[Bug 166724] if_re(4): watchdog timeout

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=166724 --- Comment #129 from J.R. Oldroyd --- Meant to add above that the watchdog timeout hit re1. There had been occasional timeouts in the log for a few days but no problems. Last night there was a series of timeouts in short order and re1 st

[Bug 166724] if_re(4): watchdog timeout

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=166724 J.R. Oldroyd changed: What|Removed |Added CC||f...@opal.com --- Comment #128 from

Re: pfil_default_to_drop

In message , Robert Austen writes: > --_000_QB1PPF4C719E46AFADEAB65EB14D2627AABEFB42QB1PPF4C719E46A_ > Content-Type: text/plain; charset="us-ascii" > Content-Transfer-Encoding: quoted-printable > > "Maybe we also want a loader tunable to enable pf(4) on load" > > Seems a complicated way to do a sim

Re: pfil_default_to_drop

In message , Robert Austen writes: > --_000_QB1PPF4C719E46AAEE7D88923E46E08C427EFB42QB1PPF4C719E46A_ > Content-Type: text/plain; charset="us-ascii" > Content-Transfer-Encoding: quoted-printable > > "Considering that firewall rules are loaded before interfaces" > > I don't believe that's true. > > I

Re: RFC: Implementation of RFC 7217 [A Method for Generating Semantically Opaque Interface Identifiers, with IPv6 Stateless Address Autoconfiguration (SLAAC)]

On 4/9/25 13:10, Guido Falsi wrote: On 4/9/25 12:51, Ronald Klop wrote: Hi, Next to hostuuid you could add a jailname in the mix. That is what ether_gen_addr(9) does to make it easier to prevent collisions while copying jails around or run a jail on a readonly shared base filesystem. The R

Re: pfil_default_to_drop

On Wed, 9 Apr 2025 15:48:11 +0800 Zhenlei Huang wrote: > > On Apr 9, 2025, at 1:01 AM, Robert Austen > > wrote: > > > > I respectfully disagree. > > > > PF_DEFAULT_TO_DROP has no effect if pfctl does not perform its ioctl call > > to enable itself, ie. to apply any hooks. > > if pfctl fails,

Re: RFC: Implementation of RFC 7217 [A Method for Generating Semantically Opaque Interface Identifiers, with IPv6 Stateless Address Autoconfiguration (SLAAC)]

On 4/9/25 12:51, Ronald Klop wrote: Hi, Next to hostuuid you could add a jailname in the mix. That is what ether_gen_addr(9) does to make it easier to prevent collisions while copying jails around or run a jail on a readonly shared base filesystem. The RFC is very clear on what should be us

Re: RFC: Implementation of RFC 7217 [A Method for Generating Semantically Opaque Interface Identifiers, with IPv6 Stateless Address Autoconfiguration (SLAAC)]

Hi, Next to hostuuid you could add a jailname in the mix. That is what ether_gen_addr(9) does to make it easier to prevent collisions while copying jails around or run a jail on a readonly shared base filesystem. Regards, Ronald. Van: Guido Falsi Datum: woensdag, 9 april 2025 12:17 Aan: Mar

Re: RFC: Implementation of RFC 7217 [A Method for Generating Semantically Opaque Interface Identifiers, with IPv6 Stateless Address Autoconfiguration (SLAAC)]

On 4/6/25 23:38, Marek Zarychta wrote: W dniu 6.04.2025 o 16:49, Guido Falsi pisze: Hi! I have recently implemented and tested the patch at [1], which implements RFC 7217, about generating IPv6 addresses that are constant through reboots, but do not expose the MAC address of the machine, not

Re: pfil_default_to_drop

> On Apr 9, 2025, at 1:01 AM, Robert Austen > wrote: > > I respectfully disagree. > > PF_DEFAULT_TO_DROP has no effect if pfctl does not perform its ioctl call to > enable itself, ie. to apply any hooks. > if pfctl fails, then the hooks are left unhooked, and EVERYTHING defaults to > PASS,