From owner-freebsd-net@FreeBSD.ORG  Mon Apr  3 16:29:36 2006
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id BD9D616A400
	for <freebsd-net@freebsd.org>; Mon,  3 Apr 2006 16:29:36 +0000 (UTC)
	(envelope-from sullrich@gmail.com)
Received: from zproxy.gmail.com (zproxy.gmail.com [64.233.162.195])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 25DDF43D53
	for <freebsd-net@freebsd.org>; Mon,  3 Apr 2006 16:29:36 +0000 (GMT)
	(envelope-from sullrich@gmail.com)
Received: by zproxy.gmail.com with SMTP id l8so1654416nzf
	for <freebsd-net@freebsd.org>; Mon, 03 Apr 2006 09:29:35 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com;
	h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
	b=BTFKSmmV241mlMspwb3dgIY8utF7ZvVsQnLeKmHI30U/4l4uSCqNY5mkfoVIHxKJhnE1OkGseLRiLvNm87p4JHiP9BCFiJeJADOgvgKpNlB8QXxGFgbunrJhbadiUu79NcIYRI55wrdvHS8uS3L0ljYmmikLKLo5efPE1kPRitc=
Received: by 10.35.127.7 with SMTP id e7mr87802pyn;
	Mon, 03 Apr 2006 09:29:35 -0700 (PDT)
Received: by 10.35.94.5 with HTTP; Mon, 3 Apr 2006 09:29:35 -0700 (PDT)
Message-ID: <d5992baf0604030929i285f8584nc384a90ec223bb78@mail.gmail.com>
Date: Mon, 3 Apr 2006 12:29:35 -0400
From: "Scott Ullrich" <sullrich@gmail.com>
To: "Sam Leffler" <sam@errno.com>
In-Reply-To: <44314957.4020800@errno.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
References: <44313943.1060300@vineyard.net> <44314957.4020800@errno.com>
Cc: "Eric W. Bates" <ericx_lists@vineyard.net>, freebsd-net@freebsd.org
Subject: Re: hifn errors on console
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Apr 2006 16:29:36 -0000

On 4/3/06, Sam Leffler <sam@errno.com> wrote:
> Eric W. Bates wrote:
> > I'm running pfsense (an embedded FreeBSD 6.1) on a wrap2C.  I recently
> > added a Soekris vpn1411 and am now getting infrequent errors:
> >
> > hifn0: rndtest: ones interval 4 failed (382, 251-373)
> > hifn0: rndtest: ones interval 1 failed (2663, 2343-2657)
> > hifn0: rndtest: zeros interval 5 failed (206, 111-201)
> > hifn0: rndtest: ones interval 2 failed (1385, 1135-1365)
> > hifn0: rndtest: zeros interval 3 failed (718, 542-708)
> > hifn0: rndtest: zeros interval 4 failed (243, 251-373)
> > hifn0: rndtest: zeros interval 3 failed (717, 542-708)
> >
> > IPSec works fine.  However, I do not know how to tell whether the hifn
> > is being used.
> >
> > I had no luck with Google.  Can anyone enlighten me?
>
> man rndtest(4).  pfSense has configured the FIPS rng testing module to
> monitor the entropy sent by the h/w to the system prng.  Looks like
>
> sysctl kern.rdntest.verbose=3D0
>
> will turn off console msgs.

Thanks, Sam!   I'll add this to our sysctl.conf.

Scott