Reccomended platform for SYN mitigation

2007-02-15 Thread Jeffrey Lyon 

Questions Folks,

Which FreeBSD supported hardware platform would you reccomend using
for SYN mitigation? Why?

I intend to start building a squid cache on FreeBSD to inspect
HTTP/HTTPS packets before passing them to the destination host and
would very much appreciate any suggestions on the subject.

Thanks,
--
Jeffrey Lyon, President
Level III Information Systems Technician
[EMAIL PROTECTED] | http://www.blacklotus.net
Black Lotus Communications of The IRC Company, Inc.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Router take advantage of device polling

2004-05-22 Thread Jeffrey Lyon 
I am currently running a router pushing about 15 megabit of traffic, 
with CPU usage like so:

root 25  5.9  0.0 0   12  ??  WL   10:16AM  47:49.70  (irq7: 
bge0 amr0)
root 14  5.9  0.0 0   12  ??  WL   10:16AM  55:15.63  (swi1: net)
root 26  3.0  0.0 0   12  ??  LL   10:16AM  28:42.81  (irq5: bge1)

I am told that activating the device_polling kernel option will cause a 
substantial reduction in this usage. Is there any truth to that statement?

Thanks.
--
Jeffrey Lyon, Independent Associate
[EMAIL PROTECTED]
http://www.prepaidlegal.com/hub/jeffreylyon
Pre-Paid Legal Services, Inc.
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Intel Pro 1000 MT Dual port comptability under 5.1

2004-05-03 Thread Jeffrey Lyon 
Is the referenced NIC comptable under 5.1? My understanding was yes 
from reading the hardware notes (datasheet is here: 
http://www.intel.com/network/connectivity/resources/doc_library/data_sheets/pro1000mt_sa_dual.pdf) 
but it seems my system is not detecting the card. Should I be trying it 
with 4.9 instead? (the datasheet says 4.x and later, but its unclear 
whether that includes 5.x as well).

Regards.

--
Jeffrey Lyon, Independent Associate
[EMAIL PROTECTED]
http://www.prepaidlegal.com/hub/jeffreylyon
Pre-Paid Legal Services, Inc.
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Conversion from 4.x to 5.x question

2003-12-05 Thread Jeffrey Lyon 
Typically under 4.x I would use the following commands at boot:

/sbin/sysctl -w kern.ps_showallprocs=0
/sbin/sysctl -w net.inet.tcp.blackhole=2
/sbin/sysctl -w net.inet.udp.blackhole=1
5.1-RELEASE does not like these. How do I go making these changes under 5.x?

Thanks.

--
Jeffrey Lyon, Operations Manager
[EMAIL PROTECTED]
http://www.blccd.com
Black Lotus Communications Corporation
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Dell PowerEdge 1750 with PERC 4/Di on 4.7-REL

2003-11-19 Thread Jeffrey Lyon 
I have a Dell PowerEdge 1750 with a PERC 4/Di . Unfortunately it does 
not locate the drives when attempting a CD install from 4.7-REL . My 
best guess is that the PERC 4/Di was not supported in 4.7 (I am assuming 
it is supported in 4.9 or 5.x though?), however, I have seen some people 
saying they got it to work. With that said, I just wanted to get a 
consensus.

Thanks!

--
Jeffrey Lyon, Operations Manager
[EMAIL PROTECTED]
http://www.blccd.com
Black Lotus Communications Corporation
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Upgrading from 4.6-RELEASE to 4.7-STABLE

2002-11-12 Thread Jeffrey Lyon 
While trying to upgrade from 4.6-RELEASE to 4.7-STABLE I get the following
error (during make world):

=== etc/sendmail
rm -f freebsd.cf
(cd /usr/src/etc/sendmail 
 m4 -D_CF_DIR_=/usr/src/etc/sendmail/../../contrib/sendmail/cf/
/usr/src/etc/sendmail/../../contrib/sendmail/cf/m4/cf.m4 freebsd.mc) 
freebsd.cf
chmod 444 freebsd.cf
make: no target to make.
/usr/src/Makefile.inc1, line 140: warning: make -f /dev/null -m
/usr/src/share/mk  CPUTYPE=dummy -V CPUTYPE returned non-zero status
Checking to see if your booted kernel is fresh enough..
/usr/obj/usr/src/bin/sh/sh -c  'echo Testing installed kernel for new
sigaction(2) syscall'
Bad system call - core dumped
*** Error code 140

Stop in /usr/src.
*** Error code 1

Stop in /usr/src.

Here is my current uname: 4.6.2-RELEASE-p2 FreeBSD 4.6.2-RELEASE-p2 #0

and my supfile:

*default tag=RELENG_4_7
*default host=cvsup16.FreeBSD.org
*default prefix=/usr
*default base=/usr
*default release=cvs tag=.
*default delete use-rel-suffix

src-all

My intent was to go:

make buildworld
make installworld
/usr/sbin/config KERNEL
cd ../../compile/KERNEL
make depend
make
make install
reboot

Am I going about this in the wrong way? Any guidance?

Thanks.

Jeffrey Lyon
[EMAIL PROTECTED]


To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message