similar to: ipsec vs. broadcast

Displaying 20 results from an estimated 4000 matches similar to: "ipsec vs. broadcast"

2005 Nov 21
1
mount -u -r drops nosuid ?
Not sure if this is a bug or a feature, but it seems like potential security risk: I have a ufs fs mounted rw+nosuid, then I needed to downgrade it to ro, so I executed mount -u -r on it - imagine my surpise when I found that nosuid flag was removed as well. I know I could have used mount -u -r -o nosuid, but the present behavior seems to be non-obvious (update one flag, orthogonal flags dropped
2005 Jan 14
1
debugging encrypted part of isakmp
Are there any tools to decode encrypted part of isakmp provided that identities of both peers are known to me and that I am able to observe the whole exchange ? -- Andriy Gapon
2008 Dec 04
1
rc.firewall: default loopback rules are set up even for custom file
I've just realized that I see in releng/7 something that I did not see in releng/6 - even if I use a file with custom rules in firewall_type I still get default loopback rules installed. I think that this is not correct, I am using custom rules exactly because I want to control *everything* (e.g. all deny rules come with log logamount xxx). -- Andriy Gapon
2008 Jan 30
2
mouse problems [A4 Tech OP-3D]
After some poking into psm.c code I've got some results. First, for the archives, debug.psm.loglevel tunable is much more useful than a verbose boot for debugging PS/2 mouse issues. A good value is 2. Second, I fiddled with various probe methods to force them to "recognize" my mouse (by loosening their checks) and found out that the mouse works perfectly if it is treated as
2009 Feb 05
1
nfs umount soft hang
I have an NFS server and NFS client separated by a firewall. Both servers are FreeBSD 7.1. Server configuration: nfs_server_enable="YES" nfs_server_flags="-t -n 4" rpcbind_enable="YES" mountd_flags="-r -p 737" mountd_enable="YES" The firewall allows tcp and udp to port 111, but only tcp to ports 2049 and 737 (configured for mountd, see above).
2009 Jan 24
4
panic in callout_reset: bad link in callwheel
System: FreeBSD 7.1-STABLE i386 (revision 187025) Panic message: kernel trap 12 with interrupts disabled Fatal trap 12: page fault while in kernel mode fault virtual address = 0xd2006ad0 fault code = supervisor write, page not present instruction pointer = 0x20:0xc05623aa stack pointer = 0x28:0xdd4f6c34 frame pointer = 0x28:0xdd4f6c40 code segment
2008 Sep 15
1
sio => uart: one port is gone
This is a fairly standard and old machine with 2 COM ports. Recently (last Friday) I decided to update my RELENG_7 system and also to transition from sio to uart. This what I had before the upgrade: kernel: sio0: <16550A-compatible COM port> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0 kernel: sio0: type 16550A kernel: sio0: [FILTER] kernel: sio1: <16550A-compatible COM port> port
2008 Jun 04
1
mystery: lock up after fs dump
I wouldn't report this if not for one coincidence (which is described below). I have too little facts, so this is more of a mystery problem tale than a real problem report. There are two systems: 1. old, slow, i386, UP, 7-STABLE 2. new, fast, amd64, MP, 6.3-RELEASE Systems are located at different physical locations. What is common between them: 1. they both have the same backup strategy
2010 Jul 24
0
ARC/VM question
I have a semi-theoretical question about the following code in arc.c, arc_reclaim_needed() function: /* * take ''desfree'' extra pages, so we reclaim sooner, rather than later */ extra = desfree; /* * check that we''re out of range of the pageout scanner. It starts to * schedule paging if freemem is less than lotsfree and needfree. * lotsfree is the high-water mark
2009 Apr 30
0
fsck -y -C
Now that we have very convenient -C option for fsck, maybe we could use it in fsck_y_enable part of rc.d/fsck? -- Andriy Gapon
2008 Nov 07
0
/etc/ttys oddity
I have the following line in /etc/ttys: ttyv8 "/usr/local/bin/kdm -nodaemon" xterm on insecure Because of X misconfiguration it constantly crashed, so: kdm-bin[1178]: Unable to fire up local display :0; disabling. So I fix xorg.conf, then I change on => off in ttys, then I do kill -1 1, and X gets started! Seems illogical. Or maybe kdm-bin does something "smart"
2009 Feb 28
2
devd question
I'm trying to make devd run an stty command whenever a USB serial device is attached. Unfortunately, $device-name is ucom[0-9] and the device names are /dev/cuaU[0-9] - how do I get the correct name in the device action? I haven't found a way to extract the number by itself, so I'm stuck with specifying a separate rule for each number, like so: attach 100 { device-name
2005 Feb 22
1
periodic/security/550.ipfwlimit
550.ipfwlimit check in /etc/periodic/security takes into account only global/default verbosity limit and does not account for a specific logging limit set for a particular rule e.g.: $ ipfw -a l | fgrep log 65000 *521* 41764 deny log logamount *1000* ip from any to any $ sysctl -n net.inet.ip.fw.verbose_limit *100* >From security run output: ipfw log limit reached: 65000 519
2008 Apr 16
4
umass causes panic on 7 amd64
On Tue, Apr 15, 2008 at 12:20 PM, Roland Smith <rsmith@xs4all.nl> wrote: > On Tue, Apr 15, 2008 at 11:34:31AM -0700, Steve Franks wrote: > > Being a naturally curious guy, with your pointers, I've located the following: > > > > [steve@dystant /var/crash]$ sudo cat info.2 > > Yep. This is what you need. > > > > Dump header from device
2002 Dec 26
1
udp broadcast over ipsec
Hello all, I am configuring a vpn between freeswan and windows 2000. I am following the steps at http://www.jacco2.dds.nl/networking/win2000xp-freeswan.html, to get the VPN up and running. using this I have a ppp tunnel between windows and linux, which is inside a l2tp tunnel which is again encrypted by IPSec. (the url gives the configuration in detail and I have followed it exactly) Now the
2013 Jun 30
1
locks under printf(9) and WITNESS = panic?
when booting stable/9 under a debug kernel with WITNESS enabled and verbose I get the following panic.. It seems very much like the discussion from a year back on current: http://lists.freebsd.org/pipermail/freebsd-current/2012-January/031375.html Any ideas? uhub1: <Intel EHCI root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus1 uhub0: 2 ports with 2 removable, self powered uhub1: 2
2013 Jul 17
3
Help with filing a [maybe] ZFS/mmap bug.
Hi All, I have what I think is a ZFS related bug. Unfortunately my simplest test case is a bit cumbersome and I haven't definitively proven that the problem is ZFS related. I'm hoping for some feedback on how to move forward. Quick background: I rip my CD's using grip and produce flac files. I tag the music using Musicbrainz' Picard and transcode it to mp3's within Picard
2010 Sep 01
2
HEADS UP: FreeBSD 6.4 and 8.0 EoLs coming soon
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Everyone, On November 30th, FreeBSD 6.4 and FreeBSD 8.0 will have reached their End of Life and will no longer be supported by the FreeBSD Security Team. Since FreeBSD 6.4 is the last remaining supported release from the FreeBSD 6.x stable branch, support for the FreeBSD 6.x stable branch will also cease at the same point. Users of either of
2010 Sep 01
2
HEADS UP: FreeBSD 6.4 and 8.0 EoLs coming soon
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Everyone, On November 30th, FreeBSD 6.4 and FreeBSD 8.0 will have reached their End of Life and will no longer be supported by the FreeBSD Security Team. Since FreeBSD 6.4 is the last remaining supported release from the FreeBSD 6.x stable branch, support for the FreeBSD 6.x stable branch will also cease at the same point. Users of either of
2013 Aug 29
1
Boot problem if a ZFS log device is missing
Hi all, I am using an USB memory stick as cache and log devices for a HDD ZFS pool named tank0: $ zpool status -v tank0 pool: tank0 state: ONLINE scan: scrub repaired 0 in 7h19m with 0 errors on Tue Jul 30 06:11:23 2013 config: NAME STATE READ WRITE CKSUM tank0 ONLINE 0 0 0 ada0s1d ONLINE 0 0 0 logs gpt/SLOG