Re: ftpd-BSD and standalone

debugged and working right. PS: about german parents and grandparents, yes, they were German and so am I :-) (I live here since 3 years.) viele Grüße, -Gunther -- Gunther Schadow, M.D., Ph.D.[EMAIL PROTECTED] Medical Information Scientist Regenstrief Institute for He

Re: ftpd-BSD and standalone

d again and again. If this goes on too often, inetd figures that it's not gonna work and shuts down the service alltogether. This is what happened in your case. -Gunther -- Gunther Schadow, M.D., Ph.D.[EMAIL PROTECTED] Medical Information Scientist Regenstrief Inst

Re: ftpd-BSD and standalone

ftp error code) though the connection was succesful > (/var/log/messages). When I start the daemon in standalone modus > there are no problems. > Does anybody have experience with this thing? > Anastasia > -- Gunther Schadow, M.D., Ph.D.[EMAIL PROTECTED] Medica

Re: NetWare / IPX routing facts and a question

g table is 2227 entries long. Is that too much for FreeBSD to handle? Do I have to change some buffer sizes or something? regards -Gunther -- Gunther Schadow, M.D., Ph.D.[EMAIL PROTECTED] Medical Information Scientist Regenstrief Institute for Health Care

Re: NetWare / IPX routing facts and a question

I am hopeful that the mere filtering may help to get things straightened out. Thanks again, -Gunther -- Gunther Schadow, M.D., Ph.D.[EMAIL PROTECTED] Medical Information Scientist Regenstrief Institute for Health Care Adjunct Assistent ProfessorIndiana Univers

NetWare / IPX routing facts and a question

inux-box". And I want the victory be FreeBSD's! So, whoever works with IPX and FreeBSD as IPX router, please contact me so I can pick your brain! thanks, -Gunther -- Gunther Schadow, M.D., Ph.D.[EMAIL PROTECTED] Medical Information Scientist Regenstrie

Re: [altq 839] Re: The future of ALTQ, IPsec & IPFILTER playing together ...

hs in what they do -- do one thing, do it right.) regards -Gunther PS: just to be consistent with my "great unification theory" I would throw the packet routing machine into the game. Let BPF++ rules manage the router as well (what's a router different than a forwarder anyway?) Sorry fo

Re: (KAME-snap 4629) Re: The future of ALTQ, IPsec & IPFILTER playing together ...

sifier, mainly, instead of a simple true/false output one would want a number representing the class. Also, it's been noted before, the BPF machine needs some state awareness between packets. regards -Gunther -- Gunther Schadow, M.D., Ph.D.[EMAIL PROTECTED] Medical Infor

ALTQ and tunnel devices ...

he tos bits as set by that video conferencing application I need to accomodate. regards, -Gunther PS: I did submit a formal bug report for this @ kame.net. TODO: - ip_encap should llow for userspace processes to hook in handlers for flows on protocols 4 and 41. - ALTQ should support the gi

Re: (KAME-snap 4587) The future of ALTQ, IPsec & IPFILTER playing together ...

can understand if the developers dismiss my calls. Thanks anyway for your good work. I am still hopefull that some day all those pieces will fall together to form a coherent overall system. regards -Gunther -- Gunther Schadow, M.D., Ph.D.[EMAIL PROTECTED] Medical Information Scie

Re: The future of ALTQ, IPsec & IPFILTER playing together ...

Darren Reed wrote: > > In some email I received from Gunther Schadow, sie wrote: > [...] > > As an added benefit, the two network interfaces tun0 and fxp0 allow > > me to cope with the limited power of IPFILTER's NAT rules (as compared > > to IPFW). > > Wha

Re: The future of ALTQ, IPsec & IPFILTER playing together ...

olidation of the SPD and ALTQ classifier rules. I would cheer that effort! regards, -Gunther -- Gunther Schadow, M.D., Ph.D.[EMAIL PROTECTED] Medical Information Scientist Regenstrief Institute for Health Care Adjunct Assistent Professor

Re: The future of ALTQ, IPsec & IPFILTER playing together ...

ose alternatives? Are there other promising alternatives? regards -Gunther -- Gunther Schadow, M.D., Ph.D.[EMAIL PROTECTED] Medical Information Scientist Regenstrief Institute for Health Care Adjunct Assistent ProfessorIndiana University School of Medicine tel:

Re: The future of ALTQ, IPsec & IPFILTER playing together ...

eciate it! -Gunther -- Gunther Schadow, M.D., Ph.D.[EMAIL PROTECTED] Medical Information Scientist Regenstrief Institute for Health Care Adjunct Assistent ProfessorIndiana University School of Medicine tel:1(317)630-7960 http://aurora.regens

Re: (KAME-snap 4587) The future of ALTQ, IPsec & IPFILTER playing together ...

Gunther Schadow wrote: [snip] ... to make things even more complicated, we also have the berkeley packet filter (BPF) mechanism. Heck! How could so many things evolve that all do essentially the same thing? The interesting thing about the BPF mechanism is that it is very generic. Filter rules

Re: The future of ALTQ, IPsec & IPFILTER playing together ...

ions are not really designed to work together, not just yet. regards, -Gunther -- Gunther Schadow, M.D., Ph.D.[EMAIL PROTECTED] Medical Information Scientist Regenstrief Institute for Health Care Adjunct Assistent ProfessorIndiana University School

Re: The future of ALTQ, IPsec & IPFILTER playing together ...

You say, ALTQifying gif should be relatively simple? Should I dare trying it myself? I won't be getting away without kernel-hacking anyway, since I can choose between ALTQifying the gif device or adding TOS-based filtering into IPFW :-( regards -Gunther -- Gunther Schadow, M.D., Ph.D.

Re: [altq 806] The future of ALTQ, IPsec & IPFILTER playing together ...

on IPFILTER and don't have to bother with IPFW etc. thanks, -Gunther -- Gunther Schadow, M.D., Ph.D.[EMAIL PROTECTED] Medical Information Scientist Regenstrief Institute for Health Care Adjunct Assistent ProfessorIndiana University School of Medicine

The future of ALTQ, IPsec & IPFILTER playing together ...

PSEC, so, finally the ALTQ can do its flow control work based on the label. If we keep the filter matching rules separate in IPFILTER, IPSEC and ALTQ for much longer, this is only duplicating the maintenance work and will prevent these three great packages to work together happily.

Re: (KAME-snap 4582) Re: KAME SPD bug, please try and confirm ...

[EMAIL PROTECTED] wrote: > > >> sorry if you felt offended. i really think it is issue in routing > >> table, as multiple SPD configuration works just fine here. > > still, there's of course a possibility that you have stepped onto > > some untested code. KAME SNAP kit is,

Re: (KAME-snap 4571) Re: KAME SPD bug, please try and confirm ...

As much as I praise all this to the outside and as much as I tell my people that "it's basically working with only minor problems", I am getting in a more and more difficult position if I can't make it work because of a bug/problem that's not being taken seriously. tha

Re: (KAME-snap 4523) Re: KAME SPD bug, please try and confirm ...

Earlier last week I wrote: > I just built and tested the latest KAME-SNAP, and it appears as if > the two ipsec tunnels work together now. I will have a final word > on this later tomorrow, but for now it looks as if this problem > requires no further action on your part. Unfortunately I found ou

VPN tunnel with DHCP ...

Hi, about my SOHO router project, I came accross a tough problem, may be I overlook that there is a solution already? The VPN gateway at the small office / home office (SOHO) has an IPsec tunnel connecting it to its headquarter: setkey -c

DHCP vulnerabilities ...

he re-configured interface down and only bring it up after all is well in /etc/dhclient-exit-hooks. Sure I can (and will) do that in my dhclient-script ("ifconfig if0 down" "ifconfig if0 up",) but just wanted folks to know about this. regards -Gunther -- Gu

Re: (KAME-snap 4519) Re: KAME SPD bug, please try and confirm ...

, -Gunther -- Gunther Schadow, M.D., Ph.D.[EMAIL PROTECTED] Medical Information Scientist Regenstrief Institute for Health Care Adjunct Assistent ProfessorIndiana University School of Medicine tel:1(317)630-7960 http://aurora.regenstrief.org To

Re: (KAME-snap 4519) Re: KAME SPD bug, please try and confirm ...

mportant. If you have an easy way to do it, you might want to test this against KAME SNAP 20010326, but if not, don't worry for now, I will first try the 20010417 SNAP to see whether it's on there. If I do find it, I will be back! regards -Gunther PS: BTW, now that fbsd 4.3-RELEASE is out

Re: KAME SPD bug, please try and confirm ...

-0---+--//GATEWAY-1-... | |${cip} ${cipsec}.0/24 +--//GATEWAY-2-----... | . . . Thank you, -Gu

KAME SPD bug, please try and confirm ...

[Sorry I resend this because it seems as if my subject line was turning everyone off from looking at this.] Below is what could be a cookbook recipe for IPsec tunnels. However, unfortunately it's a bug report. I would like some of you to try this out and confirm the problem for me, may be find th

Can someone confirm this problem ...

Hi, below is what could be a cookbook recipe for IPsec tunnels. However, unfortunately it's a bug report. I would like some of you to try this out and confirm the problem for me, may be find the error on my part, or make suggestions on how to work around this problem. If you have an older KAME r

FreeBSD fxp driver, offloading cryptography ...

ble the layered design of KAME/IPsec code? Would it be a big mess to circumvent the KAME crypto code and use the Intel hardware instead? Is anyone interested and or working on this? Thanks, -Gunther -- Gunther Schadow, M.D., Ph.D.[EMAIL PROTECTED] Medical Information Scientist

Consolidating KAME SPD rules and IPFW / IPfilter.

rnel from panicing because of bugs in IPsec -- I did have embarrassing kernel crashes, just when I bragged about FreeBSD running rock solid :0(. I have read about pipsecd, but would like to stand by the excellent work of the Kame people. regards -Gunther -- Gunther Schadow, M.D., Ph.D.