Re: ipfilter(4) needs maintainer

On Sun, Apr 14, 2013 at 07:55:21PM +0100, Joe Holden wrote: > wishmaster wrote: > > > --- Original message --- > > From: "Gary Palmer" > > Date: 14 April 2013, 19:06:59 > > > > > >> On Sun, Apr 14, 2013 at 09:48:33AM -0600, Warren Block wrote: > >>> Is it possible to move ipfilter into a port

Re: ipfilter(4) needs maintainer

Hello, Mark. You wrote 15 апреля 2013 г., 2:25:07: >> Yes! This is the most clever thought in this thread. Why we need 3 >> firewalls? Two packet filters it's excess too. We have two packet filters: >> one with excellent syntax and functionality but with outdated bandwidth >> control mechanism (ak

Re: ipfilter(4) needs maintainer

On Mon, Apr 15, 2013 at 1:15 PM, Lev Serebryakov wrote: > Hello, Mark. > You wrote 15 апреля 2013 г., 2:25:07: > >>> Yes! This is the most clever thought in this thread. Why we need 3 >>> firewalls? Two packet filters it's excess too. We have two packet filters: >>> one with excellent syntax and f

Re: ipfilter(4) needs maintainer

Hello, Kimmo. You wrote 15 апреля 2013 г., 14:26:40: >> MM> ... and as far as I can tell none of them is currently usable >> MM> on an IPv6-only FreeBSD (like protecting a host with sshguard), >> MM> none of them supports stateful NAT64, nor IPv6 prefix translation :( >> IPv6 prefix translation?!

Re: ipfilter(4) needs maintainer

On Mon, Apr 15, 2013 at 1:32 PM, Lev Serebryakov wrote: > Hello, Kimmo. > You wrote 15 апреля 2013 г., 14:26:40: > >>> MM> ... and as far as I can tell none of them is currently usable >>> MM> on an IPv6-only FreeBSD (like protecting a host with sshguard), >>> MM> none of them supports stateful NA

Re: ipfilter(4) needs maintainer

Hello, Kimmo. You wrote 15 апреля 2013 г., 14:36:27: >> And, yes, NAT64 will be useful for sure, but it is another story, >> not IPv6<->IPv6 translation. KP> You're forgetting set ups where outgoing traffic is controlled by KP> filter rules, outgoing passive mode ftp needs help from the proxy to

Re: ipfilter(4) needs maintainer

On Mon, Apr 15, 2013 at 1:44 PM, Lev Serebryakov wrote: > Hello, Kimmo. > You wrote 15 апреля 2013 г., 14:36:27: > >>> And, yes, NAT64 will be useful for sure, but it is another story, >>> not IPv6<->IPv6 translation. > KP> You're forgetting set ups where outgoing traffic is controlled by > KP> f

Re: ipfilter(4) needs maintainer

Hello, Kimmo. You wrote 15 апреля 2013 г., 14:47:24: KP> I'm however talking about an ftp client behind a very restrictive KP> firewall making an IPv6 connection an ftp server that uses passive KP> mode data ports that can't be known in advance. Same solution -- inspection of connections to 21 p

Re: ipfilter(4) needs maintainer

On Mon, Apr 15, 2013 at 1:50 PM, Lev Serebryakov wrote: > Hello, Kimmo. > You wrote 15 апреля 2013 г., 14:47:24: > > KP> I'm however talking about an ftp client behind a very restrictive > KP> firewall making an IPv6 connection an ftp server that uses passive > KP> mode data ports that can't be kn

Re: ipfilter(4) needs maintainer

> >> MM> ... and as far as I can tell none of them is currently usable > >> MM> on an IPv6-only FreeBSD (like protecting a host with sshguard), > >> MM> none of them supports stateful NAT64, nor IPv6 prefix translation :( > >> IPv6 prefix translation?! AGAIN!? FML. I've thought, that IPv6 will > >

Re: ipfilter(4) needs maintainer

On Mon, Apr 15, 2013 at 1:54 PM, Kimmo Paasiala wrote: > On Mon, Apr 15, 2013 at 1:50 PM, Lev Serebryakov wrote: >> Hello, Kimmo. >> You wrote 15 апреля 2013 г., 14:47:24: >> >> KP> I'm however talking about an ftp client behind a very restrictive >> KP> firewall making an IPv6 connection an ftp

Current problem reports assigned to freebsd-net@FreeBSD.org

Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker

Re: ipfilter(4) needs maintainer

On Monday April 15 2013 12:32:37 Lev Serebryakov wrote: > And, yes, NAT64 will be useful for sure, but it is another story, > not IPv6<->IPv6 translation. Fear not, NPT66 prefix translation is stateless, this is nothing like NAT44 / NAPT. On Monday April 15 2013 12:51:00 sth...@nethelp.no wrote:

Re: ipfilter(4) needs maintainer

In message , Warren Block writ es: > On Sun, 14 Apr 2013, Chris Rees wrote: > > > On 14 April 2013 01:41, Rui Paulo wrote: > >> 2013/04/13 16:01?Scott Long ??: > >> > >>> Maybe something else, but whatever it is, it should be done. If you and > Gleb don't want to do this, I will. > >> > >

Re: ipfilter(4) needs maintainer

Ok, seems someone has taken the job. > In message , Warren Block > writ > es: >> On Sun, 14 Apr 2013, Chris Rees wrote: >> >> > On 14 April 2013 01:41, Rui Paulo wrote: >> >> 2013/04/13 16:01?Scott Long ??: >> >> >> >>> Maybe something else, but whatever it is, it should be done. If you >>

Re: ipfilter(4) needs maintainer

However it would of been better if said person asked me as I already offered to take it on but whatever. > In message , Warren Block > writ > es: >> On Sun, 14 Apr 2013, Chris Rees wrote: >> >> > On 14 April 2013 01:41, Rui Paulo wrote: >> >> 2013/04/13 16:01?Scott Long ??: >> >> >> >>> May

Re: ipfilter(4) needs maintainer

I've been planning on taking on IP Filter for quite some time. Unfortunately I've left my src commit bit lapse (my ports commit bit is alive and well though) thus I'm looking for a mentor. In addition I'm working on an ACER WMI/ACPI kld. One mentor would be preferred but two would be fine too.

Re: ipfilter(4) needs maintainer

2013/04/15 9:55、Cy Schubert のメッセージ: > I've been planning on taking on IP Filter for quite some time. > Unfortunately I've left my src commit bit lapse (my ports commit bit is > alive and well though) thus I'm looking for a mentor. In addition I'm > working on an ACER WMI/ACPI kld. One mentor w

VLANHWFILTER "upgrade"

Hello list. We currently have VLAHWFILTER functionality allowing underlying physical/virtual interfaces to be aware of vlans stacked on them. However, this knowledge is only used to program NIC hw filter (or to broadcast to member ifaces in lagg case). Proposed idea is to save vlan ifp pointer i

Re: ipfilter(4) needs maintainer

ACER WMI/ACPI? Sure, i'll mentor you if you're going to do _that_. Adrian On 15 April 2013 09:55, Cy Schubert wrote: > I've been planning on taking on IP Filter for quite some time. > Unfortunately I've left my src commit bit lapse (my ports commit bit is > alive and well though) thus I'm look

Re: ipfilter(4) needs maintainer

In message <18df99b0-6e66-4906-a233-7778451b8...@felyko.com>, Rui Paulo writes: > 2013/04/15 9:55$B!"(BCy Schubert > $B$N%a%C%;!<%8(B: > > > I've been planning on taking on IP Filter for quite some time. > > Unfortunately I've left my src commit bit lapse (my ports commit bit is > > alive

using netmap

Hi, I would like to start using netmap. as a start i copied the example from netmap page: #include #include #include #include int main() { struct netmap_if *nifp; struct nmreq req; int i, len; char *buf; FILE* fd; fd = open("/dev/netmap", 0); strcpy(

Re: using netmap

On Mon, Apr 15, 2013 at 7:52 PM, Sami Halabi wrote: > Hi, > I would like to start using netmap. > > as a start i copied the example from netmap > page: > #include > #include > #include > #include > > int main() { > > struct netmap_if *nifp; > struct nm

Re: ipfilter(4) needs maintainer

Thank you to those that have expressed interest in maintaining IP Filter.. My thoughts are, could we consider putting a option in the kernel config, and leaving it off by default for GENERIC? I think this is a acceptable compromise, considering some people wish for it to be removed. Sam Fourman J

Re: ipfilter(4) needs maintainer

The desire to remove it stems from the inability to give it adequate engineering service as the network stack evolves. Simply taking it out of a kernel config file doesn't address that problem at all. If it's going to stay in FreeBSD at all, it needs to be maintained. This could be set about

Re: ipfilter(4) needs maintainer

To my knowledge it is already off by default and you need these options to enable it options IPFILTER options IPFILTER_LOG so to those that wish to have it removed from base, if it has a maintainer whats the trouble? On Mon, Apr 15, 2013 at 2:49 PM, Sam Fourman Jr. wrote: > > Thank you to th

Re: ipfilter(4) needs maintainer

On Apr 15, 2013, at 11:48 AM, Cy Schubert wrote: > In message <18df99b0-6e66-4906-a233-7778451b8...@felyko.com>, Rui Paulo > writes: >> 2013/04/15 9:55$B!"(BCy Schubert >> $B$N%a%C%;!<%8(B: >> >>> I've been planning on taking on IP Filter for quite some time. >>> Unfortunately I've left

Re: ipfilter(4) needs maintainer

In message , Scott Long writes: > > On Apr 15, 2013, at 11:48 AM, Cy Schubert wrote: > > > In message <18df99b0-6e66-4906-a233-7778451b8...@felyko.com>, Rui Paulo > > writes: > >> 2013/04/15 9:55$B!"(BCy Schubert > >> $B$N%a%C%;!<%8 > (B: > >> > >>> I've been planning on taking on IP Fi

Re: ipfilter(4) needs maintainer

On Apr 15, 2013, at 1:27 PM, Cy Schubert wrote: > In message , Scott Long > writes: >> >> On Apr 15, 2013, at 11:48 AM, Cy Schubert wrote: >> >>> In message <18df99b0-6e66-4906-a233-7778451b8...@felyko.com>, Rui Paulo >>> writes: 2013/04/15 9:55$B!"(BCy Schubert $B$N%a%C%;!<%

Re: ipfilter(4) needs maintainer

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2013-04-15 15:27:55 -0400, Cy Schubert wrote: > In message , Scott > Long writes: >> >> On Apr 15, 2013, at 11:48 AM, Cy Schubert >> wrote: >> >>> In message <18df99b0-6e66-4906-a233-7778451b8...@felyko.com>, >>> Rui Paulo writes: 2013/04/15

Re: ipfilter(4) needs maintainer

Cy, good news that you volunteered to work on this! On Mon, Apr 15, 2013 at 10:48:43AM -0700, Cy Schubert wrote: C> The initial plan was to import IP Filter 5.1.2 into HEAD. darrenr@ hadn't C> done much with IPF while employed with Sun. Since then there has been some C> development that is

Re: ipfilter(4) needs maintainer

In message <20130415195544.gy76...@freebsd.org>, Gleb Smirnoff writes: > Cy, > > good news that you volunteered to work on this! > > On Mon, Apr 15, 2013 at 10:48:43AM -0700, Cy Schubert wrote: > C> The initial plan was to import IP Filter 5.1.2 into HEAD. darrenr@ hadn't > C> done much with

Re: ipfilter(4) needs maintainer

It was pointed out to me that Darren Reed has changed licenses from his IP Filter license that's been in IPF since 2005 or so, when he joined Sun, to GPLv2 (probably when Darren left when Oracle took over Sun). Given that IPF already lives in src/contrib and src/sys/contrib due to the 2005 licen

Re: ipfilter(4) needs maintainer

In message <516c58ed.40...@freebsd.org>, Jung-uk Kim writes: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On 2013-04-15 15:27:55 -0400, Cy Schubert wrote: > > In message , Scott > > Long writes: > >> > >> On Apr 15, 2013, at 11:48 AM, Cy Schubert > >> wrote: > >> > >>> In message <18df

Re: ipfilter(4) needs maintainer

On Mon, Apr 15, 2013 at 04:47:33PM -, c...@sdf.org wrote: c> However it would of been better if said person asked me as I already c> offered to take it on but whatever. More manpower - the better. Why can't you work together? -- Totus tuus, Glebius. _

Re: ipfilter(4) needs maintainer

On Mon, Apr 15, 2013 at 01:32:48PM -0600, Scott Long wrote: S> > Given that IPF already lives in src/contrib and src/sys/contrib, would the S> > change in License from Darren Reed's own not so BSD friendly IPF license to S> > GPLv2 be of concern. I recall there was a lot of concern over IPF's l

Re: bge(4) sysctl tuneables -- a blast from the past.

> FreeBSD has too many knobs, but it would be nice if the bge defaults weren't > so broken, so that they don't need overriding. > > Bruce So many knobs ... well here's more. :-) http://people.freebsd.org/~sbruno/bge_config_update.txt At least this gets a man page update with references to ma

Re: bce(4) on the Dell PE 2950

On Fri, Apr 12, 2013 at 02:09:04PM -0700, Xin Li wrote: | (Added David to Cc) | | On 04/12/13 13:56, Sean Bruno wrote: | > A note from cluster...@freebsd.org | > | > It looks like there is some amount of instability or bugginess in | > some of the Broadcom firmware(management) on the bce(4) chipe

Re: ipfilter(4) needs maintainer

In message <20130415212826.ga76...@freebsd.org>, Gleb Smirnoff writes: > On Mon, Apr 15, 2013 at 04:47:33PM -, c...@sdf.org wrote: > c> However it would of been better if said person asked me as I already > c> offered to take it on but whatever. Sorry, I didn't see your posting. I had a permis

Re: kern/177878: [rtl8366rb] [patch] Update rtl8366rb switch driver to match changes on kern/177873

Synopsis: [rtl8366rb] [patch] Update rtl8366rb switch driver to match changes on kern/177873 Responsible-Changed-From-To: freebsd-bugs->freebsd-net Responsible-Changed-By: linimon Responsible-Changed-When: Tue Apr 16 01:48:37 UTC 2013 Responsible-Changed-Why: Over to maintainer(s). http://www.f

Re: bge(4) sysctl tuneables -- a blast from the past.

On Mon, Apr 15, 2013 at 03:35:56PM -0700, Sean Bruno wrote: > > > FreeBSD has too many knobs, but it would be nice if the bge defaults weren't > > so broken, so that they don't need overriding. > > > > Bruce > > > So many knobs ... well here's more. :-) > > http://people.freebsd.org/~sbruno/b

Re: bge(4) sysctl tuneables -- a blast from the past.

On Mon, 15 Apr 2013, Sean Bruno wrote: FreeBSD has too many knobs, but it would be nice if the bge defaults weren't so broken, so that they don't need overriding. So many knobs ... well here's more. :-) Yes, adding more knobs would subtract value. http://people.freebsd.org/~sbruno/bge_con