Re: ipv6 rc.conf

2001-01-20 Thread Hajimu UMEMOTO 

Hi,

> On Fri, 19 Jan 2001 13:41:51 -0600
> Joseph E Eggleston <[EMAIL PROTECTED]> said:

Joseph> I want to have a host use ipv6 to autoconfigure its interface, but then
Joseph> add a couple ipv6 alias addresses to the same interface. The end goal is
Joseph> to configure the interface with its autoconf address and some statically
Joseph> assigned addresses.
Joseph> Is it possible to do this using rc.conf settings?

No.

Joseph> I tried adding lines like:
Joseph> ipv6_ifconfig_xl0="3ffe:b00:4025::a prefixlen 64"
Joseph> ...
Joseph> But only the last such line gets used and this also turns off autoconf.
Joseph> Is there a correct way to do this?


It is expected behavior.  Mixing automatic configuration and static
configuration may cause conflict, and cannot estimate the influence.
So, current rc.network6 has been made these exclusive for safety.
However, if you DO want to use automatic and static on same interface,
you still may be able to use ifconfig_xxx with inet6 flag in that
argument instead of ipv6_ifconfig_xxx.  But, I don't recommend.

--
Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
[EMAIL PROTECTED]  [EMAIL PROTECTED]  ume@{,jp.}FreeBSD.org
http://www.imasy.org/~ume/


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Re: bandwith limitation

2001-01-20 Thread Royyana M. Ijtihadie 

would you like to explain this ?
i'm very interesting of that..


Wassalam...

Royyana M. Ijtihadie

--
:) 1+1 = 4/2


On Mon, 15 Jan 2001, Clemens Hermann wrote:

> Hi together,
> 
> for quite a while I have been looking around for a way to limit the bandwith
> for each IP that accesses my server. I want to slow down any connektion
> to 128 KBit/s.
> The only thing I found was Dummynet in combination with ipfw. I am using
> ipf as firewall an for IP-accounting. It does a very good job and I
> really do not want to miss it. Is there any way besides dummynet to get
> bandwith limitation to run on my FreeBSD 4.2 box?
> 
> thanks a lot
> 
> /clemens
> 
> 
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-net" in the body of the message
> 



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Re: manual page review: connect(2) EAGAIN error

2001-01-20 Thread Ben Smithurst 

>   if (count-- < 0) {  /* completely used? */
>   /*
>* Undo any address bind that may have
>* occurred above.
>*/
>   inp->inp_laddr.s_addr = INADDR_ANY;
>   return (EAGAIN);
>   }
> 
>   ...
> 
> What *should* it return?

oops, looks like you already answered that (EADDRNOTAVAIL) in your last
message. sorry.  If you fix the code to return EADDRNOTAVAIL then the PR
can be closed as it will no longer apply.

-- 
Ben Smithurst / [EMAIL PROTECTED] / [EMAIL PROTECTED]


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Re: manual page review: connect(2) EAGAIN error

2001-01-20 Thread Ben Smithurst 

Garrett Wollman wrote:

> < said:
> 
>> +.It Bq Er EAGAIN
>> +A resource was temporarily unavailable when connecting a socket in
>> +non-blocking mode.
>> +This could indicate there are no port numbers available for use when a port
>> +number is being chosen automatically.
>> +Increasing the
>> +.Va net.inet.ip.portrange.last
>> +.Xr sysctl 8
>> +variable (which defaults to 5000) may help this problem.
> 
>> Any better?
> 
> No -- if the code actually implements that, it's wrong.

Fix the damn code then, I'm just a docs committer (in theory).  And the code
certainly does seem to do this, check in_pcb.c:


if (first > last) {
/*
 * counting down
 */
count = first - last;

do {
if (count-- < 0) {  /* completely used? */
/*
 * Undo any address bind that may have
 * occurred above.
 */
inp->inp_laddr.s_addr = INADDR_ANY;
return (EAGAIN);
}

...

What *should* it return?

-- 
Ben Smithurst / [EMAIL PROTECTED] / [EMAIL PROTECTED]


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Re: manual page review: connect(2) EAGAIN error

2001-01-20 Thread Dima Dorfman 

> oops, looks like you already answered that (EADDRNOTAVAIL) in your last
> message. sorry.  If you fix the code to return EADDRNOTAVAIL then the PR
> can be closed as it will no longer apply.

I sent a patch to fix this in a response to this thread, but it seems
noone noticed.  You can find the e-mail here:

http://docs.FreeBSD.org/cgi/getmsg.cgi?fetch=220467+0+current/freebsd-net

Dima Dorfman
[EMAIL PROTECTED]


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

icmp-response bandwidth limit?

2001-01-20 Thread Vince Vielhaber 


Today I'm suddenly getting these messages:

Jan 20 18:44:48 chives /kernel: icmp-response bandwidth limit 230/200 pps

Is someone trying to pingflood me or something?

Vince.
-- 
==
Vince Vielhaber -- KA8CSHemail: [EMAIL PROTECTED]http://www.pop4.net
 128K ISDN from $22.00/mo - 56K Dialup from $16.00/mo at Pop4 Networking
Online Campground Directoryhttp://www.camping-usa.com
   Online Giftshop Superstorehttp://www.cloudninegifts.com
==





To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Re: icmp-response bandwidth limit?

2001-01-20 Thread Mike Silbersack 


On Sat, 20 Jan 2001, Vince Vielhaber wrote:

> Today I'm suddenly getting these messages:
>
> Jan 20 18:44:48 chives /kernel: icmp-response bandwidth limit 230/200 pps
>
> Is someone trying to pingflood me or something?
>
> Vince.

They're either doing something that causes RSTs or icmp unreachables to be
emitted, not ping flooding you.  In all likelihood, it's just a portscan,
and nothing to be worried about.  Generally, attack tools will exceed the
limit by a great deal, portscanning tools will adapt and stay close to the
limited rate.

There should be no need to worry, though your curiosity may drive you to
use a packet sniffer next time it happens.

Mike "Silby" Silbersack



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Re: icmp-response bandwidth limit?

2001-01-20 Thread Dima Dorfman 

> 
> Today I'm suddenly getting these messages:
> 
> Jan 20 18:44:48 chives /kernel: icmp-response bandwidth limit 230/200 pps
> 
> Is someone trying to pingflood me or something?

Somebody already gave you the gist of it, but in case you're curious
there's an FAQ entry about this describing it in a little more detail:

http://www.freebsd.org/FAQ/networking.html#ICMP-RESPONSE-BW-LIMIT

Dima Dorfman
[EMAIL PROTECTED]

P.S. -net is for technical discussions of network code, not general
questions.  Next time, please send this kind of e-mail to -questions
instead.  Thanks.


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Re: manual page review: connect(2) EAGAIN error

2001-01-20 Thread Wes Peters 

Dima Dorfman wrote:
> 
> > oops, looks like you already answered that (EADDRNOTAVAIL) in your last
> > message. sorry.  If you fix the code to return EADDRNOTAVAIL then the PR
> > can be closed as it will no longer apply.
> 
> I sent a patch to fix this in a response to this thread, but it seems
> noone noticed.  You can find the e-mail here:

If I don't hear any objections, I'll commit this (and fix the man page).
For your review simplicity, the patch is:

Index: in_pcb.c
===
RCS file: /st/src/FreeBSD/src/sys/netinet/in_pcb.c,v
retrieving revision 1.71
diff -u -r1.71 in_pcb.c
--- in_pcb.c2000/12/27 03:02:29 1.71
+++ in_pcb.c2001/01/20 00:31:27
@@ -313,7 +313,7 @@
 * occurred above.
 */
inp->inp_laddr.s_addr = INADDR_ANY;
-   return (EAGAIN);
+   return (EADDRNOTAVAIL);
}
--*lastport;
if (*lastport > first || *lastport < last)
@@ -334,7 +334,7 @@
 * occurred above.
 */
inp->inp_laddr.s_addr = INADDR_ANY;
-   return (EAGAIN);
+   return (EADDRNOTAVAIL);
}
++*lastport;
if (*lastport < first || *lastport > last)



-- 
"Where am I, and what am I doing in this handbasket?"

Wes Peters Softweyr LLC
[EMAIL PROTECTED]   http://softweyr.com/


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

IP Aliasing Problems HELP!

2001-01-20 Thread seek3r2k 

Hello,

I have aliased my single NIC with the IP address 192.168.1.1/24, so that

i can port out a cable modem connection to my win machine, thus two
machines on a subnet.  This is what my rc.conf looks like

host="host name"
IPFILTER="YES"
IPNAT="YES
gateway_enable="YES"
ifconfig fxp0="DHCP"
ifconfig fxp0 inet 192.168.1.1 netmask 255.255.255.0 alias
defaultrouter=""

I have enabled IP Forwarding in the rc.local file.  This is what i have
in my IPNAT.CONF file:

map fxp0 192.168.1.0/24 port 80 -> /32 port 80 tcp/udp
1:6
map fxp0 192.168.1.0/24 port 80 -> /32 port 80
rdr fxp0 "" port 80 -> 192.168.1.10/32  port 80

Now, when i run ipnat, i get a message: syntax error in "rdr".  i have
tried many times to edit it and still get the same error. If i try to
echo the file on command line, i get the same message, and that it
doesnt recognize "rdr" as a keyword. Why is that?

Finally, after all this, i still can not get online with my internal
machine, the windows machine on the subnet.  I can ping the internal
gateway address (192.168.1.10) and the external IP address from the
windows machine, but i cant ping anything outside the network.  what am
I
doing wrong?  I compiled the kernel with IPFILTER on.

Please help.

Thanks!



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message