subject: Re: kernel welded?? References: <200110041813.f94IDnf09264@mail25.bigmailbox.com> <3.0.3.32.20011004124705.011b0250@mail> <20011004140915.I51024@elvis.mu.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Bill Fumerola wrote: > At 11:13 AM 10/4/2001 -0700, irado@nettaxi.com wrote: >> I am completely blind and stuck: I was recompiling (2nd time) my kernel, when (make install) suddenly I was surprised with the following message: >> >> mv /kernel /kernel.old >> Operation not permitted >> >> seriously: What is happening, and how to correct it? > > as to your actual "problem": > -r-xr-xr-x 1 root wheel schg 2265352 Jan 25 2001 /kernel > > /kernel has the 'schg' flag set. you can learn more about flags in 'man > chflags'. if 'make install' doesn't clear this flag before installing > (and it does), that's a bug. It's more likely to be kern.securelevel having been set to 1 or higher, rather than an actual bug. irado, change the securelevel item in /etc/rc.conf to 0, then reboot and re-run make install. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 17:23:40 2001 Delivered-To: freebsd-net@freebsd.org Received: from mine.kame.net (kame195.kame.net [203.178.141.195]) by hub.freebsd.org (Postfix) with ESMTP id 110B737B401 for ; Thu, 4 Oct 2001 17:23:37 -0700 (PDT) Received: from localhost ([3ffe:501:41c:2000:260:1dff:fef7:1d80]) by mine.kame.net (8.11.1/3.7W) with ESMTP id f950SoH03667 for ; Fri, 5 Oct 2001 09:28:50 +0900 (JST) To: freebsd-net@freebsd.org Subject: Re: IPsec rekey question (bug in racoon?) In-Reply-To: Your message of "Thu, 4 Oct 2001 12:39:05 +0200" <20011004123905.C74306@gvr.gvr.org> References: <20011004123905.C74306@gvr.gvr.org> X-Mailer: Cue version 0.6 (010810-1737/sakane) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Message-Id: <20011005092337B.sakane@kame.net> Date: Fri, 05 Oct 2001 09:23:37 +0900 From: Shoichi Sakane X-Dispatcher: imput version 20000228(IM140) Lines: 12 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > > the freebsd's ipsec stack always uses old SA when there are some SAs for > > the communication. so the other side system used old SA even when the one > > had new SA. > With that I can fix my case. Is there a special reason to > default to the old one, because that breaks rebooting systems, doesn't it? if new SA was used, when the system installed SA, but the other system hadn't installed SA yet, some packet would be lost. when the system rebooted, it would caused the problem as you said. you can get more information from draft-jenkins-ipsec-rekeying-06.txt. although this draft has expired already, you can get from the Internet somewhere. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 23: 8:54 2001 Delivered-To: freebsd-net@freebsd.org Received: from ringworld.nanolink.com (straylight.ringlet.net [217.75.134.254]) by hub.freebsd.org (Postfix) with SMTP id 3AE8437B408 for ; Thu, 4 Oct 2001 23:08:36 -0700 (PDT) Received: (qmail 3120 invoked by uid 1000); 5 Oct 2001 06:07:28 -0000 Date: Fri, 5 Oct 2001 09:07:27 +0300 From: Peter Pentchev To: Mike Barcroft Cc: "Todd C. Miller" , freebsd-net@FreeBSD.ORG, freebsd-audit@FreeBSD.ORG Subject: Re: [CFR] whois(1) out-of-bound access patch Message-ID: <20011005090727.A650@ringworld.oblivion.bg> Mail-Followup-To: Mike Barcroft , "Todd C. Miller" , freebsd-net@FreeBSD.ORG, freebsd-audit@FreeBSD.ORG References: <20011004121640.C1959@ringworld.oblivion.bg> <20011004121933.B31795@coffee.q9media.com> <200110041650.f94GoL10010161@xerxes.courtesan.com> <20011004134710.C31795@coffee.q9media.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20011004134710.C31795@coffee.q9media.com>; from mike@FreeBSD.ORG on Thu, Oct 04, 2001 at 01:47:10PM -0400 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Oct 04, 2001 at 01:47:10PM -0400, Mike Barcroft wrote: > Todd C. Miller writes: > > In message <20011004121933.B31795@coffee.q9media.com> > > so spake Mike Barcroft (mike): > > > > > Would you please test the attached patch and confirm that it solves > > > the problem? If it does, I'll commit it today. > > > > I doubt that is sufficient as "buf" is treated as a NUL terminated > > string in the calls to strstr(). Also note that it is not necessary > > to copy the buffer each time as in the original patch. You can > > only get a line w/o a newline as the last line before EOF. The buffer is not copied each time, but only when a line w/o a newline is found. In all other cases, we deal directly with what fgetln(3) returns. > We could always implement strnstr(). I think I prefer it to the > malloc(3) the final line kludge. strnstr() would not be enough; there are calls to strcspn(), strchr() and s_asprintf() too, which treat buf as a null-terminated string. I see no reason to introduce additional processing for *each* input string, when all we need is to special-case the case of no newline. The "kludge" is only invoked when a newline-less line is received, which, as Todd Miller points out, is usually only the last single line. In all other cases, there is no performance overhead. On a side note, as Garrett Wollman kindly pointed out in a private message, the calloc(3) call should probably be replaced by a malloc(3) and zeroing only the last byte. See the attached revised patch. G'luck, Peter -- You have, of course, just begun reading the sentence that you have just finished reading. Index: src/usr.bin/whois/whois.c =================================================================== RCS file: /home/ncvs/src/usr.bin/whois/whois.c,v retrieving revision 1.24 diff -u -r1.24 whois.c --- src/usr.bin/whois/whois.c 2001/08/05 19:37:12 1.24 +++ src/usr.bin/whois/whois.c 2001/10/05 11:07:46 @@ -251,7 +251,7 @@ { FILE *sfi, *sfo; struct addrinfo *res2; - char *buf, *nhost, *p; + char *abuf, *buf, *nhost, *p; int i, nomatch, s; size_t len; @@ -275,7 +275,16 @@ nhost = NULL; nomatch = 0; while ((buf = fgetln(sfi, &len)) != NULL) { - while (len && isspace(buf[len - 1])) + abuf = NULL; + if ((len == 0) || !isspace((unsigned char)buf[len - 1])) { + abuf = malloc(len + 1); + if (abuf == NULL) + err(1, "reallocating"); + memcpy(abuf, buf, len); + abuf[len] = '\0'; + buf = abuf; + } + while (len && isspace((unsigned char)buf[len - 1])) buf[--len] = '\0'; if ((flags & WHOIS_RECURSE) && nhost == NULL) { @@ -304,6 +313,7 @@ nomatch = 1; } printf("%s\n", buf); + free(abuf); } /* Do second lookup as needed. */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Oct 4 23:47: 0 2001 Delivered-To: freebsd-net@freebsd.org Received: from ringworld.nanolink.com (straylight.ringlet.net [217.75.134.254]) by hub.freebsd.org (Postfix) with SMTP id 38FDC37B405 for ; Thu, 4 Oct 2001 23:46:44 -0700 (PDT) Received: (qmail 3514 invoked by uid 1000); 5 Oct 2001 06:45:39 -0000 Date: Fri, 5 Oct 2001 09:45:39 +0300 From: Peter Pentchev To: Garrett Wollman Cc: Mike Barcroft , freebsd-net@FreeBSD.ORG, freebsd-audit@FreeBSD.ORG Subject: Re: [CFR] whois(1) out-of-bound access patch Message-ID: <20011005094539.B650@ringworld.oblivion.bg> Mail-Followup-To: Garrett Wollman , Mike Barcroft , freebsd-net@FreeBSD.ORG, freebsd-audit@FreeBSD.ORG References: <20011004121640.C1959@ringworld.oblivion.bg> <20011004121933.B31795@coffee.q9media.com> <200110041702.f94H2uQ08169@khavrinen.lcs.mit.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200110041702.f94H2uQ08169@khavrinen.lcs.mit.edu>; from wollman@khavrinen.lcs.mit.edu on Thu, Oct 04, 2001 at 01:02:56PM -0400 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Oct 04, 2001 at 01:02:56PM -0400, Garrett Wollman wrote: > < said: > > > - printf("%s\n", buf); > > + printf("%.*s\n", (int)len, buf); > > This is a *much* better patch. ..yet it needs more work: strstr() and strcspn() are used on a non-null-terminated string. And even if those are fixed, additional work is done for each input line, instead of only for the lines that actually need it (at most one per session). G'luck, Peter -- This sentence contains exactly threee erors. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 5 4:10:42 2001 Delivered-To: freebsd-net@freebsd.org Received: from daemon.kr.FreeBSD.org (daemon.kr.freebsd.org [211.176.62.31]) by hub.freebsd.org (Postfix) with ESMTP id 1F49237B401 for ; Fri, 5 Oct 2001 04:10:39 -0700 (PDT) Received: from gradius.wdb.co.kr (daemon [211.176.62.31]) by daemon.kr.FreeBSD.org (Postfix) with ESMTP id 0AC718F628; Fri, 5 Oct 2001 20:10:15 +0900 (KST) Received: (from cjh@localhost) by gradius.wdb.co.kr (8.11.6/8.11.6) id f95BA8D18326; Fri, 5 Oct 2001 20:10:08 +0900 (KST) (envelope-from cjh@wdb.co.kr) X-Authentication-Warning: gradius.wdb.co.kr: cjh set sender to cjh@wdb.co.kr using -f To: freebsd-net@freebsd.org Cc: cjh@kr.freebsd.org, khk@wdb.co.kr Subject: bridge + transparent proxy with 4-stable From: CHOI Junho Organization: Korea FreeBSD Users Group Date: 05 Oct 2001 20:10:08 +0900 Message-ID: <86u1xe4a27.fsf@gradius.wdb.co.kr> Lines: 58 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, Recently I've installed new bridge+ipfw at office. It is configured as: outer network -- -- --
---> inner network I installed FreeBSD 4.4-RELEASE and immediately update to 4-stable. Kernel configuration has: options IPFIREWALL #firewall options IPFIREWALL_VERBOSE #print information about dropped packets options IPFIREWALL_FORWARD #enable transparent proxy support options IPFIREWALL_VERBOSE_LIMIT=100 #limit verbosity options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default options IPV6FIREWALL #firewall for IPv6 options IPV6FIREWALL_VERBOSE options IPV6FIREWALL_VERBOSE_LIMIT=100 options IPV6FIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT #divert sockets options DUMMYNET options BRIDGE And this machine has fxp0(outer), fxp1(inner) interface. Only fxp1 has IP address. Bridged firewall was successful; it works nicely. I wish to try one more thing: Transparent proxy via Squid. I've installed www/squid24 port. squid.conf has: http_port 127.0.0.1:3128 httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on After running squid, I've added this rule at top of rules(output of ipfw -a list). 208.2.3.200(not real IP) is our firewall. 00500 0 0 allow tcp from 208.2.3.200 to any via fxp0 00550 173 11165 fwd 127.0.0.1,3128 tcp from 208.2.3.128/25 to any 80 via fxp1 As shown, rule 550 _filters_ packets, but it seems not to forward packets to 3128 ports(squid). All clients can go out with its IP, and nothing remains in squid log. Am I doing something wrong? I've searched many mailing lists(freebsd and squid) but I can't get good answers. p.s. I am doing NAT + Transparent Proxy in my home(ADSL). It works nicely. -- +++ Any opinions in this posting are my own and not those of my employers +++ CHOI Junho [sleeping now] [while sleeping] Korea FreeBSD Users Group Web Data Bank To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 5 5:17:32 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail6.bigmailbox.com (mail6.bigmailbox.com [209.132.220.37]) by hub.freebsd.org (Postfix) with ESMTP id 8E4E137B405 for ; Fri, 5 Oct 2001 05:17:30 -0700 (PDT) Received: (from www@localhost) by mail6.bigmailbox.com (8.10.0/8.10.0) id f95CFlJ13178; Fri, 5 Oct 2001 05:15:47 -0700 Date: Fri, 5 Oct 2001 05:15:47 -0700 Message-Id: <200110051215.f95CFlJ13178@mail6.bigmailbox.com> Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary X-Mailer: MIME-tools 4.104 (Entity 4.116) Mime-Version: 1.0 X-Originating-Ip: [200.229.133.210] From: "irado@nettaxi.com" To: irado@nettaxi.com, msommer@argotsoft.com Cc: freebsd-net@freebsd.org Subject: Re: kernel welded?? (VERY off-topic) Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org firstly, my apologises for the misaddressed question to this list. The matter is already settled thanks to some list-friends which pointed me that the kernel_security_level (rc.conf) was the culprit. Under level 2 the kernel is set to 'unchangeable' - and no chflags are accepted either. Many thanks to all of you. And sorry for the inconvenience. >Sounds like you booted it and its locked. Does FreeBSD do that? > >At 11:13 AM 10/4/2001 -0700, irado@nettaxi.com wrote: >>I am completely blind and stuck: I was recompiling (2nd time) my kernel, when (make install) suddenly I was surprised with the following message: saudações, irado furioso com tudo linux user 179402 deus é construído à imagem e semelhança do homem. Principalmente em seus defeitos. por favor, clique aqui: http://www.thehungersite.com e aqui também: http://cf6.uol.com.br/umminuto/ ------------------------------------------------------------ Nettaxi would like to ask for your help in donations to the RED CROSS today! http://www.nyredcross.org/donate/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 5 7:24:16 2001 Delivered-To: freebsd-net@freebsd.org Received: from secure.webhotel.net (secure.webhotel.net [195.41.202.80]) by hub.freebsd.org (Postfix) with SMTP id EEF2337B401 for ; Fri, 5 Oct 2001 07:24:13 -0700 (PDT) Received: (qmail 19265794 invoked from network); 5 Oct 2001 14:25:30 -0000 Received: from mail-gateway.webhotel.net (195.41.202.215) by mail.webhotel.net with SMTP; 5 Oct 2001 14:25:30 -0000 X-Authenticated-Timestamp: 16:25:30(CEST) on October 05, 2001 Message-ID: <3BBDC285.6E63AA3D@netgroup.dk> Date: Fri, 05 Oct 2001 16:24:05 +0200 From: Hroi Sigurdsson Organization: Netgroup A/S X-Mailer: Mozilla 4.78 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: Re: bridge + transparent proxy with 4-stable References: <86u1xe4a27.fsf@gradius.wdb.co.kr> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org CHOI Junho wrote: > After running squid, I've added this rule at top of rules(output of > ipfw -a list). 208.2.3.200(not real IP) is our firewall. > > 00500 0 0 allow tcp from 208.2.3.200 to any via fxp0 > 00550 173 11165 fwd 127.0.0.1,3128 tcp from 208.2.3.128/25 to any 80 via fxp1 > > As shown, rule 550 _filters_ packets, but it seems not to forward > packets to 3128 ports(squid). All clients can go out with its IP, and > nothing remains in squid log. Bridging and transparent proxying are incompatible. -- Hroi Sigurdsson hroi@netgroup.dk Netgroup A/S http://www.netgroup.dk To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 5 8:25: 7 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail2.bigmailbox.com (mail2.bigmailbox.com [209.132.220.33]) by hub.freebsd.org (Postfix) with ESMTP id 863E937B407 for ; Fri, 5 Oct 2001 08:25:03 -0700 (PDT) Received: (from www@localhost) by mail2.bigmailbox.com (8.10.0/8.10.0) id f95FP3J12040; Fri, 5 Oct 2001 08:25:03 -0700 Date: Fri, 5 Oct 2001 08:25:03 -0700 Message-Id: <200110051525.f95FP3J12040@mail2.bigmailbox.com> Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary X-Mailer: MIME-tools 4.104 (Entity 4.116) Mime-Version: 1.0 X-Originating-Ip: [200.229.133.210] From: "irado@nettaxi.com" To: freebsd-net@FreeBSD.ORG Subject: FreeBSD divert, redir, what?? :-\ Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org maybe just my pain, but I am perusing everywhere (http://groups.google.com), also faq's, tutorials and so on, but I am not able to get a single reply (maybe I am too newbie even for the man pages - I cannot apply it to my question): I need to mount a server in a (sort of) dmz, serving http, pop3 and smtp for both sides of a firewall (the public and the private), like this: /internet/---/firewall/--->internal lan (192.168.1.0) | |-->/server(s) 192.168.2.0) any request to the external ip for any available service must be addressed to the 192.168.2.0. Also, any request from 192.168.1.0 *must* be addressed to the 192.168.2.0 Anybody please can point me out to any document, tutorial, easy-hands-on on the subject?? Even RTFM will help, *if* mentioning the correct expression which must be searched. saudações, irado furioso com tudo linux user 179402 deus é construído à imagem e semelhança do homem. Principalmente em seus defeitos. por favor, clique aqui: http://www.thehungersite.com e aqui também: http://cf6.uol.com.br/umminuto/ ------------------------------------------------------------ Nettaxi would like to ask for your help in donations to the RED CROSS today! http://www.nyredcross.org/donate/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 5 10:59:40 2001 Delivered-To: freebsd-net@freebsd.org Received: from cobalt.hytekblue.com (adsl-208-191-100-26.dsl.stlsmo.swbell.net [208.191.100.26]) by hub.freebsd.org (Postfix) with ESMTP id 4616937B403 for ; Fri, 5 Oct 2001 10:59:37 -0700 (PDT) Received: from MatthewThurman ([128.242.166.117]) by cobalt.hytekblue.com (8.9.3/8.9.3) with SMTP id MAA00660 for ; Fri, 5 Oct 2001 12:59:35 -0500 (CDT) (envelope-from mgt@hytekblue.com) Message-ID: <005601c14dc8$1c19dee0$8f64a8c0@jimsfw.com> Reply-To: "Matthew" From: "Matthew" To: Subject: ifconfig quirks Date: Fri, 5 Oct 2001 13:03:39 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4807.1700 Disposition-Notification-To: "Matthew" X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I just wanted to point out something strange I ran into on my test network with release 4.4. if I use "ifconfig xl1 inet 10.0.0.007 netmask 255.255.255.0" I get upon looking at the adapter inet 10.0.0.7 netmask 0xffffff00 broadcast 10.0.0.255 however when I use "ifconfig xl1 inet 10.0.0.034 netmask 255.255.255.0" I get inet 10.0.0.28 netmask 0xffffff00 broadcast 10.0.0.255 and yet again if I use " ifconfig xl1 inet 10.0.0.52 netmask 255.255.255.0 " I get inet 10.0.0.42 netmask 0xffffff00 broadcast 10.0.0.255 and a third time I use "ifconfig xl1 inet 10.0.0.61 netmask 255.255.255.0" and I get inet 10.0.0.49 netmask 0xffffff00 broadcast 10.0.0.255 I have done this on three different freebsd 4.4 release machines with the exact same results on each. if I do not use the leading zero's in the last octet it works correctly. However I have at least three nics in each machine with multiple ip's on most interfaces to simulate my existing network so it would be nice to be able to use them as place holders to make the files look a bit cleaner. Cheers, Matthew To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 5 11:50:20 2001 Delivered-To: freebsd-net@freebsd.org Received: from vetnet5.vetorialnet.com.br (vetnet5.vetorialnet.com.br [200.248.179.9]) by hub.freebsd.org (Postfix) with ESMTP id A288A37B406 for ; Fri, 5 Oct 2001 11:50:16 -0700 (PDT) Received: from localhost (thiago_vet@localhost) by vetnet5.vetorialnet.com.br (8.11.4/8.11.3) with ESMTP id f95IviG57498; Fri, 5 Oct 2001 15:57:44 -0300 (BRT) (envelope-from thiago_vet@vetnet5.vetorialnet.com.br) Date: Fri, 5 Oct 2001 15:57:44 -0300 (BRT) From: Thiago Damas To: Matthew Cc: Subject: Re: ifconfig quirks In-Reply-To: <005601c14dc8$1c19dee0$8f64a8c0@jimsfw.com> Message-ID: <20011005155404.F57457-100000@vetnet5.vetorialnet.com.br> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org When you use numbers with a zero (0) as the first caracter, the C language think that is in octal. 007 in octal = 7 in decimal 034 in octal = 24 in decimal ... ... Then, use the ifconfig without the zero (0) in the first caracter On Fri, 5 Oct 2001, Matthew wrote: > I just wanted to point out something strange I ran into on my test > network with release 4.4. > > if I use "ifconfig xl1 inet 10.0.0.007 netmask 255.255.255.0" > I get upon looking at the adapter > inet 10.0.0.7 netmask 0xffffff00 broadcast 10.0.0.255 > > however when I use "ifconfig xl1 inet 10.0.0.034 netmask 255.255.255.0" > I get > inet 10.0.0.28 netmask 0xffffff00 broadcast 10.0.0.255 > > and yet again if I use " ifconfig xl1 inet 10.0.0.52 netmask 255.255.255.0 " > I get > inet 10.0.0.42 netmask 0xffffff00 broadcast 10.0.0.255 > > and a third time I use "ifconfig xl1 inet 10.0.0.61 netmask 255.255.255.0" > and I get > inet 10.0.0.49 netmask 0xffffff00 broadcast 10.0.0.255 > > I have done this on three different freebsd 4.4 release machines with the > exact same results on each. if I do not use the leading zero's in the last > octet it works correctly. However I have at least three nics in each machine > with multiple ip's on > most interfaces to simulate my existing network so it would be nice to be > able to use them as place holders to make the files look a bit cleaner. > Cheers, > Matthew > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 5 13: 1:48 2001 Delivered-To: freebsd-net@freebsd.org Received: from mail16.bigmailbox.com (mail16.bigmailbox.com [209.132.220.47]) by hub.freebsd.org (Postfix) with ESMTP id 55C9B37B403 for ; Fri, 5 Oct 2001 13:01:46 -0700 (PDT) Received: (from www@localhost) by mail16.bigmailbox.com (8.10.0/8.10.0) id f95K1Dh30041; Fri, 5 Oct 2001 13:01:13 -0700 Date: Fri, 5 Oct 2001 13:01:13 -0700 Message-Id: <200110052001.f95K1Dh30041@mail16.bigmailbox.com> Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary X-Mailer: MIME-tools 4.104 (Entity 4.116) Mime-Version: 1.0 X-Originating-Ip: [200.229.133.210] From: "irado@nettaxi.com" To: irado@globecom.net Subject: multihomed, multirouted and balanced FreeBSD?? Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org A friend of mine wants to exchange their's multi-homed linux box for a new FBSD one. The defy: 4 nic - 3 pointing to ADSL linkz (fixed ip), last one pointing to internal lan. Questions: Is it possible to have so many nic in a single FreeBSD box? How to enable 3 different routes there?? As far as I understood the original question, people there do not want a 'default' route - they will preffer some thing like 'automagic' routing: the available one will be the one for the (internal) box, if it is possible. Something like 'less-costing' path?? Hmm.. Can you please point me to the right white papers, how-to, recipes, hands-on, on the subject?? saudações, irado furioso com tudo linux user 179402 deus é construído à imagem e semelhança do homem. Principalmente em seus defeitos. por favor, clique aqui: http://www.thehungersite.com e aqui também: http://cf6.uol.com.br/umminuto/ ------------------------------------------------------------ Nettaxi would like to ask for your help in donations to the RED CROSS today! http://www.nyredcross.org/donate/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 5 15: 9:17 2001 Delivered-To: freebsd-net@freebsd.org Received: from orb.bluemoon.ee (orb.bluemoon.ee [212.107.42.1]) by hub.freebsd.org (Postfix) with ESMTP id D93E337B403 for ; Fri, 5 Oct 2001 15:09:14 -0700 (PDT) Received: (from priit@localhost) by orb.bluemoon.ee (8.9.3/8.9.3) id AAA06879 for freebsd-net@FreeBSD.org; Sat, 6 Oct 2001 00:07:39 +0200 Date: Sat, 6 Oct 2001 00:07:39 +0200 From: fbdn@dcee.net Message-Id: <200110052207.AAA06879@orb.bluemoon.ee> X-Authentication-Warning: orb.bluemoon.ee: priit set sender to fbdn@dcee.net using -f To: freebsd-net@FreeBSD.org Subject: No buffer space available Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I've run into problem that various prgorams (sendmail, ftpd) get often "cannot create socket: No buffer space available" error. Box is serving static html and images about 300 requests/sec, no shortage of memory nor CPU resources. Kernel is compiled with: maxusers 256 options NMBCLUSTERS=16384 and netstat shows following: # netstat -m 16634/25040/65536 mbufs in use (current/peak/max): 1318 mbufs allocated to data 15316 mbufs allocated to packet headers 1192/9452/16384 mbuf clusters in use (current/peak/max) 25164 Kbytes allocated to network (51% of mb_map in use) 0 requests for memory denied 0 requests for memory delayed 0 calls to protocol drain routines # netstat -an | wc -l 15207 My best guess is that system is running out of file descriptors. Any suggestions how to fix it? /fb To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 5 15:21:24 2001 Delivered-To: freebsd-net@freebsd.org Received: from silby.com (cb34181-a.mdsn1.wi.home.com [24.14.173.39]) by hub.freebsd.org (Postfix) with ESMTP id B094B37B406 for ; Fri, 5 Oct 2001 15:21:21 -0700 (PDT) Received: (qmail 7417 invoked by uid 1000); 5 Oct 2001 22:21:19 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 5 Oct 2001 22:21:19 -0000 Date: Fri, 5 Oct 2001 17:21:19 -0500 (CDT) From: Mike Silbersack To: Cc: Subject: Re: No buffer space available In-Reply-To: <200110052207.AAA06879@orb.bluemoon.ee> Message-ID: <20011005171752.E7371-100000@achilles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sat, 6 Oct 2001 fbdn@dcee.net wrote: > I've run into problem that various prgorams (sendmail, ftpd) get often > "cannot create socket: No buffer space available" error. Box is > serving static html and images about 300 requests/sec, no shortage of > memory nor CPU resources. Kernel is compiled with: maxusers 256 > options NMBCLUSTERS=16384 > > # netstat -an | wc -l > 15207 > > My best guess is that system is running out of file descriptors. Any suggestions how to fix it? > > /fb Yep, you're probably running out of sockets. You can change the count in loader.conf, the variable to tune is "kern.ipc.maxsockets". Set it to something higher than 16384, I guess. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Oct 5 17:27:58 2001 Delivered-To: freebsd-net@freebsd.org Received: from smtp1.sentex.ca (smtp1.sentex.ca [199.212.134.4]) by hub.freebsd.org (Postfix) with ESMTP id 2E37737B407 for ; Fri, 5 Oct 2001 17:27:54 -0700 (PDT) Received: from chimp.simianscience.com (cage.simianscience.com [64.7.134.1]) by smtp1.sentex.ca (8.11.6/8.11.6) with SMTP id f960RXb72645; Fri, 5 Oct 2001 20:27:33 -0400 (EDT) (envelope-from mike@sentex.net) From: Mike Tancsa To: irado@nettaxi.com ("irado@nettaxi.com") Cc: freebsd-net@freebsd.org Subject: Re: multihomed, multirouted and balanced FreeBSD?? Date: Fri, 05 Oct 2001 20:27:32 -0400 Message-ID: References: In-Reply-To: X-Mailer: Forte Agent 1.8/32.548 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, 5 Oct 2001 20:01:57 +0000 (UTC), in sentex.lists.freebsd.net you wrote: > >A friend of mine wants to exchange their's multi-homed linux box for a = new FBSD one. The defy: > >4 nic - 3 pointing to ADSL linkz (fixed ip), last one pointing to = internal lan. > >Questions: > >Is it possible to have so many nic in a single FreeBSD box? Why would you think its not possible ? You have cram lots of nics in = almost any operating system and have multiple interfaces. >How to enable 3 different routes there?? Use a dynamic routing protocol.... rip,ripng,ospf, bgp. =20 >As far as I understood the original question, people there do not want a= 'default' route=20 read up on the above dynamic routing protocols. Cisco has some good books on BGP and OSPF as well as many online documents. You can use zebra for similar routing on FreeBSD (www.zebra.org) ---Mike Mike Tancsa (mdtancsa@sentex.net) =09 Sentex Communications Corp, =09 Waterloo, Ontario, Canada "Given enough time, 100 monkeys on 100 routers=20 could setup a national IP network." (KDW2) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Oct 6 1:46: 2 2001 Delivered-To: freebsd-net@freebsd.org Received: from pintail.mail.pas.earthlink.net (pintail.mail.pas.earthlink.net [207.217.120.122]) by hub.freebsd.org (Postfix) with ESMTP id 2AF6837B403; Sat, 6 Oct 2001 01:45:58 -0700 (PDT) Received: from mindspring.com (dialup-209.245.136.251.Dial1.SanJose1.Level3.net [209.245.136.251]) by pintail.mail.pas.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id BAA03103; Sat, 6 Oct 2001 01:45:56 -0700 (PDT) Message-ID: <3BBEC4F7.D15FF792@mindspring.com> Date: Sat, 06 Oct 2001 01:46:47 -0700 From: Terry Lambert Reply-To: tlambert2@mindspring.com X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: hackers@freebsd.org Cc: net@freebsd.org Subject: IPSEC sucking up memory Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org While investigating a problem, I noticed that the IPSEC code is initializing the sp -- even when no one is using IPSEC. Is there a good reason why this is not late-bound, and the IPSEC code is initializing and copying and checking the security policy pointer, even in the absense of actual use of security over socket links? It turns out that this really, really bloats the per socket memory requirements, with the only real result being a lot of extra processing that could be replaced by a pointer is not NULL check. It seems to me that this could be handled in the TCP, UDP, and IP userreq code by only initializing the thing in the case that a policy has been set. Is there some reason why this can't be done? -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Oct 6 1:50:34 2001 Delivered-To: freebsd-net@freebsd.org Received: from pintail.mail.pas.earthlink.net (pintail.mail.pas.earthlink.net [207.217.120.122]) by hub.freebsd.org (Postfix) with ESMTP id 50D1137B407; Sat, 6 Oct 2001 01:50:30 -0700 (PDT) Received: from mindspring.com (dialup-209.245.136.251.Dial1.SanJose1.Level3.net [209.245.136.251]) by pintail.mail.pas.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id BAA09318; Sat, 6 Oct 2001 01:50:29 -0700 (PDT) Message-ID: <3BBEC607.CC098104@mindspring.com> Date: Sat, 06 Oct 2001 01:51:19 -0700 From: Terry Lambert Reply-To: tlambert2@mindspring.com X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: hackers@freebsd.org Cc: net@freebsd.org Subject: IPSEC code error Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On a related topic, there appears to be a code error in the IPSEC code. Specifically, the priv flag is set to 1 if the user is root and the socket is non-null (this lets the code be called from the bridging code as well, so ignore the first half of the "if" test, and concentrate on the "uid == 0" test). In the code that examines this flag, the comment is that it is looking at whether or not the port is a priviledged port, not whether or not the user who owns it is root. This implies that the "rootness" check improperly flags any ports opened by root, regardless of whether or not they are priviledged ports. Is the code where the flag is initialized correct, or is the comment where the flag is observed correct? -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message