Re: Unusual use of ssh
On Wed, May 21, 2008 at 04:35:29PM -0700, Doug Hardie wrote: I have an unusual situation that I suspect is not practical, but just in case... I have a class C network with a T1 to the internet. There are a number of hosts on that network. Unfortunately the T1 line is just part of a path with several additional links before it gets to the upstream ISP. Some of those links are relatively prone to outages. In the same facility, I have a number of WiFi access points that are connected through a router to a DSL connection to the internet. That path is completely independent from the T1 and actually goes through a completely different set of central offices. What I have tried to do is to link the DSL router to one of my hosts via a separate NIC and address that is on the LAN of the WiFi router. So far all is good. I can ping any of the access points from that host just fine. I have established a pass through port in the DSL router for SSH that sends the packets to that host. Sure enough, ssh packets are received by the host. The problem is that it does not respond on the right interface. The routing table uses a default route through the T1. Thats where the sshd responses are being sent. Since I have no a priori knowledge what IPs I would have available when I need to use this back door, I can't pre-setup the routing table. I need sshd to respond on the same interface it receives the packets from. I don't believe that is possible using IPv4 routing. I think that it is using IPv6 but none of the networks involved support that yet. I don't find any option in sshd to force it to respond on the right interface either. Is there something I have missed? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] The easiest thing to do here will likely be setting up pf on the box with SSH with a pass rule and reply-to set to the correct interface to respond on. -- pass in on interface to be used reply-to same interface proto tcp port 22 keep state -- -- David Michael Curry (Dave) [EMAIL PROTECTED] () ASCII Ribbon Campaign | Against HTML e-mail /\ www.asciiribbon.org | Against proprietary extensions ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Manual routing
On Sat, Dec 08, 2007 at 05:03:03AM -0300, Celso Viana wrote: Hi All, I have 2 machines (A and B) interconnected by a cable network crossover; added the following addresses on the network card: Machine A: 192.168.1.1/24 Machine B: 10.10.1.1/24 Question: How would for these machines to communicate, adding routes manually? Thanks -- Celso Vianna BSD User: 51318 http://www.bsdcounter.org 63 8404-8559 Palmas/TO ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] There shouldn't need to be any changes to the routing tables needed if they are directly connected. If they do need to be on seperate subnets, then you can add aliases to each interface so that they see each other as on the same subnet. On machine A: # ifconfig interface alias 10.10.1.2 255.255.255.0 (Any number that isn't 0, 1, or 255 ought to work for the interface address but we'll use 2 for simplicity) On machine B: # ifconfig interface alias 192.168.1.2 255.255.255.0 Hopefully this helps you. -- David Michael Curry (Dave) [EMAIL PROTECTED] () ASCII Ribbon Campaign | Against HTML e-mail /\ www.asciiribbon.org | Against proprietary extensions ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [OT] who wrote this
On Sun, Nov 25, 2007 at 10:03:30PM -0600, eBoundHost: Artur wrote: Wow neal, that's very nice of you. are you saying that hitler didn't do any of these things? I'm not even going to respond to you here, just going to re-post your words to show that there are still people like you out there... And as far as your sage to the moon quote, don't think too much of your own sagedom, there is always someone younger and smarter. You would be better off being a little less sagy and a bit nicer. Now to the rest of you who are for some reason turning this into a Censorship issue. It's not. I'm asking to replace the text on the HTML front page with a completely unnecessary reference to hitler. We're not talking about pruning the quotes database for controversial speakers. having hitlers name there does nothing positive for the project and polarizes the viewing audience because it offends the vast majority of people, 99% of whom are not going to spend an evening writing to a mailing list to have the issue fixed. They won't think about the deep philosophical reasons why this should be there in principle. They are going to read the page and think to themselves that the freebsd community are a bunch of jerks. There are far better ways to express the thought than by simply saying hitler quotes. For instance it can be replaced with controversial persons or something similar. He was not the only such person in history, so we should not be focusing only on him. Since this point has been raised already I won't stick with it too long. It has been pointed out multiple times that this is not the proper forum to debate this point for one. For two if you have submitted your request for the revision to the proper people then _the community_ can take your suggestions under advisement and decide if it really is improper to be using Hitler quotes as opposed to some other phrasing. As it is, I think you've extensively made the point for why it was a good choice. The reaction to Hitler should not be such that simply being associated with the name justifies people taking offense. On the flip side of this, saying that it being a Hitler quote doesn't automatically make it offensive doesn't lessen the terrible impact that he actually had, and as such doesn't warrant censorship (Despite your protestations to the contrary, censorship is the very act of removing items deemed offensive to a body). Unless you can come up with a legitimate reason that Hitler should be removed, you're not going to bring much sympathy to your cause. --- David Michael Curry (Dave) [EMAIL PROTECTED] () ASCII Ribbon Campaign | Against HTML e-mail /\ www.asciiribbon.org | Against proprietary extensions ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
PPPoE dialer CPU usage
Hi. I was wondering if anyone had any idea what might be causing excessive CPU usage by the rp-pppoe dialer. What I've been running into is since the 5th, the message Unexpected packet code 9 has been showing up every 10 seconds in syslog, the CPU usage is maxed, I seem to be getting pinged by my PPPoE gateway every 10 seconds, and I can't seem to find out what the cause of this is. Have checked other net traffic to no avail, tried compiling the dialer with debugging options which did nothing, and any sort of insight that could be offered at this point is dearly welcome. -- David Michael Curry (Dave) [EMAIL PROTECTED] () ASCII Ribbon Campaign | Against HTML e-mail /\ www.asciiribbon.org | Against proprietary extensions ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: PPPoE dialer CPU usage
On Sun, Oct 14, 2007 at 12:37:43AM +0100, RW wrote: On Fri, 12 Oct 2007 22:57:25 -0500 Dave Curry [EMAIL PROTECTED] wrote: Hi. I was wondering if anyone had any idea what might be causing excessive CPU usage by the rp-pppoe dialer. What I've been running into is since the 5th, the message Unexpected packet code 9 has been showing up every 10 seconds in syslog, the CPU usage is maxed, I seem to be getting pinged by my PPPoE gateway every 10 seconds, and I can't seem to find out what the cause of this is. Have checked other net traffic to no avail, tried compiling the dialer with debugging options which did nothing, and any sort of insight that could be offered at this point is dearly welcome. Is there any particular reason for using the roaring-penguin version? ppp in the base-system works fine for me, and it uses next to no cpu time. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Yeah, I had mistakenly compiled ppp without netgraph support (Just found that out today), so I was using rp-pppoe. Since I fixed the problem with ppp it's not vitally important to find out what hosed rp-pppoe now, though if anyone can offer info on what caused this it'd be nice to know for curiosity's sake. -- David Michael Curry (Dave) [EMAIL PROTECTED] () ASCII Ribbon Campaign | Against HTML e-mail /\ www.asciiribbon.org | Against proprietary extensions ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
