On 08/01/2023 18:52, Steffen Christgau wrote:
ip4.addr
A list of IPv4 addresses assigned to the jail. If this is set, the
jail is restricted to using only these addresses. [...] Attempts to
use wildcard addresses silently use the jailed address instead. For
IPv4 the first address given will b
On 22/11/2019 06:19, Victor Sudakov wrote:
2. ICMP traffic in any direction
Sounds like a bad idea. Why would you do it?
Well, for example, if a host in $inside_net sends a UDP datagram to a
host in $dmz_net which generates an ICMP port unreachable message, I
want the host in $inside_net to
On 10/09/2019 03:17, Mihir Luthra wrote:
> Also, while replacing gethostby* calls, I came across arp. I learned that
> arp command is only for ipv4 while ipv6 uses ndp protocol. I was wondering
> if it would be useful to make a ndp command for ipv6 just like arp is for
> ipv4?
There already is a n
On 11/05/2018 16:28, Mark Raynsford via freebsd-net wrote:
good_0 = 2a00:1450:400c:: - 2a00:1450:400c::1000
good_1 = 2a04:4e42:600::200 - 2a04:4e42:600::400
good_2 = 2001:1900:2254:206a::50:0
good_3 = 2001:19f0:5:61d:f000::
good_4 = 2001:4998:58:1836::10
You could also handle this using an addr
On 13/10/2017 21:20, Ronald F. Guilmette wrote:
> I did try inserting the following additional lines into my local
> /var/unbound/unbound.conf file, under the server: section, but these
> appear to have had no effect, even after a reboot:
>
> verbosity: 3
> logfile: /var/log/unbound.lo
On 2017/06/02 12:30, Gary Palmer wrote:
>> Assuming that you always get the same /64 assigned to your gateway, then
>> the address SLAAC assigns to your server will be constant so long as
>> you're on the same hardware, since the SLAAC address is generated from
>> the network prefix and the MAC add
On 06/02/17 02:49, Karl Denninger wrote:
> Is there a dynamic DNS update method associated with Ipv6's address
> assignment system? Since the assignment is "stateless" it obviously
> (and does, in my experience!) move. I can deal with it via a couple of
> shell scripts, and there are only a coupl
On 06/23/16 14:04, Karl Pielorz wrote:
> Any chance you can send us a snippet of how they're setup in
> '/etc/rc.conf' if it's different.
It's all in the PR
Cheers,
Matthew
signature.asc
Description: OpenPGP digital signature
On 06/23/16 13:14, Karl Pielorz wrote:
>
> --On 23 June 2016 11:53 +0100 Karl Pielorz wrote:
>
>> This gets increasingly weird if I run tcpdump on the 10.3 box. The act of
>> running 'tcpdump -i lagg1.30 -n' actually fixes the problem:
>
> As a follow up - running 'ifconfig lagg1 promisc' fixes
On 2015/12/01 15:05, Mark Felder wrote:
> Notice how almost all of them are port 123 on both sides, but a few of
> them are not. Why? The RFC says that NTP is supposed to be using port
> 123 as both the source and destination port, but I clearly have
> something happening on port 16205. Is somethin
On 05/11/2015 09:20, Ben Woods wrote:
>> I'm more curious as to why sockstat gives you question marks instead of the
>> > proper process details. Any ideas?
This indicates a connection that is in the process of closing down but
the system still hasn't cleared up all the connection state yet. It's
On 23/08/2015 16:04, Gary Palmer wrote:
> However if I configure other IPs on other interfaces from the netblock that
> has been delegated to me and either source the traffic from those IPs or
> try the traceroute from another computer using IPs in that netblock, I
> don't even see the traffic leav
On 01/28/15 17:13, Lev Serebryakov wrote:
>
> I could not resolve names with DNSSEC (for example, in freebsd.org
> domain) on two of my installations, one with FreeBSD 11 and other with
> FreeBSD 9.3.
>
> Symptoms are the same: answer is sent as fragmented IP/UDP packet and
> second part of ans
On 12/10/2014 02:05, Ronald F. Guilmette wrote:
> Firstly, various online sources, and the nsupdate man page itself
> say that the name server should create a file called:
>
> /var/run/named/session.key
>
> when the server is started up with at least one "update-policy local;"
> clause wit
On 07/06/2014 07:22, None Secure via freebsd-net wrote:
> BUT, what if my ISP is giving me a private IP, and my internal
> network is also private IPs ? External gateway address is
> 192.168.1.2 and internal gateway address is 10.10.10.1 ... the ONLY
> way I could make this work is with natd and i
The following reply was made to PR kern/123463; it has been noted by GNATS.
From: Matthew Seaman
To: bug-follo...@freebsd.org
Cc:
Subject: Re: kern/123463: [ipsec] [panic] repeatable crash related to
ipsec-tools
Date: Sat, 14 May 2011 17:34:19 +0100
This is an OpenPGP/MIME signed message
Johan Ström wrote:
drop all traffic)? A check with pfctl -vsr reveals that the actual rule
inserted is "pass on lo0 inet from 123.123.123.123 to 123.123.123.123
flags S/SA keep state". Where did that "keep state" come from?
'flags S/SA keep state' is the default now for tcp filter rules -- th
On Thu, Oct 07, 2004 at 12:19:28PM -0300, Marc G. Fournier wrote:
>
> I've got 5 servers sitting on a 10/100 unmanaged switch right now ... last
> night, a DDoS attack against a network "beside us" cause 70+% packet loss
> on our network, and I'm trying to figure out if there is anything I can d
> > -Original Message-
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED] Behalf Of Muhammad Reza
> > I running named in sandbox as a secondary name server with
> > FreeBSD-5.1.p17,
> > Named log always complain:
> > named-xfer exited with signal 6 and slave zone expired for every
19 matches
Mail list logo
