similar to: FreeBSD 9.1 stability/robustness?

Hi, I'm having lots of difficulties with BCM5719, which is the default network card of HP Proliant DL 360 G8 servers. I can get a few ping replies before I get a couple of these: bge0: watchdog timeout -- resetting bge0: watchdog timeout -- resetting Then everything hangs. Can not log in using ssh.

I'm interested in crafting firewall rules that throttle connections that have lasted more than a certain amount of time. (Most such connections are P2P traffic, which should be given a lower priority than other connections and may constitute network abuse.) Alas, it doesn't appear that FreeBSD's IPFW can keep tabs on how long a connection has been established. Is there another firewall

A client wants me to set up a mechanism whereby his customers can drop files securely into directories on his FreeBSD server; he also wants them to be able to retrieve files if needed. The server is already running OpenSSH, and he himself is using Windows clients (TeraTerm and WinSCP) to access it, so the logical thing to do seems to be to have his clients send and receive files via SFTP or SCP.

In the next month or two I've got to upgrade a number of servers that are currently on an EOL'd version of 4-STABLE. I foresee that I'll have very limited time to do full OS upgrades on these systems in the coming several years, so I want to make sure I bring them onto an extended-life branch. Right now 4.11 has the furthest projected EOL date (Jan 31 2007), and the projected EOL

I'm constructing a Web server which may require restricted areas of the site to be used from public places where a password might be sniffed. The damage that could be done by taking snapshots of the content from one session with a spy program is minimal. What the owner of the server does NOT want, though, is to allow unauthorized parties to gain unfettered access by stealing the password via

Everyone: We're starting to see a rash of password guessing attacks via SSH on all of our exposed BSD servers which are running an SSH daemon. They're coming from multiple addresses, which makes us suspect that they're being carried out by a network of "bots" rather than a single attacker. But wait... there's more. The interesting thing about these attacks is that

OK, an official OpenSSH advisory was released, see here: <URL: http://www.mindrot.org/pipermail/openssh-unix-announce/2003-September/000063.html > The fix is currently in FreeBSD -CURRENT and -STABLE. It will be applied to the security branches as well today. Attached are patches: buffer46.patch -- For FreeBSD 4.6-RELEASE and later buffer45.patch -- For FreeBSD 4.5-RELEASE and

We're being ping-flooded by the Nachi worm, which probes subnets for systems to attack by sending 92-byte ping packets. Unfortunately, IPFW doesn't seem to have the ability to filter packets by length. Assuming that I stick with IPFW, what's the best way to stem the tide? --Brett Glass

I would like to request that some useful work on networking be MFCed from -CURRENT to -STABLE in time for the release of FreeBSD 6.3. In particular, I'd like to see some of the Netgraph nodes which are new or which have seen extensive development brought in -- ng_nat and ng_car in particular. Bringing in the latest version of ng_nat would allow more flexible in-kernel NAT, while ng_car (which

I'm working with a FreeBSD user -- a teacher -- who's running KDE on a system on which she neither has nor wants root privileges. She wants to be able to mount and unmount floppies and ZIP cartridges from within KDE, using the standard KwikDisk utility (which, by the way, generates mount and unmount command that don't conform to FreeBSD syntax; however, it appears possible to fix this

I haven't seen much on the lists lately regarding the status of FreeBSD 6.2, so I'd like to ask the Release Engineering team for their thoughts and projections. The calendar on the public "Release Engineering" page hasn't been updated since November, and those of us who await 6.2-RELEASE need to have some idea of what to expect. I don't know about everyone else, but

All: I'm posting this to FreeBSD-security (rather than FreeBSD-net) because the problems I'm seeing appear to have been caused by spyware, and because they constitute a possible avenue for denial of service on FreeBSD machines with default installs of the operating system. Several of the FreeBSD machines on our network began to act strangely during the past week. Some have started to

Hi all, Over the last month or so I've installed FreeBSD 9 (-stable) on several Mac Minis via the memstick image; they seem to be pretty good little boxes for things like offsite secondary nameservers, for example, and they're easily replaced in case of problems. However, the newest minis have slightly different hardware, and FreeBSD can't find the built-in NIC. pciconf -lv on the

What does mean this bizarre msgid? maillog: Mar 31 19:31:15 cu sm-mta[5352]: h2VFVEGS005352: from=<nb@sindbad.ru>, size=1737, class=0, nrcpts=1, msgid=<!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAAfp4Fa2ShPE2u4pP/QpPDIMKAAAAQAAAAj+zb4Isbuk+tYEPVF9Vf, proto=ESMTP, daemon=MTA, relay=wg.pu.ru [193.124.85.219] -- Nikolaj I. Potanin, SA http://www.drweb.ru ID

Hey Guys, today I upgraded to 4.8-RELEASE-p15. As usual I set IPFIREWALL to default accept in my kernel config file. Config & make weren't complaining so, installed the kernel, reboot and there it was: >IP packet filtering initialized, divert disabled, rule-based forwarding enabled, default to deny, logging disabled Another rebuild didn't work out so... I reviewed

Scenario: FreeBSD box running IPFW acting as a gateway to private network. The private network is made up of entirely routeable IP addresses. External users running Win2k and XP on DSL connections with dynamic IPs. Goal: To have the FreeBSD gateway securely authenticate and encrypt the traffic between the outside users and the internal network. I've spent the last 3 days running up and

Hi, poudriere 2.2 here, running on 9.1-amd64 Of the 730-ish ports, whenever I run a build, it always rebuilds the above two ports. Even if nothing changed. Is there are specific reason for this? I don't really mind nginx, because it builds so quickly - but GraphicsMagick takes a bit too long.

Hi. I got this on today's RELENG_6 with Broadcom BCM5722 A0, ASIC rev. 0xa200. >From dmesg (bge related): bge0: <Broadcom BCM5722 A0, ASIC rev. 0xa200> mem 0xe8400000-0xe840ffff irq 16 at device 0.0 on pci2 bge0: firmware handshake timed out, found 0x4b657654 bge0: firmware handshake timed out, found 0x4b657654 bge0: EEPROM read timed out bge0: failed to read EEPROM device_attach:

On Wed, Jun 22, 2016 at 11:49 AM, Francis Greaves <francis at choughs.net> wrote: > More information... > I have pcifront showing as a module in the DomU and the usb shows in dmesg > as: > [ 3.167543] usbcore: registered new interface driver usbfs > [ 3.167563] usbcore: registered new interface driver hub > [ 3.167585] usbcore: registered new device driver usb >

Hi, between March 16 and now, bge on a Sun X2200 stopped working, turning off msi (via hw..pci.enable_msi=0) got it working again. I tried first replacing bge with an older version but that did not help. please advice :-) Danny