similar to: On-delivery deduplication?

Since last upgrade, I see much more CPU time "eated" by interrupts (at least 10% cpu in top) (see http://dgeo.perso.ec-marseille.fr/cpu-week.png) The server behave correctly (Or seems to?), and high interrupt number seems to come from bce cards (source: systat -vmstat) I just upgraded from "RELENG_7 Mon Sep 8 12:33:06 CEST 2008" to "RELENG_7_1 Sat Nov 29 16:20:35 CET

On 16 May 2015, at 09:39, Xin Li <delphij at delphij.net> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > Hi, > > On 5/15/15 10:58, Xin Li wrote: >> Hi, >> >> I have seen the following assertion fails on my own mail server >> (indexer-worker): >> >> Panic: file charset-iconv.c: line 132 (charset_to_utf8):

Hi: We have a machine running 6.2-R-p10 and squid 2.6.17, and upgrade it to 6.3R yesterday, but squid will hang and eat 100% cpu time after restart about 1 hour later, machine still alive, and no response from squid. downgrade to 6.2-R-p10, everything ok again.. here is some infomations: machine type: FreeBSD 6.3-RELEASE #0: Wed Jan 23 01:58:39 CST 2008 CPU: Intel(R) Xeon(TM) CPU 2.40GHz

Hi, Any info on this subject on http://www.theregister.co.uk/2009/09/14/freebsd_security_bug/ -- Frederique

Hi, After changing cables,switches,ports, I came to the conclusion that bce is reporting input errors that are not there, or creating them. I checked this with 3 different boxes, all Dell-2950/Broadcom NetXtreme II BCM5708 1000Base-T (B2), and one of them, while running Solaris, reported 0 errors after a week, and freebsd after a few minutes its count was > 100. The errors appear under

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I have put together a preliminary patchset for dovecot 1.1 at: http://people.freebsd.org/~delphij/misc/dovecot-1.1-rc4.diff My intention is to repocopy the current dovecot port to dovecot11 and make changes on the latter. In this version of patchset, I have intentionally removed the following chunk of change which by default allows gid=0

Hello A box of mine running RELENG_7_0 and ZFS over a couple of disks (6 disks, 3 mirrors) seems to have gotten stuck. From Ctrl-T: load: 0.50 cmd: zsh 40188 [zfs:&buf_hash_table.ht_locks[i].ht_lock] 0.02u 0.04s 0% 3404k load: 0.43 cmd: zsh 40188 [zfs:&buf_hash_table.ht_locks[i].ht_lock] 0.02u 0.04s 0% 3404k load: 0.10 cmd: zsh 40188 [zfs:&buf_hash_table.ht_locks[i].ht_lock]

Dear folks, It seems that doing bind() inside a jail (whose IP address is an outside address), will result in some wierd behavior, that the actual bind is done on the outside address. For example, binding to 127.0.0.1:6666 inside a jail addressed 192.168.1.1, will finally result in a bind to 192.168.1.1:6666. With this in mind, it is possible that some formerly secure configuration fail in jail

Hi all, I'm testing Dovecot version 1.2.17 on FreeBSD 8.2-RELEASE using ZFS as filesystem. Searching on google I've ridden about some problem concerning indexes and mmap. I wold like to know if this problem persists on the latest releases. Thanks in advance. Roberto Giuliani.

On 05/22/15 13:18, Cassidy Larson wrote: > We're using FreeBSD 10.1 I see. Yes that's the same problem I have seen. There is a behavioral difference (I think it's a FreeBSD bug) between FreeBSD's iconv(3) and GNU implementation, and there is arguably a bug with Dovecot that iconv(3) state should be reset for each multipart part. The two together would trigger the problem

Hi folks, While investigating OpenBSD's cron implementation, I found that they set the systemwide crontab (a.k.a. /etc/crontab) to be readable by the superuser only. The attached patch will bring this to FreeBSD by moving crontab out from BIN1 group and install it along with master.passwd. This change should not affect the current cron(1) behavior. Cheers, -- Xin LI <delphij frontfree

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi, I have seen the following assertion fails on my own mail server (indexer-worker): Panic: file charset-iconv.c: line 132 (charset_to_utf8): assertion failed: (*src_size - pos <= CHARSET_MAX_PENDING_BUF_SIZE) However, when charset_to_utf8_try returns FALSE (e.g. iconv() got EINVAL or EILSEQ), the for loop in charset_to_utf8 may end earlier,

Hi there, I'm following the security advisory to patch the cpio vulnerability (update to 6_0_0 RELENG p2, make obj, make depend), yet when it comes to make, it shows some error message as follows: /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:536: error: redefinition of 'safer_name_suffix' /usr/src/gnu/usr.bin/cpio/../../../contrib/cpio/copyin.c:488: error: previous

Dear folks, I'm recently investigating large scale deployment and upgrading FreeBSD RELEASE. It's our tradition to bump "RELEASE-pN" after a security patch is applied, however, it seems that there is less method to determine whether the userland is patched, which is somewhat important for large site managements. So is "uname -sr" the only way to differencate the

Hi, Just want to ask about the status of this:- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0002 >From list archives I gather the fix is still under refinement (but committed (and removed?) in HEAD and RELENG_5_2). One paranoid little shop is running a public web server on RELENG_4_9, and contemplating this patch:-

Hi, tuning my network fixing nic's speed and duplex (both on server and switch) i got this error with bce driver: # ifconfig bce0 bce0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=1bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4> ether 00:15:c5:fe:11:01 inet 192.168.1.13 netmask 0xffffff00 broadcast

Hello! Port security/portaudit reports the following problem: Affected package: FreeBSD-491000 Type of problem: multiple vulnerabilities in the cvs server code. Reference: <http://www.FreeBSD.org/ports/portaudit/d2102505-f03d-11d8-81b0-000347a4fa7d.htm l> Note: To disable this check add the uuid to `portaudit_fixed' in /usr/local/etc/portaudit.conf I have 2 related questions: 1)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-11:09.pam_ssh Security Advisory The FreeBSD Project Topic: pam_ssh improperly grants access when user account has unencrypted SSH private keys

I think, there is a neat exploit in the phpbb2.0.8 because I found my home page defaced one dark morning. The patch for phpBB is here. http://www.phpbb.com/downloads.php The excerpt of the log is attached. I believe the link to the described exploit is here. http://secunia.com/advisories/13239 The defacement braggen page is here filter to show the exploited FreeBSD machines that aneurysm.inc

Aloha! (I've Googled around a bit, but failed to find much previous posts about this though I'm sure it has been discussed...) Have anybody (in core etc) considered adding a sudo implementation to thr FreeBSD base system. At least for me, sudo is an important part of implementing good security policy in FreeBSD. Yes, it is available as a port, but in a similar fashion of for example,