From owner-freebsd-stable@FreeBSD.ORG Thu Jun 26 19:00:07 2003 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0518137B401 for ; Thu, 26 Jun 2003 19:00:07 -0700 (PDT) Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0974843F75 for ; Thu, 26 Jun 2003 19:00:06 -0700 (PDT) (envelope-from archie@dellroad.org) Received: from arch20m.dellroad.org (remote-archie.dellroad.org [10.2.2.240]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id SAA39586; Thu, 26 Jun 2003 18:45:23 -0700 (PDT) Received: from arch20m.dellroad.org (localhost [127.0.0.1]) by arch20m.dellroad.org (8.12.8/8.12.8) with ESMTP id h5R1jBaP009179; Thu, 26 Jun 2003 20:45:12 -0500 (CDT) (envelope-from archie@arch20m.dellroad.org) Received: (from archie@localhost) by arch20m.dellroad.org (8.12.8/8.12.8/Submit) id h5R1j9p2009178; Thu, 26 Jun 2003 20:45:09 -0500 (CDT) From: Archie Cobbs Message-Id: <200306270145.h5R1j9p2009178@arch20m.dellroad.org> In-Reply-To: <200306270140.h5R1ecCk009051@arch20m.dellroad.org> To: Doug@dellroad.org, Lee Date: Thu, 26 Jun 2003 20:45:09 -0500 (CDT) X-Mailer: ELM [version 2.4ME+ PL99b (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII cc: freebsd-stable@FreeBSD.ORG Subject: Re: Possible Solution (Re: mpd VPN won't work after upgrade from4.6-STABLE to 4.8-STABLE) X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jun 2003 02:00:07 -0000 Archie Cobbs wrote: > > Re: the "protocol reject" errors; I left the original messages below > > this for reference, but I'm not so much following directly onto > > them... > > > > Archie, I'm mildly embarrassed. I just now found something you wrote > > in November of last year advising the following patch to fix exactly > > this problem. I am running two 4.8-STABLE boxen, and it is not part > > of /sys/netgraph/ng_ppp.c in CVS yet, apparently... > > > > --- sys/netgraph/ng_ppp.c.orig Thu Nov 21 12:39:06 2002 > > +++ sys/netgraph/ng_ppp.c Thu Nov 21 12:39:26 2002 > > @@ -744,7 +744,7 @@ > > case HOOK_INDEX_VJC_VJIP: > > if (priv->conf.enableCompression > > && priv->hooks[HOOK_INDEX_COMPRESS] != NULL) { > > - if ((m = ng_ppp_addproto(m, proto, 1)) == NULL) { > > + if ((m = ng_ppp_addproto(m, proto, 0)) == NULL) { > > NG_FREE_META(meta); > > return (ENOBUFS); > > } > > I patched ng_ppp.c, but I don't know if I can rebuild netgraph without > > a make world, which takes a good 12 hours on this P166... advice on > > that welcome. > > All you need to do is rebuild/reinstall your kernel+modules. > > > Should one of us submit a PR for this, or did I miss something? > > This is (arguably) a bug in whatever is running on the other side > of your link (it's not FreeBSD, right?). So that's why it was never > checked in (because it's a workaround that costs an extra byte in > every packet). However, you could argue that it should be I guess... OK, just saw your next email where you said it was a FreeBSD box. So this patch will probably not fix the problem (because I'm pretty sure FreeBSD never had the problem that this patch works around).. could you just try it out anyway just to confirm that? In which case there is some other bug/problem. In any case, the workaround of only authenticating in one direction should get things working again. -Archie __________________________________________________________________________ Archie Cobbs * Halloo Communications * http://www.halloo.com