Invite from Sergey Lapin ([EMAIL PROTECTED])
Join Sergey on Quechup You have been invited to join SergeyLapin's friends network http://quechup.com/ - REGISTER NOW FOR FREE and find out why everyone's joining As a member of Quechup you can... - Start a blog and share your thoughts with private groups, friends or the world - Get in touch with old friends. - Meet new people in your area, or anywhere else in the world. - Online instant messenger with full video and audio support. - Socialize with 'friends-of-friends' and mutual acquaintances. - Increase your social circle ... and so much more! Become part of Sergey's Quechup.com friends. New amp; Coming Soon on Quechup - Games - play Solitaire, Mahjong, Dice, Bubble Up and more online - Blogs - let people know what you're up to - Video Posts - use your webcam to record video clips on Quechup - Member Comments - on photos and blogs -- You received this because Sergey Lapin ([EMAIL PROTECTED]) knows and agreed to invite you. You will only receive one invitation from [EMAIL PROTECTED] Quechup will not spam or sell your email address, see our privacy policy - http://quechup.com/privacy.php Go to http://quechup.com/emailunsubscribe.php/ZW09ZnJlZWJzZC1xdWVzdGlvbnNAZnJlZWJzZC5vcmc%3D if you do not wish to receive any more emails from Quechup. -- This e-mail was sent on behalf of SergeyCopyright Quechup.com 2007. Quechup.com is owned by iDate Ltd ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Broadcom BCM5721 Gigabit Ethernet Controllers
Hi, all!!! Are BCM5721's supported? We'd like to setup router on them - is it a good idea? Thanks a lot! S. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Kerberos authentication
Hi, all! There is simple Kerberos question. We have w2k3 PDC here and want to setup one machine (machine.domain.com) to interoperate with it. Samba's net ads join works. kinit works. but telnet to machine.domain.com from the same machine fails with thw following debug: [ Trying mutual KERBEROS5 (host/[EMAIL PROTECTED])... ] Kerberos V5: mk_req failed (Message stream modified) [ Trying KERBEROS5 (host/[EMAIL PROTECTED])... ] Kerberos V5: mk_req failed (Message stream modified) -bash-2.05b$ klist Credentials cache: FILE:/tmp/krb5cc_1002 Principal: [EMAIL PROTECTED] Issued Expires Principal Aug 17 21:06:40 Aug 18 07:06:40 krbtgt/[EMAIL PROTECTED] /etc/krb5.conf: [libdefaults] default_realm = DOMAIN.COM default_keytab_name = FILE:/etc/krb5.keytab dns_lookup_realm = false dns_lookup_kdc = true [domain_realm] .domain.com = DOMAIN.COM [realms] DOMAIN.COM = { kdc = tcp/dc.domain.com kpasswd_server = dc.domain.com admin_server = udp/dc.domain.com } ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
kernel debugger
Hi! We have some networking problem, with PF and route-to, actually, system locks and sends junk to net. But I'm able to enter debugger. Is it possible to localize problem using it? I have acess to console and get do debugger prompt. I'd like to make proper report using debugger to send to freebsd-pf list. Thanks a lot! Sergey Lapin System Administrator ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
pf problems
on $dmz_if route-to ($ext_if1 $ext_gw1) proto tcp tagged DMZ_TO_EXT1 flags S/SA modulate state pass in quick on $dmz_if route-to ($ext_if1 $ext_gw1) proto { udp, icmp } tagged DMZ_TO_EXT1 keep state pass in quick on $dmz_if route-to ($ext_if2 $ext_gw2) proto tcp tagged DMZ_TO_EXT2 flags S/SA modulate state pass in quick on $dmz_if route-to ($ext_if2 $ext_gw2) proto { udp, icmp } tagged DMZ_TO_EXT2 keep state # Allow OUT traffic pass out quick on $ext_if1 route-to ($ext_if2 $ext_gw2) proto tcp tagged DMZ_TO_EXT2 flags S/SA modulate state pass out quick on $ext_if1 route-to ($ext_if2 $ext_gw2) proto { udp, icmp } tagged DMZ_TO_EXT2 keep state pass out quick on $ext_if2 route-to ($ext_if1 $ext_gw1) proto tcp tagged DMZ_TO_EXT1 flags S/SA modulate state pass out quick on $ext_if2 route-to ($ext_if1 $ext_gw1) proto { udp, icmp } tagged DMZ_TO_EXT1 keep state # # Clasify traffic from Internet to DMZ # # # WHISKEY pass in on vlan0 proto tcp from any to 1.1.1.144/32 port = 22 flags S/SA keep state tag EXT1_TO_DMZ pass in on vlan1 proto tcp from any to 2.2.2.2/32 port = 22 flags S/SA keep state tag EXT2_TO_DMZ # # Allow classified traffic from Internet to DMZ # # # Pass to DMZ traffic already approved by earlier rules # and route replies to corresponding interface # EXT1 pass out quick on $dmz_if reply-to ($ext_if1 $ext_gw1) proto tcp tagged EXT1_TO_DMZ flags S/SA keep state pass out quick on $dmz_if reply-to ($ext_if1 $ext_gw1) tagged EXT1_TO_DMZ keep state # EXT2 pass out quick on $dmz_if reply-to ($ext_if2 $ext_gw2) proto tcp tagged EXT2_TO_DMZ flags S/SA keep state pass out quick on $dmz_if reply-to ($ext_if2 $ext_gw2) tagged EXT2_TO_DMZ keep state # # Other traffic # # # general pass out rules for external interfaces pass out on { $ext_if1, $ext_if2, $dmz_if } proto tcp from any to any flags S/SA modulate state pass out on { $ext_if1, $ext_if2, $dmz_if } proto { udp, icmp } from any to any keep state # Zebra uses IGMP so let it work on DMZ interface pass out on $dmz_if proto igmp from any to any allow-opts Test case: (done from Linix machine from 1.1.1.128/25) tcpreplay -e 1.1.1.133:255.255.255.255 -i eth0 packet (where packet is random captured UDP packet using tcpdump -peni) or tcpreplay -e 1.1.1.133:10.2.2.2 -i eth0 packet (where packet is random captured UDP packet) kills machine. Machine hangs and doesn't react on keyboard, whatever. Only reset helps. Directly blocking addresses in pf.conf help and normal connections with UDP disabled work well. Any ideas? Thanks a lot! Sergey Lapin System Administrator ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: dummynet problems
I don't use dummynet myself, but surely it would be easier to help you if you described what the actual problem is? Well, actual problem description: FreeBSD-5.3 router; rl0 - internal interface rl1 - external. rl1 is connected to ADSL modem from provider; The link bandwidth is 64kbps. ${fwcmd} -f flush ${fwcmd} -f pipe flush ${fwcmd} pipe 1 config bw 64Kbit/s queue 10KBytes ${fwcmd} queue 4 config pipe 1 weight 1 mask dst-ip 0x buckets 10 queue 9 gred 0.002/7/21/0.1 ${fwcmd} add 780 queue 4 log logamount 10 tcp from any to 192.168.0.30/32 out via rl0 ${fwcmd} queue 10 config pipe 1 weight 100 mask dst-ip 0x queue 9 gred 0.002/7/21/0.1 ${fwcmd} add 790 queue 10 log logamount 10 tcp from any to 192.168.0.99/32 out via rl0 ${fwcmd} queue 25 config pipe 1 weight 30 mask dst-ip 0x buckets 15 queue 10 gred 0.002/7/21/0.1 ${fwcmd} queue 20 config pipe 1 weight 100 mask dst-ip 0x buckets 100 queue 9 gred 0.002/7/21/0.1 ${fwcmd} queue 30 config pipe 1 weight 20 mask dst-ip 0x buckets 100 queue 9 gred 0.002/7/21/0.1 ${fwcmd} queue 40 config pipe 1 weight 10 mask dst-ip 0x buckets 100 queue 9 gred 0.002/7/21/0.1 ${fwcmd} add 891 queue 20 log logamount 10 tcp from any 5190 to 192.168.0.1/25 out via rl0 ${fwcmd} add 892 queue 25 log logamount 10 tcp from any to 192.168.0.6 out via rl0 ${fwcmd} add 893 queue 25 log logamount 10 tcp from any to 192.168.0.29 out via rl0 ${fwcmd} add 894 queue 25 log logamount 10 tcp from any to 192.168.0.62 out via rl0 ${fwcmd} add 895 queue 25 log logamount 10 tcp from any to 192.168.0.27 out via rl0 ${fwcmd} add 898 queue 30 log logamount 10 tcp from any 25,110,43,53,119,123,143,953 to 192.168.0.1/25{1-3,5,7-26,28,31-61,63-98,100} out via rl0 ${fwcmd} add 897 queue 40 log logamount 10 tcp from any 80,443,3128,21,20 to 192.168.0.1/25{1-3,5,7-26,28,31-61,63-98,100} out via rl0 ipfw pipe show: 1: 99.000 Kbit/s0 ms 10 KB 0 queues (1 buckets) droptail mask: 0x00 0x/0x - 0x/0x q4: weight 1 pipe 19 sl. 1 queues (10 buckets) GRED w_q 0.001999 min_th 7 max_th 21 max_p 0.01 mask: 0x00 0x/0x - 0x/0x BKT Prot ___Source IP/port Dest. IP/port Tot_pkt/bytes Pkt/Byte Drp 2 ip 0.0.0.0/0192.168.0.30/0 2198 1821083 00 43 q00010: weight 100 pipe 19 sl. 1 queues (64 buckets) GRED w_q 0.001999 min_th 7 max_th 21 max_p 0.01 mask: 0x00 0x/0x - 0x/0x BKT Prot ___Source IP/port Dest. IP/port Tot_pkt/bytes Pkt/Byte Drp 51 ip 0.0.0.0/0192.168.0.99/09 813 00 0 q00020: weight 100 pipe 19 sl. 13 queues (100 buckets) GRED w_q 0.001999 min_th 7 max_th 21 max_p 0.01 mask: 0x00 0x/0x - 0x/0x BKT Prot ___Source IP/port Dest. IP/port Tot_pkt/bytes Pkt/Byte Drp 2 ip 0.0.0.0/0192.168.0.30/0 42 6662 00 0 5 ip 0.0.0.0/0 192.168.0.1/0 36 6054 00 0 13 ip 0.0.0.0/0 192.168.0.9/0 37 5021 00 0 15 ip 0.0.0.0/0192.168.0.11/0 6116333 00 0 25 ip 0.0.0.0/0192.168.0.53/0 23 3463 00 0 29 ip 0.0.0.0/0192.168.0.85/0 20123807 00 0 33 ip 0.0.0.0/0192.168.0.61/0 65 6704 00 0 34 ip 0.0.0.0/0192.168.0.62/0 16639971 00 0 38 ip 0.0.0.0/0192.168.0.94/0 36 7726 00 0 39 ip 0.0.0.0/0192.168.0.35/0 15162681 00 0 47 ip 0.0.0.0/0192.168.0.71/0 20717475 00 0 88 ip 0.0.0.0/0192.168.0.16/0 25 4751 00 0 98 ip 0.0.0.0/0192.168.0.26/0 44 8235 00 0 q00025: weight 30 pipe 1 10 sl. 2 queues (15 buckets) GRED w_q 0.001999 min_th 7 max_th 21 max_p 0.01 mask: 0x00 0x/0x - 0x/0x BKT Prot ___Source IP/port Dest. IP/port Tot_pkt/bytes Pkt/Byte Drp 5 ip 0.0.0.0/0 192.168.0.6/0 1093 518028 00 51 14 ip 0.0.0.0/0192.168.0.62/0 3604 2254945 4 3098 50 q00030: weight 20 pipe 19 sl. 8 queues (100 buckets) GRED w_q 0.001999 min_th 7 max_th 21 max_p 0.01 mask: 0x00 0x/0x - 0x/0x BKT Prot ___Source IP/port Dest. IP/port Tot_pkt/bytes Pkt/Byte Drp 15 ip 0.0.0.0/0192.168.0.11/0 20 1081 00 0 33 ip 0.0.0.0/0192.168.0.61/0 14224203 00 0 38 ip 0.0.0.0/0192.168.0.94/0 21 1008 00 0 39 ip 0.0.0.0/0192.168.0.35/0 21 3090 00 0 53 ip 0.0.0.0/0192.168.0.77/0 848
dummynet problems
Hi, all! Here I have a problem with dummynet. System is FreeBSD-5.3-STABLE month ago. we have very small bandwidth from LAN. rl0 is internal interface. ipfw rukes are (fwcmd=/sbin/ipfw): ${fwcmd} pipe 1 config bw 60Kbit/s ${fwcmd} add 778 pipe 1 tcp from any 25,43,53,80,110,119,123,143,953,5190 to 192.168.0.0/25 out via rl0 ${fwcmd} queue 1 config pipe 1 weight 100 mask dst-ip 0x queue 5 ${fwcmd} add 790 queue 1 log logamount 10 tcp from any to 192.168.0.99 out via rl0 ${fwcmd} queue 2 config pipe 1 weight 100 mask dst-ip 0x0fff buckets 150 queue 10 ${fwcmd} queue 3 config pipe 1 weight 30 mask dst-ip 0x0fff buckets 150 queue 10 ${fwcmd} queue 4 config pipe 1 weight 70 mask dst-ip 0x0fff buckets 150 queue 10 ${fwcmd} add 791 queue 2 log logamount 10 tcp from any 5190 to 192.168.0.0/25 out via rl0 ${fwcmd} add 795 queue 3 log logamount 10 tcp from any 80,3128,21,20 to 192.168.0.0/25 out via rl0 ${fwcmd} add 792 queue 4 log logamount 10 tcp from any 25,110,43,53,119,123,143,953 to 192.168.0.0/25 out via rl0 Thanks a lot! S. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]