Hi,
since a few days, I get the following message, any idea ?
Jun 28 07:00:01 gits /kernel: arp_rtrequest: bad gateway value
# uname -a
FreeBSD gits 4.6-STABLE FreeBSD 4.6-STABLE #15: Sun Jun 23 06:31:23 CEST 2002
root@gits:/disk2/freebsd/src/sys/compile/CUSTOM i386
# ifconfig -a
# ifcon
Hi,
I have been hit by the following problem from time to time,
and I was wondering if others have seen it.
This has happened to me with the "em", "sis", "dc" and "fxp" cards,
though it is not always easy to reproduce. But I have seen it enough
times to believe that it is not card-specific.
B
At 05:21 PM 6/27/2002 -0500, Rob Zietlow wrote:
> >The solution I found was to make sure that its also disabled and not
> >offered in RADIUS either, so you might have to talk to your ISP if they
> >have it configured, as we did.
>
>how exactly do you turn this off?
In my Radius config on the ser
Ipfw divers from within the IP stack
by then it's too late.
you could diver th epackets using netgraph and filter them and then
pass them back into the eiface netgraph node to continue up.
then you tell your application to listen to the "nge"
interface.. unfortunatly another driver also produce
At 04:50 PM 6/27/2002, Julian Elischer wrote:
> > Are there any other taps I may access in order to accomplish this goal?
>
>I forget the goal. sorry
No problem - Hope you don't mind if I restate it.
I am trying to strip/drop packets before they reach a server process which uses
BPF for communi
On Thu, 27 Jun 2002, Arthur Peet wrote:
>
> >Use the Source Luke!
>
> Thanks, Obi! :) I REALLY appreciate your response.
>
> >as you see, bpf copies are taken before netgraph processing..
> >and non-netgraph bridging occurs after that.
>
> It appears to me that if I switched the order in
>Just to close off this issue an feed it to the archives in case anyone =
>else
>runs into this issue, the telco found the article below in the vendor's
>knowledge database.
>Again to summarize, if you use FreeBSD, PPPoE and your ISP or your ISP's
>telco uses an ERX as the PPPoE concentrator, ma
>Use the Source Luke!
Thanks, Obi! :) I REALLY appreciate your response.
>as you see, bpf copies are taken before netgraph processing..
>and non-netgraph bridging occurs after that.
It appears to me that if I switched the order in which the processing
occurs and recompiled the kernel, the fu
Use the Source Luke!
ether_input(ifp, eh, m)
struct ifnet *ifp;
struct ether_header *eh;
struct mbuf *m;
{
struct ether_header save_eh;
/* Check for a BPF tap */
if (ifp->if_bpf != NULL) {
struct m_hdr mh;
/* T
G'day.
Can anyone explain the relationship between BPF and netgraph sockets? I am
trying to intercept packets destined for a process which is using BPF for
read and write operations on an interface (and drop not-so-good
packets). I can see all packets on the interface (using NgRecvData),
ho
On Thu, Jun 27, 2002 at 01:18:04PM -0400, Peter Brezny wrote:
> I did a quick search through the man page, but didn't come up with anything
> right off that looked like it could help mitigate smurf attacks similar to
> the cisco:
> no ip directed-broadcast
>
> feature.
>
> Is there a way?
sysct
ahhh
ok You need tje netgraph ipfw node or bpf node, attached to
a netgraph ksocket node implementing the tunnel
hmm the netgraph ipfw node is not yet checked in..
someone volunteered to update it, and in fact I guess now that luigi
has rewritten ipfw, maybe the new one can b emade into a n
On Thu, 27 Jun 2002, Matt Impett wrote:
> It would be nice if I could create two ng_ksockets, one bound to a divert
> port, and the other bound to inet/raw/ip, so that packets diverted to the
> divert port would get passed to the inet/raw/ip hook and go out the IP
> stack. Is this possible???
On Thu, 27 Jun 2002, Anthony Volodkin wrote:
> PopTop also uses proxy arp supposedly (i got that option enabled). I
> even read that that feature is supposed to allow broadcasts to function
> properly. It doesn't however.
>
> A friend suggested i try to bridge two interfaces (tun0 and fxp
Randall Stewart wrote:
> Matt:
>
> Curiosity drives me to ask the question...
>
> Where is the Foreign agent (FA)?
>
> In most mobile IP scenarios I have been familar with (granted a
> limited set.. and I have a tiny idea of how it should work
> that may be dated) the mobile has a FA. The FA
Nothing automatic or shorthand, but
add deny ip from any to x.y.z.255 (or whatever your broadcast is)
will work just fine.
On Thu, Jun 27, 2002 at 01:18:04PM -0400, Peter Brezny wrote:
> I did a quick search through the man page, but didn't come up with anything
> right off that looked like
Peter Brezny wrote:
> I did a quick search through the man page, but didn't come up with anything
> right off that looked like it could help mitigate smurf attacks similar to
> the cisco:
> no ip directed-broadcast
>
> feature.
>
> Is there a way?
I thought directed broadcasts where disabled by
I did a quick search through the man page, but didn't come up with anything
right off that looked like it could help mitigate smurf attacks similar to
the cisco:
no ip directed-broadcast
feature.
Is there a way?
TIA
Peter Brezny
Skyrunner.net
To Unsubscribe: send mail to [EMAIL PROTECTED]
PopTop also uses proxy arp supposedly (i got that option enabled). I
even read that that feature is supposed to allow broadcasts to function
properly. It doesn't however.
A friend suggested i try to bridge two interfaces (tun0 and fxp0). I
first tried using briding implemented by 'options B
I have two machines with new 3Com 3C996B-T adapters using the bge0 driver
and I am having a problem with nfs. I can mount the server from the client,
and I can cd into the mounted directory, but as soon as I do an 'ls'
command, the client appears to hang. Strange loooking packets occasionally
sh
* Patrick Thomas <[EMAIL PROTECTED]> [020627 09:11] wrote:
>
> two followups:
>
> 1) is the tcp.recvspace an immediate tunable, or to get best results
> should I set it in rc.local ?
Why not look and find out? :)
> 2) when you say raise nmbclusters "in his config", may I assume you men my
> ke
two followups:
1) is the tcp.recvspace an immediate tunable, or to get best results
should I set it in rc.local ?
2) when you say raise nmbclusters "in his config", may I assume you men my
kernel config - mine is at the default - do you have a suggestion for the
new setting ?
thanks,
PT
On T
* Mike Silbersack <[EMAIL PROTECTED]> [020627 05:10] wrote:
>
> On Thu, 27 Jun 2002, Patrick Thomas wrote:
>
> > 99/10208/34816 mbufs in use (current/peak/max):
> >
> > Would changing net.inet.tcp.recvspace down to 32768 (default is 65536) be
> > a wise thing to do ?
> >
> > Or are there other b
Matt Impett wrote:
>
> inline..
>
> > -Original Message-
> > From: Julian Elischer [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, June 26, 2002 9:40 PM
> > To: Lars Eggert
> > Cc: Matt Impett; '[EMAIL PROTECTED]';
> > '[EMAIL PROTECTED]'
> > Subject: Re: source address based routing
> >
Makoto Matsushita wrote:
> larse> Is this a bug of the ISO image, or a deliberate change?
>
> IIRC, not having libtelnet.a is intentional. 4-stable as of
> Apr/13/2002 or later doesn't have it. See src/lib/libtelnet/Makefile
> for details.
Thanks, so it's a KAME issue.
KAME should either upda
larse> Is this a bug of the ISO image, or a deliberate change?
IIRC, not having libtelnet.a is intentional. 4-stable as of
Apr/13/2002 or later doesn't have it. See src/lib/libtelnet/Makefile
for details.
-- -
Makoto `MAR' Matsushita
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsub
inline..
> -Original Message-
> From: Julian Elischer [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, June 26, 2002 9:40 PM
> To: Lars Eggert
> Cc: Matt Impett; '[EMAIL PROTECTED]';
> '[EMAIL PROTECTED]'
> Subject: Re: source address based routing
>
>
> On Wed, 26 Jun 2002, Lars Eggert w
On Thu, 27 Jun 2002, Patrick Thomas wrote:
> 99/10208/34816 mbufs in use (current/peak/max):
>
> Would changing net.inet.tcp.recvspace down to 32768 (default is 65536) be
> a wise thing to do ?
>
> Or are there other better suggestions ?
>
> thanks,
>
> PT
Actually, you usually use most of your
Hej
>On Tue, May 14, 2002 at 04:50:24PM -0700, Lars Eggert wrote:
> > Hi,
> >
> > could someone with more knowledge of the tun device please take a look
> > at the code around line 387 in net/if_tun.c? It looks like tunoutput()
> > drops all packets here that aren't of the AF_INET family - most n
When I wake up in the morning I see this:
Wed Jun 26 09:21:52 PDT 2002
99/10208/34816 mbufs in use (current/peak/max):
98 mbufs allocated to data
1 mbufs allocated to packet headers
94/8704/8704 mbuf clusters in use (current/peak/max)
19960 Kbytes allocated to network (76% of mb_
30 matches
Mail list logo
