Folks-
Lots of interesting thoughts on this thread already. But, we have
not yet figured it out. So, a further data point...
I have been playing this evening on my machine at home -- a way old
p5 running freebsd 4.7. I am seeing the same problem as we see at
GRC on the freebsd 4.1 boxes. As
hi,
I currently have a /29 assigned by my isp for my dsl. I have got my bsd box connecting
fine and natd is working off one off the ips. I would like to bind the remaining 5 ips
to the tun0 interface on the bsd box and enable static nating to certain boxes behind
the firewall. I am however hav
Hi, all
I already done some test on ipsec transport and tunnel
test successfully. Now, I try to figure out how to
deal with roaming users. Here is the situation:
internal <---> freebsd <---> roaming user
freebsd's external NIC has a public, to accept
incoming ipsec from roaming user.
freebsd's
Hi, all
I have a ipsec tunnel with 2 freebsd in each end. It
just came to me recently, how safe if racoon accept
anonymous connection? Is it possible that somebody
just create a fake certificate and feed it to racoon,
then got access?
BTW: I didn't check peer's identifier at this time.
Will it be
Julian Elischer wrote:
> Also look at ng_etf the ethertype filter..
> it is designed to connect to an ether node and filter out packets
> with a particular ethertype. yuo could alter it to examine for a
> particular tcp port number too.
[ ... ]
A more interesting problem is how to hook an address
Why the arp reply receiver interface has to have IP-address?
-- Pasi
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message
If you don't want to go the sysctl route
Change IFQ_MAXLEN to something reasonable in
/usr/src/sys/net/if.h and recompile the kernel.
There was discussion on net.inet.ip.intr_queue values
recently on -net. So you might want to go through that thread.
Thanks,
Prafulla
Jason Carroll [[EMAIL PROT
On Thu, 7 Nov 2002, Steve Tremblett wrote:
> I've been toying with the idea of tackling a Netgraph TCP/IP
> implementation and want to hack out some skeleton netgraph nodes just
> to feel things out and play around with parsing. I'm somewhat confused
> on how to start. I'd like to be able to t
+ Maksim Yevmenkin wrote:
| > I'm in a bit of a bind. I want a sequence of ethernet frames to send
| > up through this framework. Hooking to ng_ether will give me this but I
| > am restricted to taking ALL frames (thus taking the machine offline) or
| > orphaned frames (where I will have to w
Steve Tremblett wrote:
>
> I've been toying with the idea of tackling a Netgraph TCP/IP
> implementation and want to hack out some skeleton netgraph nodes just
> to feel things out and play around with parsing. I'm somewhat confused
> on how to start. I'd like to be able to tinker as I go and I'
I've been toying with the idea of tackling a Netgraph TCP/IP
implementation and want to hack out some skeleton netgraph nodes just
to feel things out and play around with parsing. I'm somewhat confused
on how to start. I'd like to be able to tinker as I go and I'd rather
not have to write 5000 li
** Reply to note from Lefteris Tsintjelis <[EMAIL PROTECTED]> Wed, 06 Nov 2002
20:04:07 +0200
>> Let's deal with the serial port: it's initialized at boot time by rc.serial, so a
>reboot should have set it up right.
>> In any case wouldn't "sh /etc/rc.serial" be enough to solve the matter in cas
12 matches
Mail list logo
