From owner-freebsd-ipfw@FreeBSD.ORG Sun Sep 17 07:34:42 2006 Return-Path: X-Original-To: freebsd-ipfw@freebsd.org Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5F17116A40F for ; Sun, 17 Sep 2006 07:34:42 +0000 (UTC) (envelope-from bu7cher@yandex.ru) Received: from webmail11.yandex.ru (webmail11.yandex.ru [213.180.200.52]) by mx1.FreeBSD.org (Postfix) with ESMTP id EBFA443D46 for ; Sun, 17 Sep 2006 07:34:41 +0000 (GMT) (envelope-from bu7cher@yandex.ru) Received: from YAMAIL (webmail11.yandex.ru) by mail.yandex.ru id ; Sun, 17 Sep 2006 11:34:25 +0400 Received: from [82.211.152.12] ([82.211.152.12]) by mail.yandex.ru with HTTP; Sun, 17 Sep 2006 11:34:25 +0400 (MSD) Date: Sun, 17 Sep 2006 11:34:25 +0400 (MSD) From: "Andrey V. Elsukov" Sender: bu7cher@yandex.ru Message-Id: <450CFA81.000004.06990@webmail11.yandex.ru> MIME-Version: 1.0 X-Mailer: Yamail [ http://yandex.ru ] Errors-To: bu7cher@yandex.ru To: jhay@meraka.org.za In-Reply-To: <20060916123818.GA8497@zibbi.meraka.csir.co.za> References: <20060916123818.GA8497@zibbi.meraka.csir.co.za> X-Source-Ip: 82.211.152.12 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Cc: freebsd-ipfw@freebsd.org Subject: Re: ipfw buffers too small? X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: bu7cher@yandex.ru List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Sep 2006 07:34:42 -0000 Hi, John > >It seems that the buffer sizes inside ipfw did not keep up with its >possible uses. If I run this: Some time ago i've look at this problem and tried to write a patch for kern/60154. You can found my patches in ipfw@ mail-list archive. http://freebsd.rambler.ru/bsdmail/freebsd-ipfw_2005/msg00634.html -- WBR, Andrey V. Elsukov From owner-freebsd-ipfw@FreeBSD.ORG Mon Sep 18 11:08:14 2006 Return-Path: X-Original-To: freebsd-ipfw@FreeBSD.org Delivered-To: freebsd-ipfw@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 80D1916A40F for ; Mon, 18 Sep 2006 11:08:14 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 29E2543D4C for ; Mon, 18 Sep 2006 11:08:14 +0000 (GMT) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (linimon@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k8IB8E0u040993 for ; Mon, 18 Sep 2006 11:08:14 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k8IB8Ceu040989 for freebsd-ipfw@FreeBSD.org; Mon, 18 Sep 2006 11:08:12 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 18 Sep 2006 11:08:12 GMT Message-Id: <200609181108.k8IB8Ceu040989@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: linimon set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-ipfw@FreeBSD.org Cc: Subject: Current problem reports assigned to you X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Sep 2006 11:08:14 -0000 Current FreeBSD problem reports Critical problems Serious problems S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/51274 ipfw [ipfw] [patch] ipfw2 create dynamic rules with parent f kern/51341 ipfw [ipfw] [patch] ipfw rule 'deny icmp from any to any ic o kern/73910 ipfw [ipfw] serious bug on forwarding of packets after NAT o kern/74104 ipfw [ipfw] ipfw2/1 conflict not detected or reported, manp o conf/78762 ipfw [ipfw] [patch] /etc/rc.d/ipfw should excecute $firewal o bin/80913 ipfw [patch] /sbin/ipfw2 silently discards MAC addr arg wit o kern/88659 ipfw [modules] ipfw and ip6fw do not work properly as modul o kern/93300 ipfw ipfw pipe lost packets o kern/95084 ipfw [ipfw] [patch] IPFW2 ignores "recv/xmit/via any" (IPFW o kern/97504 ipfw [ipfw] IPFW Rules bug o kern/97951 ipfw [ipfw] [patch] ipfw does not tie interface details to o kern/98831 ipfw [ipfw] ipfw has UDP hickups o bin/102422 ipfw [patch] ipfw & kernel problems where firewall rules ar o kern/102471 ipfw [ipfw] [patch] add tos and dscp support 14 problems total. Non-critical problems S Tracker Resp. Description -------------------------------------------------------------------------------- a kern/26534 ipfw [ipfw] Add an option to ipfw to log gid/uid of who cau o kern/46159 ipfw [ipfw] [patch] ipfw dynamic rules lifetime feature o kern/48172 ipfw [ipfw] [patch] ipfw does not log size and flags o bin/50749 ipfw [ipfw] [patch] ipfw2 incorrectly parses ports and port o kern/55984 ipfw [ipfw] [patch] time based firewalling support for ipfw o kern/60719 ipfw [ipfw] Headerless fragments generate cryptic error mes o kern/69963 ipfw [ipfw] install_state warning about already existing en o kern/71366 ipfw [ipfw] "ipfw fwd" sometimes rewrites destination mac a o kern/72987 ipfw [ipfw] ipfw/dummynet pipe/queue 'queue [BYTES]KBytes ( o kern/73276 ipfw [ipfw] [patch] ipfw2 vulnerability (parser error) o bin/78785 ipfw [ipfw] [patch] ipfw verbosity locks machine if /etc/rc o kern/80642 ipfw [ipfw] [patch] ipfw small patch - new RULE OPTION o kern/82724 ipfw [ipfw] [patch] Add setnexthop and defaultroute feature o kern/86957 ipfw [ipfw] [patch] ipfw mac logging o kern/87032 ipfw [ipfw] [patch] ipfw ioctl interface implementation o kern/91847 ipfw [ipfw] ipfw with vlanX as the device o kern/93422 ipfw ipfw divert rule no longer works in 6.0 (regression) o bin/95146 ipfw [ipfw][patch]ipfw -p option handler is bogus 18 problems total. From owner-freebsd-ipfw@FreeBSD.ORG Mon Sep 18 20:35:30 2006 Return-Path: X-Original-To: freebsd-ipfw@freebsd.org Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E0EBD16A412 for ; Mon, 18 Sep 2006 20:35:30 +0000 (UTC) (envelope-from novel@yoda.fannet.ru) Received: from yoda.fannet.ru (yoda.fannet.ru [82.116.56.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id 22A4D43D77 for ; Mon, 18 Sep 2006 20:35:29 +0000 (GMT) (envelope-from novel@yoda.fannet.ru) Received: from yoda.fannet.ru (localhost [127.0.0.1]) by yoda.fannet.ru (Postfix) with ESMTP id 2642145043 for ; Mon, 18 Sep 2006 16:58:32 +0400 (MSD) Received: from localhost (novel.fannet.ru [82.116.56.3]) by yoda.fannet.ru (Postfix) with ESMTP id E14D345042 for ; Mon, 18 Sep 2006 16:58:31 +0400 (MSD) Date: Mon, 18 Sep 2006 16:58:49 +0400 From: Roman Bogorodskiy To: freebsd-ipfw@freebsd.org Message-ID: <20060918125848.GB93854@novel.fannet.ru> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="1LKvkjL3sHcu1TtY" Content-Disposition: inline X-PGP: http://people.freebsd.org/~novel/novel.key.asc X-Virus-Scanned: ClamAV Subject: A bit weird code X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Sep 2006 20:35:31 -0000 --1LKvkjL3sHcu1TtY Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hi, I was reading ipfw sources and spotted such line (sbin/ipfw/ipfw2.c, line 4871): err(EX_UNAVAILABLE, "getsockopt(%s)", "IP_FW_ADD"); And it's there since 1.1 revision of this file. I wonder it has some sacred meaning or just a typo. --1LKvkjL3sHcu1TtY Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) iQCVAwUBRQ6YCIB0WzgdqspGAQI8FQQAy4XWfhpN/qmTvrjJ9/SkVoqxbT7cCQh1 jBPSvZYym5Wx4FRUSYk0ZKDOWSxvPsz3puKz0pnUQnbNJ/VaYOIpVDKirbCtK/lO dhRLbGKcGfWudrehidJBnwd8VjKYOm6wcC0vayGNWb8LBUZbqJXb4Gib6X5fH4mc ioyw0qRZEmU= =Cqht -----END PGP SIGNATURE----- --1LKvkjL3sHcu1TtY-- From owner-freebsd-ipfw@FreeBSD.ORG Tue Sep 19 04:17:56 2006 Return-Path: X-Original-To: freebsd-ipfw@freebsd.org Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CEBAA16A40F; Tue, 19 Sep 2006 04:17:56 +0000 (UTC) (envelope-from bu7cher@yandex.ru) Received: from mx18.yandex.ru (smtp2.yandex.ru [213.180.200.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id BD53B43D5F; Tue, 19 Sep 2006 04:17:55 +0000 (GMT) (envelope-from bu7cher@yandex.ru) Received: from ns.kirov.so-cdu.ru ([81.18.142.225]:11027 "EHLO [127.0.0.1]" smtp-auth: "bu7cher" TLS-CIPHER: "DHE-RSA-AES256-SHA keybits 256/256 version TLSv1/SSLv3" TLS-PEER-CN1: ) by mail.yandex.ru with ESMTP id S3376058AbWISERv (ORCPT + 1 other); Tue, 19 Sep 2006 08:17:51 +0400 X-Comment: RFC 2476 MSA function at smtp2.yandex.ru logged sender identity as: bu7cher Message-ID: <450F6F6D.6020105@yandex.ru> Date: Tue, 19 Sep 2006 08:17:49 +0400 From: "Andrey V. Elsukov" User-Agent: Mozilla Thunderbird 1.5 (FreeBSD/20051231) MIME-Version: 1.0 To: Roman Bogorodskiy References: <20060918125848.GB93854@novel.fannet.ru> In-Reply-To: <20060918125848.GB93854@novel.fannet.ru> Content-Type: text/plain; charset=KOI8-R; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-ipfw@freebsd.org Subject: Re: A bit weird code X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Sep 2006 04:17:56 -0000 Roman Bogorodskiy wrote: > I was reading ipfw sources and spotted such line (sbin/ipfw/ipfw2.c, > line 4871): > > err(EX_UNAVAILABLE, "getsockopt(%s)", "IP_FW_ADD"); > > And it's there since 1.1 revision of this file. I wonder it has some > sacred meaning or just a typo. I don't see this code at this line :) If you mean this code: if (do_cmd(IP_FW_ADD, rule, (uintptr_t)&i) == -1) err(EX_UNAVAILABLE, "getsockopt(%s)", "IP_FW_ADD"); I think this is "copy&paste" bug :) -- WBR, Andrey V. Elsukov From owner-freebsd-ipfw@FreeBSD.ORG Tue Sep 19 06:49:19 2006 Return-Path: X-Original-To: freebsd-ipfw@freebsd.org Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 148A716A412 for ; Tue, 19 Sep 2006 06:49:19 +0000 (UTC) (envelope-from rajeshbikram@wlink.com.np) Received: from smtp5.wlink.com.np (smtp5.wlink.com.np [202.79.32.52]) by mx1.FreeBSD.org (Postfix) with SMTP id 1290A43D46 for ; Tue, 19 Sep 2006 06:49:14 +0000 (GMT) (envelope-from rajeshbikram@wlink.com.np) Received: (qmail 82720 invoked from network); 19 Sep 2006 06:42:54 -0000 Received: from unknown (HELO smtp8.wlink.com.np) (202.79.32.38) by 0 with SMTP; 19 Sep 2006 06:42:54 -0000 Received: (qmail 28148 invoked by uid 98); 19 Sep 2006 06:49:10 -0000 Received: from 202.79.32.67 by smtp8.wlink.com.np (envelope-from , uid 1010) with qmail-scanner-1.25 (clamdscan: 0.88.4/1879. Clear:RC:1(202.79.32.67):. Processed in 0.041698 secs); 19 Sep 2006 06:49:10 -0000 X-Qmail-Scanner-Mail-From: rajeshbikram@wlink.com.np via smtp8.wlink.com.np X-Qmail-Scanner: 1.25 (Clear:RC:1(202.79.32.67):. Processed in 0.041698 secs) Received: from [202.79.32.67] (HELO webmail.wlink.com.np) by smtp8.wlink.com.np (qmail-smtpd) with SMTP; 19 Sep 2006 06:49:09 -0000 (Tue, 19 Sep 2006 12:34:09 +0545) Received: from 202.79.36.112 (auth. user rajeshbikram@pop3.wlink.com.np) by webmail.wlink.com.np with HTTP; Tue, 19 Sep 2006 11:49:07 +0500 To: freebsd-ipfw@freebsd.org Date: Tue, 19 Sep 2006 11:49:07 +0500 X-Mailer: IlohaMail/0.8.14 (On: webmail.wlink.com.np) Message-ID: From: Bounce-To: Errors-To: MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Spam-Check-By: smtp8.wlink.com.np Spam: No ; -1.6 / 5.0 X-Spam-Status-WL: No, hits=-1.6 required=5.0 Subject: Adding opcode in ipfw_opcodes X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Sep 2006 06:49:19 -0000 I add the couple of opcodes O_SETIPTOS and O_SETDSCP in enum ipfw_opcodses structure. I did the neccessary changes to enable the opcodes and compile the kernel. The problem is, i used this opcodes in ipfw2.c value . When i compile the ipw2.c the compiler generate the erro undefined value (first use in this function) for the two added opcodes for the other opcodes gcc doesn't gives the error. What is happening ..... in ip_fw.h with regards Rajes From owner-freebsd-ipfw@FreeBSD.ORG Tue Sep 19 07:53:12 2006 Return-Path: X-Original-To: freebsd-ipfw@freebsd.org Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 74CE716A650 for ; Tue, 19 Sep 2006 07:53:12 +0000 (UTC) (envelope-from bu7cher@yandex.ru) Received: from mx18.yandex.ru (smtp2.yandex.ru [213.180.200.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id C764543D66 for ; Tue, 19 Sep 2006 07:53:09 +0000 (GMT) (envelope-from bu7cher@yandex.ru) Received: from ns.kirov.so-cdu.ru ([81.18.142.225]:21511 "EHLO [127.0.0.1]" smtp-auth: "bu7cher" TLS-CIPHER: "DHE-RSA-AES256-SHA keybits 256/256 version TLSv1/SSLv3" TLS-PEER-CN1: ) by mail.yandex.ru with ESMTP id S3376616AbWISHxF (ORCPT ); Tue, 19 Sep 2006 11:53:05 +0400 X-Comment: RFC 2476 MSA function at smtp2.yandex.ru logged sender identity as: bu7cher Message-ID: <450FA1DE.4000305@yandex.ru> Date: Tue, 19 Sep 2006 11:53:02 +0400 From: "Andrey V. Elsukov" User-Agent: Mozilla Thunderbird 1.5 (FreeBSD/20051231) MIME-Version: 1.0 To: rajeshbikram@wlink.com.np References: In-Reply-To: Content-Type: text/plain; charset=KOI8-R; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-ipfw@freebsd.org Subject: Re: Adding opcode in ipfw_opcodes X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Sep 2006 07:53:12 -0000 rajeshbikram@wlink.com.np wrote: > The problem is, i used this opcodes in ipfw2.c value . When i compile the > ipw2.c the compiler generate the erro undefined value (first use in this > function) for the two added opcodes for the other opcodes gcc doesn't > gives the error. You can try add -I/usr/src/sys/netinet to CFLAGS or replace /usr/include/netinet/ip_fw.h with a new ip_fw.h. -- WBR, Andrey V. Elsukov From owner-freebsd-ipfw@FreeBSD.ORG Tue Sep 19 08:48:59 2006 Return-Path: X-Original-To: freebsd-ipfw@FreeBSD.org Delivered-To: freebsd-ipfw@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 74DD216A415 for ; Tue, 19 Sep 2006 08:48:59 +0000 (UTC) (envelope-from novel@FreeBSD.org) Received: from novel.fannet.ru (novel.fannet.ru [82.116.56.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id A560243D49 for ; Tue, 19 Sep 2006 08:48:58 +0000 (GMT) (envelope-from novel@FreeBSD.org) Received: from novel.fannet.ru (localhost [127.0.0.1]) by novel.fannet.ru (8.13.8/8.13.6) with ESMTP id k8J8nCrw026165; Tue, 19 Sep 2006 12:49:12 +0400 (MSD) (envelope-from novel@FreeBSD.org) Received: (from novel@localhost) by novel.fannet.ru (8.13.8/8.13.6/Submit) id k8J8nBPP026164; Tue, 19 Sep 2006 12:49:11 +0400 (MSD) (envelope-from novel@FreeBSD.org) X-Authentication-Warning: novel.fannet.ru: novel set sender to novel@FreeBSD.org using -f Date: Tue, 19 Sep 2006 12:49:11 +0400 From: Roman Bogorodskiy To: "Andrey V. Elsukov" Message-ID: <20060919084207.GD93854@novel.fannet.ru> References: <20060918125848.GB93854@novel.fannet.ru> <450F6F6D.6020105@yandex.ru> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="84ND8YJRMFlzkrP4" Content-Disposition: inline In-Reply-To: <450F6F6D.6020105@yandex.ru> X-PGP: http://people.freebsd.org/~novel/novel.key.asc Cc: freebsd-ipfw@FreeBSD.org Subject: Re: A bit weird code X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Sep 2006 08:48:59 -0000 --84ND8YJRMFlzkrP4 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Andrey V. Elsukov wrote: > Roman Bogorodskiy wrote: > >I was reading ipfw sources and spotted such line (sbin/ipfw/ipfw2.c, > >line 4871): > > > >err(EX_UNAVAILABLE, "getsockopt(%s)", "IP_FW_ADD"); > > > >And it's there since 1.1 revision of this file. I wonder it has some > >sacred meaning or just a typo. >=20 > I don't see this code at this line :) > If you mean this code: > if (do_cmd(IP_FW_ADD, rule, (uintptr_t)&i) =3D=3D -1) > err(EX_UNAVAILABLE, "getsockopt(%s)", "IP_FW_ADD"); >=20 > I think this is "copy&paste" bug :) Yeah, my fault, it's actually on line 4829, rev. 1.98. --84ND8YJRMFlzkrP4 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) iQCVAwUBRQ+vB4B0WzgdqspGAQKg/gP/T6ZHHVUKeXfMWPxSbAIMs92rq5AXgDSU aHhaseKQmdNG5NVZI2dqNz+odw8g7lRdq83Wr93ZyLYbZ78QYt4tfWnqLRfhoi+E QkGHcvvIehFm6oYqtpyqxiKXVnnhaB8nPgj/AMeFiy2CozwdlRlw6gawkOzOsfGr Hd9RXmvpJqQ= =AQ0J -----END PGP SIGNATURE----- --84ND8YJRMFlzkrP4-- From owner-freebsd-ipfw@FreeBSD.ORG Wed Sep 20 06:21:16 2006 Return-Path: X-Original-To: freebsd-ipfw@freebsd.org Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B8BD316A587 for ; Wed, 20 Sep 2006 06:21:16 +0000 (UTC) (envelope-from fnmhccf@classifiedtoday.com) Received: from classifiedtoday.com (cmo116.neoplus.adsl.tpnet.pl [83.31.142.116]) by mx1.FreeBSD.org (Postfix) with SMTP id EA57F43DAA for ; Wed, 20 Sep 2006 06:21:15 +0000 (GMT) (envelope-from fnmhccf@classifiedtoday.com) Received: from 83.31.142.116 by classifiedtoday.com Date: Wed, 20 Sep 2006 08:21:12 +0100 From: "Constantia travis" X-Sender: fnmhccf@classifiedtoday.com To: Message-Id: <3572333216.evGyEF-07018-813604@classifiedtoday.com> MIME-Version: 1.0 Content-Type: text/plain Subject: The shoes on the other foot now. X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Sep 2006 06:21:16 -0000 HOT ALERT - THIS ONE IS STILL CLIMBING THE CHARTS ALERT -- BREAKING MARKET NEWS REPORT ---- WBRS.PK Company Name: WILD BRUSH ENERGY Lookup: WBRS.PK Current Price: .05 Expected: STEADILY CLIMB FOR THE TOP Breaking News: Wild Brush Acquires Additional Powder River Oil & Gas Lease Wild Brush Energy (PINKSHEETS: WBRS) announces the purchase of an additional Powder River Basin Federal Oil & Gas Lease in the State of Wyoming. The lease is located on the eastern side of the Basin in Weston County. This is the fifth lease the Company now controls in the region. Wild Brush maintains its expansion strategy through acquisition of low risk, high probability oil and gas properties in proven regions such as Powder River basin. Wild Brush will continue to concentrate on the Powder River Basin area, due to the number of lease acre ages it currently controls. The Powder River Basin claims a high probability rate of discoveries and proven production as demonstrated by such companies as Chevron and Western Gas. There are presently over 12,000 gas wells, in addition to nearly 400 new wells monthly, producing over 330 billion cubic feet annually, in an area with an estimated 32 trillion cubic feet of natural gas. About WBRS.PK Wild Brush Energy is a diversified energy company whose primary goal is to identify and develop Oil & Coalbed Methane sites within the State of Wyoming. In addition, Wild Brush Energy continues to evaluate clean air alternative energy producing technologies such as Wind Power. Wild Brush trades in the U.S. under the symbol "WBRS." WATCH THIS STOCK GO HIGHER AND HIGHER -------------------------------------------------------------------------------- If you look up the results you'll know its the right time to buy The stock climbed to $2.20 ----------------------- You throw filth on the living and flowers on the dead.Pin a rose on your nose. Sour as a green apple. Water doesn't run uphill. Speak softly and carry a big stick. Walking on water. Which came first, the chicken or the egg. She's a nut. Some like carrots others like cabbage. To live from hand to mouth. To live from hand to mouth. Run to seed. Worry often gives a small thing a big shadow. A place in the sun. Take time to smell the roses. That's a whole new can of worms. Season of mists and mellow fruitfulness. This is for the birds. A thing of beauty is a joy forever. What goes up must come down. What goes down usually comes up. Walking on thin ice. That's a real stem winder. Root it out. The shoes on the other foot now. Water doesn't run uphill. Rare as walking on water. Walking on cloud nine. Shit happens. Two peas in a pod. What on earth? Which came first, the chicken or the egg. Take time to smell the roses. Your barking up the wrong tree. A thing of beauty is a joy forever. Ugly as a mud fence. A thorn in my side. To live from hand to mouth. That's a whole new can of worms. Watch and wait. Survival of the fittest. Strong as an ox. She has a green thumb. You can lead a horse to water but you can't make him drink. From owner-freebsd-ipfw@FreeBSD.ORG Wed Sep 20 09:00:35 2006 Return-Path: X-Original-To: freebsd-ipfw@freebsd.org Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 78D2D16A4D8 for ; Wed, 20 Sep 2006 09:00:35 +0000 (UTC) (envelope-from akaempfalqp@mv.mv.com) Received: from abxj50.neoplus.adsl.tpnet.pl (abxj50.neoplus.adsl.tpnet.pl [83.9.3.50]) by mx1.FreeBSD.org (Postfix) with SMTP id 54DB143DBE for ; Wed, 20 Sep 2006 08:59:47 +0000 (GMT) (envelope-from akaempfalqp@mv.mv.com) Received: from osmium.mv.net by abxj50.neoplus.adsl.tpnet.pl (8.12.11/8.12.11) with ESMTP id RsNrJtvqzErIFH for ; Thu, 21 Sep 2006 00:04:57 -0400 Received: from passamon ([246.162.56.70]) by osmium.mv.net with ESMTP (Exim 4.05) id 7MNnWywXjPQP for ; Thu, 21 Sep 2006 00:04:57 -0400 From: "Stephan Hurt" Message-ID: <3313683776.3911382025@mv.mv.com> Date: Thu, 21 Sep 2006 00:04:57 -0400 To: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Subject: pleasantly russiian Girls! X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Stephan Hurt List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Sep 2006 09:00:35 -0000 Do you like outflank Girls doing cultured blowjoob? http://eschoisrogikals.com From owner-freebsd-ipfw@FreeBSD.ORG Wed Sep 20 12:13:41 2006 Return-Path: X-Original-To: freebsd-ipfw@freebsd.org Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2815D16A40F for ; Wed, 20 Sep 2006 12:13:41 +0000 (UTC) (envelope-from asayinbbfo@medika.com.tr) Received: from TTN202-127-81-28.ttn.ne.jp (TTN202-127-81-28.ttn.ne.jp [202.127.81.28]) by mx1.FreeBSD.org (Postfix) with SMTP id 6F30443D68 for ; Wed, 20 Sep 2006 12:13:38 +0000 (GMT) (envelope-from asayinbbfo@medika.com.tr) Received: from medika.com.tr by TTN202-127-81-28.ttn.ne.jp (Postfix) with ESMTP id 6C9DF02567 for ; Wed, 20 Sep 2006 12:24:37 -0400 Received: from 117.220.234.123 ([152.67.10.11]) by medika.com.tr (8.12.3 da nor stuldap/8.12.3) with SMTP id Hh3g8ZHf4dzM for ; Wed, 20 Sep 2006 12:24:37 -0400 Date: Wed, 20 Sep 2006 12:24:37 -0400 From: Denise Whitten Message-ID: <105801129612.996367396630@medika.com.tr> To: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Subject: X O E C Mature Ponytailed Brunette Beauty Bedroom Banging X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Denise Whitten List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Sep 2006 12:13:41 -0000 Mature Wife Stripping & Spreading Hairy PussyBlond Mom With Big Boobs Titty Fucking & Banging What is called generosity is usually only the vanity of giving we enjoy the vanity more than the thing given.He had decided to live forever or die in the attempt. http://hot.fuingyd.com/?glad A drinker has a hole under his nose that all his money runs into. All literature is gossip.All things may be bought in Rome with money.Solvency is maintained by means of a national debt, on the principle, ''If you will not lend me the money, how can I pay you? From owner-freebsd-ipfw@FreeBSD.ORG Wed Sep 20 12:23:04 2006 Return-Path: X-Original-To: freebsd-ipfw@freebsd.org Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 76A2616A403 for ; Wed, 20 Sep 2006 12:23:04 +0000 (UTC) (envelope-from a.marinwbgk@cva.ahk.nl) Received: from 197.Red-83-46-253.dynamicIP.rima-tde.net (197.Red-83-46-253.dynamicIP.rima-tde.net [83.46.253.197]) by mx1.FreeBSD.org (Postfix) with SMTP id D965743D7D for ; Wed, 20 Sep 2006 12:23:02 +0000 (GMT) (envelope-from a.marinwbgk@cva.ahk.nl) Received: from nikopolidis.ahk.nl by 197.Red-83-46-253.dynamicIP.rima-tde.net (Postfix) with ESMTP id 6C4E9992D8 for ; Thu, 21 Sep 2006 03:23:17 -0400 Received: from nobody (196.81.140.41) by nikopolidis.ahk.nl (8.12.8/8.12.8/Submit) id 5qIMtCfORBg94X for ; Thu, 21 Sep 2006 03:23:17 -0400 From: "Denny Dominguez" Message-ID: <0345657270.4536214393@cva.ahk.nl> Date: Thu, 21 Sep 2006 03:23:17 -0400 To: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Subject: Group tasty teens hardccore! X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Denny Dominguez List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Sep 2006 12:23:04 -0000 Just scenic Bitch suckinng Dickk! http://ugadnascertbe.com From owner-freebsd-ipfw@FreeBSD.ORG Wed Sep 20 19:20:30 2006 Return-Path: X-Original-To: freebsd-ipfw@hub.freebsd.org Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7C59016A58C for ; Wed, 20 Sep 2006 19:20:30 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4571143D7F for ; Wed, 20 Sep 2006 19:20:26 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k8KJKPgQ071804 for ; Wed, 20 Sep 2006 19:20:25 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k8KJKPVZ071799; Wed, 20 Sep 2006 19:20:25 GMT (envelope-from gnats) Date: Wed, 20 Sep 2006 19:20:25 GMT Message-Id: <200609201920.k8KJKPVZ071799@freefall.freebsd.org> To: freebsd-ipfw@FreeBSD.org From: dfilter@FreeBSD.ORG (dfilter service) Cc: Subject: Re: bin/102422: commit references a PR X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dfilter service List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Sep 2006 19:20:30 -0000 The following reply was made to PR bin/102422; it has been noted by GNATS. From: dfilter@FreeBSD.ORG (dfilter service) To: bug-followup@FreeBSD.org Cc: Subject: Re: bin/102422: commit references a PR Date: Wed, 20 Sep 2006 19:15:34 +0000 (UTC) jhay 2006-09-20 19:15:03 UTC FreeBSD src repository Modified files: (Branch: RELENG_6) sys/netinet ip_fw2.c Log: MFC: 1.147 Handle a list of IPv6 src and dst addresses correctly, eg. ipfw add allow ip6 from any to 2000::/16,2002::/16 PR: 102422 (part 3) Submitted by: Andrey V. Elsukov Approved by: re (hrs) Revision Changes Path 1.106.2.20 +17 -14 src/sys/netinet/ip_fw2.c _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org" From owner-freebsd-ipfw@FreeBSD.ORG Wed Sep 20 19:20:30 2006 Return-Path: X-Original-To: freebsd-ipfw@hub.freebsd.org Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B61F016A5AB for ; Wed, 20 Sep 2006 19:20:30 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2307543D82 for ; Wed, 20 Sep 2006 19:20:30 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k8KJKT56071826 for ; Wed, 20 Sep 2006 19:20:29 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k8KJKTgE071825; Wed, 20 Sep 2006 19:20:29 GMT (envelope-from gnats) Date: Wed, 20 Sep 2006 19:20:29 GMT Message-Id: <200609201920.k8KJKTgE071825@freefall.freebsd.org> To: freebsd-ipfw@FreeBSD.org From: dfilter@FreeBSD.ORG (dfilter service) Cc: Subject: Re: bin/102422: commit references a PR X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dfilter service List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Sep 2006 19:20:30 -0000 The following reply was made to PR bin/102422; it has been noted by GNATS. From: dfilter@FreeBSD.ORG (dfilter service) To: bug-followup@FreeBSD.org Cc: Subject: Re: bin/102422: commit references a PR Date: Wed, 20 Sep 2006 19:18:32 +0000 (UTC) jhay 2006-09-20 19:18:03 UTC FreeBSD src repository Modified files: (Branch: RELENG_6) sbin/ipfw ipfw2.c Log: MFC: 1.97 Use bzero() to clear the whole ipfw_insn_icmp6 structure in fill_icmp6types(), otherwise this command ipfw add allow ipv6-icmp from any to 2002::1 icmp6types 1,2,128,129 turns into icmp6types 1,2,32,33,34,...94,95,128,129 PR: 102422 (part 1) Submitted by: Andrey V. Elsukov Approved by: re (hrs) Revision Changes Path 1.76.2.12 +1 -1 src/sbin/ipfw/ipfw2.c _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org" From owner-freebsd-ipfw@FreeBSD.ORG Thu Sep 21 11:27:00 2006 Return-Path: X-Original-To: freebsd-ipfw@hub.freebsd.org Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BB9FB16A55A; Thu, 21 Sep 2006 11:27:00 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7675F43D72; Thu, 21 Sep 2006 11:27:00 +0000 (GMT) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (linimon@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k8LBR0JA059789; Thu, 21 Sep 2006 11:27:00 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k8LBR0cB059785; Thu, 21 Sep 2006 11:27:00 GMT (envelope-from linimon) Date: Thu, 21 Sep 2006 11:27:00 GMT From: Mark Linimon Message-Id: <200609211127.k8LBR0cB059785@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-ipfw@FreeBSD.org Cc: Subject: Re: kern/103454: [ipfw] [patch] add a facility to modify DF bit of the IP packet X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Sep 2006 11:27:00 -0000 Synopsis: [ipfw] [patch] add a facility to modify DF bit of the IP packet Responsible-Changed-From-To: freebsd-bugs->freebsd-ipfw Responsible-Changed-By: linimon Responsible-Changed-When: Thu Sep 21 11:26:49 UTC 2006 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=103454 From owner-freebsd-ipfw@FreeBSD.ORG Thu Sep 21 11:38:04 2006 Return-Path: X-Original-To: freebsd-ipfw@hub.freebsd.org Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 701A716A415; Thu, 21 Sep 2006 11:38:04 +0000 (UTC) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2866F43D5C; Thu, 21 Sep 2006 11:38:04 +0000 (GMT) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (linimon@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k8LBc43w061936; Thu, 21 Sep 2006 11:38:04 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k8LBc4AC061932; Thu, 21 Sep 2006 11:38:04 GMT (envelope-from linimon) Date: Thu, 21 Sep 2006 11:38:04 GMT From: Mark Linimon Message-Id: <200609211138.k8LBc4AC061932@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-ipfw@FreeBSD.org Cc: Subject: Re: kern/103328: sugestions about ipfw table X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Sep 2006 11:38:04 -0000 Synopsis: sugestions about ipfw table Responsible-Changed-From-To: freebsd-bugs->freebsd-ipfw Responsible-Changed-By: linimon Responsible-Changed-When: Thu Sep 21 11:37:46 UTC 2006 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=103328 From owner-freebsd-ipfw@FreeBSD.ORG Thu Sep 21 14:00:56 2006 Return-Path: X-Original-To: freebsd-ipfw@hub.freebsd.org Delivered-To: freebsd-ipfw@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E1D2516A4F6 for ; Thu, 21 Sep 2006 14:00:56 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 52EEA43D45 for ; Thu, 21 Sep 2006 14:00:56 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k8LE0u2A075070 for ; Thu, 21 Sep 2006 14:00:56 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k8LE0uMN075069; Thu, 21 Sep 2006 14:00:56 GMT (envelope-from gnats) Date: Thu, 21 Sep 2006 14:00:56 GMT Message-Id: <200609211400.k8LE0uMN075069@freefall.freebsd.org> To: freebsd-ipfw@FreeBSD.org From: Roman Bogorodskiy Cc: Subject: Re: kern/103454: [ipfw] [patch] add a facility to modify DF bit of the IP packet X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Roman Bogorodskiy List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Sep 2006 14:00:57 -0000 The following reply was made to PR kern/103454; it has been noted by GNATS. From: Roman Bogorodskiy To: bug-followup@FreeBSD.org Cc: novel@FreeBSD.org Subject: Re: kern/103454: [ipfw] [patch] add a facility to modify DF bit of the IP packet Date: Thu, 21 Sep 2006 17:56:15 +0400 --5G06lTa6Jq83wMTw Content-Type: multipart/mixed; boundary="Bn2rw/3z4jIqBvZU" Content-Disposition: inline --Bn2rw/3z4jIqBvZU Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hi, Attaching a slightly updated patch. Changes: - If we got not 0 or 1 as cmd->arg1, just jump to the next rule without updatating stats. Actually, ipfw(8) checks if the arg for 'setdf' is only 0 or 1, so it should never happen. - s/setdf DF/setdf N/ in `ipfw -h' output http://novel.fannet.ru/~novel/ipfw_setdf_20060921_3_CURRENT.diff --Bn2rw/3z4jIqBvZU Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="ipfw_setdf_20060921_3_CURRENT.diff" Content-Transfer-Encoding: quoted-printable ? sbin/ipfw/ipfw Index: sbin/ipfw/ipfw.8 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/sbin/ipfw/ipfw.8,v retrieving revision 1.195 diff -u -r1.195 ipfw.8 --- sbin/ipfw/ipfw.8 18 Sep 2006 11:55:10 -0000 1.195 +++ sbin/ipfw/ipfw.8 21 Sep 2006 13:41:49 -0000 @@ -822,6 +822,11 @@ and .Cm ngtee actions. +.It Cm setdf Ar value +Changes +.Cm DF +bit of the IP packet. +Value may be 0 (May Fragment) or 1 (Don't Fragment). .El .Ss RULE BODY The body of a rule contains zero or more patterns (such as Index: sbin/ipfw/ipfw2.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/sbin/ipfw/ipfw2.c,v retrieving revision 1.98 diff -u -r1.98 ipfw2.c --- sbin/ipfw/ipfw2.c 16 Sep 2006 19:27:40 -0000 1.98 +++ sbin/ipfw/ipfw2.c 21 Sep 2006 13:41:50 -0000 @@ -247,7 +247,8 @@ TOK_RESET, TOK_UNREACH, TOK_CHECKSTATE, - + TOK_SETDF, +=09 TOK_ALTQ, TOK_LOG, TOK_TAG, @@ -374,6 +375,7 @@ { "unreach6", TOK_UNREACH6 }, { "unreach", TOK_UNREACH }, { "check-state", TOK_CHECKSTATE }, + { "setdf", TOK_SETDF }, { "//", TOK_COMMENT }, { NULL, 0 } /* terminator */ }; @@ -1555,6 +1557,10 @@ } break; =20 + case O_SET_IPDF: + PRINT_UINT_ARG("setdf ", cmd->arg1); + break; + case O_LOG: /* O_LOG is printed last */ logptr =3D (ipfw_insn_log *)cmd; break; @@ -2635,7 +2641,7 @@ "RULE-BODY: check-state [PARAMS] | ACTION [PARAMS] ADDR [OPTION_LIST]\n" "ACTION: check-state | allow | count | deny | unreach{,6} CODE |\n" " skipto N | {divert|tee} PORT | forward ADDR |\n" -" pipe N | queue N\n" +" pipe N | queue N | setdf N\n" "PARAMS: [log [logamount LOGLIMIT]] [altq QUEUE_NAME]\n" "ADDR: [ MAC dst src ether_type ] \n" " [ ip from IPADDR [ PORT ] to IPADDR [ PORTLIST ] ]\n" @@ -3970,6 +3976,20 @@ action->opcode =3D O_COUNT; break; =20 + case TOK_SETDF: + { + int df; + =20 + NEED1("need setdf arg\n"); + df =3D strtoul(*av, NULL, 0); + if (df < 0 || df > 1) + errx(EX_DATAERR, "illegal argument for %s", + *(av - 1)); + fill_cmd(action, O_SET_IPDF, 0, df); + ac--; av++; + } + break; + =09 case TOK_QUEUE: action->opcode =3D O_QUEUE; goto chkarg; Index: sys/netinet/ip_fw.h =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/sys/netinet/ip_fw.h,v retrieving revision 1.108 diff -u -r1.108 ip_fw.h --- sys/netinet/ip_fw.h 18 Aug 2006 22:36:04 -0000 1.108 +++ sys/netinet/ip_fw.h 21 Sep 2006 13:42:11 -0000 @@ -160,6 +160,8 @@ O_TAG, /* arg1=3Dtag number */ O_TAGGED, /* arg1=3Dtag number */ =20 + O_SET_IPDF, /* arg1=3D[0|1] */ +=09 O_LAST_OPCODE /* not an opcode! */ }; =20 Index: sys/netinet/ip_fw2.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/sys/netinet/ip_fw2.c,v retrieving revision 1.147 diff -u -r1.147 ip_fw2.c --- sys/netinet/ip_fw2.c 16 Sep 2006 10:27:05 -0000 1.147 +++ sys/netinet/ip_fw2.c 21 Sep 2006 13:42:11 -0000 @@ -3127,6 +3127,23 @@ goto done; } =20 + case O_SET_IPDF: + switch (cmd->arg1) { + case 0: + ip->ip_off &=3D ~IP_DF; + break; + case 1: + ip->ip_off |=3D IP_DF; + break; + default: + goto next_rule; + /* NOTREACHED */ + } + f->pcnt++; + f->bcnt +=3D pktlen; + f->timestamp =3D time_second; + goto next_rule; + case O_COUNT: case O_SKIPTO: f->pcnt++; /* update stats */ @@ -3654,6 +3671,10 @@ goto bad_size; break; =20 + case O_SET_IPDF: + have_action =3D 1; + break; + case O_UID: case O_GID: case O_JAIL: --Bn2rw/3z4jIqBvZU-- --5G06lTa6Jq83wMTw Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) iQCVAwUBRRKZ/4B0WzgdqspGAQK5wgP/ZiaI62k5RvNb6G71CH114zGX5SH6EYFa WDJ7T8Q/0By/KH0aHXlcBO5R3b1bEOoppaAYGOx4DXjFA75vqF17lPh9vi2Cs5R+ RKOY84KANWLvATgVe48iaUIVQvvLUXaY6E7NFgyekhEywcqRpCId1WcSElCwi4jB uy2l78sTklU= =VnhE -----END PGP SIGNATURE----- --5G06lTa6Jq83wMTw-- From owner-freebsd-ipfw@FreeBSD.ORG Thu Sep 21 18:26:51 2006 Return-Path: X-Original-To: freebsd-ipfw@freebsd.org Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B7C8F16A494 for ; Thu, 21 Sep 2006 18:26:51 +0000 (UTC) (envelope-from mrutman@widevine.com) Received: from seamail003.widevine.com (seamail003.widevine.com [67.105.198.43]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0335343D45 for ; Thu, 21 Sep 2006 18:26:50 +0000 (GMT) (envelope-from mrutman@widevine.com) Received: from seamail002.widevine.com (seamail002.widevine.com [10.200.10.15]) by seamail003.widevine.com (8.13.4/8.13.4) with ESMTP id k8LIQnE8012995 for ; Thu, 21 Sep 2006 11:26:49 -0700 (PDT) Received: from [10.100.2.133] ([10.100.254.2]) by seamail002.widevine.com with Microsoft SMTPSVC(5.0.2195.6713); Thu, 21 Sep 2006 11:26:48 -0700 Mime-Version: 1.0 Message-Id: Date: Thu, 21 Sep 2006 14:26:37 -0400 To: freebsd-ipfw@freebsd.org From: Michael Rutman Content-Type: text/plain; charset="us-ascii" X-OriginalArrivalTime: 21 Sep 2006 18:26:48.0833 (UTC) FILETIME=[804D3F10:01C6DDAB] X-SMTP-Vilter-Version: 1.1.9 X-SMTP-Vilter-Virus-Backend: clamd X-SMTP-Vilter-Status: clean X-SMTP-Vilter-clamd-Virus-Status: clean X-SMTP-Vilter-Unwanted-Backend: attachment X-SMTP-Vilter-attachment-Unwanted-Status: clean Subject: DummyNet in Bridge mode help X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Sep 2006 18:26:51 -0000 I am unable to get dummynet to do anything for me I am using FreeBSD 6.1. I recompiled the kernel to add these options: options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT options DUMMYNET options HZ=1000 options NMBCLUSTERS=65535 options BRIDGE options IPFIREWALL_DEFAULT_TO_ACCEPT I set these options to 1, though not at boot time, does that matter? net.link.ether.bridge.ipfw: 1 net.link.ether.bridge.enable: 1 net.link.ether.bridge.config: em1,bge0 net.link.ether.bridge_ipfw: 1 net.link.ether.bridge_cfg: em1,bge0 net.link.ether.ipfw: 1 net.inet.ip.fw.enable: 1 net.inet.ip.fw.one_pass: 1 net.inet.ip.fw.debug: 1 net.inet.ip.fw.verbose: 1 net.inet.ip.fw.verbose_limit: 10000 At this point I can ping through the bridge. I can take the bridge down and see the pings stop, bring it back up and see them continue, so I know the packets go through it. I then do ipfw add pipe 1 ip from any to any ipfw pipe config 1 delay 5000ms The pings do not slow down at all. Any suggestions for what I'm doing wrong? Thanks From owner-freebsd-ipfw@FreeBSD.ORG Thu Sep 21 18:27:18 2006 Return-Path: X-Original-To: freebsd-ipfw@freebsd.org Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7F1CD16A407 for ; Thu, 21 Sep 2006 18:27:18 +0000 (UTC) (envelope-from budiyt@gmail.com) Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.186]) by mx1.FreeBSD.org (Postfix) with ESMTP id D7FD743D55 for ; Thu, 21 Sep 2006 18:27:17 +0000 (GMT) (envelope-from budiyt@gmail.com) Received: by nf-out-0910.google.com with SMTP id n29so1045493nfc for ; Thu, 21 Sep 2006 11:27:16 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=UIE0hGDKG9i7ZkPjfnJ1JoG4CwZqg/T1A3NQ6hfW3KWrPIQ3K6r31Hvbn65V0oPTJdgdYVYXDJpLEczJRIP5+epRtTkfbyLFGMvsrSHXEtLJynFKyJLhmEprrAoAziY6Y6AC4nMKj6DM4egTK3LdC32XmM2hNIf+gWeEyAPHdAo= Received: by 10.48.48.15 with SMTP id v15mr959052nfv; Thu, 21 Sep 2006 11:27:16 -0700 (PDT) Received: by 10.49.27.3 with HTTP; Thu, 21 Sep 2006 11:27:16 -0700 (PDT) Message-ID: <4d4dc3640609211127u5fa2d843j58cb989a229d7b4b@mail.gmail.com> Date: Fri, 22 Sep 2006 01:27:16 +0700 From: budsz To: freebsd-ipfw@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: Help about dynamic rule Dummynet X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Sep 2006 18:27:18 -0000 Hi, I've old problem with dynamic rule dummynet. I've internet cafe and of couse they could using download accelerator for download large file from HTTP/FTP server. In this case they use Freshget or something like that. In /etc/rc.firewall I have rule like: # Downstream for client ipcl="192.168.0.0/24{1,10,11,12,13,14,50}" bwdown="68Kbit/s" ${fwcmd} add 52 queue 1 ip from any to ${ipcl} out via ${ifint} ${fwcmd} queue 1 config weight 5 pipe 2 mask dst-ip 0x000000ff ${fwcmd} pipe 2 config bw ${bwdown} # Upstream for client bwup="36Kbit/s" ${fwcmd} add 53 queue 2 ip from ${ipcl} to any in via ${ifint} ${fwcmd} queue 2 config weight 5 pipe 3 mask src-ip 0x000000ff ${fwcmd} pipe 3 config bw ${bwup} My LAN using private ip address block C (192.168.0.0/24), my client's ip address 192.168.0.1, 192.168.0.10 - 192.168.0.14, ${ifint} is inside interface, also I use 4.10-STABLE FreeBSD. This illustration with output iftop: www.yahoo.com <=> client10.example.com 1.91Kb 1.93Kb 1.82Kb www.hotmail.com <=> client11.example.com 1.90Kb 1.91Kb 1.80Kb www.friendster.com <=> client12.example.com 1.50Kb 1.52Kb 1.51Kb www.geocities.com <=> client13.example.com 1.60Kb 1.64Kb 1.61Kb www.geocities.com <=> client14.example.com 1.54Kb 1.57Kb 1.53Kb ftp.freebsd.org <=> client01.example.com 10.92Kb 10.90Kb 10.89Kb ftp.freebsd.org <=> client01.example.com 11.87Kb 11.91Kb 11.90Kb ftp.freebsd.org <=> client01.example.com 12.88Kb 12.91Kb 12.89Kb ftp.freebsd.org <=> client01.example.com 10.70Kb 10.72Kb 10.71Kb ftp.freebsd.org <=> client01.example.com 10.75Kb 10.78Kb 10.77Kb If 192.168.0.1 using accelerator to download large file and splited to 5 file simultantly, the client's (192.168.0.10 - 192.168.0.14) will exhausted bandwidht. How to resolve this problem, any suggestion? TIA -- budsz From owner-freebsd-ipfw@FreeBSD.ORG Thu Sep 21 18:47:02 2006 Return-Path: X-Original-To: freebsd-ipfw@freebsd.org Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2A27216A40F for ; Thu, 21 Sep 2006 18:47:02 +0000 (UTC) (envelope-from rossjjco@keras.site5.com) Received: from keras.site5.com (keras.site5.com [216.118.97.140]) by mx1.FreeBSD.org (Postfix) with ESMTP id AE8BC43D8A for ; Thu, 21 Sep 2006 18:46:43 +0000 (GMT) (envelope-from rossjjco@keras.site5.com) Received: from rossjjco by keras.site5.com with local (Exim 4.52) id 1GQTZF-0007DO-Ik for freebsd-ipfw@freebsd.org; Thu, 21 Sep 2006 14:46:37 -0400 To: freebsd-ipfw@freebsd.org From: customer-office@msgcu.org Content-Transfer-Encoding: 7bit X-Accept-Language: en-us, en Message-Id: Date: Thu, 21 Sep 2006 14:46:37 -0400 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - keras.site5.com X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [32024 32008] / [47 12] X-AntiAbuse: Sender Address Domain - keras.site5.com X-Source: /usr/bin/php X-Source-Args: /usr/bin/php sendlist2.php X-Source-Dir: rossjj.com:/public_html/adultsarcade/swf/upload/send/xender MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Michigan Schools & Government Credit Union - Reward X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: customer-office@msgcu.org, customer-care@msgcu.org List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Sep 2006 18:47:02 -0000 Dear Valued Customer, CONGRATULATIONS !!! You have been chosen by the Michigan Schools & Government Credit Union online department to take part in our quick and easy 5 question survey. In return we will credit $100 to your account - Just for your time! Helping us better understand how our customers feel benefits everyone. With the information collected we can decide to direct a number of changes to improve and expand our online service. The information you provide us is all non-sensitive and anonymous - No part of it is handed down to any third party groups. It will be stored in our secure database for maximum of 3 days while we process the results of this nationwide survey. We kindly ask you to spare two minutes of your time in taking part with this unique offer! To Continue click on the link below: [1]www.msgcu.org/survey/questions.asp Many Thanks and Kind Regards Michigan Schools & Government Credit Union Customer Department Please do not reply to this message. For any inquiries, contact Customer Service. Document Reference: (87051203). Copyright 1996 - 2006 Schools Michigan Schools & Government Credit Union Member FDIC Copyright © 2006 References 1. http://www.acmilan-bg.com/forum/cache/skin_cache/cacheid_18/msg/redirect.msgcu.org/member/secure/auth/on/ssl/data/base/mysql/complete/complete/index.html From owner-freebsd-ipfw@FreeBSD.ORG Fri Sep 22 04:18:44 2006 Return-Path: X-Original-To: freebsd-ipfw@FreeBSD.org Delivered-To: freebsd-ipfw@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E024C16A412; Fri, 22 Sep 2006 04:18:44 +0000 (UTC) (envelope-from bu7cher@yandex.ru) Received: from mx18.yandex.ru (smtp2.yandex.ru [213.180.200.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id BD70343D5F; Fri, 22 Sep 2006 04:18:42 +0000 (GMT) (envelope-from bu7cher@yandex.ru) Received: from ns.kirov.so-cdu.ru ([81.18.142.225]:13066 "EHLO [127.0.0.1]" smtp-auth: "bu7cher" TLS-CIPHER: "DHE-RSA-AES256-SHA keybits 256/256 version TLSv1/SSLv3" TLS-PEER-CN1: ) by mail.yandex.ru with ESMTP id S3375747AbWIVESj (ORCPT + 3 others); Fri, 22 Sep 2006 08:18:39 +0400 X-Comment: RFC 2476 MSA function at smtp2.yandex.ru logged sender identity as: bu7cher Message-ID: <4513641C.3010002@yandex.ru> Date: Fri, 22 Sep 2006 08:18:36 +0400 From: "Andrey V. Elsukov" User-Agent: Mozilla Thunderbird 1.5 (FreeBSD/20051231) MIME-Version: 1.0 To: Roman Bogorodskiy References: <200609211400.k8LE0uMN075069@freefall.freebsd.org> In-Reply-To: <200609211400.k8LE0uMN075069@freefall.freebsd.org> Content-Type: text/plain; charset=KOI8-R; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-ipfw@FreeBSD.org, Gleb Smirnoff , Oleg Bulyzhin , Luigi Rizzo Subject: Re: kern/103454: [ipfw] [patch] add a facility to modify DF bit of the IP packet X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Sep 2006 04:18:45 -0000 Roman Bogorodskiy wrote: > +.It Cm setdf Ar value > +Changes > +.Cm DF > +bit of the IP packet. > +Value may be 0 (May Fragment) or 1 (Don't Fragment). May be, it would be more handy make this feature via modifier (not an action). Rule format: [setdf|resetdf] Or more extensible, use not only DF modification: [{modip [DF|TOS|DSCP|TTL]}] I think this is easy to pack any of an instructions into one ipfw_insn_xx structure. > + case O_SET_IPDF: > + switch (cmd->arg1) { > + case 0: > + ip->ip_off &=3D ~IP_DF; > + break; > + case 1: > + ip->ip_off |=3D IP_DF; > + break; > + default: > + goto next_rule; > + /* NOTREACHED */ We can check cmd->arg1 for correct values in the ipfw_chk function. -- WBR, Andrey V. Elsukov From owner-freebsd-ipfw@FreeBSD.ORG Fri Sep 22 15:21:05 2006 Return-Path: X-Original-To: freebsd-ipfw@freebsd.org Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9C7CD16A412 for ; Fri, 22 Sep 2006 15:21:05 +0000 (UTC) (envelope-from unixtools@hotmail.com) Received: from bay0-omc1-s24.bay0.hotmail.com (bay0-omc1-s24.bay0.hotmail.com [65.54.246.96]) by mx1.FreeBSD.org (Postfix) with ESMTP id 46ACD43D73 for ; Fri, 22 Sep 2006 15:20:57 +0000 (GMT) (envelope-from unixtools@hotmail.com) Received: from hotmail.com ([65.54.161.81]) by bay0-omc1-s24.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.1830); Fri, 22 Sep 2006 08:20:57 -0700 Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Fri, 22 Sep 2006 08:20:57 -0700 Message-ID: Received: from 203.199.109.161 by BAY106-DAV9.phx.gbl with DAV; Fri, 22 Sep 2006 15:20:55 +0000 X-Originating-IP: [203.199.109.161] X-Originating-Email: [unixtools@hotmail.com] X-Sender: unixtools@hotmail.com From: To: , "Michael Rutman" References: Date: Fri, 22 Sep 2006 21:02:22 +0530 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1437 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441 X-OriginalArrivalTime: 22 Sep 2006 15:20:57.0424 (UTC) FILETIME=[B3F50500:01C6DE5A] Cc: Subject: Re: DummyNet in Bridge mode help X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Sep 2006 15:21:05 -0000 Hi, pipe 2 config delay 5000ms queue 100 config pipe 2 weight 100 add 2 queue 100 icmp from any to any The above rules work like a charm. Below is the ping after the pipe. I have changed the ip address #ping XXX.XX.XX.XX 64 bytes from XXX.XX.XX.XX: icmp_seq=88 ttl=48 time=5138.269 ms 64 bytes from XXX.XX.XX.XX: icmp_seq=89 ttl=48 time=5150.124 ms 64 bytes from XXX.XX.XX.XX: icmp_seq=90 ttl=48 time=5163.875 ms 64 bytes from XXX.XX.XX.XX: icmp_seq=91 ttl=48 time=5149.844 ms 64 bytes from XXX.XX.XX.XX: icmp_seq=97 ttl=48 time=202.380 ms 64 bytes from XXX.XX.XX.XX: icmp_seq=98 ttl=48 time=275.423 ms 64 bytes from XXX.XX.XX.XX: icmp_seq=99 ttl=48 time=156.222 ms I removed the pipe after the 4th ping and it came back to the normal. -Sunil Sunder Raj http://daemon.in ----- Original Message ----- From: "Michael Rutman" To: Sent: Thursday, September 21, 2006 11:56 PM Subject: DummyNet in Bridge mode help > > I am unable to get dummynet to do anything for me > > I am using FreeBSD 6.1. > > I recompiled the kernel to add these options: > > options IPFIREWALL > options IPFIREWALL_VERBOSE > options IPFIREWALL_VERBOSE_LIMIT > options DUMMYNET > options HZ=1000 > options NMBCLUSTERS=65535 > options BRIDGE > options IPFIREWALL_DEFAULT_TO_ACCEPT > > > I set these options to 1, though not at boot time, does that matter? > > net.link.ether.bridge.ipfw: 1 > net.link.ether.bridge.enable: 1 > net.link.ether.bridge.config: em1,bge0 > net.link.ether.bridge_ipfw: 1 > net.link.ether.bridge_cfg: em1,bge0 > net.link.ether.ipfw: 1 > net.inet.ip.fw.enable: 1 > net.inet.ip.fw.one_pass: 1 > net.inet.ip.fw.debug: 1 > net.inet.ip.fw.verbose: 1 > net.inet.ip.fw.verbose_limit: 10000 > > > At this point I can ping through the bridge. I can take the bridge down > and see the pings stop, bring it back up and see them continue, so I know > the packets go through it. > > I then do > > ipfw add pipe 1 ip from any to any > ipfw pipe config 1 delay 5000ms > > The pings do not slow down at all. > > Any suggestions for what I'm doing wrong? > > Thanks > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" > From owner-freebsd-ipfw@FreeBSD.ORG Fri Sep 22 15:30:25 2006 Return-Path: X-Original-To: freebsd-ipfw@freebsd.org Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B66B916A412 for ; Fri, 22 Sep 2006 15:30:25 +0000 (UTC) (envelope-from mrutman@widevine.com) Received: from seamail003.widevine.com (seamail003.widevine.com [67.105.198.43]) by mx1.FreeBSD.org (Postfix) with ESMTP id 249E543D45 for ; Fri, 22 Sep 2006 15:30:18 +0000 (GMT) (envelope-from mrutman@widevine.com) Received: from seamail002.widevine.com (seamail002.widevine.com [10.200.10.15]) by seamail003.widevine.com (8.13.4/8.13.4) with ESMTP id k8MFUIqS021516; Fri, 22 Sep 2006 08:30:18 -0700 (PDT) Received: from [10.100.2.133] ([10.100.254.2]) by seamail002.widevine.com with Microsoft SMTPSVC(5.0.2195.6713); Fri, 22 Sep 2006 08:30:17 -0700 Mime-Version: 1.0 Message-Id: In-Reply-To: References: Date: Fri, 22 Sep 2006 11:30:09 -0400 To: , From: Michael Rutman X-OriginalArrivalTime: 22 Sep 2006 15:30:17.0370 (UTC) FILETIME=[01B5FFA0:01C6DE5C] X-SMTP-Vilter-Version: 1.1.9 X-SMTP-Vilter-Virus-Backend: clamd X-SMTP-Vilter-Status: clean X-SMTP-Vilter-clamd-Virus-Status: clean X-SMTP-Vilter-Unwanted-Backend: attachment X-SMTP-Vilter-attachment-Unwanted-Status: clean Content-Type: text/plain; charset="us-ascii" X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Subject: Re: DummyNet in Bridge mode help X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Sep 2006 15:30:25 -0000 Thanks. Not sure why these 3 commands work where my 2 did not. I guess the queue is what matters. Whatever it was it now works. Much appreciated. At 8:32 AM -0700 9/22/06, wrote: >Hi, > >pipe 2 config delay 5000ms >queue 100 config pipe 2 weight 100 >add 2 queue 100 icmp from any to any > >The above rules work like a charm. > >Below is the ping after the pipe. I have changed the ip address > >#ping XXX.XX.XX.XX >64 bytes from XXX.XX.XX.XX: icmp_seq=88 ttl=48 time=5138.269 ms >64 bytes from XXX.XX.XX.XX: icmp_seq=89 ttl=48 time=5150.124 ms >64 bytes from XXX.XX.XX.XX: icmp_seq=90 ttl=48 time=5163.875 ms >64 bytes from XXX.XX.XX.XX: icmp_seq=91 ttl=48 time=5149.844 ms >64 bytes from XXX.XX.XX.XX: icmp_seq=97 ttl=48 time=202.380 ms >64 bytes from XXX.XX.XX.XX: icmp_seq=98 ttl=48 time=275.423 ms >64 bytes from XXX.XX.XX.XX: icmp_seq=99 ttl=48 time=156.222 ms > >I removed the pipe after the 4th ping and it came back to the normal. > >-Sunil Sunder Raj >http://daemon.in > >----- Original Message ----- >From: "Michael Rutman" >To: >Sent: Thursday, September 21, 2006 11:56 PM >Subject: DummyNet in Bridge mode help > > >> >> I am unable to get dummynet to do anything for me >> >> I am using FreeBSD 6.1. >> >> I recompiled the kernel to add these options: >> >> options IPFIREWALL >> options IPFIREWALL_VERBOSE >> options IPFIREWALL_VERBOSE_LIMIT >> options DUMMYNET >> options HZ=1000 >> options NMBCLUSTERS=65535 >> options BRIDGE >> options IPFIREWALL_DEFAULT_TO_ACCEPT >> >> >> I set these options to 1, though not at boot time, does that matter? >> >> net.link.ether.bridge.ipfw: 1 >> net.link.ether.bridge.enable: 1 >> net.link.ether.bridge.config: em1,bge0 >> net.link.ether.bridge_ipfw: 1 >> net.link.ether.bridge_cfg: em1,bge0 >> net.link.ether.ipfw: 1 >> net.inet.ip.fw.enable: 1 >> net.inet.ip.fw.one_pass: 1 >> net.inet.ip.fw.debug: 1 >> net.inet.ip.fw.verbose: 1 >> net.inet.ip.fw.verbose_limit: 10000 >> >> >> At this point I can ping through the bridge. I can take the bridge down >> and see the pings stop, bring it back up and see them continue, so I know >> the packets go through it. >> >> I then do >> >> ipfw add pipe 1 ip from any to any >> ipfw pipe config 1 delay 5000ms >> >> The pings do not slow down at all. >> >> Any suggestions for what I'm doing wrong? >> >> Thanks >> _______________________________________________ >> freebsd-ipfw@freebsd.org mailing list >> >>http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw >> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" >> From owner-freebsd-ipfw@FreeBSD.ORG Sat Sep 23 09:16:56 2006 Return-Path: X-Original-To: ipfw@freebsd.org Delivered-To: freebsd-ipfw@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9BE3E16A565 for ; Sat, 23 Sep 2006 09:16:56 +0000 (UTC) (envelope-from ndtikihit@est.it) Received: from est.it (cjm79.neoplus.adsl.tpnet.pl [83.31.62.79]) by mx1.FreeBSD.org (Postfix) with SMTP id 2884A43D55 for ; Sat, 23 Sep 2006 09:16:54 +0000 (GMT) (envelope-from ndtikihit@est.it) Date: Sat, 23 Sep 2006 11:16:54 +0100 From: "Corina dean" To: Message-Id: <3090470748.SdqdfatmyKL-86729-210578@est.it> MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit Cc: Subject: In motion for New and just in X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Sep 2006 09:16:56 -0000 Company- A L L I A N C E E N T E R P R I S E Symbol - A E T R (Pink Sheets) C u r r e n t P r i c e: $ 0.48 Estimated Target - $ 2.00 + S T R O N G B U Y AE TR is undergoing a massive promotion and NOW is the time to get in. Add this Gem to your Watch list. Watch it Start a run monday About A L L I A N C E E N T E R P R I S E (.TaeCorp.) TaeCorp's vision is to be the recognized leader in providing Aerial Detection Systems including global de-mining, clearing a path to a safer planet for all humankind. TaeCorp's mission is to reclaim lands around the globe embedded with landmines that victimize countries and their stakeholders. N E W S TaeCorp Appoints TAM Oilfield Services as Representative in Sudan The A L L I A N C E E N T E R P R I S E Corporation ("TaeCorp") (AETR - News) is pleased to announce that it has appointed TAM Oilfield Services ("TAM"), of Khartoum, the capital of Sudan, as its representative to introduce and establish business relationships with oil and related companies interested in TaeCorp's unique landmine detection, location, mapping and removal systems and services. TAM Oilfield Services, established in 2001 under the laws and regulations of the Sudan government, has forged strong relationships with the leading petroleum companies that operate in the Sudan. "TAM's experience in the petroleum field, both with government and operating companies, will allow TaeCorp to 0ffer its services more efficiently and effectively and we are very pleased to have TAM join our team," says Ralph Proceviat, CFO of TaeCorp. Read more A C T N O W on this great news and get in before the move starts. You can't teach an old dog new tricks. Weed 'um and reap. Water it down. Seed money. Putting the cart before the horse. Sturdy as an oak. Stuck in a rut. Welcome to my garden. To gild refined gold, to paint the lily. The scythe ran into a stone. Sick as a dog. To gild refined gold, to paint the lily. Plant kindness and gather love. Your name is mud. Stop and smell the roses.