From owner-freebsd-rc@FreeBSD.ORG Mon Apr 9 11:10:49 2007 Return-Path: X-Original-To: freebsd-rc@FreeBSD.org Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C837216A406 for ; Mon, 9 Apr 2007 11:10:49 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [69.147.83.40]) by mx1.freebsd.org (Postfix) with ESMTP id AD9BC13C4D0 for ; Mon, 9 Apr 2007 11:10:49 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (linimon@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id l39BAn1E061049 for ; Mon, 9 Apr 2007 11:10:49 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id l39BAkSJ060779 for freebsd-rc@FreeBSD.org; Mon, 9 Apr 2007 11:10:46 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 9 Apr 2007 11:10:46 GMT Message-Id: <200704091110.l39BAkSJ060779@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: linimon set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-rc@FreeBSD.org Cc: Subject: Current problem reports assigned to you X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Apr 2007 11:10:50 -0000 Current FreeBSD problem reports Critical problems Serious problems S Tracker Resp. Description -------------------------------------------------------------------------------- o conf/48881 rc [PATCH] The influence of /etc/start_ifname on /etc/rc. o conf/98758 rc [patch] Templatize 'jail_fstab' in /etc/rc.d/jail o conf/98846 rc [patch] Templatize 'jail_rootdir' in /etc/rc.d/jail o conf/105689 rc syslogd starts too late at boot o conf/107155 rc /etc/rc.d/ppp-user does not bring up pppoe at boot o conf/107316 rc [rc.d]: [base] [rpc.lockd] nfslocking restart does not o conf/107364 rc pf fails to start on bootup after system update from F 7 problems total. Non-critical problems S Tracker Resp. Description -------------------------------------------------------------------------------- o conf/45226 rc Fix for rc.network, ppp-user annoyance o conf/48870 rc [PATCH] rc.network: allow to cancel interface status d o conf/58939 rc [patch] dumb little hack for /etc/rc.firewall{,6} o conf/73677 rc [patch] add support for powernow states to power_profi o conf/74817 rc [patch] network.subr: fixed automatic configuration of o conf/77663 rc Suggestion: add /etc/rc.d/addnetswap after addcritremo o conf/78906 rc [patch] Allow mixer_enable="NO" in rc.conf o conf/79196 rc [PATCH] configurable dummynet loading from /etc/rc.co o kern/81006 rc ipnat not working with tunnel interfaces on startup o conf/85363 rc syntax error in /etc/rc.d/devfs o conf/85819 rc [patch] script allowing multiuser mode in spite of fsc o conf/88913 rc [patch] wrapper support for rc.subr o conf/89061 rc [patch] IPv6 6to4 auto-configuration enhancement o conf/89870 rc [patch] feature request to make netif verbose rc.conf o conf/92523 rc [patch] allow rc scripts to kill process after a timeo o conf/93815 rc [patch] Adds in the ability to save ipfw rules to rc.d o conf/95162 rc [patch] Missing feature in rc.subr o conf/96343 rc [patch] rc.d order change to start inet6 before pf o conf/99444 rc [patch] Enhancement: rc.subr could easily support star o conf/99595 rc [PATCH] /etc/rc.d/dhclient doesn't interact well with o conf/99721 rc [patch] /etc/rc.initdiskless problem copy dotfile in s o conf/102700 rc [PATCH] Add encrypted /tmp support to GELI/GBDE rc.d s o conf/102722 rc kerberos5 server startupscript should use --detach o conf/102913 rc /etc/rc.d/named killall in jailed OS o conf/103486 rc [rc.d][patch][chroot named] rc.d/jail: mount fstab aft o conf/103489 rc [rc.d] [patch] named_chroot_autoupdate doesn't work in o conf/103976 rc rc.d/named restart failure o conf/104549 rc [patch] rc.d/nfsd needs special _find_processes functi o conf/105145 rc [PATCH] add redial function to rc.d/ppp o conf/105568 rc [patch] Add more flexibility to rc.conf, to choose "_e o conf/106009 rc [patch] Fix pppoed startup script to process multiply o conf/106873 rc [patch] rc.d/nfslocking does not properly restart 32 problems total. From owner-freebsd-rc@FreeBSD.ORG Tue Apr 10 13:38:50 2007 Return-Path: X-Original-To: freebsd-rc@freebsd.org Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 93D8216A404 for ; Tue, 10 Apr 2007 13:38:50 +0000 (UTC) (envelope-from keramida@freebsd.org) Received: from igloo.linux.gr (igloo.linux.gr [62.1.205.36]) by mx1.freebsd.org (Postfix) with ESMTP id 12AE113C4B8 for ; Tue, 10 Apr 2007 13:38:49 +0000 (UTC) (envelope-from keramida@freebsd.org) Received: from kobe.laptop (host5.bedc.ondsl.gr [62.103.39.229]) (authenticated bits=128) by igloo.linux.gr (8.13.8/8.13.8/Debian-3) with ESMTP id l3ADReU6025767 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Tue, 10 Apr 2007 16:27:50 +0300 Received: from kobe.laptop (kobe.laptop [127.0.0.1]) by kobe.laptop (8.13.8/8.13.8) with ESMTP id l3ADRLrI006862 for ; Tue, 10 Apr 2007 16:27:32 +0300 (EEST) (envelope-from keramida@freebsd.org) Received: (from keramida@localhost) by kobe.laptop (8.13.8/8.13.8/Submit) id l3ADRL0x006861 for freebsd-rc@freebsd.org; Tue, 10 Apr 2007 16:27:21 +0300 (EEST) (envelope-from keramida@freebsd.org) Date: Tue, 10 Apr 2007 16:27:20 +0300 From: Giorgos Keramidas To: freebsd-rc@freebsd.org Message-ID: <20070410132720.GA6832@kobe.laptop> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Hellug-MailScanner: Found to be clean X-Hellug-MailScanner-SpamCheck: not spam, SpamAssassin (not cached, score=-3.79, required 5, autolearn=not spam, ALL_TRUSTED -1.80, AWL 0.61, BAYES_00 -2.60) X-Hellug-MailScanner-From: keramida@freebsd.org X-Spam-Status: No Subject: [REVIEW] conf/111225 bug fix X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Apr 2007 13:38:50 -0000 Hi all, Does the following patch look like a good fix for bug conf/111225? %%% diff --git a/etc/defaults/rc.conf b/etc/defaults/rc.conf --- a/etc/defaults/rc.conf +++ b/etc/defaults/rc.conf @@ -151,6 +151,7 @@ pflog_flags="" # additional flags for pflog_flags="" # additional flags for pflogd pfsync_enable="NO" # Expose pf state to other hosts for syncing pfsync_syncdev="" # Interface for pfsync to work through +pfsync_syncpeer="" # IP address of pfsync peer host pfsync_ifconfig="" # Additional options to ifconfig(8) for pfsync tcp_extensions="YES" # Set to NO to turn off RFC1323 extensions. log_in_vain="0" # >=1 to log connects to ports w/o listeners. diff --git a/etc/rc.d/pfsync b/etc/rc.d/pfsync --- a/etc/rc.d/pfsync +++ b/etc/rc.d/pfsync @@ -36,8 +36,13 @@ pfsync_prestart() pfsync_start() { + local _syncpeer + echo "Enabling pfsync." - ifconfig pfsync0 syncdev $pfsync_syncdev $pfsync_ifconfig up + if [ -n "${pfsync_syncpeer}" ]; then + _syncpeer="syncpeer ${pfsync_syncpeer}" + fi + ifconfig pfsync0 $_syncpeer syncdev $pfsync_syncdev $pfsync_ifconfig up } pfsync_stop() diff --git a/share/man/man5/rc.conf.5 b/share/man/man5/rc.conf.5 --- a/share/man/man5/rc.conf.5 +++ b/share/man/man5/rc.conf.5 @@ -855,6 +855,26 @@ It must be set accordingly if .Va pfsync_enable is set to .Dq Li YES . +.It Va pfsync_syncpeer +.Pq Vt str +Empty by default. +This variable is optional. +By default, state change messages are sent out on the synchronisation +interface using IP multicast packets. +The protocol is IP protocol 240, PFSYNC, and the multicast group used is +224.0.0.240. +When a peer address is specified using the +.Va pfsync_syncpeer +option, the peer address is used as a destination for the pfsync +traffic, and the traffic can then be protected using +.Xr ipsec 4 . +See the +.Xr pfsync 4 +manpage for more details about using +.Xr ipsec 4 +with +.Xr pfsync 4 +interfaces. .It Va pfsync_ifconfig .Pq Vt str Empty by default. %%% Giorgos Keramidas FreeBSD: The Power to Serve keramida@FreeBSD.org http://www.FreeBSD.org/ From owner-freebsd-rc@FreeBSD.ORG Tue Apr 10 14:12:48 2007 Return-Path: X-Original-To: freebsd-rc@freebsd.org Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id EC1D216A402; Tue, 10 Apr 2007 14:12:48 +0000 (UTC) (envelope-from mtm@FreeBSD.Org) Received: from mx1.ethionet.et (mx1.ethionet.et [213.55.64.53]) by mx1.freebsd.org (Postfix) with ESMTP id 6008913C458; Tue, 10 Apr 2007 14:12:48 +0000 (UTC) (envelope-from mtm@FreeBSD.Org) Received: from mx1.ethionet.et (localhost [127.0.0.1]) by localhost.ethionet.et (Postfix) with ESMTP id 500EE5219; Tue, 10 Apr 2007 17:09:03 +0300 (EAT) Received: from rogue.navcom.lan (unknown [213.55.64.98])by mx1.ethionet.et ( Postfix) with SMTP id DFD9051D6;Tue, 10 Apr 2007 17:09:02 +0300 (EAT) Received: by rogue.navcom.lan (Postfix, from userid 1001)id 09E411701D; Tue, 10 Apr 2007 17:15:34 +0300 (EAT) Date: Tue, 10 Apr 2007 17:15:33 +0300 From: Mike Makonnen To: Giorgos Keramidas Message-ID: <20070410141533.GA1872@rogue.navcom.lan> References: <20070410132720.GA6832@kobe.laptop> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20070410132720.GA6832@kobe.laptop> User-Agent: Mutt/1.4.2.2i X-Operating-System: FreeBSD/7.0-CURRENT (i386) X-imss-version: 2.46 X-imss-result: Passed X-imss-scores: Clean:99.90000 C:2 M:3 S:5 R:5 X-imss-settings: Baseline:4 C:3 M:3 S:4 R:3 (1.0000 1.0000) Cc: freebsd-rc@freebsd.org Subject: Re: [REVIEW] conf/111225 bug fix X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Apr 2007 14:12:49 -0000 On Tue, Apr 10, 2007 at 04:27:20PM +0300, Giorgos Keramidas wrote: > Hi all, > Does the following patch look like a good fix for bug conf/111225? > I can't comment on its correctness as relates to pf(4), but as far as rc.d is concerned it's ok. Cheers. -- Mike Makonnen | GPG-KEY: http://people.freebsd.org/~mtm/mtm.asc mmakonnen @ gmail.com | AC7B 5672 2D11 F4D0 EBF8 5279 5359 2B82 7CD4 1F55 mtm @ FreeBSD.Org | FreeBSD - http://www.freebsd.org From owner-freebsd-rc@FreeBSD.ORG Tue Apr 10 14:18:52 2007 Return-Path: X-Original-To: freebsd-rc@freebsd.org Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id EAFC516A401; Tue, 10 Apr 2007 14:18:52 +0000 (UTC) (envelope-from keramida@freebsd.org) Received: from igloo.linux.gr (igloo.linux.gr [62.1.205.36]) by mx1.freebsd.org (Postfix) with ESMTP id 505A213C469; Tue, 10 Apr 2007 14:18:52 +0000 (UTC) (envelope-from keramida@freebsd.org) Received: from kobe.laptop (host5.bedc.ondsl.gr [62.103.39.229]) (authenticated bits=128) by igloo.linux.gr (8.13.8/8.13.8/Debian-3) with ESMTP id l3AEIPIM029267 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 10 Apr 2007 17:18:31 +0300 Received: from kobe.laptop (kobe.laptop [127.0.0.1]) by kobe.laptop (8.13.8/8.13.8) with ESMTP id l3AEI63m007372; Tue, 10 Apr 2007 17:18:17 +0300 (EEST) (envelope-from keramida@freebsd.org) Received: (from keramida@localhost) by kobe.laptop (8.13.8/8.13.8/Submit) id l3AEI6s9007371; Tue, 10 Apr 2007 17:18:06 +0300 (EEST) (envelope-from keramida@freebsd.org) Date: Tue, 10 Apr 2007 17:18:06 +0300 From: Giorgos Keramidas To: Mike Makonnen Message-ID: <20070410141805.GA7341@kobe.laptop> References: <20070410132720.GA6832@kobe.laptop> <20070410141533.GA1872@rogue.navcom.lan> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20070410141533.GA1872@rogue.navcom.lan> X-Hellug-MailScanner: Found to be clean X-Hellug-MailScanner-SpamCheck: not spam, SpamAssassin (not cached, score=-3.792, required 5, autolearn=not spam, ALL_TRUSTED -1.80, AWL 0.61, BAYES_00 -2.60) X-Hellug-MailScanner-From: keramida@freebsd.org X-Spam-Status: No Cc: freebsd-rc@freebsd.org Subject: Re: [REVIEW] conf/111225 bug fix X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Apr 2007 14:18:53 -0000 On 2007-04-10 17:15, Mike Makonnen wrote: > On Tue, Apr 10, 2007 at 04:27:20PM +0300, Giorgos Keramidas wrote: > > Hi all, > > Does the following patch look like a good fix for bug conf/111225? > > > > I can't comment on its correctness as relates to pf(4), but as far > as rc.d is concerned it's ok. Thanks :) I'll ask Max Laier about the pf side of things, and then commit if he approves too.