Klemens Nanni wrote:
> On Fri, Oct 05, 2018 at 11:53:08PM +0200, Klemens Nanni wrote:
> > While rules within the anchor do not match, the anchor itself does.
> > After all, it is a rule itself just like `pass' or `block', hence your
> > ruleset's second rule `anchor quick' matches every packet
lib/libfuse/fuse.c was using a EINTR return from kevent() to detect when
a signal had occurred, but in a multi-threaded process the signal may
not have been delivered to the thread blocking on kevent(). This changes
makes it so the signals are caught using EVFILT_SIGNAL filters so they
can be
On Fri, Oct 05, 2018 at 11:53:08PM +0200, Klemens Nanni wrote:
> While rules within the anchor do not match, the anchor itself does.
> After all, it is a rule itself just like `pass' or `block', hence your
> ruleset's second rule `anchor quick' matches every packet and therefore
> stops
On Fri, Oct 05, 2018 at 10:38:48PM +0200, Fabian Mueller-Knapp wrote:
> If i read man correctly it means "evaluate the rules inside and stop if
> any rule within matched".
While it's own description is quite clear and unambigious:
quick If a packet matches a rule which has the quick option
On 2018/10/05 18:38, Alexander Bluhm wrote:
> IPv6 Source selection is a mess!
>
> > ICMP6 messages
> > are generated with a source of, I think, the local address associated with
> > the route to the recipient,
>
> It is not that simple. Look at in6_ifawithscope() in sys/netinet6/in6.c.
I know
Hi,
it sometimes happens that a VM is stuck in a reboot loop. This isn't
very pleasent for vmd, so this diff attempts to introduce a hard
rate-limit: if the VM rebooted after less than VM_START_RATE_SEC (6)
seconds, increment a counter. If this happens VM_START_RATE_LIMIT (3)
times in a row,
On Wed, Oct 03, 2018 at 11:41:41PM -0700, Ori Bernstein wrote:
> diff --git usr.sbin/vmd/config.c usr.sbin/vmd/config.c
> index 550b73c1a39..68be738d304 100644
> --- usr.sbin/vmd/config.c
> +++ usr.sbin/vmd/config.c
> @@ -35,6 +35,7 @@
> #include
> #include
> #include
> +#include
>
>
Hello,
Sorry for the late reply. I just tested the fix with the latest snapshot
and think the behaviour is still not correct:
On 18-10-04 01:25:09, Klemens Nanni wrote:
> On Sat, Sep 29, 2018 at 10:44:41PM +0200, Klemens Nanni wrote:
>
> `anchor quick' means "evaluate the rules inside but stop
IPv6 Source selection is a mess!
> ICMP6 messages
> are generated with a source of, I think, the local address associated with
> the route to the recipient,
It is not that simple. Look at in6_ifawithscope() in sys/netinet6/in6.c.
/*
* At this
With ospf6d, routes are added using link-local addresses. ICMP6 messages
are generated with a source of, I think, the local address associated with
the route to the recipient, so with a couple of hops in the internal network
it results in traceroutes looking like
$ traceroute6 -n www.google.com
Todd C. Miller wrote:
> On Fri, 05 Oct 2018 00:37:33 +0200, Alexandr Nedvedicky wrote:
>
> > because earlier line at 5279 grants the variable c holds backslash,
> > therefore it can't contain space or tab. The simple change is tempting,
> > but let's check the history first. That particular
On Fri, 05 Oct 2018 00:37:33 +0200, Alexandr Nedvedicky wrote:
> because earlier line at 5279 grants the variable c holds backslash,
> therefore it can't contain space or tab. The simple change is tempting,
> but let's check the history first. That particular line has been
> introduced 10+ years
Hi,
Due to the SMT stuff the output of top showed the first few cpus instead
of the ones that are actually active.
To reproduce the bad output:
Use a machine with hyper therading, top should show half the cpus, of
which every second is disabled.
The following diff skips the disabled cpus and
Provide an MD 64-bit byteswapping function build on 32-bit swaps
as we do on arm and i386. Copied from arm.
If there are no MD byteswapping functions, MI macros are used.
These are wrapped by static inline functions to prevent multiple
evaluation of their argument. If there are MD functions,
Hi,
I have an idea in mind that I'd like to share to ask you if you think
it's worth giving it a try.
Right now, vmd already features an excellent privsep model to ensure
the process servicing the VM requests to the outside world is running
with the lowest possible privileges.
I was wondering
Hi,
This patch implements a mechanism to allow users register an I/O port
with a special file descriptor (kickfd) which can be monitored for
events using kevent. The kernel will note an event each time the Guest
writes to an I/O port registered with a kickfd.
This is mainly intended for kicking
Florian Obser(flor...@openbsd.org) on 2018.10.04 20:13:03 +0200:
> Benno removed code to answer ICMP queries over 4 years ago.
> Aham Brahmasmi (aham.brahmasmi AT gmx.com) points out
> that we still joine the group though.
>
> OK?
ok benno@
> diff --git in6.c in6.c
> index
On Wed, Oct 03, 2018 at 11:41:41PM -0700, Ori Bernstein wrote:
> Thanks, another update based on Reyk's feeback and fixes.
>
You missed one thing: jmc@'s manpage comments.
For everything else: Looks good! Tests work fine. OK reyk@
Reyk
> diff --git regress/usr.sbin/vmd/diskfmt/Makefile
>
18 matches
Mail list logo
