Re: ipnat memory leak?

2003-10-09 Thread Guido van Rooij 
On Wed, Oct 08, 2003 at 10:51:52PM -0600, Vector wrote:
 I was using ipfw and natd but I wanted to move nat into the kernel so I
 recompiled with ipfilter and ipnat.  Now, after terminating natd, and
 setting up ipnat rules in /etc/ipnat.rules, I see memory increase at a rate
 of just under 1MB per minutes.  Has anyone else seen a memory leak in ipnat
 or ipfilter?

If at the same rate, the amount of nat entries is growing, there is
no leak. Doesn't the amount of memory allocated, stabilize?

Btw: you can see the amount of netries in the various tables with
ipnat -s
andthe stae table entries with
ipfstat -s

-Guido
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: gbde Performance - 35Mb/s vs 5.2 MB/s

2003-05-28 Thread Guido van Rooij 
On Mon, May 26, 2003 at 02:25:08PM +0200, Heiko Schaefer wrote:
 
 Poul gave me the following tip on this list in a mail on Tue, 29 Apr 2003:
 
 Remember to set the sectorsize in gbde (gbde init -i) to the fragment
 size of your filesystem (typically 2048 for ufs), this is critical
 for performance.
 

If this is so important, why isn't this the default?

-Guido
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: tcpdump delay?

2003-03-19 Thread Guido van Rooij 
On Wed, Mar 19, 2003 at 12:08:01PM +0100, Joris Vandalon wrote:
  -l kills buffered output, i.e. waiting for a large amount of data before
 it starts writing
 
 -l doesnt kill bufferd output, in contrary, it makes the output bufferd.
 
-l Make  stdout  line buffered.  Useful if you want to see the data
   while capturing it.  E.g.,
   ``tcpdump  -l  |  tee dat'' or ``tcpdump  -l   
   dattail  -f  dat''.

Line buffered indeed. It does not make much sense to make it completely
unbuffered because the output is ine oriented.

Internally tcpdump uses setvbuf(). When not called the stdio mode is fully
buffered which is even worse.

-Guido

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-current in the body of the message

Re: HEADS UP!: config changes...

2000-06-26 Thread Guido van Rooij 

On Sat, Jun 24, 2000 at 06:32:47PM -0500, Mike Pritchard wrote:
 
 SYNOPSIS
 device isa
 device ata0 at isa? port IO_WD1 irq 14
 device ata1 at isa? port IO_WD2 irq 15
 
 
 Should this become:
 
 SYNOPSIS
 device isa
 device ata
 hint.ata.0.at="isa"
 hint.ata.0.port="0x1F0"
 hint.ata.0.irq="14"
 hint.ata.1.at="isa"
 hint.ata.1.port="0x170"
 

How about adding a hint to the hint driver itself. E.g.

SYNOPSIS
device isa
device ata
hint "hintsfile"# see hint(4)

-Guido


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Re: /boot/loader is making my VAIO reboot

2000-03-21 Thread Guido van Rooij 

On Tue, Mar 21, 2000 at 05:19:55PM +0100, Ollivier Robert wrote:
 Since after the Feb. 25th, /boot/loader is rebooting the machine during
 boot. I can't get to the prompt at all. The only version that works is the
 25th one (I didn't upgrade between the Feb. 25th and March, 17th).
 
 Nothing in the BIOS configuration changed during that period...
 
 -r-xr-xr-x  1 root  wheel  143360 Mar 21 16:39 loader   REBOOTS
 -r-xr-xr-x  2 root  wheel  143360 Feb 25 20:03 loader.old   WORKS
 
 This is on my VAIO laptop (Z505SX, PII/366, 128 MB).
 
 Any idea ?

Strange. I have just done a make install with the new loader and it works
for me:
-r-xr-xr-x  1 root  wheel  143360 Mar 21 19:50 loader 

made with todays cvsup. Perhaps you have some non default config files in
there?

-Guido


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Re: current.freebsd.org (FTP)

2000-03-01 Thread Guido van Rooij 

On Tue, Feb 29, 2000 at 12:58:26PM -0800, Jordan K. Hubbard wrote:
 I'm still here for another hour, dammit. :-)
 
 I'm also going to be reachable for most of that week since Holland
 does have Internet connections now, you know.  They got it along with
 electric lighting and running water at least several years ago. :)

Yes we do, unlike the US from time to time. Remember FreeBSD Con?
We lost water for 2 days in a row. And at least _we_
discovered that it is good idea to have a lot of your electricity
undergroud so a small wind will not render whole neighboorhoods
without power ;-)))

-Guido


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Re: boot problem with Mylex DAC960

2000-03-01 Thread Guido van Rooij 

On Wed, Mar 01, 2000 at 11:26:35AM -0800, Mike Smith wrote:
  
  I've got a server, tyan 1832DL with 2 CPU onborad, Mylex DAC960
  and 3*9G IBM SCSI Disk. I build a RAID-0 Disk by Mylex dos utility,
  I like to install FreeBSD 4.0-current, but I cannot boot FreeBSD by
  floppy image 4.0-2214-CURRENT.
 
 You need to use a 4.0 snapshot from 2220 or later to boot with the 
 Mylex controller installed.

IIRC you also to reinstall the boot blocks...right?

-Guido


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Re: anyone got IP Filter 3.3.8 working?

2000-02-03 Thread Guido van Rooij 

On Thu, Feb 03, 2000 at 09:13:54PM +1300, Dan Langille wrote:
 Make world has been done within the past 6 hours.  When compiling a 
 new kernel for IP Filter 3.3.8, I encounter the following warnings during 
 the make depend:

In orderd to get it to work you need to apply the
patches I did when importing ipfilter. See cvs tree in sys/netinet.

Anyway, I asked Jordan if I could upgrade our ipfilter to 3.3.8.
In the case he approves, wait a few days.

-Guido


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Re: IP-Filter w/FreeBSD-current

2000-02-03 Thread Guido van Rooij 

On Thu, Feb 03, 2000 at 09:09:40PM +0100, Arjan de Vet wrote:
 In my kernel config I have:
 
 pseudo-device   tun # Packet tunnel.

Ah..this is a self cloning device.

Before loading the filter rules, you must make sure the
device is there.
Do something like: dd if=/dev/tun0 count=0
or something else that opens a device and closes it again without
reading.

There is a bug in ipfilter: it does not return an error when
loading a rule with a non-existing device (though it will work
as expected in that it will never match)

-Guido


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

bug in vn, a pnaic and how to debug modules (was Re: open ref counts in CAM and vn)

2000-02-03 Thread Guido van Rooij 

On Thu, Feb 03, 2000 at 10:05:22AM -0700, Kenneth D. Merry wrote:
 
 The reference counting should be handled by PHK's disk layer (which sits
 above CAM), and the da driver's close routine should only get called on
 final close.

ok.

 
 I don't know about the vn device, though.
 

That was the reason fro the posting. vnconfig -u goes directly
to the vn device but that device has no track of open count.
I don't see any code to notify the upper layer that the device
is gove. That is wrong of course.

In fact, one can vnconfig -u a device, while the device is used in
a mount. The ufs layer doesn't even know that the device is gone
and accessing the mount is still possible. Unmounting is not.

So in this case, I guess vnconfig -u should fail. I think
this is best achieved by using a ref counter in the vn device code.

There is another bug in the vn code as well, which has tom do with
modules.
The following will panic on a page fault in vnsetcred (in the VOP_UNLOCK
call):

kldload vn
vnconfig -c something
vnconfig -u something
kldunload vn
kldload vn
vnconfig -c something --- instant panic

I have not been able to debug this further, because it seems (but I have
to recheck to be sure), that add-symbol-file /modules/vn correct address
does not allow one to look at variables delcared inside the vn module.
Is there an easy way btw to determine address? I looked
inside the debugger in the  linker_files queue and then use the
load address there, plus the start address of .text as found by
objdump of the vn module.

-Guido


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Re: IP-Filter w/FreeBSD-current

2000-02-02 Thread Guido van Rooij 

On Tue, Feb 01, 2000 at 10:22:42PM +0100, Arjan de Vet wrote:
 - fresh reboot, xl0 gets its IP address via DHCP and ipf filter rules
   get loaded with a small script:
 
 # flush all rules
 ipf -D
 # enable ipmon
 ipmon -s 
 # load rules
 ipf -f /etc/ipf.conf
 # enable
 ipf -E
 
   W.r.t. filter rules for the tun0 interface:
 
 [...]
 # TUNNEL
 pass out quick on tun0
 pass in  quick on tun0
 [...]
 
   Cable modem connection works, filter rules work as well.
 
 - Now I dialin to my company via /usr/sbin/ppp which uses the tun0
   device. Connection and PPP negotiations succeeds succesfully but
   there's no IP traffic possible. Only after executing my ipf.reload
   script:
 

If you do not reload the filter rules, but look at what ipfstat says
about rule hits, you might get a clue on where things are blocked
(if at all).

I think what happens is that the tun0 device is loaded as kld when
you first run ppp. And in fact that the initial ipf loading gives errors
about the fact that there is no such device as tun0.
Reloading the filter rules fixes that and since tun0 is loaded and stays
loaded, you'll never encounter any problems again.

Try kldload if_tun before loading the rules at boot time and sees
if the problem goes away.

If this doesn't solve it, walk over to my room tomorrow and we'll
look further.

-Guido


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

netstat to show listen queues

1999-12-13 Thread Guido van Rooij 

I'd like to have a review on the following patch:
http://www.freebsd.org/~guido/netstat.diff

It adds support to netstat to show listen queue lengths.
Manual page diffs are in the working.

-Guido


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Re: IP Filter 3.3.3 in FreeBSD

1999-12-01 Thread Guido van Rooij 

On Tue, Nov 30, 1999 at 10:34:56AM -0700, Davec wrote:
 
 Yup tried it, didn't work. Got the same error messages (refer to the [LONG]
 email I sent a few days past. Thanks for the suggestion though.
 

I missed that one apparently. Send it to me in private and I'll see what I
can do.


 Dave
 -- 
 [EMAIL PROTECTED]
 
 PS. I'm about giving up on this. Probably going to just go with ipfw and live
 with it, or go back to the Oct. 10 snap of -CURRENT.
 

The current -current should work fine in kld mode. I intend to commit
a fix for the static part in the coming days.

-Guido


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Re: ipfilter no longer in -CURRENT, whats the direction? (off to ipfw?)

1999-11-17 Thread Guido van Rooij 

On Mon, Nov 15, 1999 at 01:59:55PM -0500, spork wrote:
 I noticed that ipfilter is still gone...  Was there any resolution here,
 or is ipfilter gone for good?
 
 All other concerns/features aside, I find the stateful inspection stuff
 much easier to setup than the ipfw filtering...  I only touch my firewall
 once in a blue moon, and just about everything except for streaming
 quicktime "just works".  It would be a shame to see such a useful piece of
 software go away.

I am in the process of getting it in again. Due to the CVS meister being
swamped at this moment things are a bit delayd.

Plan is to revive it in the same way it wa sbefore with the addition
of a KLD. 

-Guido


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Re: make buildworld broken?

1999-10-05 Thread Guido van Rooij 

On Tue, Oct 05, 1999 at 06:21:55AM +0800, Michael Kennett wrote:
 
  Is this a known problem?
 
 Yes, and it is well documented in the -current mailing lists.

I feel embarrassed as I'v just spoken to Marcel a couple fo days ago.

However I just resubscribed to -current. I did look in the UPDATING
file and saw the sigset_t change but overlooked the 'build and boot
a new kernel' part :-(

-Guido


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

make buildworld broken?

1999-10-04 Thread Guido van Rooij 

Hi,

I have a 3.3.-stable system and somehow I cannot make buildworld
a current tree.
The porblem is:
cc -c  -I/alt/usr/src/gnu/lib/libgcc/../../../contrib/egcs/gcc/config 
-I/alt/usr/src/gnu/lib/libgcc/../../../contrib/egcs/gcc -I. -fexceptions -DIN_GCC 
-I/usr/obj/alt/usr/src/tmp/usr/include -DL_mulsi3 -o _mulsi3.o 
/alt/usr/src/gnu/lib/libgcc/../../../contrib/egcs/gcc/libgcc1.c
*** Signal 12

Stop in /alt/usr/src/gnu/lib/libgcc.
*** Error code 1

This system has been running and compilig a lot of other FreeBSD versions
in the last 3 years, and has never had any memory problems at all.

IIRC a couple of days ago a buildworld worked (but I had to reinstall
due to a different disksetup)

Is this a known problem?

-Guido


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message