Re: Consolidating KAME SPD rules and IPFW / IPfilter.
>To which I can only say that in IPv4 world and VPN, NAT is almost >mandatory. For me, using NAT allows me to set up VPN specific >routing for my special project within a corporate network without >bothering the network administrator with using FreeBSD instead of >their Cisco stuff for routing. FreeBSD/KAME needs NAT for allowing >it to being used in production environments today. NAT comes with >IPFW, which is where the circle closes. as mentioned before, there was an discussion about one of the freebsd mailing lists. there was a proposed patch just like below (the following patch works only for the latest KAME tree, not for FreeBSD tree). http://www.kame.net/dev/cvsweb.cgi/kame/freebsd4/sys/netinet/ip_input.c.diff?r1=1.16&r2=1.17 the patch tries to do the following, i have no environment to test. http://www.netbsd.org/Documentation/network/ipsec/#ipf-interaction itojun To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
how to see what happen before kernel crash?
Hi, My kernel periodically crashes on me, is there a way to capture the kernel output before the kernel reboots itself ? I suspect it might be something to do with my changes in the kernel. But I don't know what might be causing it. I'm looking for something like what dmesg outputs, but of the stat the kernel was in before the reboot. Cheers Dan
Explicit Congestion Notification (ECN) FBSD 3.2
Hello Friends: I want to know about implementation and support of ECN in TCP/IP stack of FreeBSD, is it a standard? Specifically to FreeBSD 3.2 I looked at netinet but could not find any thing related to it. Do I need to get some patch for ECN. I looked at RFC 2481 and it says that ECN will be standard soon and some of the OS developers have already incorporated this feature. I wonder is it part of FreeBSD 3.2. Thanks, Singh To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
AX.25 or maybe X.25 support?
Hi ! I am new here, so I was just wondering if there was any talk on implementing AX.25 or X.25 protocol to FreeBSD? AX.25 is protocol for Packet Radio (Internet through HAM devices). X.25 should be *little* similar to AX.25, but not that much. Having AX.25 done already would be great, but if there is X.25 we could work from there and make it AX.25. So anybody heard about anything like this on FreeBSD? Please answer. Andy P.S.: If there nothing like this and someone would like to help me do this, he/she is very welcome. ** * Aleksander Rozman - Andy * Fandoms: E2:EA, SAABer, Trekkie, Earthie * * [EMAIL PROTECTED] * Sentinel, BH 90210, True's Trooper, * *[EMAIL PROTECTED] * Heller's Angel, Questie, Legacy, PO5, * * Maribor, Slovenia (Europe) * Profiler, Buffy (Slayerete), Pretender* * ICQ-UIC: 4911125 * * PGP key available *http://www.atechnet.dhs.org/~andy/ * ** To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
Re: Consolidating KAME SPD rules and IPFW / IPfilter.
>I am tempted to "outsource" the IPsec functionality away from the >kernel using a demon on a divert socket, just like NATD. This would >be more modular and keeps the kernel from panicing because of bugs >in IPsec -- I did have embarrassing kernel crashes, just when I bragged >about FreeBSD running rock solid :0(. checking - did you have kernel panics in kernel IPsec code (then pls send-pr), or you are just talking about an example? itojun To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
Re: AX.25 or maybe X.25 support?
On 0, Aleksander Rozman - Andy <[EMAIL PROTECTED]> wrote: > I am new here, so I was just wondering if there was any talk on > implementing AX.25 or X.25 protocol to FreeBSD? > AX.25 is protocol for Packet Radio (Internet through HAM devices). X.25 > should be *little* similar to AX.25, but not that much. Having AX.25 done > already would be great, but if there is X.25 we could work from there and > make it AX.25. So anybody heard about anything like this on FreeBSD? I've been toying around with this for a while (about two years), but have yet to decide what the best way to handle this is. I've used the AX.25 stuff in Linux quite extensively, but I'm not really happy with the way it's designed or made use of. I suppose the first thing to figure out is what you want to DO with AX.25 drivers. Implement Net/ROM and build a 573-port backbone packet router node? IP-over-packet routing (as in NOS)? End-user BBS applications? I could see FreeBSD running as an exquisite router node if the drivers were built into the kernel, ASSUMING that the configuration code and back-end drivers were written with a little more intelligence than the Linux versions are. (That could be a little difficult, but do-able.) The Net/ROM protocol sorta lends itself to this, and ROSE is a disgusting thing that should be avoided at all costs. :) If you're going to run IP over packet, the IPFW and NATD code in the kernel could add all kinds of creative stuff that's almost impossible to do with THE/NET-X1J & friends. If the main interest is running an end-user BBS, I think the appropriate method is to build in a simple KISS-to-userspace driver over serial ports, then let the userspace BBS software handle things from that point - or, you could just tweak a copy of NOS to run on FBSD and let it operate just like it does on Linux. Then I think about WAMPES. I like the idea that it integrates things between packet users & the standard UNIX services, but I absolutely hate the way it does it. With any modern system, it's completely idiotic to have a userspace program add accounts to /etc/passwd by user request. (My brain shifts gears a bit...) The WAMPES idea, implemented under FreeBSD jails, could provide the best of both worlds. Create a virtual machine that has it's own config and nothing that's security-sensitive, and you might have something worth running... I could rant on for hours. --mike N8NVW PGP signature
