Re: Getting filename from descriptor or vnode struct
> Hi hackers,
>
> I'm confronted to a problem when I try to hack getdirentries(2) in a kld
> module :
>
> To summarize, getdirentries() filled in a buffer a series of dirent struct,
> and the 'd_name' field represents the filename (without the full path). I
> must recover the full path because I've on disk a list of files to hide ...
>
> The field 'fd' in getdirentries_args is the file descriptor of the
> directory.. and I've discovered that the field 'p_fd' from struct proc is a
> filedesc struct which contains a vnode struct representing the current
> directory ('fd_cdir').
>
> VOP_GETATTR() doesn't allow me to recover this..
>
> If someone could help me, thanks in advance !
I think the best way would be to also hack open() and close(). You can have
some table where you store fd and full pathname of each opened directory.
You add an entry on open() and remove it on close(). Of course, open()
argument may be a path relative to current directory, so to get full path
you should simulate __getcwd() syscall; you must allocate userland buffer
for it with mmap() and then copyin() it (read my previous posting). Once
you have such table, you can find the path by fd in hacked getdirentries()
and see if you want to hide the file or not ...
Regards,
Eugene
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
Denial of Service Research
Dear Sir/Madam My name is John Zheng. I sent this email to you a couple days ago to invite you to my on-line survey. This is a friendly reminder in case you missed out the previous one because the web server was affected due to a power failure 2 days ago. I promise I won't bother you again! We are students at the UNITEC Institute of Technology (New Zealand), and currently working on a DoS/DDoS (Denial of service) research project, as required for our degree. For this project we conduct research on the analysis of the DoS/DDoS technologies and threats, as well as anti DoS/DDoS tools. As part of this research, we found your email on the internet. You could be of great help to us if you could fill out our on-line survey, which we have prepared for this project. In return, we will email you the summarized outcome of the project if you do provide your email address in the survey form. Please find the survey here: http://hyperdisc.unitec.ac.nz/dos_research/ The information you give us will be analyzed and results will be presented in an anonymous, generic form. Please let us assure you that all your information will remain strictly confidential. Thank you very much for assisting us! If you need to contact us, please email to [EMAIL PROTECTED] Best Regards Leon & John To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Cisco AIR-PCI 352
On Thu, Aug 16, 2001 at 11:08:11AM -0700, Brooks Davis wrote: > On Thu, Aug 16, 2001 at 04:17:37PM +0300, Vladimir Terziev wrote: > > The FreeBSD an driver (for Cisco Aironet cards) supports 340 series cards. > > I want to know if the an driver supports Cisco Aironet 350 series cards. > > Yes they are, though the PCI cards require a two line MFC before they > will work. I've MFC'd the change to detect 350 Series PCI cards. -- Brooks -- Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 PGP signature
IPFilter Bridging
Hello, I am wondering if anyone knows of any workarounds to get IPFilter to filter across an ethernet bridge. The bridge is working fine, and so is ipf, but ipf has no effect on any packets that go across the bridge. Pings to localhost are monitored and filtered, but that's about it. Any combination of configurations, hacks, or anything else (could netgraph help here?) that would solve this problem. I don't want to goto OpenBSD, but don't want to part with ipf. Thank you, Hans [EMAIL PROTECTED] __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: secure Filesystem
* Darryl Okahata <[EMAIL PROTECTED]> [010816 15:49] wrote: > Alfred Perlstein <[EMAIL PROTECTED]> wrote: > > > > A bigger problem is that doing anything with a file uses up 1-2KB > > > PER FILE. If you want to see cfsd grow *really big*, do a "find ." of > > > any large cfs-controlled hierarchy with lots of files. I'd really like > > > to put my MH mail messages under cfs, but I've got too many files (I > > > can't afford having a 200+MB cfsd). > > > > This is what swap is for. :) > > > > If cfsd doesn't touch all that now unused memory it'll simply be > > paged out and probably only paged in occasionally. > > Well, yes. ;-) > > However, on a somewhat aging 128MB laptop, a 200+MB cfsd puts the > system into swap h*ll pretty quickly. I think cfsd has some linked > lists which thrash a lot of pages. That's unfortunate. Good thing is that cfs is open source. "Got Patches" ? :) -- -Alfred Perlstein [[EMAIL PROTECTED]] Ok, who wrote this damn function called '??'? And why do my programs keep crashing in it? To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: secure Filesystem
Alfred Perlstein <[EMAIL PROTECTED]> wrote: > > A bigger problem is that doing anything with a file uses up 1-2KB > > PER FILE. If you want to see cfsd grow *really big*, do a "find ." of > > any large cfs-controlled hierarchy with lots of files. I'd really like > > to put my MH mail messages under cfs, but I've got too many files (I > > can't afford having a 200+MB cfsd). > > This is what swap is for. :) > > If cfsd doesn't touch all that now unused memory it'll simply be > paged out and probably only paged in occasionally. Well, yes. ;-) However, on a somewhat aging 128MB laptop, a 200+MB cfsd puts the system into swap h*ll pretty quickly. I think cfsd has some linked lists which thrash a lot of pages. -- Darryl Okahata [EMAIL PROTECTED] DISCLAIMER: this message is the author's personal opinion and does not constitute the support, opinion, or policy of Agilent Technologies, or of the little green men that have been following him all day. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: secure Filesystem
* Darryl Okahata <[EMAIL PROTECTED]> [010816 14:49] wrote: > Konstantin Chuguev <[EMAIL PROTECTED]> wrote: > > > > Look at /usr/ports/security/cfs. It's a useland crypto-filesystem that > > > runs over NFS. > > > > I'd say, it's a daemon pretending to be an NFS server. It's running locally > > on port other than NFS. > > > > Very nice implementation, I use it a lot. A small problem with it is that > > it seems to support 7-bit file names only. > > A bigger problem is that doing anything with a file uses up 1-2KB > PER FILE. If you want to see cfsd grow *really big*, do a "find ." of > any large cfs-controlled hierarchy with lots of files. I'd really like > to put my MH mail messages under cfs, but I've got too many files (I > can't afford having a 200+MB cfsd). > > The memory is not freed until you unmount (and then, the memory is > only free'd for use by other cfs mounts -- the process size does not, of > course, shrink). This is what swap is for. :) If cfsd doesn't touch all that now unused memory it'll simply be paged out and probably only paged in occasionally. -- -Alfred Perlstein [[EMAIL PROTECTED]] Ok, who wrote this damn function called '??'? And why do my programs keep crashing in it? To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: secure Filesystem
Konstantin Chuguev <[EMAIL PROTECTED]> wrote: > > Look at /usr/ports/security/cfs. It's a useland crypto-filesystem that > > runs over NFS. > > I'd say, it's a daemon pretending to be an NFS server. It's running locally > on port other than NFS. > > Very nice implementation, I use it a lot. A small problem with it is that > it seems to support 7-bit file names only. A bigger problem is that doing anything with a file uses up 1-2KB PER FILE. If you want to see cfsd grow *really big*, do a "find ." of any large cfs-controlled hierarchy with lots of files. I'd really like to put my MH mail messages under cfs, but I've got too many files (I can't afford having a 200+MB cfsd). The memory is not freed until you unmount (and then, the memory is only free'd for use by other cfs mounts -- the process size does not, of course, shrink). -- Darryl Okahata [EMAIL PROTECTED] DISCLAIMER: this message is the author's personal opinion and does not constitute the support, opinion, or policy of Agilent Technologies, or of the little green men that have been following him all day. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Cisco AIR-PCI 352
In message <[EMAIL PROTECTED]> "Vladimir Terziev" writes: : The FreeBSD an driver (for Cisco Aironet cards) supports 340 series cards. : I want to know if the an driver supports Cisco Aironet 350 series cards. Yes. Warner To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Cisco AIR-PCI 352
On Thu, Aug 16, 2001 at 11:39:28AM -0700, Julian Elischer wrote: > What is the MFC? > will it be in 4.4? > If not it might be a good thing to try get it in.. It adds a PCI id. I just sent a request to MFC the change. -- Brooks -- Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 PGP signature
Re: Cisco AIR-PCI 352
What is the MFC? will it be in 4.4? If not it might be a good thing to try get it in.. On Thu, 16 Aug 2001, Brooks Davis wrote: > On Thu, Aug 16, 2001 at 04:17:37PM +0300, Vladimir Terziev wrote: > > The FreeBSD an driver (for Cisco Aironet cards) supports 340 series cards. > > I want to know if the an driver supports Cisco Aironet 350 series cards. > > Yes they are, though the PCI cards require a two line MFC before they > will work. > > -- Brooks > > -- > Any statement of the form "X is the one, true Y" is FALSE. > PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 > To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Cisco AIR-PCI 352
On Thu, Aug 16, 2001 at 04:17:37PM +0300, Vladimir Terziev wrote: > The FreeBSD an driver (for Cisco Aironet cards) supports 340 series cards. > I want to know if the an driver supports Cisco Aironet 350 series cards. Yes they are, though the PCI cards require a two line MFC before they will work. -- Brooks -- Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 PGP signature
Re: Getting filename from descriptor or vnode struct
* Sansonetti Laurent <[EMAIL PROTECTED]> [010816 12:22] wrote:
> Hi hackers,
>
> I'm confronted to a problem when I try to hack getdirentries(2) in a kld
> module :
>
> To summarize, getdirentries() filled in a buffer a series of dirent struct,
> and the 'd_name' field represents the filename (without the full path). I
> must recover the full path because I've on disk a list of files to hide ...
>
> The field 'fd' in getdirentries_args is the file descriptor of the
> directory.. and I've discovered that the field 'p_fd' from struct proc is a
> filedesc struct which contains a vnode struct representing the current
> directory ('fd_cdir').
>
> VOP_GETATTR() doesn't allow me to recover this..
>
> If someone could help me, thanks in advance !
Since a vnode may be referenced by multiple hardlinks it can't have
a name really. You could hack on struct file so that it keeps a
copy of the filename passed to open(2).
--
-Alfred Perlstein [[EMAIL PROTECTED]]
Ok, who wrote this damn function called '??'?
And why do my programs keep crashing in it?
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
Getting filename from descriptor or vnode struct
Hi hackers,
I'm confronted to a problem when I try to hack getdirentries(2) in a kld
module :
To summarize, getdirentries() filled in a buffer a series of dirent struct,
and the 'd_name' field represents the filename (without the full path). I
must recover the full path because I've on disk a list of files to hide ...
The field 'fd' in getdirentries_args is the file descriptor of the
directory.. and I've discovered that the field 'p_fd' from struct proc is a
filedesc struct which contains a vnode struct representing the current
directory ('fd_cdir').
VOP_GETATTR() doesn't allow me to recover this..
If someone could help me, thanks in advance !
--
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
Re: kernel-hack ??
Although it should be noted that the feature is far more effective in 5.0-CURRENT, as the inter-process authorization is more consistent and more effectively mediated. For example, the sysctl doesn't properly impact procfs (and some other calls) in -STABLE. Robert N M Watson FreeBSD Core Team, TrustedBSD Project [EMAIL PROTECTED] NAI Labs, Safeport Network Services On Thu, 16 Aug 2001, Samuel Greear wrote: > Twiddle the sysctl: > kern.ps_showallprocs > > Sam > > > > > > Hi, i just want to know is there a patch on freebsd that can limit the > > > > ps aux -- and only show the current user's process and not the whole > system > > process. > > > > like, what the openwall linux patch did.. http://www.openwall.com/linux/ > > > > thank you.. > > > > > > > > > > > > > > louie miranda (axishift.ath.cx) > > -- > > chmod 0 / ; and smile *=)* > > > > To Unsubscribe: send mail to [EMAIL PROTECTED] > with "unsubscribe freebsd-hackers" in the body of the message > To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
sysinstall automation
I have been working on writing an install.cfg to automate FreeBSD installations, but have run into an interesting glitch. Following the sysinstall manpage, my file has the line 'installFixitFloppy', which is supposed to prompt the user to enter a fixit floppy disk. However, when sysinstall runs (and loads the script), the user is not prompted for the disk, and instead a shell that very much resembles the Emergency Holographic Shell is automatically loaded on VTY4. Sysinstall still displays the "waiting for the fixit shell to exit" dialog, but the user is never prompted for the Fixit disk, and the shell on VTY4 is definitely not a Fixit environment. (obviously, when all this is happening, the MFS root floppy is still in the drive). Does anybody know what is happening here? Thanks, -Brian To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Cisco AIR-PCI 352
Hi, The FreeBSD an driver (for Cisco Aironet cards) supports 340 series cards. I want to know if the an driver supports Cisco Aironet 350 series cards. regards, Vladimir To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: secure Filesystem
Josef Karthauser wrote: > >Does FreeBSD support any type of secure (encrypted) filesystem? > > Look at /usr/ports/security/cfs. It's a useland crypto-filesystem that > runs over NFS. > I'd say, it's a daemon pretending to be an NFS server. It's running locally on port other than NFS. Very nice implementation, I use it a lot. A small problem with it is that it seems to support 7-bit file names only. -- * * Konstantin Chuguev Francis House * * Application Engineer 112 Hills Road * Tel: +44 1223 302992 Cambridge CB2 1PQ D A N T E WWW: http://www.dante.netUnited Kingdom To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: secure Filesystem
On Thu, Aug 16, 2001 at 12:09:44PM +0300, Vladimir Terziev wrote: > >Hi hackers, > >I have the following question: > >Does FreeBSD support any type of secure (encrypted) filesystem? > >regards, > > Vladimir Look at /usr/ports/security/cfs. It's a useland crypto-filesystem that runs over NFS. Joe PGP signature
secure Filesystem
Hi hackers, I have the following question: Does FreeBSD support any type of secure (encrypted) filesystem? regards, Vladimir To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: help needed, kernel autoconf gets stuck
> On Thu, Aug 16, 2001 at 11:19:57AM +0300, Danny Braniss wrote: > > hi, > > i posted this yesterday, but no one bit, so here we go again: > > > > adding 'snd_ich_load="YES"' will cause the kernel autoconf to hang (sometimes) > > after isa_probe_children(...) and before configure_final(...) > > > > when it doesn't get stuck, all systems work fine, X11/sound etc. > > > > so i narrowed it down, my guess it's an unexpected/unwanted interrupt. > > > > now i'm stuck too, since i have no idea how to figure out who/why is > > interrupting. > > > > thanks, > > danny > > Aha! This is what I've been seeing too - although I didn't realize it > was the sound subsystem, because I compiled pcm into the kernel. > It's not a guaranteed hang however, sometimes the kernel boots, sometimes > it doesn't. It gets stuck more consistently when using boot -v however. > in my case it actually worked first time with verbose, but then it also hung :-( > I can confirm this wasn't the case in my 4.3 kernel, but that's probably > because the ICH sound driver wasn't activated back then. > i installed the ich back then and it hung too, but had no time to follow it. > What motherboard do you have? I have an Intel i815e (Dell Optiplex G115). > same here, but it also happens with a HP-epc, the common link is the i815e and co. > Would opening a PR help? > go ahead, i don't know - yet - how to PR. danny To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: help needed, kernel autoconf gets stuck
On Thu, Aug 16, 2001 at 11:19:57AM +0300, Danny Braniss wrote: > hi, > i posted this yesterday, but no one bit, so here we go again: > > adding 'snd_ich_load="YES"' will cause the kernel autoconf to hang (sometimes) > after isa_probe_children(...) and before configure_final(...) > > when it doesn't get stuck, all systems work fine, X11/sound etc. > > so i narrowed it down, my guess it's an unexpected/unwanted interrupt. > > now i'm stuck too, since i have no idea how to figure out who/why is > interrupting. > > thanks, > danny Aha! This is what I've been seeing too - although I didn't realize it was the sound subsystem, because I compiled pcm into the kernel. It's not a guaranteed hang however, sometimes the kernel boots, sometimes it doesn't. It gets stuck more consistently when using boot -v however. I can confirm this wasn't the case in my 4.3 kernel, but that's probably because the ICH sound driver wasn't activated back then. What motherboard do you have? I have an Intel i815e (Dell Optiplex G115). Would opening a PR help? --Stijn -- Tact, n.: The unsaid part of what you're thinking. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
help needed, kernel autoconf gets stuck
hi, i posted this yesterday, but no one bit, so here we go again: adding 'snd_ich_load="YES"' will cause the kernel autoconf to hang (sometimes) after isa_probe_children(...) and before configure_final(...) when it doesn't get stuck, all systems work fine, X11/sound etc. so i narrowed it down, my guess it's an unexpected/unwanted interrupt. now i'm stuck too, since i have no idea how to figure out who/why is interrupting. thanks, danny To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: Writing a packet alias translator, need help
Joe Clarke wrote:
>
> I'm trying to write a packet alias translator for a protocol that uses TCP
> to setup a UDP streaming session (much like the smedia driver that's
> already there). I'm having a problem getting the translated port to mesh
> with the actual port. Here's what I've done:
>
> /* msg is a TCP setup packet
> struct msg {
> u_int32_t ipAddr;
> u_int32_t portNumber;
> };
> */
One obvious thing is that ports are 16 bits, not 32 but...
> is UDP 16704, but the translation puts 50535 in the packet.
The bit patterns these make are not even remotely similar,
meaning that this isn't a byte order issue; I think you will
need to run the code in a debugger (or add printf's).
-- Terry
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
Re: kernel-hack ??
Twiddle the sysctl: kern.ps_showallprocs Sam > Hi, i just want to know is there a patch on freebsd that can limit the > > ps aux -- and only show the current user's process and not the whole system > process. > > like, what the openwall linux patch did.. http://www.openwall.com/linux/ > > thank you.. > > > > > > > louie miranda (axishift.ath.cx) > -- > chmod 0 / ; and smile *=)* To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
kernel-hack ??
Hi, i just want to know is there a patch on freebsd that can limit the ps aux -- and only show the current user's process and not the whole system process. like, what the openwall linux patch did.. http://www.openwall.com/linux/ thank you.. louie miranda (axishift.ath.cx) -- chmod 0 / ; and smile *=)* To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
