Thanks for your comments. This is exactly what I need
so that we get an architecturally beautiful but still
flexible enough implementation.
> I think it would be far cleaner to implement only the 802.1x packet
> capturing/sending as a netgraph node, do some sanity checks and then
> pass it off t
Hello,
Some questions related to intel nic drivers:
1. fxp microcode
Marko has summited fxp interrupt bundling patch before.
Is there any reference to write fxp microcode?
2. wx and new gx
Reading FreeBSD September status report, I was surprised new gx driver
is added. I remember that t
OS: FreeBSD4.3
Software: Racoon-20010322
I'm attempting to connect a FBSD4.3 box to a SonicWall VPN solution. I
think I have everything configured correctly, but I keep getting this
error mesg and I'm unable to reach the IPs on the other end:
2001-11-09 13:56:51: INFO: isakmp.c:1618:isakmp_pos
well it went to -net :-)
On Fri, 9 Nov 2001, Landon Stewart wrote:
> It might be better to post your entire situation to the list so that not
> only one person can have an opportunity to help you out. Generally you
> catch more people that way I think.
>
> >Does anyone else have secureID fo
It might be better to post your entire situation to the list so that not
only one person can have an opportunity to help you out. Generally
you catch more people that way I think.
Does anyone else have secureID fobs
running in FreeBSD based systems?
(if so I'd like to chat)
>
> -- Brooks
---
La
On Fri, 9 Nov 2001, Brooks Davis wrote:
> On Fri, Nov 09, 2001 at 10:40:28PM +0100, Andre Oppermann wrote:
> > It could also better interact with other userland services like login
> > or PAM. Think with logging in, it will authenticate you to the
> > (physical) network and the (ethernet) switc
On Fri, Nov 09, 2001 at 10:40:28PM +0100, Andre Oppermann wrote:
> It could also better interact with other userland services like login
> or PAM. Think with logging in, it will authenticate you to the
> (physical) network and the (ethernet) switch will put you into the
> right VLAN for example. O
Pekka Nikander wrote:
> Hi,
>
> My IEEE 802.1x EAPOL implementation is now minimally
> functional and tested. It doesn't include any EAP modules,
> but the EAPOL state machines seem to work fine.
>
> I'd appreciate if someone with more experience with netgraph
> would read the code and send c
On Fri, Nov 09, 2001 at 06:31:43AM -0800, Luigi Rizzo wrote:
> > > You can implement the above by replacing all terminal actions
> > > (accept or deny) with "tee" and "divert" statements, respectively.
> >
> > Ouch. I think that you can get any behavior you want in that manner,
> > but that could
Tested on 4.3
-
[(ttyv0)#~] kldstat
Id Refs AddressSize Name
13 0xc010 1a7108 kernel
21 0xc0acf000 3000 daemon_saver.ko
31 0xc0ad8000 12000linux.ko
[(ttyv0)#~] kldload ipfw
module_register: module ipfw already exists!
linker_file_sysinit "ipfw.ko" fai
On Fri, Nov 09, 2001 at 09:12:49AM +0200, Dimitar Peikov wrote:
>
> This morning I've cvsuped to STABLE and put 'options IPFIREWALL' into my
> kernel configuration file. After installing all I try to 'kldload ipfw' which
> complains that ipfw module is already in kernel, but kldstat reports tha
Hi,
Joerg Wunsch wrote:
>As Roman Kurakin wrote:
>
>...
>
>>I don't think that they should be broken out completely. Physicaly,
>>yes it will be better to split them into separate files (core, ppp,
>>fr, cisco). From my point of view (Serge's as well ) logically it
>>should be a single whole. It
> > You can implement the above by replacing all terminal actions
> > (accept or deny) with "tee" and "divert" statements, respectively.
>
> Ouch. I think that you can get any behavior you want in that manner,
> but that could be one long and ugly rule set.
why do you think it is "long" ? it is
On Fri, Nov 09, 2001 at 02:17:47AM -0800, Luigi Rizzo wrote:
> On Thu, Nov 08, 2001 at 03:38:11PM -0800, Archie Cobbs wrote:
> > Crist J. Clark writes:
> > > The issue may be that you wish to make a decision on the packet in
> > > later rules. For example, someone might wish to 'tee' all traffic t
On Thu, Nov 08, 2001 at 03:38:11PM -0800, Archie Cobbs wrote:
> Crist J. Clark writes:
> > The issue may be that you wish to make a decision on the packet in
> > later rules. For example, someone might wish to 'tee' all traffic to
> > and from a certain machine to some unspecified traffic monitori
Thanks, this is fantastic! On all FreeBSD 4.x versions, the performance of
end systems receiving large amounts of small packets used to be much worse
than on FreeBSD 3.4. I'm not a driver expert, but as you described, the
vanilla systems seem to spend too much time in the interrupt context, such
t
Yes, there is an open pr regarding this. In -current all this is fixed,
but I know ipfw and, iirc, nfs modules have these problems in 4.4.
Andrew
On Fri, 9 Nov 2001, Dimitar Peikov wrote:
:
:This morning I've cvsuped to STABLE and put 'options IPFIREWALL' into my
:kernel configuration file
Hello freebsd-net,
Having read mans and papers and web still can not figure
out HOW can I setup IPSEC tunneling WITH compression
so far all I do is manual SA setup
that looks like
add 192.168.1.128 192.168.1.129 esp 10010 -E 3des-cbc "101010101010101010101010";
add 192.168.1.129 192.168
18 matches
Mail list logo
