IPFilter, mpd/Netgraph problems on RELENG_4

2004-12-13 Thread Peter Pentchev
ec 2 10:31:16 EET 2004 [EMAIL PROTECTED]:/usr/obj/usr/src-bsd/4.0S/src/sys/UNNAMED i386 drwxr-xr-x 2 root wheel 512 Dec 2 11:43 /var/db/pkg/mpd-3.18_2 G'luck, Peter -- Peter Pentchev [EMAIL PROTECTED][EMAIL PROTECTED][EMAIL PROTECTED] PGP key:http://people.Fr

Re: IPFilter, mpd/Netgraph problems on RELENG_4

2004-12-13 Thread Peter Pentchev
On Tue, Dec 14, 2004 at 11:53:10AM +0300, Gleb Smirnoff wrote: > On Tue, Dec 14, 2004 at 10:05:50AM +0200, Peter Pentchev wrote: > P> I am seeing a lot of ICMP Must Fragment packets with incorrect ICMP > P> checksums on a RELENG_4 box which holds up 40-60 PPTP (mpd/Netgraph) VPN &

Re: [CFR] Fix sockstat's handling of closed connections

2004-08-25 Thread Peter Pentchev
On Wed, Aug 25, 2004 at 05:48:38PM +0200, Andre Oppermann wrote: > Peter Pentchev wrote: [snip] > > Luckily, the fix is simple, or at least so it seems to me. It turns out > > that those connections have a xt_socket->xso_so set to NULL, and the > > false positive comes

[CFR] Fix sockstat's handling of closed connections

2004-08-25 Thread Peter Pentchev
for (xf = xfiles, n = 0; n < nxfiles; ++n, ++xf) { + if (xf->xf_data == NULL) + continue; hash = (int)((uintptr_t)xf->xf_data % HASHSIZE); for (s = sockhash[hash]; s != NULL; s = s->next) if ((void *)s->socket == xf->xf

[CFR] if_xl.c and if.c null pointer dereferences

2004-07-26 Thread Peter Pentchev
the kernel to panic instead of simply reporting that it could not get the PCI resources it needs :) G'luck, Peter -- Peter Pentchev [EMAIL PROTECTED][EMAIL PROTECTED][EMAIL PROTECTED] PGP key:http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95

Re: [RFC] ifconfig: match by link-level address

2004-05-21 Thread Peter Pentchev
On Thu, May 20, 2004 at 10:18:38AM -0700, Brooks Davis wrote: > On Thu, May 20, 2004 at 07:29:19PM +0300, Peter Pentchev wrote: > > Hi, > > > > I found out recently that the Linux (or at least recent RedHat) startup > > scripts could be configured to not bring up a

[RFC] ifconfig: match by link-level address

2004-05-20 Thread Peter Pentchev
ing able to specify 'hw-' to match lo0's empty link-level "address". However, the odds of somebody actually wishing to rename lo0 don't seem to be so high :) G'luck, Peter -- Peter Pentchev [EMAIL PROTECTED][EMAIL PROTECTED][EMAIL PROTECTED] PGP key:

Re: How to hard lock FreeBSD-5.1 generic with sl

2003-12-31 Thread Peter Pentchev
On Tue, Dec 30, 2003 at 04:28:00PM +0200, Peter Pentchev wrote: > On Tue, Dec 30, 2003 at 06:12:53AM -0800, Kris Kennaway wrote: > > On Mon, Dec 29, 2003 at 06:02:45PM -0800, Chris McKenzie wrote: > > > On three machines (PII 450, P3 450, Pentium laptop 200) with FreeBSD-5.1

Re: trafshow and libslang

2003-09-16 Thread Peter Pentchev
ure script does not provide for disabling slang. The attached patch to the port should be fine for a quick workaround, and I might try to fix up the configure script itself to add a --enable/disable-slang option later. G'luck, Peter -- Peter Pentchev [EMAIL PROTECTED][EMAIL

Re: write(2) SIGPIPE on a closed socket?

2003-03-19 Thread Peter Pentchev
On Wed, Mar 19, 2003 at 11:45:06AM +0200, Peter Pentchev wrote: > On Wed, Mar 19, 2003 at 01:37:48AM -0800, Luigi Rizzo wrote: > > On Wed, Mar 19, 2003 at 11:30:02AM +0200, Peter Pentchev wrote: > > ... > > > dnscache) getting a SIGPIPE when attempting to write to an inc

Re: write(2) SIGPIPE on a closed socket?

2003-03-19 Thread Peter Pentchev
On Wed, Mar 19, 2003 at 01:37:48AM -0800, Luigi Rizzo wrote: > On Wed, Mar 19, 2003 at 11:30:02AM +0200, Peter Pentchev wrote: > ... > > dnscache) getting a SIGPIPE when attempting to write to an incoming > > connection's socket. Presumably, the client closed the conn

write(2) SIGPIPE on a closed socket?

2003-03-19 Thread Peter Pentchev
know anything about problems with writing to closed sockets in FreeBSD 4.5 or such? A bzipped version of the tracefile is available at http://people.FreeBSD.org/~roam/dnscache-ktrace.txt.bz2 G'luck, Peter -- Peter Pentchev [EMAIL PROTECTED][EMAIL PROTECTED][EMAIL PROTECTED] PGP

Re: Spoofing Another Host Packet From User Land

2002-12-08 Thread Peter Pentchev
cket throw out by SOCK_RAW ? > if i can not do this by raw socket how can i do that ? > THANX I'd suggest you take a look at the net/libnet port, and either use it, or check how it does things. I believe you have to at least set the IP_HDRINCL socket option on the raw socket. G'luck,

Re: Packet Capturing on GWs but don't let them go out.

2002-11-25 Thread Peter Pentchev
n place of the ng_tee node, so it does not unconditionally pass the packets, but analyze them first. G'luck, Peter -- Peter Pentchev [EMAIL PROTECTED][EMAIL PROTECTED] PGP key:http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1

Re: VPN Tunneling

2002-10-09 Thread Peter Pentchev
> > >{Net1} <---> <--...--> <---> {Net2} > > > >Win2k machine has dynamically assigned IP address as it's connecting to > >public ISP. Can you help me build the tunnel? > > At 05:04 10/09/2002, Peter Pentchev wrote: > > >Take a look at th

Re: VPN Tunneling

2002-10-09 Thread Peter Pentchev
ork through the Internet'). Things are *very* easy to set up, actually :) Drop me a private mail if you need some help, or we just might meet on IRC :) G'luck, Peter -- Peter Pentchev [EMAIL PROTECTED][EMAIL PROTECTED] PGP key:http://people.FreeBSD.org/~roam/roam.key.

Re: misc/34390: incorrect error with getaddrinfo with hostname+AI_NUMERICHOST

2002-01-30 Thread Peter Pentchev
Hi, Does anybody see any possible problems stemming from the patch in the following reply to PR misc/34390? G'luck, Peter -- This sentence was in the past tense. - Forwarded message from Peter Pentchev <[EMAIL PROTECTED]> - Date: Wed, 30 Jan 2002 13:19:35 +0200 From: Pet

Re: [CFR] whois(1) out-of-bound access patch

2001-10-04 Thread Peter Pentchev
On Thu, Oct 04, 2001 at 01:02:56PM -0400, Garrett Wollman wrote: > < said: > > > - printf("%s\n", buf); > > + printf("%.*s\n", (int)len, buf); > > This is a *much* better patch. ..yet it needs more work: strstr() and strcspn() are used on a non-null-terminated string. And e

Re: [CFR] whois(1) out-of-bound access patch

2001-10-04 Thread Peter Pentchev
On Thu, Oct 04, 2001 at 01:47:10PM -0400, Mike Barcroft wrote: > Todd C. Miller <[EMAIL PROTECTED]> writes: > > In message <[EMAIL PROTECTED]> > > so spake Mike Barcroft (mike): > > > > > Would you please test the attached patch and confirm that it solves > > > the problem? If it does, I'll

Re: [CFR] whois(1) out-of-bound access patch

2001-10-04 Thread Peter Pentchev
On Thu, Oct 04, 2001 at 01:28:02PM +0400, Andrey A. Chernov wrote: > On Thu, Oct 04, 2001 at 12:16:40 +0300, Peter Pentchev wrote: > > + if ((len == 0) || !isspace(buf[len - 1])) { > > Must be isspace((unsigned char)) On Thu, Oct 04, 2001 at 0

[CFR] whois(1) out-of-bound access patch

2001-10-04 Thread Peter Pentchev
Hi, As described in PR bin/30968, whois(1) may access invalid data when the whois server returns a non-newline-terminated string. While it is true that the whois server maintainers should do a better job of following standards and such, still the 'be liberal in what you accept' mindset might be a

Re: 4.4-RC NFS panic

2001-08-20 Thread Peter Pentchev
On Mon, Aug 20, 2001 at 12:27:24PM +0100, Walter C. Pelissero wrote: > [ it seems my original article didn't get through ] > > I recently upgraded to 4.4-RC. > Now my Vaio panics when I use NFS volumes (as client). > The panic is reproducible with a: > > find /some/NFS/mount/point -type f -e

Re: Using FreeBSD server as a router??

2001-08-03 Thread Peter Pentchev
On Thu, Aug 02, 2001 at 12:57:09PM -0500, [EMAIL PROTECTED] wrote: > > > I have been combing the freebsd.org site for the last two days > attempting to find some documentation on how to configure and use a > FreeBSD server as a router. I have found some information on > configuring the server a

Re: ICMP source quench - deprecated?

2001-07-16 Thread Peter Pentchev
400, Joseph Gleason wrote: > Unless I am mistaken, ICMP source quench applies to any IP traffic, not just > TCP. > > Also, ICMP source quench can be sent by intermediate routers. > > > > ----- Original Message - > From: "Peter Pentchev" <[EMAIL PROTECTE

ICMP source quench - deprecated?

2001-07-16 Thread Peter Pentchev
Hi, I just had a friend ask me a weird question about ICMP source quench and its handling in various OS's. He proceeded to show me a part of some version of the Linux kernel source, which processed a source quench request properly, yet had a 'This is deprecated' comment at the top. I had a quic

DHCP configured interface aliases?

2001-06-06 Thread Peter Pentchev
Hi, Is there a way to configure interface aliases using DHCP? I'm using RELENG_4, and dhclient(8) works fine; however, it only configures one IP address :) Is there a way, using the net/isc-dhcp3 port, and the stock FreeBSD dhclient(8), to configure (more than one) alias in addition to the fixe

Re: ifioctl

2001-05-15 Thread Peter Pentchev
On Tue, May 15, 2001 at 08:13:42AM +0100, vishwanath pargaonkar wrote: > HI, > i have freebsd 4.2 stable. > i want to know how autoconfiguration feature of ipv6 > gets enabled. > as far as i know ifioctl will call if_up . if_up calls > if_route and if_route calls in6_if_up which calls > in6_ifatta

Re: netinet/accf_http.c usage ?

2001-04-12 Thread Peter Pentchev
On Thu, Apr 12, 2001 at 07:52:39AM +, [EMAIL PROTECTED] wrote: > > Hi, > > I can't seem decipher the functionality of the accf_http.c file in the > netinet directory ... I also couldn't find any documents that describe its > purpose is it an HTTP filter or something like that ? Have yo

Re: Dynamic routing table (problem solved, was: server continue dies)

2001-04-02 Thread Peter Pentchev
On Mon, Apr 02, 2001 at 02:03:37PM +0400, Dmitry Samersoff wrote: > My servers had died every 12h and I spend lots of time to solve problem, > I hope the result of my work is interesting for community. > > The main reason of server fault is overloading of dynamic routing table > (netstat -nra | g