, Sep 29, 2023 at 06:38 John McCue wrote:
> On Mon, Sep 11, 2023 at 10:51:55AM -0500, Luke Small wrote:
> >
> >I attached ???.xscreensaver??? I had to change the file type to send it.
>
> I ended up installing xscreensaver-6.05.1 via pkg_add(1) and
> xscreensaver-demo and
This is incredibly frustrating and has remained a problem throughout
upgrades! Do I rebuild xenocara?
Anyone know how to fix this? xscreensaver-settings crashes:
"
$ xscreensaver-settings
xscreensaver-settings: 13:47:37: X error:
xscreensaver-settings: Failed request: BadMatch (invalid
Maybe Linux-drm messed it up?
On Fri, Nov 11, 2022 at 10:35 AM Luke Small wrote:
> xscreensaver-settings crashes in OpenBSD 7.2
>
> Graphics card shows as radeon 7450 in the dmesg,
> "radeondrm0 at pci3 dev 0 function 0 "ATI Radeon HD 7450" rev 0x00",
> but
xscreensaver-settings crashes in OpenBSD 7.2
Graphics card shows as radeon 7450 in the dmesg,
"radeondrm0 at pci3 dev 0 function 0 "ATI Radeon HD 7450" rev 0x00",
but it is a radeon hd 6450 exactly like this one:
https://www.amazon.com/MSI-Profile-PCI-Express-R6450-MD1GD3-LP/dp/B004X6ABTM
the
So if it’s a potential vulnerability for the kernel to be linked the same
without KARL (I presume because if the source code is known and ASLR and
PIE can potentially be randomly overcome) then can there be a KARL type
extension for cc/c++ ?--
-Luke
Boise mirror certificate expired : Boise, ID, USA :
mirrors.syringanetworks.net
mirrors@ didn't quite seem like it was being used.
-Luke
I recall tedu@ saying my that there was no reason for there to be multiple
kqueues in a program. Well I beg to differ.
I have a program with 3 kqueues because I want three distinct priorities on
each worker process.
The parent program initializes and fork()s a process that listens and
passes
percentage numbers.
On Sun, Jan 2, 2022 at 11:43 AM Crystal Kolipe
wrote:
> On Sun, Jan 02, 2022 at 11:09:40AM -0600, Luke Small wrote:
> > And if there was a super busy disk program running which would make a 2x3
> > RAID10 array of 15000 RPM disks busy running on OpenBSD, I pre
It’s a 2U Supermicro pizza box server with a low profile Radeon
graphics card. It’s always attached to a 32 inch monitor, a keyboard,
mouse, KVM and I program on it, but it does a lot of server stuff. I doubt
most people would call a pizza box a workstation no matter what you put on
it.
And if
wsdisplay0 at radeondrm0 mux 1: console (std, vt100 emulation), using wskbd0
wsdisplay0: screen 1-5 added (std, vt100 emulation)
On Sat, Jan 1, 2022 at 4:22 AM Crystal Kolipe
wrote:
> On Sat, Jan 01, 2022 at 12:01:28AM -0600, Luke Small wrote:
> > The lights on my server which shows that th
The lights on my server which shows that the disks are busy were on and not
just flashing and I looked at top and usually it’s because security is
running, but this time NOTHING! I even killed Firefox and by far the
busiest thing on there was top! pftop didn’t seem especially busy either!--
-Luke
I have a Ethernet westmere-ep Supermicro server I use for a local dns
server which I have local devices vpn connected into.
I started with em0 and I finagled a Google router/modem to give me back the
same local reserved address for em3 for the new Intel i350-t2 card.
I was watching “tcpdump
I reserved a new address for the new I350-T2 card and replaced unbound.conf
and all uses of it in /etc.
“tcpdump -aetvvipflog0” still returns the old reserved address!
What do I do?
--
-Luke
I reserved a new address for the new I350-T2 card and replaced unbound.conf
and all uses of it in /etc.
“tcpdump -aetvvipflog0” still returns the old reserved address!
What do I do?
--
-Luke
On Thu, Nov 25, 2021 at 5:17 AM Claudio Jeker
wrote:
> On Thu, Nov 25, 2021 at 04:55:23AM -0600, Luke Small wrote:
> > I ran ktrace. Kdump said the last thing it did was try to load
> > /usr/libexec/ld.so
> >
> > To main(), before the unveil pledge is dropped, I added:
ly created program, which hasn’t set new pledge execpromises,
it won’t successfully run ftp(1) because it wasn’t granted the inet
execpromise.
execpromises seems to have carried over!
On Thu, Nov 25, 2021 at 2:24 AM Sebastien Marie wrote:
> On Thu, Nov 25, 2021 at 01:52:31AM -0600,
ame program? Is it trying to read another file
which unveil is still affecting?
>>
>> Luke Small wrote:
>>
>> > I have a program which runs fork() a couple times with pledges: “stdio
>> > cpath wpath” for writing to disk and “stdio dns” for a d
ant people on the internet to help
> you debug what you have done wrong in this secret program.
>
> You obviously don't know what you are doing, and I think you don't
> deserve help.
>
>
> Luke Small wrote:
>
> > I have a program which runs fork() a couple times wit
This a command-line program is used to make manually choosing a responsive
mirror or automatically writing the most responsive OpenBSD mirror to
/etc/installurl very easy.
On Wed, Nov 24, 2021 at 11:50 AM Luke Small wrote:
> I tried calling pledge with a non-NULL execpromise and noti
I tried calling pledge with a non-NULL execpromise and noticed that it was
killed. That’d be convenient if that behavior was noted in the man page!--
-Luke
https://bugs.llvm.org/show_bug.cgi?id=50026
I reported it to the llvm people. it is two slightly different quicksort
algorithms which perform radically differently. The one which you could
assume would take more time, performs MUCH better.
I made a custom quicksort algorithm which outperforms
I have a cheap 6450 radeon graphics card with unsupported audio and an
Audigy FX
I hoped Audigy card would work on the emu(4) driver, but doesn't seem to.
I turned on sysctl kern.audio.record=1
Any thoughts?
dmesg:
...
azalia0 at pci3 dev 0 function 1 "ATI Radeon HD 6400 Audio" rev 0x00: msi
I’ve discovered that C source code only seems to be able to be profiled by
gprof profiled with gcc (or egcc from gcc package) and with the “-static”
flag to static link the program. But statically linked code which uses lmdb
with lmdb.a from the lmdb package will throw compile-time errors. Is
I got it working. I have a pretty hefty amount of vether0 and
vether0:network in my pf.conf that I changed to vport0 and vport0:network.
That fixed every single thing!
I somehow completely forgot about all the vether0 pf rules which isolates
the the various local systems so VMs are isolated from
There seems to be ZERO examples of using veb/vport vs bridge/vether. I am
running 6.9 now and I substituted the bridge0 usage in vm.conf and I copied
the hostname.vether0 into hostname.vport0 and hostname.bridge0 uses vether0
so I used vport0 in hostname.veb0 . I used ifconfig … down for bridge0
ect "disk" and type in the location of the mount
> On Sun May 2, 2021 at 12:34 PM CST, Luke Small wrote:
> > There has to be a valid partition to install it to. When I have an
> > encrypted drive, that doesn’t exist using usb…chudazoid.
> >
> > On Sun, May 2, 2021 at 1:
That change to undo the “supersede” command to look at the local unbound
server in dhclient.conf fixed it.
Downloading 6.9 release as we speak.
On Sun, May 2, 2021 at 1:34 PM Luke Small wrote:
> There has to be a valid partition to install it to. When I have an
> encrypted drive, that d
ur file location
>
> On Sat May 1, 2021 at 7:37 PM CST, Luke Small wrote:
> > I would do that, but I’ll have to figure out how to manually mount my
> > encrypted partition, which sysupgrade and bsd.rd takes care if for me
> > automatically.
> >
> > On Sat, Ma
"disk" at the prompt. once you go current you can't go back, and its
> very clearly said in the FAQ as ashton said
>
> On Sat May 1, 2021 at 6:25 PM CST, Luke Small wrote:
> > I tried that by the way. I even mv’ed my pf.conf to nullify it and
> > tried
> > and it coul
aks to this matter.
>
> Noone else has anything more to say.
>
> Please stop begging for personal handholding, everyone is getting
> embarrassed.
>
>
>
> Luke Small wrote:
>
> > I tried that by the way. I even mv’ed my pf.conf to nullify it and tried
> > and it co
enough.
On Sat, May 1, 2021 at 5:26 PM jpeg bild wrote:
> If you want to move back to stable, you would have to boot bsd.rd and
> select "Upgrade" in the prompt, then install from http with the correct
> path for 6.9-stable
>
> On Fri Apr 30, 2021 at 9:49 PM CST, Lu
an iso) to make that change?
On Fri, Apr 30, 2021 at 11:01 PM Theo de Raadt wrote:
> Luke Small wrote:
>
> > We’re there major irreversible changes made to the following snapshot:
> >
> > kern.version=OpenBSD 6.9-current (GENERIC.MP) #479: Mon Apr 26 02:26:53
> MDT
&
We’re there major irreversible changes made to the following snapshot:
kern.version=OpenBSD 6.9-current (GENERIC.MP) #479: Mon Apr 26 02:26:53 MDT
2021
which would render in incapable of a downgrade?
--
-Luke
I make unbound connect to dnscrypt-proxy and after an update, it’ll just
sit there for what seems like 2 minutes while fw_update inevitably fails
before turning on dnscrypt-proxy. I’ve been running snapshots and that’s
really dumb. Or is there a way to have unbound connect to a failover server
Thanks! I just made it run at opacity .55 and I LOVE IT! Thanks!
On Mon, Feb 15, 2021 at 11:25 PM Thomas Frohwein
wrote:
> On Mon, Feb 15, 2021 at 05:03:55PM -0600, Luke Small wrote:
> > I'm running fvwm window manager and I just switched to -current. Roxterm
> is
> > totall
I'm running fvwm window manager and I just switched to -current. Roxterm is
totally messed up, won't do transparent background and I tried
xfce4-terminal and it says it won't do transparent backgrounds because
compositing is disabled Sure first-world problems, but I REALLY want
fvwm to do
Is there a way for a hook(?) for snort to read plaintext https sessions in
OpenBSD’s httpd?! That’d be SUPER SWEET!--
-Luke
...
Change:
match out on egress from (wg0:network) to any nat-to (egress:0)
To:
match on egress from (wg0:network) to any nat-to (egress:0) tag “wireguard”
pass tagged “wireguard” keep state
--
-Luke
I’m applying for federal grant which will hopefully start about March or
April and I’m looking for somebody who can work on OpenBSD and in C
(perhaps with a touch of python) to do the server side of an extraordinary
dating app which will be able to prove STD uninfectiousness!
--
-Luke
fullscreen iridium browser often stops letting me scroll to another fvwm
virtual desktop, but I never have that problem with firefox! Whats the
deal? On iridium, I either have to click on the browser window border or I
have to unmaximize the browser window to leave space between the browser
window
Are you clinging to traditions for some purpose? I gave two different
versions. strlcpy3 is clearly more easily understood and even slightly
faster and strlcpy4 which sets up the following workhorse lines which
through timing the functions is hands down faster on my Xeon chips:
strlcpy4:
while
I suppose this strlcpy4 without a goto is more elegant
-Luke
On Tue, Jun 30, 2020 at 10:07 PM Luke Small wrote:
> I made it SUPER easy to test my assertion. The code is there. No
> configuration needed.
>
> On Tue, Jun 30, 2020 at 9:59 PM Theo de Raadt wrote:
>
>&
I made a couple different versions if anybody is interested!
-Luke
#include
#include
#include
#include
#include
#include
/* cc strlcpy_test.c -pipe -O2 -o strlcpy_test && ./strlcpy_testfast */
/*
* Copy string src to buffer dst of size dsize. At most dsize-1
* chars will be copied.
strlcpy is:
size_t
strlcpy(char *dst, const char *src, size_t dsize)
{
const char *osrc = src;
size_t nleft = dsize;
/* Copy as many bytes as will fit. */
if (nleft != 0) {
while (--nleft != 0) {
if ((*dst++ = *src++) == '\0')
break;
}
}
/* Not enough room in dst, add NUL
if you have access to packages, you could "pkg_add pv"
and:
"dd if=/dev/random | pv | dd of=/dev/rsdXc bs=1m"
It will show you in real time how much random
data has been written to disk.
-Luke
On Wed, Jun 10, 2020 at 11:43 AM Luke Small wrote:
> I mean: "
You can use unveil() on both a symbolic link and the value recovered by
putting it in realpath(3)! I used it in what I submitted for unveiling
ftp(1)
--
-Luke
I made symbolic links “ln -s /etc/ssl/cert.pem ”. I used the
realpath command and it worked in the software I submitted.
On Thu, Jun 4, 2020 at 11:06 AM Theo de Raadt wrote:
> No.
>
> I'm guessing you don't understand symbolic links.
>
> Look, this is a waste of time.
>
>
In the case of 1 URLs couldn’t you at least merely unveil “./“ as “cw”;
make any specified cafile/capath including shortcut resolution as “r”
(perhaps with the shell “x”) so that at worst, current directory files
could be overwritten, but not read?
On Wed, Jun 3, 2020 at 10:39 AM Theo de
there was tiny error I created.
-Luke
On Wed, Jun 3, 2020 at 2:24 PM Luke Small wrote:
> There! It doesn't use an unveil list. It has 2 dry runs as proposed.
> It could just have a dry run to see if it goes into interactive mode
> and then unveil as we go! but I like to see all t
There! It doesn't use an unveil list. It has 2 dry runs as proposed.
It could just have a dry run to see if it goes into interactive mode
and then unveil as we go! but I like to see all the unveil calls before
the ftp output statements myself!
-Luke
On Wed, Jun 3, 2020 at 11:30 AM Luke Small
Or you could have 2 dry runs. One to merely see that it won't head into
interactive mode
and a second one to start the unveiling directly in fetch.c. Unless unveil
itself will
have too many entries!
-Luke
On Wed, Jun 3, 2020 at 11:12 AM Luke Small wrote:
> I figure if it took up that m
I figure if it took up that much stack space from before, it'd start
needing to
dang near run the stack into on-disk virtual memory anyway. At that point,
it'd perhaps be a better design choice to break up your ftp calls into
slightly
smaller chunks to avoid massively poor performance, yeah? LOL
ean it is amusing, because this is never going to fly.
>
> This increase in complexity is completely unacceptable, what I see is
> completely amateurish, and I also see overflows, a lack of testing
> for edge conditions, and a lack of attention to how unveil works.
>
>
> Luke Sm
you for the laugh.
>
>
> Luke Small wrote:
>
> > I think I'm done tinkering. try these out in ftp folder. I left in some
> > fprintf(ttyout,...) in main.c
> > to show what is being unveiled. It resolves shortcuts in SSL_CAFILE
> > and SSL_PATH variables.
&
I think I'm done tinkering. try these out in ftp folder. I left in some
fprintf(ttyout,...) in main.c
to show what is being unveiled. It resolves shortcuts in SSL_CAFILE
and SSL_PATH variables.
It leaves in place the functionality of the original functions, but adds
the availability to perform
a
files below vs the originals since I last updated
the source files.
-Luke
On Tue, Jun 2, 2020 at 12:43 PM Kevin Chadwick wrote:
> On 2020-06-02 17:28, Luke Small wrote:
> > I don’t have experience doing diffs. Are there flags I should be using
> in diff
> > or should I do
I missed something.
-Luke
On Sat, May 30, 2020 at 2:53 PM Luke Small wrote:
> I’ll get to looking at ftp(1) more when I get some physical contact with
> my server. I’m quaranteaming with my girlfriend’s folks.
>
> I have a pkg_ping program (OpenBSD-specific, dns caching, l
May 29, 2020 at 8:50 AM Stuart Henderson
wrote:
> On 2020/05/29 08:30, Luke Small wrote:
> > You mention a lot of files that need to be read, but a program like
> pkg_add can make it the
> > _pkgfetch (57) user which has no directory and I’m guessing not in
> interactive mode. At t
You mention a lot of files that need to be read, but a program like pkg_add
can make it the _pkgfetch (57) user which has no directory and I’m guessing
not in interactive mode. At the very least, in noninteractive mode you
could unveil(“/“, “rx”); and change the specified output file discover the
unveil is nowhere to be found in the ftp program source code. There’s
probably another way to do it, but I wrote a program and searched all files
in /usr/src/usr.bin/ftp/ contain no mention of “unveil”, but It mentions
“pledge”
It could take 3 lines at line 389 in /usr/src/usr.bin/ftp/main.c:
if
I have need to call sysctl() in a C program to read
“sysctl kern.version”. Will there be a pledge() to prohibit further calls
to sysctl()? I’m kinda afraid that putting a sysctl call could conceivably
leave it vulnerable to calling it again in the case the mitigations fail
and sysctl() is run to
Yay!
-Luke
On Sun, Sep 8, 2019 at 8:07 PM David Gwynne wrote:
> I think I see the problem. We're going to try and test this locally and
> will hopefully have something committed in a few hours time.
>
> dlg
>
> > On 9 Sep 2019, at 10:33, Luke Small wrote:
> >
>
I have mfii too:
dmesg | grep mfii:
mfii0 at pci11 dev 0 function 0 "Symbios Logic MegaRAID SAS2208" rev 0x05:
msi
mfii0: "LSI MegaRAID SAS 9271-8i", firmware 23.28.0-0010, 1024MB cache
scsibus1 at mfii0: 64 targets
scsibus2 at mfii0: 256 targets
> On 8.9.2019.
is installed soon af...“
On Sun, Sep 8, 2019 at 11:19 AM Luke Small wrote:
> It doesn’t work for me on the
> ftp.hostserver.de/archive/2019-08-29-0105/amd64/
> bsd.rd!
>
> On Sun, Sep 8, 2019 at 10:50 AM Luke Small wrote:
>
>> Mine works on 8-27
>> --
>> -Luke
>>
> --
> -Luke
>
--
-Luke
It doesn’t work for me on the
ftp.hostserver.de/archive/2019-08-29-0105/amd64/
bsd.rd!
On Sun, Sep 8, 2019 at 10:50 AM Luke Small wrote:
> Mine works on 8-27
> --
> -Luke
>
--
-Luke
Mine works on 8-27
--
-Luke
Thanks, Somebody else directed me to it too! I got my server working
again!!!
-Luke
On Sat, Sep 7, 2019 at 3:52 AM Marcus MERIGHI wrote:
> Hello Luke,
>
> lukensm...@gmail.com (Luke Small), 2019.09.07 (Sat) 00:56 (CEST):
> > I need an old kernel image older than maybe a coup
I need an old kernel image older than maybe a couple weeks old. I have the
x8dth-6f motherboard and newer snapshots broke it. I made the mistake of
trying to downgrade to 6.5 and now I can boot my machine! I made a
not-bright decision.
--
-Luke
of a pledge command? It apparently knows if it is an increase in
permissions, can't it be set to only permit them?
On Thu, Aug 16, 2018 at 2:00 PM Luke Small wrote:
> Ok. Thanks.
> On Thu, Aug 16, 2018 at 1:59 PM Theo de Raadt wrote:
>
>> Luke Small wrote:
>> >
Ok. Thanks.
On Thu, Aug 16, 2018 at 1:59 PM Theo de Raadt wrote:
> Luke Small wrote:
> > Could you have a promise for unveil reductions only?
>
> That won't actually help much, and people will fall into some
> pretty significant traps.
>
> Sorry it would require a really long explanation.
>
Could you have a promise for unveil reductions only?
It doesn't natively support OpenBSD.
I have what I feel to be a profound idea that is in need of someone with a
strong resume. I have a patent. I want to use it to enable users to get
tested for sexually transmitted diseases, then use iris scanning
smartphones to compare their disease sets. There is a strong
epidemiological component
Cool!
On Sat, May 5, 2018 at 3:17 AM Andreas Kusalananda Kähäri <
andreas.kah...@icm.uu.se> wrote:
> On Fri, May 04, 2018 at 11:56:33PM +, Kapfhammer, Stefan wrote:
> >
> > You might want to parse /var/log/authlog and the logrotated
> authlog.[0-9].gz
> > for successful and unsuccessful
Can SSH and possibly other programs more easily able to report successful
connections so pf can make stricter bruteforce connection rejecting even
better?
What if you could set up a pf rule to:
overload an ip address into a table if they tried to access the wrong port
on an address and overload flush global immediately into a blocklist
(
max-src-states
0)!
or with max-src-conn-rate 2/60 when sshd behaves in such a manner as to
confirm that a
/Blind_return_oriented_programming seems to
state so. I dont fully trust wikipedia.
On Sat, Oct 14, 2017 at 3:06 AM Philip Guenther <guent...@gmail.com> wrote:
> On Sat, Oct 14, 2017 at 12:49 AM, Luke Small <lukensm...@gmail.com> wrote:
>
>> If that's true, then why has Theo been speaking of th
If that's true, then why has Theo been speaking of the brop problems, when
they begin with an incremental canary discovery that becomes all but
impossible to guess when it becomes a random 4 byte datum each time rather
than a datum that remains the same each restart?
Braille should already be
I am not versed in operating systems as well as you, but I would think that
stack and buffer canaries would differ from each execution.
Maybe more things should be randomized like the stack canaries. Is that a
new idea?
On Fri, Oct 13, 2017 at 11:34 PM Theo de Raadt wrote:
> > I read "hacking blind." Can you restart a daemon with another forked
> > process that's only job is to monitor a pipe or a
I read "hacking blind." Can you restart a daemon with another forked
process that's only job is to monitor a pipe or a waitpid()-like operation
and if the parent dies, it exec's to restart it, or even execs "rcctl
restart ntpd"
If the mitigations are successful at limiting execution to let's say,
Using the -m flag it still gets warnings from pulseaudio and redis that I
didn't use the -m flag
Is paths[] going to have permissions defined for each path?
Like:
char *paths[], int *mode, where mode is the same as in dbopen(3). Maybe so
you don't have to clean up previous pledge calls, any pledge calls with a
NULL paths argument doesn't have anything specified for mode. for
simplicity,
Is EV_DISPATCH somehow like EV_ONESHOT or EVDISABLE ? What is a use case?
If you have an open socket file descriptor with a EVEFILT_READ, does it
close the socket upon getting some data?
I don't run current.
pf rule execution says it listens as root, but it connects as the _unbound
user, when configured to run as _unbound. Why doesn't it listen, bind, etc.
as root, drop privileges and pledge away privilege escalation? Is it to
avoid more #ifdef hell? Or can you not listen to a privileged port if you
if I need to identify all
> the user accounts (to recreate them on a new system or something), I
> exclude uids under 1000 as a starting point.
>
>
> On Mon, May 8, 2017 at 4:51 AM, Marcus MERIGHI <mcmer-open...@tor.at>
> wrote:
>
>> and...@msu.edu (STeve Andre'),
Is there a way to determine all users on a system that the users command
doesn't seem to show? like _x11 and _ntpd
Four words Peter..."dynamic IP address". I'm sure that there are folks that
ssh into machines that are on a dynamic IP address that don't have a modem
on a power backup, or even possibly on an ISP that may down, possibly when
they are out of town. I don't know if it is possible or already done,
ready done, but
you could have a computer check into a target machine that often changes
the ip address or system while the firewall is locked down to only send
messages to that remote machine and if it is compromised, can't send it
anywhere else.
On Wed, May 3, 2017 at 3:16 PM Luke Small <lukensm
Is it worthwhile to set up a hook for pf to load rules that have URLs after
the network services that can resolve them come into effect?
As I recall, there is a build configuration of 80 users for some kernel
components. What happens if the system exceeds that number?
a
different user through pf (and when I get a more serious machine, possibly
through a unique interface). Most importantly, I need it for session cache
for multiple processes.
On Sat, Apr 29, 2017 at 10:02 AM Luke Small <lukensm...@gmail.com> wrote:
> I have a program that I believe needs ine
AM Reyk Floeter <r...@openbsd.org> wrote:
>
> > Am 26.04.2017 um 13:38 schrieb Luke Small <lukensm...@gmail.com>:
> >
> > Pledge will presumably have per process (including fork()ed process)
> **path
> > limitations on rpath rpath and wpath calls, why not
Pledge will presumably have per process (including fork()ed process) **path
limitations on rpath rpath and wpath calls, why not limitations on inet and
unix?
On Wed, Apr 26, 2017 at 6:26 AM Janne Johansson <icepic...@gmail.com> wrote:
> 2017-04-26 13:19 GMT+02:00 Luke Small <lukensm.
I'm not saying to alter pledge necessarily, maybe make new system call
like pledge. There aren't any per-process pf rules that are applied.
When a socket connects to a remote or local server and pf makes a
state, it has the originating randomized port. Pf rules can be made
that target those
Would it be a good idea to make a pledge like call that limits a process
from connecting to ports and/or hosts? Maybe it could be done in way that
the kernel is made aware of the limitations like in a pledge call and while
the process is alive, the kernel spawns pf rules based upon the socket
It looks like you will be limited to 4096 timers and to valid file
descriptors that don't exceed INT_MAX. My guess is that if you need more,
you could run another kqueue for more timers or different kevents on
identical file descriptors.
Otherwise, the man page says:
kevent() returns the number
I suspect that you will sooner run out of file descriptors. but I assume
that if it runs into a problem, kevent() will return -1 and it may be
unrecoverable. I suspect that it would first occur because the kernel is
being overutilized. The information that is being created, I suspect, is
being
nful
> and much more effective to rewrite from scratch. So what's the point of
> having that previous iteration?
>
> On 5 Apr 2017 at 13:10, Luke Small wrote:
>
> > I imagine there are some projects that need some love that are on the
> back
> > burner at the moment that
1 - 100 of 172 matches
Mail list logo