similar to: Any ongoing effort to port /etc/rc.d/pf_boot, /etc/pf.boot.conf from NetBSD ?

Hi there, I've been a happy djbdns+tinydns user for many, many years. I want to keep using it, so answers of the form "bletch! Use ISC BIND the way BSD intended" will be ignored :-) Having said that, one annoying consequence of my transition some time ago to using ntpd, rather than just setting the clock once-off with ntpdate as I used to, is that the /etc/rc.d mechanism starts

Hi, I am using IPFW on FreeBSD 4.11 I am facing two problems: - SSH sessions timeout after a while - When I run "/sbin/ipfw -q -f flush" in the rules script all connection get reset (and I am thrown out of the box). Is this standard functioning of ipfw or do I need to change any configuration? Thanks, Siddhartha

I have a grown list of IPs that I am "deny ip from ###.### to any". Infected machines, hackers, etc.. Is there a way to have this list outside of rc.firewall and just read it in?

>Submitter-Id: current-users >Originator: Janos Mohacsi >Organization: NIIF/HUNGARNET >Confidential: no >Synopsis: pf does not use IPv6 interface addresses at startups >Severity: serious >Priority: low >Category: bin >Class: sw-bug >Release: FreeBSD 6.2-STABLE i386 >Environment: System: FreeBSD scone.ki.iif.hu 6.2-STABLE FreeBSD 6.2-STABLE #23: Wed May 9 18:23:24

Hi, I need to know what the implications are to make use of the hosts.allow file on a FreeBSD Production Server (ISP Setup)? The reason I'm asking, is that I've recently decommisioned a Linux SendMail Server to a FreeBSD Exim Server, but with no Firewall (IPTABLES) yet. Besides the fact that it only runs EXIM and Apache, is it necessary to Configure rc.Firewall? or can I only make use of

Hi. On my FreeBSD 4.8 configured IPFW2+IPF+IPNAT and I use them all: - IPFW - traffic accounting, shaping, balancing and filtering; - IPFilter - policy routing; - IPNAT - masquerading. I want to know, how IP-packets flow through all of this components? What's the path? incoming: IPFW Layer2 -> IPFW&Dummynet -> IPNAT -> IPFilter ? outgoing: IPFW Layer2 ->

Hello, I saw in the Porters Handbook this OSVERSION macro: 6.0-STABLE after incorporating scripts from the local_startup directories into the base rcorder(8) <http://www.FreeBSD.org/cgi/man.cgi?query=rcorder&sektion=8>. 600101 I think that change has been merged to the RELENG_5 branch but I1m not sure. If so, could somebody tell me what is the corresponding OSVERSION for RELENG_5?

Hi guys, I'm have a pure 64-bit system (Intel based). Due to that I can't use 32-bit ELF extlinux binary provided in the syslinux-6.03 package. Unfortunately building extlinux installer failed... See error below after these command: make bios clean make bios (failed) ... ar cq liblpxelinux.a rawcon.o pxeboot.o pxelinux-c.o fs/pxe/dhcp_option.o fs/pxe/pxe.o fs/pxe/tftp.o

On Sun, Feb 8, 2015 at 7:49 PM, Alexey Orishko via Syslinux <syslinux at zytor.com> wrote: > Hi guys, > > I'm have a pure 64-bit system (Intel based). Due to that I can't use 32-bit ELF > extlinux binary provided in the syslinux-6.03 package. > > Unfortunately building extlinux installer failed... > > See error below after these command: > make bios clean

On Sun, 8 Feb 2015 20:21:58 -0500 Gene Cumm via Syslinux <syslinux at zytor.com> wrote: > On Sun, Feb 8, 2015 at 7:49 PM, Alexey Orishko via Syslinux > <syslinux at zytor.com> wrote: > > Hi guys, > > > > I'm have a pure 64-bit system (Intel based). Due to that I can't > > use 32-bit ELF extlinux binary provided in the syslinux-6.03 > >

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:07.pf Security Advisory The FreeBSD Project Topic: IP fragment handling panic in pf(4) Category: contrib Module: sys_contrib Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:07.pf Security Advisory The FreeBSD Project Topic: IP fragment handling panic in pf(4) Category: contrib Module: sys_contrib Announced:

On 7/24/2017 8:39 PM, Nico Kadel-Garcia wrote: > > Why are the targets of the hardlinks evaporating on rebooting? Is that > a FreeBSD'ism? Its when syslogd stops/starts. The hardlinks need to be recreated for some reason. ---Mike -- ------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike at sentex.net Providing Internet services since 1994

Hello I am using htb (krenel 2.6.14.3 + esfq patch from fatooh.org) to limit the bandwidth. But I want the absolute maximum rate to be for example 5Mbit and not to exceed it. here is the script: $tc qdisc add dev ${NETIF} root handle 1 htb r2q 4 $tc class add dev ${NETIF} parent 1: classid 1:21 htb rate 5Mbit ceil 5Mbit $tc class add dev ${NETIF} parent 1:21 classid 1:101 htb rate 2Mbit ceil

In my recent security email, I got the following errors: cantona.dnswatchdog.com login failures: Aug 20 02:37:19 cantona sshd[9444]: fatal: Write failed: Operation not permitted Aug 20 04:30:42 cantona sshd[16142]: fatal: Write failed: Operation not permitted Aug 20 21:21:51 cantona sshd[45716]: fatal: Write failed: Operation not permitted So three questions: What is it? Should I be worried?

Hi Keir: These two patches remove the need for netloop by performing the copying in netback and only if it is necessary. The rationale is that most packets will be processed without delay allowing them to be freed without copying at all. So instead of copying every packet destined to dom0 we''ll only copy those that linger longer than a specified amount of time (currently 0.5s). As it

We''ve been hitting the following issue on a variety of hosts and recent Xen/dom0 version combinations. Here''s an excerpt from our latest: Xen: 4.1.4 (xenbits @ 23432) Dom0: 3.7.1-x86_64 BUG: unable to handle kernel NULL pointer dereference at 000000000000001c IP: [<ffffffff8141a301>] evtchn_from_irq+0x11/0x40 PGD 0 Oops: 0000 [#1] SMP Modules linked in: ebt_comment

This note is essentially a request for a reality check. I use IPFW & natd on the box that provides the interface between my home networks and the Internet; the connection is (static) residential DSL. I configured IPFW to accept & log all SSH "setup" requests, and use natd to forward such requests to an internal machine that only accepts public key authentication; that

This patch adds code to handle SKB_GSO_TCPV6 skbs and construct appropriate extra or prefix segments to pass the large packet to the frontend. New xenstore flags, feature-gso-tcpv6 and feature-gso-tcpv6-prefix, are sampled to determine if the frontend is capable of handling such packets. Signed-off-by: Paul Durrant <paul.durrant@citrix.com> Cc: Wei Liu <wei.liu2@citrix.com> Cc: David

hi all - anyone find a way to get vmware player 12.5.7 working with 7.4? Thanks - everything good with the upgrade except that. Great job CentOS team! Jerry starting vmplayer I get the following: Note: adwaita is installed. canberra is installed No idea what pk is ? vmplayer (vmware-modconfig:12595): Gtk-WARNING **: Unable to locate theme engine in module_path: "adwaita",