Wes Peters wrote:
>
> Thierry Herbelot wrote:
> >
> > Wes Peters wrote:
> > >
> > [SNIP]
> > >
> > > Doing link-layer encapsulation modules is really not very difficult.
> > > I've written pretty much the full complement, covering ethernet (10,
> > > 100, and 1000), FDDI/CDDI, token ring, ATM, an
Hi, I\'m playing around the auth rule and the sample userauth.c of
IP Filter on FreeBSD 4.2-RELEASE and below are some results and
questions:
1. There is a typo in ip_auth.c which causes the ioctl(SIOCAUTHW)
unable to fetch all the fields of the frauth_t struct. Below is
a patch for 4.2-R
Hello,
( > Attila Nagy)
> > I have many routers with wavelan card working with freeBSD and i am
> > trying without sucessfull use IPSTEALTH work i want whem one machine
> > make traceroute dont show my router and go a way
> sysctl -w net.inet.ip.stealth=1
...or you can live happy with IPFilter'
Wes Peters wrote:
>
[SNIP]
>
> Doing link-layer encapsulation modules is really not very difficult.
> I've written pretty much the full complement, covering ethernet (10,
> 100, and 1000), FDDI/CDDI, token ring, ATM, and Frame Relay. (Chuck,
What about a netgraph-enabled ATM NIC driver ? (this
Wes Peters wrote:
>
> "C. Stephen Gunn" wrote:
> >
> > Netgraph is an excellent technology. While your comment makes
> > sense, there are several issues that will need to be addressed.
> > For instance, the current ARP implementation in FreeBSD is
> > entangled with the generic ethernet code.
>
"C. Stephen Gunn" wrote:
>
> On Sun, 31 Dec 2000 19:54:19 PST, Julian Elischer wrote:
>
> > > The current VLAN (and Ethernet) implementaiton in FreeBSD needs work.
> > > FreeBSD should should handle multiple ethernet encapsulations on
> > > the same physical interface, and relay packets to/from
> I tried to configure dummynet to allow for normal work when downloading files
> using queue mechanism (4.2-STABLE).
>
> IPFW rules are:
>
> add 100 queue 10 tcp from any to any uid dnld1 in
> add 200 queue 11 ip from any to any
>
> queue 10 config weight 1 pipe 1
> queue 11 confi
the easy way could be (probably) force the ftp daemon run as some
other user, or assign a second IP to the server and make sure that
the ftpd binds to the second address.
But in the end, one probably might also like to have a separate
namespace where processes can [be forced to] register and who
Hello,
> I have many routers with wavelan card working with freeBSD and i am
> trying without sucessfull use IPSTEALTH work i want whem one machine
> make traceroute dont show my router and go a way
sysctl -w net.inet.ip.stealth=1
-
On Tue, 2 Jan 2001, C. Stephen Gunn wrote:
> For example, you would no longer simply ``ifconfig xl'', but
> associate a netgraph link-layer node on top of the xl interface,
> and a netgraph interface node on top of the link-layer node, which
> would function (mostly) like xl does now.
Interesting
On Sun, 31 Dec 2000 19:54:19 PST, Julian Elischer wrote:
> > The current VLAN (and Ethernet) implementaiton in FreeBSD needs work.
> > FreeBSD should should handle multiple ethernet encapsulations on
> > the same physical interface, and relay packets to/from some subordinate
> > interface. This
On Tue, Jan 02, 2001 at 01:14:18AM +0100, Anders Nordby wrote:
> FYI I am running 4.1.1-STABLE as of Tue Oct 24 01:25:55 CEST 2000, and top(1)
> shows all proftpd processes as being owned by root.
If I filter on uid root, the rules will match the packets (I tried with
specific IPs + uid root):
0
On Mon, Jan 01, 2001 at 05:24:09PM -0600, Bill Fumerola wrote:
>> Are people actually using uid type rules heavily? I'm having trouble matching
>> the packets generated by programs like Apache and ProFTPD. I believe that may
>> be because of root binding the ports these programs use before they se
On Mon, Jan 01, 2001 at 09:08:26PM +0100, Anders Nordby wrote:
> Are people actually using uid type rules heavily? I'm having trouble matching
> the packets generated by programs like Apache and ProFTPD. I believe that may
> be because of root binding the ports these programs use before they setu
Hello,
Are people actually using uid type rules heavily? I'm having trouble matching
the packets generated by programs like Apache and ProFTPD. I believe that may
be because of root binding the ports these programs use before they setuid() or
something, I'm not sure. Particularly I have trouble m
I tried to configure dummynet to allow for normal work when downloading files
using queue mechanism (4.2-STABLE).
IPFW rules are:
add 100 queue 10 tcp from any to any uid dnld1 in
add 200 queue 11 ip from any to any
queue 10 config weight 1 pipe 1
queue 11 config weight 10 pipe 1 m
Hi.
I have many routers with wavelan card working with freeBSD and i am trying without
sucessfull use IPSTEALTH work
this is my kernel options
options IPFIREWALL
options IPDIVERT
options IPSTEALTH
options IPFIREWALL_VERBOSE
options IPFIREWALL_FORWARD
op
17 matches
Mail list logo
