On 26 September 2010 21:45, jhell wrote:
> This is more for questions@ or pf@
>
> On 09/26/2010 11:43, Samuel Martín Moro wrote:
> > On Sun, Sep 26, 2010 at 3:34 PM, Michael Powell >wrote:
> >
> >> Samuel Martín Moro wrote:
> >>
> >>> Hello
This is more for questions@ or pf@
On 09/26/2010 11:43, Samuel Martín Moro wrote:
> On Sun, Sep 26, 2010 at 3:34 PM, Michael Powell wrote:
>
>> Samuel Martín Moro wrote:
>>
>>> Hello,
>>>
>>>
>>> I'm trying to set up pf on my soon-t
On Sun, Sep 26, 2010 at 3:34 PM, Michael Powell wrote:
> Samuel Martín Moro wrote:
>
> > Hello,
> >
> >
> > I'm trying to set up pf on my soon-to-be new gateway (8.1-RELEASE amd64).
> > I used the sample configuration file available on
> > calomel&
Hello,
I'm trying to set up pf on my soon-to-be new gateway (8.1-RELEASE amd64).
I used the sample configuration file available on
calomel<https://calomel.org/pf_config.html>
After a few tests, it appears that the gate has fully access to the
internet, but I can't open connecti
Hi all!
First of all sorry for my bad english again =)
I've got some problems with nat gw with pf.
My situation is pretty simple:
I've got 2 networks:
external - 10.7.240.0/20
and a internal qemu network with a tap networking
192.168.0/24
External and internal ifaces a
yes, exact. thanks a lot!
On Tue, Oct 14, 2008 at 6:02 PM, Max Laier <[EMAIL PROTECTED]> wrote:
> On Wednesday 15 October 2008 02:47:46 alan yang wrote:
>> hello,
>>
>> for pf port on freebsd, i would like to trace the packet flow, looking
>> at from ether_
On Wednesday 15 October 2008 02:47:46 alan yang wrote:
> hello,
>
> for pf port on freebsd, i would like to trace the packet flow, looking
> at from ether_input -> etiher_demux -> ip_input -> tcp_input where /
> how pf handles / process the packet.
>
> can people s
hello,
for pf port on freebsd, i would like to trace the packet flow, looking
at from ether_input -> etiher_demux -> ip_input -> tcp_input where /
how pf handles / process the packet.
can people shed some lights where to start. really a
Hi friends,
I am a relative newbie, so please don't flame me if my question doesn't make
sense.
In a network experiment to determine appropriate length of router buffers, I
am using pfctl on FreeBSD 5.3 to limit the bandwidth to 100 Mbps on a 1 Gig
link and limit the queue to 240 packets, and I u
On Fri, 16 Dec 2005, Alan Amesbury wrote:
Because we have several systems equipped with em(4)-compatible cards
that are intended to accept traffic at gigabit speeds, I've configured
them with HZ=2000, per the notes above. However, 6-STABLE has also
included some newer pf(4) code, whi
ccept traffic at gigabit speeds, I've configured
them with HZ=2000, per the notes above. However, 6-STABLE has also
included some newer pf(4) code, which is fundamentally incompatible with
a HZ setting this high. I did some digging and eventually came up with
this PR:
http://www.freeb
sys/neti
net/tcp_input.c:737
exclusive sleep mutex tcp r = 0 (0xc066de6c) locked @
/usr/src/sys/netinet/tcp_i
nput.c:611
db>
(gdb) l *pf_socket_lookup+0x22
0xc043a2d2 is in pf_socket_lookup (/usr/src/sys/contrib/pf/net/pf.c:2414).
2409#endif
2410struct inpcb*inp;
2411
cked @
> /usr/src/sys/netinet/tcp_i
> nput.c:611
> db>
>
> (gdb) l *pf_socket_lookup+0x22
> 0xc043a2d2 is in pf_socket_lookup (/usr/src/sys/contrib/pf/net/pf.c:2414).
> 2409#endif
> 2410struct inpcb*inp;
> 2411
> 2412#ifdef __FreeBSD__
&
clusive sleep mutex inp (tcpinp) r = 0 (0xc1527630) locked @
> /usr/src/sys/neti
> net/tcp_input.c:737
> exclusive sleep mutex tcp r = 0 (0xc066de6c) locked @
> /usr/src/sys/netinet/tcp_i
> nput.c:611
> db>
>
> (gdb) l *pf_socket_lookup+0x22
> 0xc043a2d2 is in
results in the system hard locking. (when giant
> is not present ... debug.mpsafenet=1).
>
> This problem affects all FreeBSD firewalls which implement ucred based
> matching, namely ipfw and pf. The lock order problem exists due to a
> layering violation which occurs when the IP sta
problem affects all FreeBSD firewalls which implement ucred based
matching, namely ipfw and pf. The lock order problem exists due to a
layering violation which occurs when the IP stack attempts to acquire
locks within lower level stacks such as UDP and TCP.
Max Laier (mlaier@) and myself have been
>>>>> "Max" == Max Laier <[EMAIL PROTECTED]> writes:
Hello Max,
Max> The kernel parts are done, though not linked to any automatic
Max> build. If you want to build it already, you can build from the
Max> corresponding module directories: sys/modules/{p
Hi,
we started importing OpenBSD's packet filter (pf) from it's port
(security/pf). The kernel parts are done, though not linked to any
automatic build. If you want to build it already, you can build from the
corresponding module directories:
sys/modules/{pf, pflog, pfsync}
18 matches
Mail list logo
