Re: What does this message mean?

2009-11-29 Thread Bruce Cran 
On Sat, 28 Nov 2009 23:27:33 -0700 (MST)
Brett Glass br...@lariat.net wrote:

 
 Just installed mpd5 to experiment with it, and got the following
 error message on the next boot:
 
 WARNING: attempt to domain_add(netgraph) after domainfinalize()
 
 What does this mean? Does it signal a serious problem?

It seems to be a harmless warning message - I've seen it many times
when starting the Bluetooth stack.

-- 
Bruce Cran
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

What does this message mean?

2009-11-28 Thread Brett Glass 

Just installed mpd5 to experiment with it, and got the following error message
on the next boot:

WARNING: attempt to domain_add(netgraph) after domainfinalize()

What does this mean? Does it signal a serious problem?

--Brett Glass

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Ipsec to Sonicwall, what does this message mean?

2007-01-02 Thread Norberto Meijome 
On Tue, 2 Jan 2007 03:48:44 +1100
Norberto Meijome [EMAIL PROTECTED] wrote:

 It seems my side is receiving a packet with DOI type 0 (as per wireshark,
 whatever that means...)... and racoon complains with;
 
 Jan  2 03:28:18 ayiin racoon: ERROR: reject the packet, received unexpecting
 payload type 0.

I got local access to the sonicwall today (TZ170 after all) and the logs show
this :
267 01/01/2007 08:59:01.352 IKE Responder: IKE proposal does not
match (Phase 1) MY_IP, 500  SONICW_IP, 500

So now I seem to be getting somewhere...(at least I know what it's tryng to
tell me :) ... now to try to match racoon's options with Sonic's... any
guides / hints ? anyone?  :)

thanks anyway!

_
{Beto|Norberto|Numard} Meijome

Linux is for people who hate Windows, BSD is for people who love UNIX.

I speak for myself, not my employer. Contents may be hot. Slippery when wet.
Reading disclaimers makes you go blind. Writing them is worse. You have been
Warned.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Ipsec to Sonicwall, what does this message mean?

2007-01-01 Thread Norberto Meijome 
Hi all,
I'm trying to connect to a Sonicwall TZ170 (I believe), from my FBSD
6.2-Prerelease. I have a username, password and PSK (ie, Xauth PSK) from the
SonicW's admin (who refuses to provide any help for non MS OS :-) ). 

I've installed ipsec-tools-0.6.6  because I believe (wrongly?) that ipsec in
the base system doesn't support xauth ... is this correct? 

Anyway, I configured racoon.cfg and psk.txt to the best of my current
abilities. I then get:

# racoonctl vpn-connect SONICW_IP_ADDRESS
Error: Peer not responding

It seems my side is receiving a packet with DOI type 0 (as per wireshark, 
whatever that means...)... and racoon complains with;

Jan  2 03:28:18 ayiin racoon: ERROR: reject the packet, received unexpecting 
payload type 0.

(complete log after my signature at end of this mail) 

I'd love any help that will help me understand what am I doing wrong. I can't 
see *WHY* I wouldn't be able to connect to this Sonic, other than a problem 
between the chair and the keyboard :) Alternative ways of doing this same thing 
with other packages / base tools are greatly appreciated.

thanks in advance!!!
B



Configuration gory details:

192.168.13.3 is my laptop's IP. hostname is ayiin. I have UDP/500 port 
forwarded to this machine, and my local firewall is open for this traffic 
(udp/500 from SOCNIW_IP_ADDRESS)

my racoon.conf is:
---
path include @sysconfdir_x@/racoon;
path pre_shared_key @sysconfdir_x@/racoon/psk.txt;
log debug;

# Specify various default timers.
timer
{
# These value can be changed per remote node.
counter 5;  # maximum trying count to send.
interval 20 sec;# maximum interval to resend.
persend 1;  # the number of packets per send.

# maximum time to wait for completing each phase.
phase1 30 sec;
phase2 15 sec;
}

remote SONICW_IP_ADDRESS
{
   
lifetime time 1 hour;
exchange_mode main, aggressive;
#ca_type x509 ca.crt;
proposal_check obey;
mode_cfg on;# accept config through ISAKMP mode config
dpd_delay 20;
   # nat_traversal force;
ike_frag on;
   # esp_frag 552;
#script /etc/racoon/phase1-up.sh phase1_up;
#script /etc/racoon/phase1-down.sh phase1_down;
passive off;

xauth_login beto;

proposal {
encryption_algorithm aes;
hash_algorithm sha1;
authentication_method hybrid_rsa_client;
dh_group 2;
   }
}

sainfo anonymous {
lifetime time 1 hour;
encryption_algorithm aes;
authentication_algorithm hmac_sha1;
compression_algorithm deflate ;
}
---

my psk.txt has:
-
## Host to connect , PSK to use

SONICW_IP_ADDRESS  PSK_TO_SONIC
## XAuth bit
beto  My_MagicPassword


My kern conf includes: 
## IPSEC VPNs
options IPSEC
options IPSEC_ESP

ipsec-tools options are : 
_OPTIONS_READ=ipsec-tools-0.6.6
WITH_DEBUG=true
WITH_IPV6=true
WITH_ADMINPORT=true
WITH_STATS=true
WITH_DPD=true
WITH_NATT=true
WITHOUT_NATTF=true
WITH_FRAG=true
WITH_HYBRID=true
WITH_PAM=true
WITH_GSSAPI=true
WITH_RADIUS=true
WITH_SAUNSPEC=true
WITHOUT_RC5=true
WITHOUT_IDEA=true

but I didn't apply the NAT-T kernel patch (yet).

_
{Beto|Norberto|Numard} Meijome

What you are afraid to do is a clear indicator of the next thing you need to do.

I speak for myself, not my employer. Contents may be hot. Slippery when wet.
Reading disclaimers makes you go blind. Writing them is worse. You have been
Warned.

In the log file, I get : (apologies for wrapping)..
---
Jan  2 03:28:18 ayiin racoon: DEBUG: configuration found for SONICW_IP_ADDRESS.
Jan  2 03:28:18 ayiin racoon: INFO: accept a request to establish IKE-SA: 
SONICW_IP_ADDRESS
Jan  2 03:28:18 ayiin racoon: DEBUG: ===
Jan  2 03:28:18 ayiin racoon: INFO: initiate new phase 1 negotiation: 
192.168.13.3[500]=SONICW_IP_ADDRESS[500]
Jan  2 03:28:18 ayiin racoon: INFO: begin Identity Protection mode.
Jan  2 03:28:18 ayiin racoon: DEBUG: new cookie: 6b685b8598c46c46 
Jan  2 03:28:18 ayiin racoon: DEBUG: add payload of len 52, next type 13
Jan  2 03:28:18 ayiin racoon: DEBUG: add payload of len 16, next type 0
Jan  2 03:28:18 ayiin racoon: DEBUG: 104 bytes from 192.168.13.3[500] to 
SONICW_IP_ADDRESS[500]
Jan  2 03:28:18 ayiin racoon: DEBUG: sockname 192.168.13.3[500]
Jan  2 03:28:18 ayiin racoon: DEBUG: send packet from 192.168.13.3[500]
Jan  2 03:28:18 ayiin racoon: DEBUG: send packet to SONICW_IP_ADDRESS[500]
Jan  2 03:28:18 ayiin racoon: DEBUG: 1 times of 104 bytes message will be sent 
to SONICW_IP_ADDRESS[500]
Jan  2 03:28:18 ayiin racoon: DEBUG:  6b685b85 98c46c46   
01100200  0068 0d38 0001 0001 002c 01010001 
0024 0101 800b0001 800c7080 80010007 800e0080 8003fadd 80020002 
80040002 0014 afcad713 68a1f1c9 6b8696fc 77570100
Jan  2

What does this message mean (watchdog timeout DC0)?

2006-01-13 Thread Thomas T. Veldhouse 
I am seeing the following in my security logs.  Can anybody tell me what 
this means?  Perhaps I should consider a new NIC?


+dc0: watchdog timeout
+dc0: link state changed to DOWN
+dc0: link state changed to UP


Thanks in advance,

Tom Veldhouse

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: What does this message mean (watchdog timeout DC0)?

2006-01-13 Thread Corey Brune 
It may be hardware related. Have you made any system changes lately?
How often does this occur?

On 1/13/06, Thomas T. Veldhouse [EMAIL PROTECTED] wrote:
 I am seeing the following in my security logs.  Can anybody tell me what
 this means?  Perhaps I should consider a new NIC?

 +dc0: watchdog timeout
 +dc0: link state changed to DOWN
 +dc0: link state changed to UP


 Thanks in advance,

 Tom Veldhouse

 ___
 freebsd-questions@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to [EMAIL PROTECTED]

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: What does this message mean (watchdog timeout DC0)?

2006-01-13 Thread Thomas T. Veldhouse 

Corey Brune wrote:


It may be hardware related. Have you made any system changes lately?
How often does this occur?
 

No changes since about last April.  I did move from FBSD 5.x to FBSD 6.x 
(RELENG_6_0) at the time that 6.0 was released.   Nothing since.


I have seen the issue a couple of times this week, but I have not had 
any network problems that I have noticed.  I have noticed this problem 
for years on and off (so to speak) with DC cards.  But lately, I seem to 
be seeing it more.


Tom Veldhouse

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: what does this message mean ?

2003-11-17 Thread Dan Pelleg 
Kris Kennaway [EMAIL PROTECTED] writes:

 On Mon, Nov 17, 2003 at 02:30:30AM +0200, Petre Bandac wrote:
  Nov 17 02:27:59 kgb /kernel: OUCH! cannot remove rule, count 1
  
  why ouch and what rule ?
 
 I think that's an ipfw message..it's probably an ipfw bug of some
 kind.

It is. But a few of those were corrected in the past. Make sure you're
running an up-to-date version (eg 4.9-RELEASE; iirc even 4.8 should be ok).


-- 

  Dan Pelleg
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: what does this message mean ?

2003-11-17 Thread Kris Kennaway 
On Mon, Nov 17, 2003 at 09:31:33AM -0500, Dan Pelleg wrote:
 Kris Kennaway [EMAIL PROTECTED] writes:
 
  On Mon, Nov 17, 2003 at 02:30:30AM +0200, Petre Bandac wrote:
   Nov 17 02:27:59 kgb /kernel: OUCH! cannot remove rule, count 1
   
   why ouch and what rule ?
  
  I think that's an ipfw message..it's probably an ipfw bug of some
  kind.
 
 It is. But a few of those were corrected in the past. Make sure you're
 running an up-to-date version (eg 4.9-RELEASE; iirc even 4.8 should be ok).

I've got these when playing with dummynet on 4.8-STABLE..I don't
remember any related commits after that time.

Also, the 'bw tun0' syntax specified in the manpage seems to be broken
- it wedged the tun0 interface and the machine had to be rebooted.
Can anyone else confirm whether this works for them?

Kris


pgp0.pgp
Description: PGP signature

what does this message mean ?

2003-11-16 Thread Petre Bandac 
Nov 17 02:27:59 kgb /kernel: OUCH! cannot remove rule, count 1

why ouch and what rule ?

TIA,

petre

-- 
Login: petreName: Petre Bandac
Directory: /home/petre  Shell: /usr/local/bin/zsh
On since Sun Nov 16 09:43 (EET) on ttyv0, idle 16:45 (messages off)
No Mail.
No Plan.
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: what does this message mean ?

2003-11-16 Thread Kris Kennaway 
On Mon, Nov 17, 2003 at 02:30:30AM +0200, Petre Bandac wrote:
 Nov 17 02:27:59 kgb /kernel: OUCH! cannot remove rule, count 1
 
 why ouch and what rule ?

I think that's an ipfw message..it's probably an ipfw bug of some
kind.

Kris


pgp0.pgp
Description: PGP signature