Fabien Thomas wrote:
To share my results:
I have done at work modification to the polling code to do SMP polling
(previously posted to this ml).
SMP polling (dynamic group of interface binded to CPU) does not
significantly improve the throughput (lock contention seems to be the
cause here)
http://people.freebsd.org/~piso/libalias_mbuf.diff
this patch makes libalias able to handle mbuf: TOS, big MTU, much
less copy-around, etcetc.
I encourage people to test it, since i would like to commit it soon.
Known issues:
-documentation was not updated
-i didn't convert the fragment handli
Mikhail T. wrote:
Great pointer! As a matter of fact, all I had to comment out was the
/lib/libalias_smedia.so...
Now, what's wrong with it? Does not disabling this plugin mean, the
hosts on the LAN can't access RTSP streams? Thanks! Yours,
try this patch: http://people.freebsd.org/~piso/al
Mikhail T. wrote:
However, if I disable just one of the rules below -- 1300, the one
diverting all traffic to natd -- the video works fine... So it is not
any of the other rules, that are the problem, nor is it the remote
server... Why would this happen and how do I solve the problem? Thanks!
Julian Elischer wrote:
OR
ngctl mkpeer em0: echo lower echo
hm no this would leave the source and destination headers in hte
same order.. they need to be swapped..
ok so I need to make a patch, but it would be much quicker than a user
utility..
what about a netgraph cookbook?
___
On Thu, Jul 31, 2008 at 01:02:29PM +0300, Mike Makonnen wrote:
>
> While I have not done extensive testing, preliminary tests are encouraging
> and it seems to work, so I thought I'd announce it to the rest of the world
> in case anyone else is interested in this kind of application.
That's a m
Hi,
as the subjects says i'm looking for a freebsd-supported wifi express card.
I know i should look for an atheros-based card, but it's really difficult to
find
which chip a card is using without trying it out first.
Googling around, it seems the belkin n express card is what i'm
looking for, b
On Sun, Mar 02, 2008 at 03:58:50PM +0100, Luigi Rizzo wrote:
>
> The SI_ORDER_* definitions in /sys/sys/kernel.h are enumerated on a
> large range, so if the existing code does not have races,
> you can safely move the non-leaf modules
> (such as ipfw,ko in your case) to (SI_ORDER_ANY - some_small
Hi,
i just found out that depending on a KLD doesn't imply any
initialization order, thus depending on a lock initialized in the ipfw
init path is _really_ a bad idea from another KLD init path (see
ip_fw_nat.c::ipfw_nat_init()).
A fix would be to move ipfw init priority from SI_ORDER_ANY to
SI_O
On Sun, Mar 02, 2008 at 03:49:39PM +0100, Paolo Pisati wrote:
> Hi,
>
> i just found out that depending on a KLD doesn't imply any
> initialization order, thus depending on a lock initialized in the ipfw
> init path is _really_ a bad idea from another KLD init pat
On Mon, Oct 08, 2007 at 08:11:56PM +0900, Randy Bush wrote:
> > or substisute natd_enable/natd_interface in rc.conf with:
> > firewall_nat_enable="yes"
> > firewall_nat_interface="$IF"
>
> aha! that stuff is not in /etc/defaults/rc.conf
ops... forgot to commit it... :P
> extracted from /etc/rc
On Mon, Oct 08, 2007 at 11:03:35AM +0400, Andrey V. Elsukov wrote:
> Randy Bush wrote:
>> # grep -n nat /etc/ipfw.rules
>> 33:add nat 123 all from any to any
>> 34:add nat 123 config if vr0
> - add is not needed here.
ipfw nat crash course:
echo "net.inet.ip.fw.one_pass=0" >> /etc/sysctl
On Sun, Oct 07, 2007 at 09:37:02PM +0900, Randy Bush wrote:
> kernel has
> options IPFIREWALL
> options IPFIREWALL_VERBOSE #enable logging to syslogd(8)
> options IPFIREWALL_VERBOSE_LIMIT=100#limit verbosity
> options IPDIVERT
> options LIBALIAS
opt
On Sat, Oct 21, 2006 at 04:58:08AM -0500, Matthew D. Fuller wrote:
> On Sat, Oct 21, 2006 at 12:47:54AM -0600 I heard the voice of
> Brett Glass, and lo! it spake thus:
> >
> > How can I replace just the functionality of natd without moving to
> > an entirely new firewall? Can I still select which
Released a new revision of my libalias+ipfw work as a
patchset for 6.x, get it here:
http://mercurio.srv.dsi.unimi.it/~pisati/libalias/libalias-6.x.tgz
fixed the checksum corruption occurring to redirected/generated traffic
to/by a local interface on the nat box.
For more info:
http://wikitest
On Tue, May 02, 2006 at 02:38:35PM +0300, Iasen Kostov wrote:
> Have you done any performace comparisons with pf's NAT ? I realy would
> prefer libalias based kernel NAT than pf because libalias works better
> with ftp, irc dcc and things like that (VoIP would be nice too :P ). So
> the only reason
I just released a new revision of my libalias+ipfw work as a
patchset for 6.x, get it here:
http://mercurio.srv.dsi.unimi.it/~pisati/libalias/libalias-6.x.tgz
To apply it:
cp libalias_ipfw.patch /usr/src
cd /usr/src
patch -p3 < libalias_ipfw.patch
then you have to recompile & install:
kernel
Hi,
as a continuation of my Summer of Code project "Improve libalias"
i just decided to release a new version with:
1) dinamyc address support via interface name
(ipfw nat 111 config if tun0)
2) redirect and LSNAT support in ipfw following closely the natd syntax.
The only difference wi
On Thu, Sep 22, 2005 at 08:41:16AM +, Nate Nielsen wrote:
> No. I think each instance of natd (at least last time I looked at it)
> could only use one IP address as it's public address.
FYI you can use nat inside ipfw[*]:
ipfw nat 1 config ip 192.168.0.123
ipfw nat 2 config ip 192.168.0.456
.
On Mon, Sep 19, 2005 at 09:11:33AM -0600, Brett Glass wrote:
> I don't see it that way, because low level languages like assembler
> are normally very efficient and highly granular. The underlying
> opcode language of IPFW is low level for sure. But I would classify
> IPFW's "language," as presen
On Tue, Sep 06, 2005 at 04:06:57PM +0400, Gleb Smirnoff wrote:
> during your work with libalias have you found any bugs or buglets,
> or a rough places, that should be considered to be merged to main
> FreeBSD CVS tree as soon as possible, before next release?
well, actually i didn't find any bugs
Hi guys,
Summer of Code is finished so i released my work about libalias,
and i would appreciate if anyone try it out and report.
There's a tarball here: http://ubi8.imc.pi.cnr.it/~flag/libalias/libalias.tgz
or if you prefer perforce:
http://perforce.freebsd.org/depotTreeBrowser.cgi?FSPC=//depo
Hi guys,
i'm pxe-booting freebsd inside a vmware system
running on top of my freebsd box that acts
like dhcp/tftp/nfs/etcetc server for the diskless
(vmware) client.
vmware boots, it gets ip&c from dhcp server,
starts tftp and trasfer the bootloader but then,
it hangs with a regs dump and the m
On Tue, Sep 09, 2003 at 06:53:56AM -0700, Josh Brooks wrote:
>
>
>
> On Tue, 9 Sep 2003, Luigi Rizzo wrote:
>
> > no, it is not possible to delete them -- you have no way to tell
> > which rule to delete when multiple rules share the same number.
>
> Are there any plans to make ipfw more flexi
Like the subjects says,
I think it would be nice to reserve a couple of names (like
ng_cust1 & ng_cust2) for user developed netgraph nodes (something
like unix did with major&minor numbers of device).
With a couple of spare nodes it would be possible
to develop and test new netgraph nodes withou
[cc: net cause it belongs there even]
This is my situation now:
[EMAIL PROTECTED] n_dimensions]# ngctl msg classifier_mast: stop
^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C^C
and this is ps axl:
0 416 203 0 -20 0 900 440 netgra D+v10:00.01 ngctl msg cl
and if i
Hi guys,
still here with my netgraph node.
Today, after a couple of nice days without a problem,
i spent the last 4 hours trying to understand why the hell,
my module crash my stable box.
DISCLAIMER: this is my first real attempt to work
in kernel land, so it's quite possibile that i did
somet
On Tue, Jul 29, 2003 at 09:59:14AM -0700, Julian Elischer wrote:
>
> The fix in this case would be for the ether node to not allow this ti
> happen..
> this requires a few small changes..
> The error codes must exist in sys/errno.h
> I try select one that is closest in spirit :-)
maybe:
#define
On Tue, Jul 29, 2003 at 04:16:41PM +0200, Paolo Pisati wrote:
>
> well, i answer to myself:
>
> it seems it's not my mistake, cause you can trigger it with a
> plain original tee node too. =P
Ok, i promise this is the last msg:
it was my mistake, whe i deleted the tee n
On Tue, Jul 29, 2003 at 12:30:42PM +0200, Paolo Pisati wrote:
>
> btw, i think i did the converion and it was quite straightforward,
> but i've still a little problem that i didn't have in 5.x:
>
> if i try to unload my module, change the internals, compile
> an
On Mon, Jul 28, 2003 at 07:13:04PM -0700, Julian Elischer wrote:
>
> If you want to send me the node you have writen I can
> make the diffs and send it back :-)
thanks Julian, but i prefer to do it myself,
cause i want to understand how the hell netgraph works... =)
btw, i think i did the conv
As the subject says,
i developed a netgraph node (it's classifier node)
using a 5.x box but tonight, i had a bad
surprise:
it seems the netgraph implemntation in 4.x and 5.x
are different, so now.
Could someone shed some light on the differences, please?
Thanks.
--
Paolo
GUFI: http://www.
As the subject says,
i've 2 netgraph nodes communicating and exchanging
data&c, but i would like to insert my own node
in the middle, is it possible?
i've an adsl internet conncetion, so when my compueter boots,
the netgraph nodes are already there working, buti would like
to conncet my own node
As the subject says,
i've 2 netgraph nodes communicating and exchanging
data&c, but i would like to insert my own node
in the middle, is it possible?
my problem arise from my net configuration:
i've an adsl contract, so everytime i shutdown o
remove an existing conncetion, it seems ppp fix it.
34 matches
Mail list logo
