On Tue, Jul 20, 2004 at 10:04:43AM +0200, Andre Oppermann wrote:
A> > Anyway the idea is to fail the check if the route has RTF_REJECT or
A> > RTF_BLACKHOLE flag, under loose-check (ifp set to NULL) operation, which is
A> > an easy straight forward change.
A>
A> How do you set the RTF_REJECT or RT
On Mon, Jul 19, 2004 at 10:12:38PM -0400, James wrote:
J> /* if no ifp provided, check if rtentry is not default route */
J> if (ifp == NULL &&
J> satosin(rt_key(ro.ro_rt))->sin_addr.s_addr == INADDR_ANY) {
J> RTFREE(ro.ro_rt);
J> return
On Thu, Jul 15, 2004 at 11:53:28AM -0400, Gary Corcoran wrote:
G> My research indicates that rather than doing the usual DHCP DISCOVER to
G> start things off, I should be able to send a DHCP INFORM message,
G> which includes my already-assigned IP address. The DHCP server should
G> see this, it th
On Wed, Jul 14, 2004 at 07:57:52PM -0400, Gary Corcoran wrote:
G> I shutdown my regular DHCP server over the em0 ethernet interface,
G> and tried starting up dhcpd to use the ng0 interface that gets
G> created by mpd. It complains a little about em0 and ng0 using
G> the same subnet, but starts up
On Tue, Jul 13, 2004 at 03:39:50AM -0700, Yohan wrote:
Y> ive done mpd by the book .. but i still get the output
Y> i sent you last time .. also could you give me a
Y> pointer as to how i could get natd working with mpd
natd on ngX interface works just as on any other kinf of interface.
Take a loo
On Mon, Jul 12, 2004 at 02:55:36AM -0700, Yohan wrote:
Y> gleb,
Y>
Y> on your advice im trying mpd istead of ppp. i seem to
Y> have problems of a different kind with mpd. mpd now
Y> connects ONLY after i run ppp .. i think .. else i get
Y> the following in the mpd.log
Please check that ng_ether.k
On Mon, Jul 12, 2004 at 02:55:36AM -0700, Yohan wrote:
Y> on your advice im trying mpd istead of ppp. i seem to
Y> have problems of a different kind with mpd. mpd now
Y> connects ONLY after i run ppp .. i think .. else i get
Y> the following in the mpd.log
What version of mpd are you using?
--
T
On Sat, Jul 10, 2004 at 01:20:10PM -0700, Yohan wrote:
Y> The ppp.log is attached below. i noticed "Jul 11
Y> 01:01:05 chennai ppp[182]: tun0: Phase: deflink: **
Y> Too many ECHO LQR packets lost ** " as the reason for
Y> disconnect. ppp tries to reestablish the connection
Y> but even after that th
On Tue, Jul 06, 2004 at 01:32:43AM -0700, Yohan wrote:
Y> The connection hangs invariably after 8 - 10 hours. It
Y> resumes after i kill the ppp process and redial. Could
Y> it be because the isp is re-assingning my IP. How do i
Y> automatically renew my IP with the ISP's DHCP server.
This is a co
On Mon, Jun 21, 2004 at 06:44:26AM -0700, Yohan wrote:
Y> Anyways the value of PTT_RELAY_SID in my
Y> /usr/include/netgraph/ng_pppoe.h in the Tag
Y> Identifiers section is (0x0106).
May be this is causing problem. This value is incorrect and it is already
fixed in recent CURRENT or STABLE.
Try to
On Mon, Jun 21, 2004 at 06:04:32AM -0700, Yohan wrote:
Y> 17:48:04.718691 0:8:a1:5f:b5:4b Broadcast 8863 60:
Y> PPPoE PADI [Host-Uniq UTF8]
Y> 17:48:04.732330 0:4:e6:4:41:1 0:8:a1:5f:b5:4b 8863 76:
Y> PPPoE PADO [AC-Name "BANYAN"] [AC-Cookie UTF8]
Y> [Service-Name] [Relay-Session-ID UTF8] [Host-Uni
On Sun, Jun 20, 2004 at 09:05:19AM -0700, Yohan wrote:
Y> Im using PPPoE / FreeBSD 4.9 with a DSL line provided by my ISP. The same modem /
line works fine / connects to the internet on a Windows 2000 machine. But when i use
it with my FreeBSD machine using ppp i get the following message in my
On Mon, Jun 14, 2004 at 10:48:34AM -0400, James Housley wrote:
J> For testing of a product I would like to be able to modify or even drop
J> packets based on their content. What I have in mind is forcing the
J> packets through a firewall that would redirect all packet to a netgraph
J> node that wo
On Tue, Jun 08, 2004 at 09:52:35AM +0300, Ruslan Ermilov wrote:
R> > J> > J> In addition the ng_ksocket node adds info into metadata and I suspect
R> > J> > J> there are people using that.
R> > J> >
R> > J> > Since ng_ksocket tags packets for itself only, we can safely change it.
R> > J>
R> > J>
On Mon, Jun 07, 2004 at 04:58:27PM -0400, Brian Feldman wrote:
B> > Seems like you problem is caused (indirectly) by mbuma import. See
B> >
B> > http://lists.freebsd.org/pipermail/freebsd-current/2004-June/028153.html
B> >
B> > Perhaps Bosko has more comments.
B>
B> Please try removing both KASS
On Mon, Jun 07, 2004 at 04:11:47PM +0200, Peter Ulrich Kruppa wrote:
P> Sorry for topposting, but I don't know if this has got something
P> to do with your changes:
P> I am trying to rebuild my -CURRENT system now for some days and
P> keep receiving panic messages from ng_ppoe
P> like this
P>
P>
On Mon, Jun 07, 2004 at 10:38:12AM +0300, Ruslan Ermilov wrote:
R> On Mon, Jun 07, 2004 at 11:17:01AM +0400, Gleb Smirnoff wrote:
R> > On Sun, Jun 06, 2004 at 06:35:51PM -0700, Julian Elischer wrote:
R> > J> In addition the ng_ksocket node adds info into metadata and I suspect
On Mon, Jun 07, 2004 at 12:35:56AM -0700, Julian Elischer wrote:
J> > On Sun, Jun 06, 2004 at 06:35:51PM -0700, Julian Elischer wrote:
J> > J> In addition the ng_ksocket node adds info into metadata and I suspect
J> > J> there are people using that.
J> >
J> > Since ng_ksocket tags packets for itse
On Sun, Jun 06, 2004 at 06:35:51PM -0700, Julian Elischer wrote:
J> In addition the ng_ksocket node adds info into metadata and I suspect
J> there are people using that.
Since ng_ksocket tags packets for itself only, we can safely change it.
--
Totus tuus, Glebius.
GLEBIUS-RIPN GLEB-RIPE
___
Dear networkers,
there is a problem in connect() syscall, which can be reproduced
on a box running without default route.
According to POSIX, connect() must return if ENETUNREACH, if a route to
destination was not found.
http://www.opengroup.org/onlinepubs/95399/functions/connect.html
On Fri, May 28, 2004 at 02:35:35PM -0700, Julian Elischer wrote:
J> there are some more nodes in the tree that are not in the
J> netgraph directory.
Roman already pointed me to them. This mail with small diffs is dealing with them.
--
Totus tuus, Glebius.
GLEBIUS-RIPN GLEB-RIPE
_
On Fri, May 28, 2004 at 07:14:45PM +0400, Roman Kurakin wrote:
R> >On Fri, May 28, 2004 at 06:31:18PM +0400, Roman Kurakin wrote:
R> >R> >On Fri, May 28, 2004 at 05:50:21PM +0400, Roman Kurakin wrote:
R> >R> >R> >Here is the first one - convert all ng_type initializers to C99
R> >sparse R> >R> >ty
On Fri, May 28, 2004 at 06:31:18PM +0400, Roman Kurakin wrote:
R> >On Fri, May 28, 2004 at 05:50:21PM +0400, Roman Kurakin wrote:
R> >R> >Here is the first one - convert all ng_type initializers to C99 sparse
R> >R> >type.
R> >R> >
R> >R> Hey guys, it seems all of you forgot about device nodes :-
On Fri, May 28, 2004 at 05:50:21PM +0400, Roman Kurakin wrote:
R> >Here is the first one - convert all ng_type initializers to C99 sparse
R> >type.
R> >
R> Hey guys, it seems all of you forgot about device nodes :-)
Which ones? Just point me and I'll send diffs. My fingers can already convert
ng
On Fri, May 28, 2004 at 01:31:09AM -0700, Julian Elischer wrote:
J> It'd be best to make the change to sparse initialisers a separate patch
J> that I cold commit separatly,
J> so reduce teh size of the functionality change patch.
... and describe this behavior in manpage.
--
Totus tuus, Glebius.
On Fri, May 28, 2004 at 01:31:09AM -0700, Julian Elischer wrote:
J> It'd be best to make the change to sparse initialisers a separate patch
J> that I cold commit separatly,
J> so reduce teh size of the functionality change patch.
And here is next patch, that must be applied after c99-patch. It int
As always I've forgot to attach file to previous mail. Here it is.
--
Totus tuus, Glebius.
GLEBIUS-RIPN GLEB-RIPE
? ng_ipfw.c
? ng_ipfw.h
Index: ng_UI.c
===
RCS file: /home/ncvs/src/sys/netgraph/ng_UI.c,v
retrieving revision 1.17
dif
On Fri, May 28, 2004 at 01:31:09AM -0700, Julian Elischer wrote:
J> > JE>> If you do that, I suppose you need to edit all the nodes, right?. In that
J> > JE>> case could you please convert the initialisation of the typestructs
J> > JE>> to use C99 sparse initialisation? In that case future changes
On Fri, May 28, 2004 at 01:15:06AM -0700, Julian Elischer wrote:
J> > JE>> So, what about adding one more netgraph method into struct ng_type, say
J> > JE>> ng_preshutdown_t? This method is called first in ng_rmnode(), and then
J> > JE>> current shutdown sequence is followed. We will set it to N
Hi collegues,
I'm again with the issue about node destruction process. If you
already forgot the problem, I'll remind you: in RELENG_4 node cuts down
all its hooks itself from shutdown method, while in HEAD it is done
in ng_rmnode() _before_ calling shutdown method. This breaks
ng_tee behavio
On Thu, May 13, 2004 at 05:55:05PM +0800, Eugene Grosbein wrote:
E> Please make it possible (using sysctl or any other mean) to
E> disable M_SKIP_FIREWALL for such packets (I suppose 'unreach' rules
E> are affected too). I DO need to process ALL outgoing packets.
E> For exapmle, I must use 'ipfw fw
On Thu, May 13, 2004 at 05:31:46PM +0800, Eugene Grosbein wrote:
E> > > When a rule 'reset tcp' matches, a kernel generates new TCP packet.
E> > > Will it have to go through ipfw list (from the beginning or not)?
E> >
E> > ipfw2 uses an mbuf flag to bypass the firewall - I am not sure if i
E> > on
On Fri, May 07, 2004 at 04:31:08PM +0400, Dmitry Morozovsky wrote:
D> GS> FreeBSD has support for FR with help of nodes ng_frame_relay and ng_lmi. This
D> GS> support is hardware independent. And it works perfectly with cronyx adapters.
D> GS> What is a reason for merging hardware specific support
On Fri, May 07, 2004 at 04:08:52PM +0400, Dmitry Morozovsky wrote:
D> we're using Cronyx adapters, some of them in FremaRelay mode, which has been
D> supported by cronyx-made drivers available from vendor site for most of FreeBSD
D> versions. FR support involves modifications to sppp kernel routine
On Fri, May 07, 2004 at 11:39:06AM +0400, Andrew Riabtsev wrote:
A> JWW> Why the [ng_ether_rcvdata] won't check if packets should travel to
A> JWW> the [bdg_forward] when they are bridged packets?
A>
A> This is how it should work, you get entrance to low level network
A> (lower hook) and upper le
On Tue, Apr 27, 2004 at 10:19:59PM -0500, Steven N. Fettig wrote:
S> I know this is possible using a Cisco router with two or dual CSU/DSU's
S> for data T1's, but I am struggling to figure out how to get this to work
S> with FreeBSD:
S> I have a Sangoma Dual T1 (CSU/DSU) card in a FreeBSD box I
On Mon, Apr 19, 2004 at 10:37:38AM +0300, Ruslan Ermilov wrote:
R> > does anyone can give me a hint? I want to inject some traffic with
R> > a specific destination to netgraph.
R> > For example I want to route all traffic with dst 10.0.0.0/8 to my
R> > netgraph node, whereever it came from - ca
Dear networkers,
does anyone can give me a hint? I want to inject some traffic with
a specific destination to netgraph.
For example I want to route all traffic with dst 10.0.0.0/8 to my
netgraph node, whereever it came from - came on interface or
generated locally.
I see only one way to d
I need to set up a "loosely routed" tunnel between two boxes, one running
STABLE, and other 5.2.1-RELEASE. Under "loosely routed" I mean that tunnel
route won't be allocated once at tunnel creation, but looked up on every
emitting packet.
So, I have got a WAN link, and two routers standing on
On Fri, Mar 19, 2004 at 02:24:47PM +0100, Harti Brandt wrote:
H> From the point of code duplication and extendibility both approaches are
H> equivalent. In the second case you have the same three lines in the rcvmsg
H> function of every node that supports a given familiy (this is reduceable
H> to 1
On Fri, Mar 19, 2004 at 12:13:37PM +0100, Harti Brandt wrote:
H> It would be nice if it would be possible to classify a node to belong to
H> more than one family. I think, that the functionality provided by the
H> family stuff is more like the 'interface' stuff in Java. One example where
H> this ca
On Wed, Mar 17, 2004 at 11:52:53AM +, David Malone wrote:
D> I spent a while trying to get PPPoE going through a Netopia smart
D> modem last night. To cut a long story short, the values for
D> PTT_RELAY_SID in src/sys/netgraph/ng_pppoe.h are wrong (at least
D> when compared with tcpdump, linux
We have communicated a bit with ru in private mail. He insist
on some OO like model: if we invent some generic properties for
all interface nodes, they must be inherited, rather than supported
by the node itself.
So I have proposed a different approach, and ru liked it. What will
you say about it?
On Tue, Mar 16, 2004 at 03:18:32PM +0300, Zherdev Anatoly wrote:
Z> > > So no obvious suspect. Before digging deep into the code its better
Z> > > to have some more surrounding information.
Z> >
Z> > Another question: any packet filters in between ?
Z>
Z> Yes i have IPFW1 on this servers (it was
On Wed, Mar 10, 2004 at 08:11:40PM +0200, Alexander Motin wrote:
A> There is a two problems with support of PPPoE in mpd under 5.x:
A> 1. sometimes loading of netgraph modules on request cause system crash.
A> (You can compile in all required modules.)
Have you run kldxref after installing module
On Mon, Feb 23, 2004 at 03:47:55PM -0800, Julian Elischer wrote:
J> > All I've need - just create ksocket with inet/rawip/divert hook connected to
J> > ng_netflow iface0 hook (mkpeer netflow: ksocket iface0 inet/raw/divert),
J> > then "msg netflow: setdlt { iface=0 dlt=12 }" (Raw ip instead of ethe
On Mon, Mar 08, 2004 at 01:20:33PM +0300, Gleb Smirnoff wrote:
T> Imagine the following: you have node, which is connected to some generic
T> interface (it doesn't know which node type exactly). This node wants to
T> determine interface index of attached interfac. It would send
On Tue, Mar 09, 2004 at 08:53:56AM +0200, Ruslan Ermilov wrote:
R> On Tue, Mar 09, 2004 at 12:48:20AM +0300, Gleb Smirnoff wrote:
R> > On Mon, Mar 08, 2004 at 11:29:39PM +0200, Ruslan Ermilov wrote:
R> > R> > I have one more idea. Currently we have got 3 interface nodes: n
On Mon, Mar 08, 2004 at 11:29:39PM +0200, Ruslan Ermilov wrote:
R> > I have one more idea. Currently we have got 3 interface nodes: ng_ether,
ng_iface,
R> > ng_eiface. 2 of them already support "getifindex" message, imagine I (or someone
else) send
R> > you patch tomorrow, which adds support to
On Sun, Mar 07, 2004 at 03:02:28PM -0800, Ruslan Ermilov wrote:
R> Synopsis: [patch] new control message for ng_iface(4) - getifindex
R>
R> State-Changed-From-To: open->closed
R> State-Changed-By: ru
R> State-Changed-When: Sun Mar 7 15:01:03 PST 2004
R> State-Changed-Why:
R> Committed with tiny m
On Thu, Mar 04, 2004 at 12:26:51PM -0500, James wrote:
J> >that was my thought initially, BUT.. actually... you can
J> >actually do this no problem using mrtd dumps and pick it up with a
J> >program via bgp device :P no need to create another api it seems :)
J>
J> errr??? I meant bpf d
On Wed, Mar 03, 2004 at 01:10:34PM -0500, James wrote:
J> > Currently I'm working on my Netflow implementation, and I have faced the
J> > following problem: I've already got global routing in my routing table, but it
J> > lacks AS (Autonomous System) information. The routing daemon (zebra in my c
On Tue, Mar 02, 2004 at 02:16:13PM -0800, Randy Bush wrote:
R> > I do not insist that AS pathes in kernel are good idea. If you
R> > show me an other way to get AS information when constructing
R> > netflow exports in kernel, I'd be thankful.
R>
R> do we need to rediscover why flow export places a
Andre,
On Tue, Mar 02, 2004 at 03:34:54PM +0100, Andre Oppermann wrote:
A> > B> As to the second part of your mail: That sounds like a reasonable suggestion,
A> > B> I am sure Andre and others are paying attention to this and will take it on
A> > B> board when an implementation is nearer.
A> >
On Tue, Mar 02, 2004 at 01:07:58PM +0100, Brad Knowles wrote:
B> > Is there any plans about integration of BGP routing daemon (Zebra or
B> > Quagga) into FreeBSD? With BGP routing daemon onboard, FreeBSD will be
B> > a strong alternative against expensive commercial routers. I have
B> > successfu
On Tue, Mar 02, 2004 at 09:28:25AM +, Bruce M Simpson wrote:
B> However, not including an OSPF/BGP daemon doesn't preclude us from ensuring
B> that APIs which are exposed for advanced routing functionality (multipath,
B> etc) do the right thing across the board, are well defined, etc.
Yes, thi
On Tue, Mar 02, 2004 at 12:43:21AM -0800, Kris Kennaway wrote:
K> > B> That's the plan, I believe, anyway... It would be nice if Quagga could be
K> > B> taught about how to add TCP-MD5 keys to both FreeBSD and OpenBSD SADBs.
K> >
K> > Is there any plans about integration of BGP routing daemon (Z
Dear sirs,
On Tue, Mar 02, 2004 at 04:29:57AM +, Bruce M Simpson wrote:
B> > > > add multi-path and policy-routing options. (planned)
B> >
B> >would the policy-routing optioned table sort of similar to VRF's or
B> >different routing instances that could potentially be tied to u
On Wed, Feb 25, 2004 at 04:19:51PM +0200, Iasen Kostov wrote:
I> >>16:26:23.287642 0:1:2:9>c:cf:e2 0:02:55:b0:90:e4 0800 60: 127.0.0.1.80 >
I> >>192.168.118.205.1046: R 0:0(0) ack 1959723009 win 0
I> >
I> >This is some kind of Win32 virus. This floods can be easily
I> >stopped by ipfw rule:
I> >
I
On Wed, Feb 25, 2004 at 04:47:03PM +0300, Andrew Riabtsev wrote:
A> To me it would be also interesting to know where this traffic comes
A> from. I have same on my local net:
A>
A> # tcpdump -neifxp0 src or dst 127.0.0.1
A> tcpdump: listening on fxp0
A> 16:26:23.280737 0:50:fc:ed:d4:4 0:02:55:b0:90
On Tue, Feb 24, 2004 at 04:04:08PM +0300, Gleb Smirnoff wrote:
T> A> Ah, sorry, forgot that in my last email. The only thing is to use RTFREE().
T> A> At first I thought your reassigning of rt is a problem, but you free the
T> A> correct ro.ro_rt later.
T>
T> Thank you!
On Tue, Feb 24, 2004 at 04:59:24PM +0200, [EMAIL PROTECTED] wrote:
v> > trafd itself is very buggy. I'd better do not trust
v> > its data. Use ipcad, ipacct or ng_ipacct. trafd'd bugginess was discussed a
v> > lot in different russian-speaking mailinglists.
v>
v> Can you please be more specific?
Dear Andre,
On Tue, Feb 24, 2004 at 03:42:38PM +0100, Andre Rein wrote:
A> I'm running two different accounting programs at the firewall (ipcad &
A> trafd) and it looks like that trafd doesn't account the whole traffic,
A> because the sum of the individual tcp/udp/icmp traffic doesn't match the
On Tue, Feb 24, 2004 at 01:47:16PM +0100, Andre Oppermann wrote:
A> > A> > A> Maybe you do some nasty things to rt here?
A> > A> >
A> > A> > Really, I don't :) Exact code is given at end of the mail.
A> > A>
A> > A> You indeed do some nasty things.
A> >
A> > Please point me at 'em. I'm only readin
On Tue, Feb 24, 2004 at 01:20:18PM +0100, Andre Oppermann wrote:
A> > Thanks for this hint. So if using rtalloc_ign() I do not need to call rtfree()?
A> You still have to call rtfree() to decrement the refcount of the rtentry.
Thanks.
A> > A> Maybe you do some nasty things to rt here?
A> >
A> >
Andre,
I can provide you with any additional information,
since I have crashdump saved. I can dig into the problem myself
if you give me some pointers where to look at.
On Tue, Feb 24, 2004 at 11:14:59AM +0100, Andre Oppermann wrote:
A> Gleb Smirnoff wrote:
A> >
A> > Dea
Dear Andre,
first, thanks for your feedback.
On Tue, Feb 24, 2004 at 11:14:59AM +0100, Andre Oppermann wrote:
A> Most of the time, if you don't need a cloned route allocated, you can
A> just use rtalloc_ign(&ro, RTF_CLONING) to just get a reference to the
A> existing rtentry. Not allocating
On Tue, Feb 24, 2004 at 10:46:44AM +0300, Vasenin Alexander aka BlackSir wrote:
V> > I'd be glad if you show me your current netgraph setup script. Surely
V> > I can reproduce it myself, but live example would be better than
V> > imaginary.
V>
V> Here it is(latest version - 'echotee'):
Thanks for
Dear sirs,
please take a look at the following problem. I've been
successfully using the following code on STABLE and 5.1-RELEASE:
struct route ro;
struct sockaddr_in *sin;
bzero((caddr_t)&ro, sizeof(ro));
sin = (struct sockaddr_in *)&ro.ro_dst;
sin->s
On Mon, Feb 23, 2004 at 10:32:42PM +0300, Vasenin Alexander aka BlackSir wrote:
V> But there is bug in "ipfw tee" - packets is always immediately accepted
V> instead of continue going through the ruleset, so tee must be the last
V> rule(So, ng_netflow never see packets that denied by ipfw before te
On Sun, Feb 22, 2004 at 03:17:38PM -0800, Julian Elischer wrote:
J> you can open a divert socket as a netgraph node by openning a ksocket
J> node with protocol 'divert'.
I didn't think of ng_ksocket as a divert socket. Thanks for pointing me
at this!
Really one can use "ipfw tee" to pass demasque
On Sun, Feb 22, 2004 at 04:43:40PM +0300, Vasenin Alexander aka BlackSir wrote:
V> Yep... But it not so obvious for man like me, who thought just a week ago
V> that netgraph is something beetween net & graphics... like MRTG
V> LOL
V>
V> Another question:
V> Is is possible that ng_netflow take pack
On Sat, Feb 21, 2004 at 11:44:27AM -0800, Julian Elischer wrote:
J> more likely the depednency should be registerred so that it is
J> done automatically.
Is it possible to make port dependant on kernel module
shipped with base system? How?
For example sysutils/ips is not dependant on ipfw. It is o
On Sat, Feb 21, 2004 at 12:11:43AM +0200, Anton Blajev wrote:
A> I'm writing with an idea,
A> As we saw NAS-Port is not obligatory, it's used to say about the port
A> client's using to connect, okay...
A> but why ins't ppp sending
A> NAS-Port = tun0 for example (with the other type value:
A> some
On Fri, Feb 20, 2004 at 11:52:22AM -0800, Arunav Roy wrote:
A> I have tried out a few things and I have faced
A> problems in few things such as :
A> 1) How to print the packet information on the konsole
A> when the packet passes through the node.
Use printf(). :)
A> 2) How can I make cha
On Thu, Feb 19, 2004 at 04:02:09PM +0300, Andrew Riabtsev wrote:
A> GS> In most cases the answer is no. In 90 % cases ng_netflow is used on
A> GS> top of ng_ether(4) node, which passes all data coming on wire. All
A> GS> packet filtering with help of ipfw or ipf are done later.
A> GS> You can try s
On Thu, Feb 19, 2004 at 02:34:02PM +0300, Andrew Riabtsev wrote:
A> GS>a port of ng_netflow has been just commited to ports
A> GS> tree. It builds both on STABLE and CURRENT, and was tested
A> GS> to work on really busy routers.
A> GS>As before, I'd be glad for any kind of feedback: ideas,
tuus, Glebius.
GLEBIUS-RIPN GLEB-RIPE
On Wed, Jan 21, 2004 at 02:45:02PM +0300, Gleb Smirnoff wrote:
T> in recent time I have written down a netgraph node implementing
T> Cisco's Netflow version 5 export feature on a FreeBSD router.
T>
T> It is currently in alpha state. However I
On Tue, Jan 20, 2004 at 10:11:48PM -0800, Andrew Thomas wrote:
A> > A> I'm trying to get mpd working as a simple vpn server. I'm doing
A> > A> this on a 4.9-STABLE machine of a week or so ago. No matter what
A> > A> I do, packets will not route to the client. The login is fine,
A> > A> the serve
On Tue, Jan 20, 2004 at 11:48:44AM +0300, Andrew Riabtsev wrote:
A> >> Connecting ng_iface:inet and ng_ether:upper/lower do nothing, well, it
A> >> do something but not what you are waiting for, i think.
A>
A> DN> i know, hence was asking if there was something i could do, even if it
A> DN> meant
On Sat, Jan 17, 2004 at 11:30:42PM -0800, Andrew Thomas wrote:
A> I'm trying to get mpd working as a simple vpn server. I'm doing
A> this on a 4.9-STABLE machine of a week or so ago. No matter what
A> I do, packets will not route to the client. The login is fine,
A> the server machine has gatewa
On Fri, Jan 16, 2004 at 06:09:07PM +0200, Emil Filipov wrote:
E> OK, I have patched (commented) the MRU problem. Now I'm able to successfully
E> connect to the server. But guess what happens when I connect with mppe? I
E> get about half the speed compared to connection without encryption..
E> Top s
On Fri, Jan 16, 2004 at 04:22:05PM +0200, Emil Filipov wrote:
<==skip==>
E> Jan 16 15:46:28 opera mpd: [pppoe1] LCP: SendConfigReq #3
E> Jan 16 15:46:28 opera mpd: MRU 1488
E> Jan 16 15:46:28 opera mpd: MAGICNUM 1c5e3cf8
E> Jan 16 15:46:28 opera mpd: AUTHPROTO CHAP MSOFTv2
E> Jan 16 15:46:30 ope
On Fri, Jan 16, 2004 at 01:08:07PM +0200, Emil Filipov wrote:
E> However this does not answer the question about the (broken?) mppe
E> implementation in ppp(8). And I feel more comfortable using base
E> applications, than 3rd party software. It's not that I don't like mpd, it's
E> great, but why us
On Fri, Jan 16, 2004 at 12:31:00PM +0200, Emil Filipov wrote:
E> I am trying to configure a secure pppoe server.So far it works perfectly with
Windows clients authenticating with MSChapv2. However, if MPPE is negotiated, the
client receives only about 1/4th(30-40 kbytes/s) of the bandwidth availa
On Wed, Jan 07, 2004 at 05:29:24PM +0200, Vlad Galu wrote:
V> The problem appears when during a TCP connection the FreeBSD machine.
V> The 3-way handshake works smoothly, but soon the connection stalls. I
V> tcpdump-ed it on both streams(upwards and downwards) and I see nothing
V> but ACK's, s
I have a relatively loaded router with permanent
load of ~ 200Kb/s. Its system time is a bit slowed down:
Jan 6 10:45:30 gw-f ntpd[274]: time reset 4.212716 s
Jan 6 11:00:52 gw-f ntpd[274]: time reset 3.682535 s
Jan 6 11:15:50 gw-f ntpd[274]: time reset 2.881445 s
Jan 6 11:32:42 gw-f nt
On Wed, Dec 31, 2003 at 05:26:46AM +0300, Nguyen Tam Chinh wrote:
N> I get tons of messages with syntax like my line, all has
N> begun after I set up a qpopper/tsl and a smbd, but i seems not to be the
N> deal. I've searched through google and found some messages saying about
N> kind of attacking.
Dear sirs,
as it is described in connect(2):
ERRORS
The connect() call fails if:
...
[ENETUNREACH] The network is not reachable from this host.
[EHOSTUNREACH] The remote host is not reachable from this host.
However, this sample program (attached) shows that conn
In netgraph(4) it is said that:
In both directions, (request and response)
it is up to the receiver of that message to free() the control mes-
sage buffer. All control messages and replies are allocated with
malloc() type M_NETGRAPH.
Does this mean that
On Wed, Jul 23, 2003 at 07:27:38PM -0600, Brett Glass wrote:
B> I haven't gotten any hopes up, but it would be nice. It seems as
B> if the only alternatives are to un-GNU PoPToP (which requires
B> a clean room team; possible but not easy) or to create a FreeBSD
B> pptpd that is analogous to pppoed.
On Wed, Jul 23, 2003 at 11:37:57PM +0300, Ruslan Ermilov wrote:
R> I pretty much agree. Attached are my configuration files
R> for mpd/pptp; please let me know (Julian) how this could
R> be enhanced to serve more PPTP clients simultaneously
R> (with different IP addresses). I'd appreciate it.
Yo
On Wed, Jul 09, 2003 at 08:53:31AM +0200, Charlie & wrote:
C> On Wednesday 09 July 2003 08:09, Gleb Smirnoff wrote:
C> > On Wed, Jul 09, 2003 at 01:18:06PM +0800, Eugene Grosbein wrote:
C> > E> Does FreeBSD 4.8-STABLE keep per-interface summary for received
C> > E>
Dear sirs,
could you take a look at
http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/47920
This problem is really annoying: large PPPoE network
can be DoSed with one non-standard packet. Moreover,
if there is >1 FreeBSD machine in network, it is really
difficult to return network to normal beh
On Wed, Jul 09, 2003 at 01:18:06PM +0800, Eugene Grosbein wrote:
E> Does FreeBSD 4.8-STABLE keep per-interface summary for received
E> unicast octets? More precisely, I need to know number of unicast
E> octets received by my router via ep0 from uplink. Its ethernet interface
E> carries lots of broa
On Sat, Jun 28, 2003 at 09:57:14AM -0500, Archie Cobbs wrote:
A> You need a userland daemon, such as mpd (see ports), to control
A> the ng_ppp node. With mpd try the "ng" device type.
Thanks! I'll try.
I have looked into mpd some time ago (espcially into RADIUS
and PPPoE parts), but I have missed
Hi!
I'm trying to make a WAN card (Tau-PCI) to work
via netgraph. I have:
[cp0] <-> [ppp0] <-> [ng0]
cp0 is node written by Cronyx (www.cronyx.ru) for their WAN
adapters. ppp0 is ng_ppp and ng0 is ng_iface.
Starting sequence is like this:
ngctl <<
mkpeer iface dummy ipx
msg n
On Sun, Mar 16, 2003 at 07:54:13PM +0300, Gleb Smirnoff wrote:
T> Can you tell me which gigabit NIC driver (em, bge, gx) will be the
T> first to support polling in future?
I haven't noticed nge(4). It already supports polling :)
--
Totus tuus, Glebius.
GLEBIUS-RIPN GLEB-RIPE
To
Hi.
I'm going to buy a gigabit interface for a heavy loaded router
(currently 5 fxp's), and discovered that none of em(4), gx(4), bge(4)
support polling in STABLE.
Can you tell me which gigabit NIC driver (em, bge, gx) will be the
first to support polling in future?
--
Totus tuus, Glebius
A> > http://www.bretterklieber.com/freebsd/radius.diff
A>
A> Unfortunately, I used that patch first, after mpd-3.13 I compared and
A> found no significant differences. Of cause, maybe I misconfigured my
A> RADIUS server, also in mpd log I found:
A> [pptp12] RADIUS: RadiusGetParams: RAD_MICROSOFT_M
601 - 700 of 701 matches
Mail list logo
