Re: /dev/dri registration
On 04/03/2017 18:09, Slawa Olhovchenkov wrote: I am have strange issuse on stable/10: # devinfo -v nexus0 apic0 ram0 acpi0 [...] pcib0 pnpinfo _HID=PNP0A08 _UID=0 at handle=\_SB_.PCI0 pci0 hostb0 pnpinfo vendor=0x8086 device=0xd130 subvendor=0x1014 subdevice=0x03ce class=0x06 at slot=0 function=0 dbsf=pci0:0:0:0 pcib1 pnpinfo vendor=0x8086 device=0xd138 subvendor=0x1014 subdevice=0x03ce class=0x060400 at slot=3 function=0 dbsf=pci0:0:3:0 handle=\_SB_.PCI0.P0P2 pci1 vgapci0 pnpinfo vendor=0x10de device=0x0a20 subvendor=0x1458 subdevice=0x34d6 class=0x03 at slot=0 function=0 dbsf=pci0:1:0:0 drm0 drmn0 nvidia0 But /dev/dri don't exist! # kldstat Id Refs AddressSize Name 1 80 0x8020 17e87f8 kernel 21 0x819e9000 309780 zfs.ko 32 0x81cf3000 6040 opensolaris.ko 41 0x81cfa000 7aa58if_em.ko 51 0x81d75000 29bd0drm.ko 61 0x81d9f000 82898drm2.ko 72 0x81e22000 6298 iicbus.ko 81 0x81e29000 1c650uart.ko 91 0x82011000 56f3 fdescfs.ko 101 0x82017000 a681 linprocfs.ko 113 0x82022000 7522 linux_common.ko 121 0x8202a000 5673 linsysfs.ko 131 0x8203 364c ums.ko 141 0x82034000 10226snd_uaudio.ko 151 0x82045000 2ba8 uhid.ko 163 0x82048000 4e626vboxdrv.ko 172 0x82097000 2b82 vboxnetflt.ko 182 0x8209a000 ba2f netgraph.ko 191 0x820a6000 414f ng_ether.ko 201 0x820ab000 3fd4 vboxnetadp.ko 212 0x820af000 3d5dalinux.ko 221 0x820ed000 964496 nvidia.ko What is wrong in may setup? ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org" It seems that you are using the nvidia driver I have presently 2 systems with this driver, and none of them have a /dev/dri, and this have always been the case as far as I can recall. Claude Buisson ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: svn commit: r315514 - in stable/11: . contrib/netcat lib/libipsec sbin/ifconfig sbin/ipfw sbin/setkey share/man/man4 sys/conf sys/libkern sys/modules sys/modules/ipsec sys/modules/tcp/tcpmd5 sys/n
On 4/4/2017 2:24 AM, Andrey V. Elsukov wrote: > On 04.04.2017 00:39, Mike Tancsa wrote: > It seems you have encrypted your config, because I don't see IP with 128 > octets :) :) > > One question, does this even worked before? > You have many SAs with the same destination address, it seems to me, > that this should not work with old IPsec code, because it uses SA > lookups using only destination address. So, if you have not the same > password for each SA, it should not work. > > Can you try the attached patch? > It did. In the past, inbound sigs I think just didnt work, but it was uninteresting for the purpose of this app. In this case, it was for bgp passwords. I was more concerned with sending the correct password to the peer. So it was one source IP with many destination addresses (over a dozen). For the old config I just had the policy in one direction as well. It seems now with the new ipsec code, I must have the policy in both directions ? The man page for setkey implies I only need one entry. Also, should the SPI always been the same, or unique ? compiling the patch now. ---Mike -- --- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, m...@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/ ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: svn commit: r315514 - in stable/11: . contrib/netcat lib/libipsec sbin/ifconfig sbin/ipfw sbin/setkey share/man/man4 sys/conf sys/libkern sys/modules sys/modules/ipsec sys/modules/tcp/tcpmd5 sys/n
On 04.04.2017 13:55, Mike Tancsa wrote: >> You have many SAs with the same destination address, it seems to me, >> that this should not work with old IPsec code, because it uses SA >> lookups using only destination address. So, if you have not the same >> password for each SA, it should not work. >> >> Can you try the attached patch? >> > > It did. In the past, inbound sigs I think just didnt work, but it was > uninteresting for the purpose of this app. In this case, it was for bgp Yes, I checked stable/10 code, it seems TCP-MD5 always used one SA for both inbound and outbound direction. > passwords. I was more concerned with sending the correct password to > the peer. So it was one source IP with many destination addresses (over > a dozen). For the old config I just had the policy in one direction as > well. It seems now with the new ipsec code, I must have the policy in > both directions ? Yes, you need SA for both directions. > The man page for setkey implies I only need one entry. > > Also, should the SPI always been the same, or unique ? SPI is not used by this code, it only needed for compatibility with SADB. Better to use unique SPI for each SA, but for TCP-MD5 it will work anyway. :) -- WBR, Andrey V. Elsukov signature.asc Description: OpenPGP digital signature
Re: svn commit: r315514 - in stable/11: . contrib/netcat lib/libipsec sbin/ifconfig sbin/ipfw sbin/setkey share/man/man4 sys/conf sys/libkern sys/modules sys/modules/ipsec sys/modules/tcp/tcpmd5 sys/n
On 4/4/2017 7:18 AM, Andrey V. Elsukov wrote: > On 04.04.2017 13:55, Mike Tancsa wrote: >>> You have many SAs with the same destination address, it seems to me, >>> that this should not work with old IPsec code, because it uses SA >>> lookups using only destination address. So, if you have not the same >>> password for each SA, it should not work. >>> >>> Can you try the attached patch? Thanks, the patch works! I am able to load all 42 rules now. I am going to test them in the lab against a few VMs prior to deployment. ---Mike -- --- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, m...@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/ ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: svn commit: r315514 - in stable/11: . contrib/netcat lib/libipsec sbin/ifconfig sbin/ipfw sbin/setkey share/man/man4 sys/conf sys/libkern sys/modules sys/modules/ipsec sys/modules/tcp/tcpmd5 sys/n
On 4/4/2017 7:18 AM, Andrey V. Elsukov wrote: > On 04.04.2017 13:55, Mike Tancsa wrote: > > Yes, you need SA for both directions. > >> The man page for setkey implies I only need one entry. >> >> Also, should the SPI always been the same, or unique ? > > SPI is not used by this code, it only needed for compatibility with > SADB. Better to use unique SPI for each SA, but for TCP-MD5 it will work > anyway. :) > Perhaps to the man pages, this small change ? --- sbin/setkey/setkey.8.prev 2017-04-04 15:11:03.312911000 -0400 +++ sbin/setkey/setkey.82017-04-04 15:53:31.296152000 -0400 @@ -696,6 +696,7 @@ Use TCP MD5 between two numerically specified hosts: .Bd -literal -offset indent add 10.1.10.34 10.1.10.36 tcp 0x1000 -A tcp-md5 "TCP-MD5 BGP secret" ; +add 10.1.10.36 10.1.10.34 tcp 0x1000 -A tcp-md5 "TCP-MD5 BGP secret" ; .Ed .\" .Sh SEE ALSO ---Mike -- --- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, m...@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/ ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
FreeBSD-update incorrectly reporting that it is approaching End of Life
FreeBSD-update has outdated release lifetime data, and is emitting a false warning that the End-of-Life date for FreeBSD 11.0-RELEASE-p8 is approaching. | WARNING: FreeBSD 11.0-RELEASE-p8 is approaching its End-of-Life date. | It is strongly recommended that you upgrade to a newer | release within the next 2 months. The warning should be ignored, and will be corrected as soon as possible. ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
