Displaying 20 results from an estimated 100 matches similar to: "pf does not use IPv6 interface addresses at startups"
2006 Mar 15
0
build world failed on pflogd
list:
cvsuped and build world failed today on pflogd.
cc -O2 -fno-strict-aliasing -pipe -Wall -Wmissing-prototypes
-Wno-uninitialized -Wstrict-prototypes
-I/usr/src/sbin/pfctl/../../contrib/pf/pfctl -DENABLE_ALTQ
-Wsystem-headers -Werror -Wall -Wno-format-y2k -Wno-uninitialized -c
/usr/src/sbin/pfctl/../../contrib/pf/pfctl/pfctl_radix.c
cc -O2 -fno-strict-aliasing -pipe -Wall -Wmissing-prototypes
2005 Oct 25
1
pf and short packets
Dear ALL!
Maybe someone can help me with my problem? I have no adea what is
happening with my packets :(
I have 5.4-RELEASE-p8 FreeBSD 5.4-RELEASE-p8 box running pf.
And i have ipcad daemon running (installed from ports)
pf.conf says
pass quick on lo0 all
and when i'm trying to rsh to ipcad that is listening on
anna# netstat -a|grep shell
tcp4 0 0 localhost.shell *.*
2005 Jun 13
3
problem with pf and asterisk
current setup
SIP phone 192.168.1.30 --> linksys wrt54g sveasoft -- INTERNET --
(xl0) Firewall (xl2:172.16.0.50)--> (em1:172.16.0.101) Asterisk
problem is RTP stream not oging trouhg from * to sip and vice versa.
#1 and asterusk is pushing 192.168.1.30 back to linksys with 172 as
return address....
or
#2 asterisk trying to get back to me as 192.168 on public internet..
got
2004 Jul 01
1
Two possible vulnerabilities?
Dear all,
Browsing through the securityfocus vulnerability database I found
two items, that might interesting for the FreeBSD community:
1. GNU GNATS Syslog() Format String Vulnerability
http://www.securityfocus.com/bid/10609
GNATS is vital part of the PR handling of FreeBSD. I think security
officers should contact developers of GNU GNATS about this issue to resolve
the potential problem.
2008 Feb 06
2
What about FreeBSD? - KAME Project "ipcomp6_input()" Denial of Service
TITLE:
KAME Project "ipcomp6_input()" Denial of Service
CRITICAL:
Moderately critical
IMPACT:
DoS
WHERE:
>From remote
DESCRIPTION:
A vulnerability has been reported in the KAME Project, which can be
exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error within the
"ipcomp6_input()" function in
2012 Apr 12
0
PF - pf not loading non-persist tables from main ruleset on 8.3-PRERELEASE
Hello list,
I installed a box recently and updated it to 8.3-PRERELEASE on 2012/04/11
I'm experiencing this extremely weird behavior where PF refuses to
load standard and const table definitions from the main ruleset.
- persist tables load just fine
- normal and const tables inside anchors load just fine
Does anyone else have the same problem ?
I'll try to update the kernel again,
2008 Jul 24
0
cvs commit: src/contrib/pf/pfctl parse.y src/lib/libc/sys Symbol.map getsockopt.2 src/sbin/ipfw ipfw.8 ipfw2.c src/sys/conf NOTES options src/sys/contrib/ipfilter/netinet ip_fil_freebsd.c src/sys/contrib/pf/net pf.c pf_ioctl.c src/sys/kern init_sysent.c
This looks like a very cool feature addition to RELENG_7! Are there
any performance penalties that you know of with this built in ?
---Mike
At 09:13 PM 7/23/2008, Julian Elischer wrote:
>julian 2008-07-24 01:13:22 UTC
>
> FreeBSD src repository
>
> Modified files: (Branch: RELENG_7)
> contrib/pf/pfctl parse.y
> lib/libc/sys
2006 Jan 26
0
stateful rulesets with PF
I've read a bit about how keeping state works with PF and written
rulesets which look logical to me, but present some problems
intermittently. I believe it has to do with the creation of state
entries, and how PF judges what to do in any case.
> pass in quick on em0 from <trusted> to port any port = 3306 keep state
As I understood it, because I did not specify any flags such as
2006 Apr 03
0
request_module: runaway loop modprobe net-pf-16-proto-9
Any help about this error on domU ?
request_module: runaway loop modprobe net-pf-16-proto-9
request_module: runaway loop modprobe net-pf-16-proto-9
request_module: runaway loop modprobe net-pf-16-proto-9
request_module: runaway loop modprobe net-pf-16-proto-9
request_module: runaway loop modprobe net-pf-16-proto-9
I am using xen_changeset : Sat Apr 1 14:59:12 2006 +0100
2006 Apr 03
0
request_module: runaway loop modprobe net-pf-16-proto-9
Any help about this error on domU ?
request_module: runaway loop modprobe net-pf-16-proto-9
request_module: runaway loop modprobe net-pf-16-proto-9
request_module: runaway loop modprobe net-pf-16-proto-9
request_module: runaway loop modprobe net-pf-16-proto-9
request_module: runaway loop modprobe net-pf-16-proto-9
I am using xen_changeset : Sat Apr 1 14:59:12 2006 +0100
2009 Dec 16
0
dhclient and pf/ipf/ipfw
Hi all.
I recently turned net.inet.udp.log_in_vain on on some of my boxen and
have been seeing UDP connection attempts to port 67 on the local host.
This initially seemed odd, as the target ip addres was indeed that of a
DHCP-configured interface and the source address was that of my DHCP
server. However, it turns out this is totally valid, as dhclient(8) does
not bind(2) on the bootpc port but
2020 Feb 07
0
[RFC PATCH v7 09/78] KVM: x86: avoid injecting #PF when emulate the VMCALL instruction
From: Mihai Don?u <mdontu at bitdefender.com>
It can happened to end up emulating the VMCALL instruction as a result
of the handling of an EPT write fault. In this situation,
the emulator will try to unconditionally patch the correct hypercall
opcode bytes using emulator_write_emulated(). However, this last call
uses the fault GPA (if available) or walks the guest page tables at RIP,
2020 Jul 21
0
[PATCH v9 08/84] KVM: x86: avoid injecting #PF when emulate the VMCALL instruction
From: Mihai Don?u <mdontu at bitdefender.com>
It can happened to end up emulating the VMCALL instruction as a result
of the handling of an EPT write fault. In this situation,
the emulator will try to unconditionally patch the correct hypercall
opcode bytes using emulator_write_emulated(). However, this last call
uses the fault GPA (if available) or walks the guest page tables at RIP,
2007 Feb 20
0
Apple Mail/Tiger Bug came up on the pf mailing list. . .
Hi all,
Just FYI, this post showed up on the pf mailing list a couple of days
ago:
Cc: pf at benzedrine.cx
From: Axel Rau <Axel.Rau at Chaos1.DE>
Subject: Re: mismatch on route through packet/byte counts
Date: Sun, 18 Feb 2007 14:37:56 +0100
To: Daniel Hartmeier <daniel at benzedrine.cx>
X-Mailer: Apple Mail (2.752.2)
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from
2003 Sep 05
1
PF in 4.8-STABLE
My apologies in advance if this is the wrong list to ask this in, but
how well does pf work in 4.8-STABLE? And if so, what kernel options do
I need to compile in? Can pf kernel options coexist w/ IPFW options, if
I keep the IPFW modulus from loading? Can I still bridge in regular
fashion w/ pf? I've already read up on
http://pf4freebsd.love2party.net/install.html, but this seemd a bit
2003 Sep 03
1
Automatic selection pf printers
Hi List,
We have a large (6500 desktops) network distributed over a few dozen
sites. The clients are (almost) all Windows95 and WinXP. We currently
use Netware as our network operating system, and are looking at the
possibility of moving to (Samba on) Linux to provide file and print
services.
One of the nice things about Novell NDS is that you can specify
printers that are available to
2006 Mar 16
1
pf: synproxy broken
Hello
from ealier 6.0 there is problem with synproxy in pf filter:
this one 6.1-PRERELEASE #2: Wed Mar 15 02:02:37 MSK 2006
pf.conf just with single rule
pass in quick on lo0 proto tcp from any to any port 22 flags S/SA synproxy state
result
telnet 127.0.0.1 22
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
and it's hangs
pfctl -s rules -v
No ALTQ support in
2009 Feb 04
0
FREEBSD 7.1-STABLE crashes when trying to mount USB device of solaris UFS filesystem
Hi everybody,
today I met the following problems on my freebsd box. I had a USB stick
of opensolaris bootable USB image and tried to mount it on my fbsd box.
The first time, when I tried to mount the usb device, my system freezed
and then rebooted giving me one core in my dumpdev. When I tried to redo
the mounting, the kernel informed me that the filesystem needed to be
fsck'd before
2000 Nov 28
1
non-centrality parameter in pf() (PR#752)
Bug Description:
Problem with the function pf() when the non-centrality
parameter is large. Here is a sample command. You should
see a smooth line from 0 to about 55, and then the values
of pf() go crazy from 55 to 100.
############################
ncp <- seq(0,100,length=200)
plot(ncp,pf(5,7,2,ncp=ncp))
############################
Version:
platform = i686-pc-linux-gnu
arch = i686
os =
2009 Dec 22
3
iptables ... *BSD pf ... pfSense
Hi,
I followed the "Optimizing CentOS for gigabit firewall" posting and as
some posters wrote pf is soo sooo ssooooo mutch faster, I was thinking
to give it a try. But I'm not familier to BSD so I was looking for some
tools and found "pfsense"
http://www.pfsense.org/
"pfSense is a free, open source customized distribution of FreeBSD
tailored for use as a