Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 28 Nov 2012 09:35:30 -0300
From:      AAMI Medicina Integrativa <integrativaenama@gmail.com>
To:        <freebsd-bugs@freebsd.org>
Subject:   =?utf-8?B?RXN0ZSBTQUJBRE8gLSAiRWwgRW5lYWdyYW1hIiAtIMOabHRpbWEgVGVydHVsaWEgMjAxMiAtIE5vIHRlIGxhIHBpZXJkYXMh?=
Message-ID:  <1tDGRs-000NYv-IQ@smtp-6-marketing.dattaweb.com>

next in thread | raw e-mail | index | archive | help
Si no visualiza correctamente este E-Mail haga =0A=0AClick Aqu=ED (Link->ht=
tp://v2.envialosimple.com/campaign/htmlversion?AdministratorID=3D12453&Camp=
aignID=3D43&StatisticID=3D20&MemberID=3D51387&s=3D50b07966dcd452cd3268364dc=
609ed5f&isDemo=3D0) =0A=0ANormal 0 21 false false false ES-AR X-NONE X-NONE=
 =0A=0A(Link->http://medicinaintegrativa.org.ar) =0A=0ASecretar=EDa - Asoci=
aci=F3n Argentina de Medicina Integrativa=0A=0ATel: +5411 - 4788 - 4929=0A=
=0Aaami.medicina.integrativa@gmail.com=0A=0Afacebook.com/aamimedicinaintegr=
ativa (Link->http://medicinaintegrativa.org.ar) =0A=0APara desuscribirse de=
 nuestra lista haga =0A=0AClick aqu=ED (Link->http://v2.envialosimple.com/m=
ember/publicunsubscribe?AdministratorID=3D12453&MemberID=3D51387&StatisticI=
D=3D20&CampaignID=3D43&isDemo=3D0&MailListsIds[]=3D2&MailListsIds[]=3D3&Mai=
lListsIds[]=3D4&MailListsIds[]=3D5&MailListsIds[]=3D6&MailListsIds[]=3D8&Ma=
ilListsIds[]=3D9&MailListsIds[]=3D10&MailListsIds[]=3D14&s=3D8ad6434b2aa234=
b8ea9a6edf645ad6d2)=0A=0A=0AArchivos Adjuntos:=0A-------- --------
From owner-freebsd-bugs@FreeBSD.ORG  Wed Nov 28 14:40:01 2012
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Delivered-To: freebsd-bugs@smarthost.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
 by hub.freebsd.org (Postfix) with ESMTP id EBAFB93B
 for <freebsd-bugs@smarthost.ysv.freebsd.org>;
 Wed, 28 Nov 2012 14:40:01 +0000 (UTC)
 (envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
 [IPv6:2001:1900:2254:206c::16:87])
 by mx1.freebsd.org (Postfix) with ESMTP id C0CC88FC12
 for <freebsd-bugs@smarthost.ysv.freebsd.org>;
 Wed, 28 Nov 2012 14:40:01 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
 by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id qASEe1Js044172
 for <freebsd-bugs@freefall.freebsd.org>; Wed, 28 Nov 2012 14:40:01 GMT
 (envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
 by freefall.freebsd.org (8.14.5/8.14.5/Submit) id qASEe1LH044171;
 Wed, 28 Nov 2012 14:40:01 GMT (envelope-from gnats)
Resent-Date: Wed, 28 Nov 2012 14:40:01 GMT
Resent-Message-Id: <201211281440.qASEe1LH044171@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Sara <sara_ir110@yahoo.com>
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
 by hub.freebsd.org (Postfix) with ESMTP id 7A03B7C1
 for <freebsd-gnats-submit@FreeBSD.org>; Wed, 28 Nov 2012 14:37:49 +0000 (UTC)
 (envelope-from nobody@FreeBSD.org)
Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22])
 by mx1.freebsd.org (Postfix) with ESMTP id 61C2B8FC0C
 for <freebsd-gnats-submit@FreeBSD.org>; Wed, 28 Nov 2012 14:37:49 +0000 (UTC)
Received: from red.freebsd.org (localhost [127.0.0.1])
 by red.freebsd.org (8.14.5/8.14.5) with ESMTP id qASEbn98025062
 for <freebsd-gnats-submit@FreeBSD.org>; Wed, 28 Nov 2012 14:37:49 GMT
 (envelope-from nobody@red.freebsd.org)
Received: (from nobody@localhost)
 by red.freebsd.org (8.14.5/8.14.5/Submit) id qASEbnAt025061;
 Wed, 28 Nov 2012 14:37:49 GMT (envelope-from nobody)
Message-Id: <201211281437.qASEbnAt025061@red.freebsd.org>
Date: Wed, 28 Nov 2012 14:37:49 GMT
From: Sara <sara_ir110@yahoo.com>
To: freebsd-gnats-submit@FreeBSD.org
X-Send-Pr-Version: www-3.1
Subject: conf/173969: sendd does not work
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>;
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
 <mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Nov 2012 14:40:02 -0000


>Number:         173969
>Category:       conf
>Synopsis:       sendd does not work
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Nov 28 14:40:00 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator:     Sara
>Release:        9.0
>Organization:
HPI
>Environment:
Freebsd i386 9.0 released
>Description:
for configuring router advertisement, I did not have any problem with rtadvd service. but when I configured sendd service to enable SEND on my interface in order to send the secure router advertisement, I do not receive any error in /var/log/messages but it does not send any message too.
whenever I reboot the system, I just receive this message that sendd socket is created. From the time I configured it for sendd, the rtadvd does not work either. I also disabled sendd but now rtadvd does not work anymore. 

I searched on internet and I could find nothing to help me

>How-To-Repeat:
briefly:
-configure rtadvd 
- configure sendd and all its require options for router advertisement
more detailed:
--------------------------------------------------------------------------
To enable rtadvd(8) you will need the following in your /etc/rc.conf:
rtadvd_enable="YES"
It is important that you specify the interface on which to do IPv6 router solicitation. For example to tell rtadvd(8) to use em0: (em0 is the name of network interface. You can obtain this by running this command “ifconfig”
rtadvd_interfaces="em0"

Now we must create the configuration file, /etc/rtadvd.conf. Here is an example:
fxp0:\
	:addrs#1:addr="2001:471:1f11:246::":prefixlen#64:tc=ether:


Error message  reporting non-zero lifetime RA but net.inet6.ip6.forwarding=0

Now we need set a couple of kernel options. Now edit your /etc/sysctl.conf and add these lines in there:
net.inet6.ip6.accept_rtadv=0
net.inet6.ip6.forwarding=1

and reboot the system
reporting non-zero lifetime RA on RA receiving interface
em0:\
:addr="DEAD:BEEF:CAFE:1::":prefixlen#64:rltime#0:
____________________________________________
/etc/rc.conf
ifconfig_re1_ipv6="inet6 -accept_rtadv"
ifconfig_re1_ipv6="inet6 accept_rtadv"

------------------------
The place of CA.pl
/usr/src/crypto/openssl/apps/CA.pl
Make new directory under root
mkdir CA
mv /usr/src/crypto/openssl/apps/CA.pl  /root/CA/CA.pl
create certificate, go to CA directory
perl CA.pl –newca
remove the passphrase from the private key under the demoCA/private/ directory
openssl rsa -in /CA/demoCA/private/cakey.pem -out /CA/demoCA/private/newkey.pem

replace it with the old key
mv /CA/demoCA/private/newkey.pem /CA/demoCA/private/cakey.pem

sign the certificate file
perl CA.pl –sign

create a file with the name /CA/ipext.conf
add the following commands

addresses {
ipv6 {
SAFI unicast;
prefix 2001:abc:123:1::/64;
}
}
files {
certfile /CA/demoCA/cacert.pem;
cacert /CA/demoCA/cacert.pem;
capriv /CA/demoCA/private/cakey.pem;
outfile /CA/demoCA/cert/ca_ipext.pem;
}

"certfile" is the input certificate.
"cacert" is the input signer's certificate.
"capriv" is the input signer's private key.
"outfile" is where to put the newly signed certificate.
Now run this command while you are in /CA path
ipexttool -w -i ipext.conf
the output pem file with the name ca_ipext.pem should be created 
then edit /etc/sendd.conf to change this line
snd_pkixip_conf=/CA/ipext.conf
generate a cga and set that ip
ifconfig interfaceName inet6 IPAddress
to generate it everytime the system boot
create a folder with the name /CA/cga/cgagen.sh  and add the following lines
#/bin/sh
cgatool --gen –R 1024 –k /CA/cga/mykey.pem –p 2001:: -o /CA/cga/myder –s 1 | xargs ifconfig em0 inet6
This will generate CGA and set the ip address
Now move the file to /usr/local/etc/rc.d/


To set CGA parameters go to 
vi /etc/send/cga-params.conf
there add the path to where you create mykey.pem and my der

finally when the testing was ok edit the ipext.conf and add
files {
trustedcert /CA/demoCA/cacert.pem;

}
For each certificate

>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted:



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1tDGRs-000NYv-IQ>