OpenBSD 3.7
Some hosts will experience poor to seemingly no Internet access when
using NAT address pools - web sites time out, even pings to remote
addresses fail.
Using:
nat on $ext_if from !$ext_if - $ext_if:0
works fine.
Using:
nat on $ext_if from !$ext_if - $ext_if
or
nat on $ext_if from
On Friday 16 September 2005 04:20 pm, Raymond Lillard wrote:
First off, it's a bad idea to broadcast your real IP numbers
in a public place.
I had always thought that but then I read this article:
http://homepages.tesco.net/~J.deBoynePollard/FGA/dont-obscure-your-dns-data.html
It seems to make
On Friday 16 September 2005 04:13 pm, Ryan Puckett wrote:
In my experience, any protocols where the server will generate a
separate connection back to the client (like ftp) will not work with
NAT pools.
Even passive ftp?
nat on $ext_if inet from internal-subnets to any port
$NATPoolPortsTCP
On Tuesday 20 September 2005 06:19 am, Siju George wrote:
Any Idea if Jacek Artymiak is well??? I heard that he was sufferring
from some serious health problems:-(
Sometime back he told me that he was willing to allow his book
published in the Indian re-print if I could find an interested
Just an update.
It seems source-hash, for whatever reason, simply doesn't work for me. I
did find an older post that exhibits a similar issue:
http://www.monkey.org/openbsd/archive/bugs/0403/msg00211.html
Round-robin works fine, but source-hash will always leave some systems
blind to the
On Friday 23 September 2005 02:40 pm, John Marten wrote:
There's got to be a better way, and I'm open to suggestions.
Use a non-standard port and/or public key exchange.
Chris
On Friday 23 September 2005 03:15 pm, Mr.Slippery wrote:
That's how I handle this type of annoyance:
http://data.homeip.net/projects/ssh_wall.php
Slick. Er...slippery, that is.
Both Jacek's book and the pf faq,
http://www.openbsd.org/faq/pf/queueing.html, state that queueing is
only useful for packets in the outbound direction.
Yet, I find examples that show inbound traffic being sent to queues.
On the faq page above there are these examples:
On Monday 26 September 2005 02:13 pm, viq wrote:
Traffic can be assigned to queue not necessarily on the
interface/direction the traffic takes effect on. Eg, you have queue
ftp_out, that is designed to let your desktop to upload to some sites
no faster than some speed, and of course the queue
On Thursday 29 September 2005 10:23 am, Bill wrote:
I am thinking pf on the dhcp server to those specific ip
addresses (wifi static ips) killing DHCP traffic. Since the AE
already has its own static IP and is set with dhcp info internally,
maybe it would decide its on its own and actually
On Tuesday 04 October 2005 03:38 pm, Peter Hessler wrote:
True, this is a limitation of the PPTP spec. Go slap the IT Staff,
and tell them to revert back to IPSec.
While I agree on what should be done to their IT staff, and that IPSec
(from what little I know) is superior, it may be an issue
On Tuesday 04 October 2005 04:32 pm, Melameth, Daniel D. wrote:
OpenBSD ignores the Call ID field in the GRE packets that PPTP
uses...
So a design decision?
Regarding the altq implementation in pf:
Is altq effective with all types of protocols/traffic, such as ah, esp,
gre, etc.?
Thanks.
Chris
On Tuesday 04 October 2005 01:54 am, Manpreet Singh Nehra wrote:
#NAT Rules
#Local Lan to Internet
nat on $ext_if1 from $lan_net to any - ($ext_if1)
nat on $ext_if2 from $lan_net to any
On Wednesday 05 October 2005 01:03 pm, Chris Smith wrote:
nat on !($int_if) from $lan_net to any - gateway_addresses \
round-robin sticky-address
Ooops...I think that () around $int_if will not work. Should read:
nat on !$int_if from $lan_net to any - gateway_addresses \
round
On Wednesday 05 October 2005 06:59 pm, jared r r spiegel wrote:
altq is as effective as your understanding of it and your
implementation
Well then I'm in real trouble :)
I'll try to hunt down that archived post. Thanks.
Hello,
Running 3.8, 2 nics, 1 statically assigned, and the other using dhcp.
Problem is that resolv.conf is always overwritten. Using
resolv.conf.tail doesn't help as the information is just tacked on at
the end of the dhcp supplied information.
How can I prevent the overwriting of
On Tuesday 25 October 2005 23:01, Abraham Al-Saleh wrote:
man dhclient.conf
Thanks all.
supercede does the trick
On Wednesday 26 October 2005 07:38 am, Siju George wrote:
Now My /etc/dhclient.conf looks like this
These two lines worked fine here:
---
request subnet-mask, broadcast-address, routers;
supersede domain-name-servers 192.168.107.2;
Having some problems with two hardware vpn devices (a sonicwall and a
linksys) connecting through the openBSD 3.7 pf/nat firewall (just one
at this end).
It appears the the isakmp communication is fine. The state table shows:
-
self udp remote_vpn_ip:500 -
On Wednesday 02 November 2005 01:02 pm, Miguel wrote:
The pass rule on the rdr sentence only aplies to the gem0 interface?
Yes. I posted a similar query last Friday. See the thread titled rdr
clarification.
Am i missing something?
Maybe the docs are confusing in that regard. I also thought
I assume the problem is not enough RAM because when I
add more RAM everything works fine.
Repeatable? Sure you've ruled out a seating problem?
R,
C
On Tuesday 21 August 2007, Stuart Henderson wrote:
in -current ftp-proxy can add tags, you can then pass the traffic
using a rule that matches those tags (e.g. tagged ftpproxy) and set
a label on that pass rule.
Hello,
Was actually looking at that last night but it didn't work the way I
Hello, and please help me retain what little hair I still have left :)
Basic scenario - 5 interfaces, 3 outside (public), 2 inside (private).
At this point I'm not trying to load balance just use different routes to the
outside world depending upon the source inside address.
I have tried
Just correcting the tables names (they do match, regardless of what I
previously typed).
On Tuesday 21 August 2007, Chris Smith wrote:
Hello, and please help me retain what little hair I still have left :)
Basic scenario - 5 interfaces, 3 outside (public), 2 inside (private).
At this point I'm
On Tuesday 21 August 2007, Stuart Henderson wrote:
Since translation occurs before filtering the filter engine will see
packets as they look after any addresses and ports have been
translated.
I have read that in the docs but how to reconcile it with the ruleset on
On 8/28/07, Dave Anderson [EMAIL PROTECTED] wrote:
We should all care, because there's actually an important question
buried in this: to what extent is it acceptable for 'the government' to
demand that someone make substantial or expensive changes in their life
merely for its convenience?
On Tuesday 25 September 2007, Craig Skinner wrote:
If you are using postfix:
/etc/postfix/main.cf:
..
..
smtpd_recipient_restrictions =
reject_non_fqdn_hostname
reject_invalid_hostname
reject_non_fqdn_sender
reject_non_fqdn_recipient
Previously posted to [EMAIL PROTECTED] Received no replies so trying here.
Hello,
I'm using route-to to allow specific systems to use different external
interfaces and seeing a performance issue.
The performance issue is that normal web access is horrifically slow, yet when
doing a download
On Friday 05 October 2007, andrew fresh wrote:
It takes a while for the packets to figure out how to get through the
router, once they do, the states are set up and everything works as it
should. I can see that.
Seems that way.
Basic scenario is 2 internal interfaces (2 separate subnets)
On Saturday 20 October 2007, Chris wrote:
If anyone knows any known issues and would like to share
The last time I set an Apple base station up for someone the Apple setup
program was necessary and they only had Mac and Windows versions. There was
no CLI or web based front-end. Unless that
On Thursday 22 December 2005 13:12, you wrote:
It comes back with no route to host and when I do
a nestat -rn, the Gateway is missing even though /etc/mygate exists.
IP - 209.216.76.1
Netmask - 255.255.255.252
GW - 209.216.77.6
How do you get to the gateway? It isn't on the subnet. Your
On Thursday 22 December 2005 14:46, Chris Smith wrote:
GW - 209.216.77.6
Oops...I read that as 209.216.76.6 and not 209.216.77.6, so your netmask
would have to be different than what I suggested.
Do you have another network device?
The gateway address is usually the address that your system
Looking to do something like an overload to add systems to a table but
with a block filter and not a pass filter.
Basically, at one account, file-sharing software is prohibited. But
since most systems are user owned and not corporate owned, plus the
fact that many of them are portable
On Saturday 31 March 2007, Brian A. Seklecki wrote:
DDC/EDID can be a killjoy. I want to say that there was an
Option NoEDID true
As an aside (in case it helps anyone).
Using the nVidia binary under Linux I have to set:
Option ModeValidationNoMaxPClkCheck
in order to use
Hello,
Using openbsd as a firewall in several cases - a few small businesses, and
also for home use. Some websites, such as grc.com, stress that stealth mode
(which openbsd handles with ease) is the safest. But I've also read that
using 'return' instead of 'drop' is good netizenship. So I'm
On 4/29/07, bubka20 [EMAIL PROTECTED] wrote:
Nothing different happens when I restart my computer. The windows os just
comes up like always. I'm not prompted with any choices to install
openbsd...I've tried several times putting a cd with cd40.iso and and a cd
with cdrom.fs in the cd-rom
On 5/8/07, John Nietzsche [EMAIL PROTECTED] wrote:
I am facing the same scenario.
On 5/8/07, Paolo Supino [EMAIL PROTECTED] wrote:
Hi
Does anyone know how I can contact Austin@ except emails? My CDs and
book have yet to arrive (preorderd on the day orders were opened) and
I'm not
On 5/9/07, Theo de Raadt [EMAIL PROTECTED] wrote:
1. www.openbsd.org replies with Forbidden at the moment -- but I guess
most people already know.
www.openbsd.org is a mirror on a good network connection.
at the moment it is recovering from having eaten itself.
Like the snake on the new
Hello,
Client currently has one T1 for net access. Uses openBSD as
NAT/router/firewall. Runs two internal networks, one with a mail server and
an ftp server (both on the same internal network with his workstations), and
a second one for renters.
Needs more bandwidth and can add some DSL
On Tuesday 05 February 2008, STeve Andre' wrote:
My proceedure these days is to take the disk
out of the machine and stuff it into mine, mount it and extract data
before scrubbing the mindless thing and starting over...
I normally boot the system from a live-cd (used Knoppix many times) and
On Thursday 07 February 2008, Marco Peereboom wrote:
What you forget here is that most don't adhere to standards.
I'm not sure it's a standard, but for many it (matching the servers helo
name with the PTR record) is standard practice. Some then continue with
a forward lookup and expect the A
On Thursday 07 February 2008, Lori Barfield wrote:
just having reverse DNS isn't good enough, either, because
if it has a name that looks like dynamic IP space, that
can also get your mail treated with prejudice.
Yes, I've seen that in practice as well.
--
Chris
On Monday 11 February 2008, Raimo Niskanen wrote:
'Mail From: '
One of several that will put you on the http://rfc-ignorant.org/
blacklist.
--
Chris
I'm currently using route-to in pf.conf to control the routing of
different internal subnets through different external gateways. It does
work, but I remember a comment in the past where route-to was called
evil. Is route-to evil (and why)? And if so is there another, better to
do routing
Hello,
Trying to do a make release apparently without success:
=
cp /usr/dest/snapshot/*BOOT* /usr/rel
cp: /usr/dest/snapshot/*BOOT*: No such file or directory
*** Error code 1 (ignored)
cp /usr/dest/snapshot/cd*.iso /usr/rel
cp /usr/dest/snapshot/Packages
On Wednesday 20 February 2008, Stuart Henderson wrote:
No these warnings are ok. You got the *.tgz didn't you?
Yes. Thank you.
--
Chris
On Wednesday 20 February 2008, Richard Daemon wrote:
whoops, i meant lower in the FAQ:
# test -d ${DESTDIR} mv ${DESTDIR} ${DESTDIR}- \
B B B rm -rf ${DESTDIR}-
Thanks. I had just created these directories so they were empty to start
with.
--
Chris
On Wednesday 20 February 2008, Alexander Hall wrote:
The ignored part in the error output. Those error messages are
typical (dare I guess you're on i386?) and not critical.
Yes, i386.
If these are the only errors you get, then you can go on with the
rest of the release.
I get this as well:
On Thursday 21 February 2008, Alexander Hall wrote:
Thanks to the pretty much part, I assumed that is was ok, but
anyone more educated may be of another opinion.
Thanks.
It's been announced that OpenBSD turned 4.3-beta, does that
mean -current is now 4.3-beta? If so, is there anything special
On Thursday 21 February 2008, Allie D. wrote:
I'm getting bad file descriptor errors on every ssh connection on a
box that I built from source on 4.3 beta last night. Anyone else
seeing this as well ?
Feb 21 09:54:43 crusty sshd[21741]: error: getsockname failed: Bad
file descriptor
Wanted
All of a sudden when using cvs (via ssh) to update the src tree
(following the instructions on http://openbsd.org/faq/faq5.html#Bld) I
am prompted for a password. Several different mirrors same issue.
What to do?
--
Chris
On Sunday 24 February 2008, Constantine A. Murenin wrote:
anoncvs.ca.openbsd.org is being rebuild, and currently asks for
password.
Also tried anoncvs1.usa.openbsd.org and anoncvs1.ca.openbsd.org (which
apparently is the same host as anoncvs.ca.openbsd.org).
Looks like waiting is the right
On Sunday 24 February 2008, Alexander Hall wrote:
Let the list readers know what you did so they can help you?
I'll start:
$ cd /usr/src
...
You fill in the rest. :)
# cd /usr/src
# export [EMAIL PROTECTED]:/cvs
# cvs -d$CVSROOT up -Pd
Tree was previously checked out, and updates worked
Just noting that there seems to be an increase in improperly constructed
ascii art/diagrams.
If ascii diagrams are not created with a fixed-pitch font then they will
not display correctly - even when the readers view them with a
fixed-pitch font.
I block and log rfc 1918 connection attempts and am seeing the following
in pflog continuously ad nauseum:
Apr 10 15:10:21.414289 rule 9/(match) block in on fxp1:
172.21.153.70.6293 68.61.77.3.50716: [|tcp] (DF) [tos 0x20]
Apr 10 15:10:22.833822 rule 9/(match) block in on fxp1:
On Thursday 10 April 2008, Lord Sporkton wrote:
It is possible that its not really ment for you, but perhaps your
modem, something along the lines of a modem checkin?
I took a tcpdump and they are all TCP RST packets.
Further investigation shows that the destination ports match state
entries
I did find the following thread - users with the same problem:
http://www.globalaffairs.org/forum//showthread.php?t=51413
However, not really any resolution.
--
Chris
From: http://www.openbsd.org/faq/pf/rdr.html#rdrnat
Think of it as a normal rdr rule (with no pass keyword) associated to a
pass filter rule with the keep state keyword. However, if you want to
enable more specific filtering options such as synproxy, modulate
state, etc. you'll still have to
In addition to preventing infected PC's from using their own SMTP engine
to send out spam by blocking port 25 from all but the mail server. I
would also like to add those hosts automatically to a table in order to
block their access altogether so that the infected PC's cannot attempt
other
On Wednesday 22 February 2006 16:48, Daniel Ouellet wrote:
If you read on the PF and look at what I send you, you will see that
bad-ssh IS updated automatically.
That's what the line:
(max-src-conn-rate 5/30, overload bad_ssh flush global)
does. After 5 connection in 30 seconds, the IP
On Wednesday 22 February 2006 15:37, Ray Lai wrote:
Do ``block in log on port 25'' and listen to pflog0 to add bad
hosts.
Bit of a openBSD n00b here. How would I go about listening to pflog0? I
thought that required tcpdump running. What I want it running
continuously on a small, dedicated
On Wednesday 22 February 2006 16:19, Stuart Henderson wrote:
recent (preferably -current/snapshot ports) smtp-vilter handles this
quite nicely.
Thanks but it's probably not a solution in this case. I'm not that
experienced with openBSD but I'm a bit leery about running -current on
a dedicated
On Thursday 23 February 2006 11:40, Bob Beck wrote:
Bit of a openBSD n00b here. How would I go about listening to
pflog0? I thought that required tcpdump running. What I want it
running continuously on a small, dedicated firewall box (concerned
about processing power as well as security)?
On Friday 03 March 2006 16:46, Bryan Irvine wrote:
Gmail b0rked your ASCII diagram.
Looks fine here when viewed with a fixed font, at least I think it does,
but I'm not sure what the question is either. I also fail to see the
logic in sending copies of connections to the netgear to the obsd
Pf's os detection of NMAP isn't working with NMAP 4.01. Pf detects NMAP
3.81 fine but not version 4.01. I don't have any other versions so I
don't know exactly which or at which version it stops working. This is
with openBSD 3.8, but the NMAP specific signatures in the cvs pf.os
seem
On Monday 24 April 2006 19:19, [EMAIL PROTECTED] wrote:
i have a firewall hook up to my cable modem
my external interface has a dynamic address from the dhcp server at
my isp i have a dhcp server on the firewall for two subnets
subnet a local network
subnet b wireless network
i need the
On Tuesday 25 April 2006 13:04, Chris Smith wrote:
nic would then get it's info from your
ugly grammar error
should be its instead of it's, sorry for that
Anyone got a Dell Latitude CPX? If so - do the machines behave with 3.9
at all? The hardware is pretty straightforward late 90s P3/BX/ATI Rage
etc with very few Dell quirks AFAIK. I'm going to pick one up off ebay
(if they work) to replace this bloody Toshiba M50 which just doesn't work
at all
N00b here.
My Linksys USB200M, which should use the axe driver, isn't recognized at
boot.
In dmesg, I have:
uhub3: port2, set config at addr 2 failed
uhub3: device problem, disabling port 2
Request some references to investigate. The documentation is great, but I'm
not seeing where I need to go
On Friday 02 June 2006 17:39, Allen Theobald wrote:
I can ping www.google.com from the firewall.
But I cannot ping www.google.com from any computers on the internal
network.
Can you ping by IP address instead of by name?
DNS queries should work just fine with that pf.conf. Do your clients
I am a n00b.
Installed OpenBSD3.9 from CD on a box with:
motherboard: AK77-333
ram: 1GB
chip:1.7Ghz AMD
disk:300GB SeaGate ST3300831A
The DMA timeout issue has been dogging me.
- Booted the SeaGate DiskWizard and slicked the drive (~22 hours!).
- Replaced the IDE ribbon
My openbsd router/firewall (currently 3.9 but have had previous versions
with the same issue) will sync to external servers and also to internal
linux servers running openntpd. However, if I attempt to use the
openbsd box as the internal time server (listening on the internal
interface), and
On Thursday 10 August 2006 11:42, Darrin Chandler wrote:
How long did you wait? After starting ntpd on openbsd it may take a
while to sync up. In /var/log/daemon you will see clock is now
synced when that happens. After that, the next time the Linux box
talks to the OpenBSD box it should work.
On 10/25/06, Frank [EMAIL PROTECTED] wrote:
Hello everyone,
Five minutes ago my OpenBSD 4.0 cds, the three disks of freedom, have
arrived here in The Netherlands!
Many thanks to Wim Vandeputte and off course the OpenBSD team.
Frank
Got mine yesterday. Great system, great Asterix styling.
On 11/16/06, turha turha [EMAIL PROTECTED] wrote:
I haven't got the final specs yet, probably a MoBo with a nVidia chipset,
since those are the only ones I've seen with enough SATA controller, I'd
prefe eight, but so far all I've found has been six.
The Intel Graphics Media Accelerator 950
After upgrading to -current today pf did not run after building the
kernel and rebooting. After building the userland and rebooting that
problem is resolved. But now I can no longer build pftop from ports
(cvs):
=== Checking files for pftop-0.7
Hello,
I'm trying to use a large table stored in a file with pf on -current but
on system reboot pf chokes with Cannot Allocate Memory. However, once
the system is running (and unfortunately for some reason I cannot ssh
in when this happens so I have to be in front of it) I can load the
table
On Thursday 15 May 2008, Steve B wrote:
pass out on $ext_if inet proto tcp from $ext_if to any flags S/SA
keep state queue ( general, tcp_ack )
last matching rule ?
--
Chris
On Sunday 18 May 2008, Steve B wrote:
set loginterface $ext_if
set state-policy if-bound
set skip on lo0
set skip on enc0
Don't know exactly but for starters Unless you have good reason for
changing some things from the default I would recommend rewriting the
above by dropping both:
On Tuesday 20 May 2008, Jay wrote:
I even pay for the premium service
to remove the annoying signature ads..
at least one good thing about gmail (besides the excellent spam
filtering) is no signature ads
--
Chris
On Wednesday 21 May 2008, Andris wrote:
I just read about this project, might be of interest:
http://unbound.net/
Not a real world test (well, real in a really small environment - my
personal home server) but after I saw your post I installed this on my
server running side-by-side with bind
When I run my bittorrent app on my client I bind it to a secondary IP
address. On my OpenBSD firewall I load an anchor that does some rdr's
to this secondary address as well as block many IP addresses via a
table to/from this secondary address. The table is quite large and it
would block normally
Seems I can no longer do DNS with -current. A tcpdump on the external
interface displays:
Checksum: 0xd552 [incorrect, should be 0x6f29 (maybe caused by UDP
checksum offload?)]
for all DNS queries. Altq is enabled and dns requests have a higher
priority than most other traffic. Any clues? Thanks.
On Tuesday 01 July 2008, Stuart Henderson wrote:
Almost no clues at all without DMESG... no longer - when did it
last work? What has changed since then?
Last worked about 2:00 pm EDT yesterday. I updated cvs, built kernel,
rebooted and problems started. Built userland, no change.
The good news
On Wednesday 16 July 2008, Marco Fretz wrote:
pf nat rule:
nat log on bge0 inet from 172.16.12.128/27 tag natted - 88.82.xx.xx
pf filter rule:
pass log quick all flags S/SA keep state tagged natted
FWIW, you no longer need to specify flags S/SA keep state as it is the
default.
It does work
On Wednesday 16 July 2008, Chris Smith wrote:
pass log quick all flags S/SA keep state tagged natted
Just to clarify my thinking - the packet has to be passed in before it
can be natted which applies, in your case, the natted tag, changing the
above to a pass out rule and then add a pass
On Saturday 26 July 2008, Nuno MagalhC#es wrote:
And i don't even have X installed (although some suggested i
install it so i can install cups...)
CUPS, itself, has no X requirement/dependency... I have it installed on
many servers with no X at all.
--
Chris
On Wednesday 03 September 2008 09:04:01 am Dave Wilson wrote:
If you
find that the build test fails, and then find that memtest succeeds,
then you can deduce that the problem lies with your hard drive
Only if memtest is infallible. I may be mistaken but I've long held the
opinion that while a
On Wednesday 28 February 2007, Joaquin Herrero wrote:
I checked this product and it's really impressive. I will definitely try it
but not for this project. I have to setup a secure FTP because the
transfers are really big: hundreds of scans per day.
People involved in this project are used to
Ftp with ftp-proxy works properly when the outgoing address is the
base IP address of the interface but when an IP alias address is used
it doesn't. Is there a way to have it work properly on both the base
IP address and the aliases?
Thank you,
Chris
On Tue, Oct 21, 2008 at 12:34 PM, Morris, Roy
[EMAIL PROTECTED] wrote:
I wonder if the -a option would help :)
It appears that that would tie it to a different address than the base
address, but then the base address and the other IP aliases (not
chosen by -a) probably would not work. Is this a
On Tue, Oct 21, 2008 at 1:04 PM, Camiel Dobbelaar [EMAIL PROTECTED] wrote:
Use multiple proxies and rdr's for the different lans.
(ftp-proxy cannot magically determine which address to use based on the
internal address)
OK, looks like this will work:
rc.conf.local:
ftpproxy_flags=-a r.s.t.u
On Tue, Oct 21, 2008 at 2:04 PM, Chris Smith [EMAIL PROTECTED] wrote:
OK, looks like this will work:
rc.conf.local:
ftpproxy_flags=-a r.s.t.u -p 8021
ftpproxy_flags=-a r.s.t.v -p 8022
pf.conf
rdr pass on $int_if proto tcp from alias1_sys to any port ftp -
127.0.0.1 port 8021
rdr pass
On Wed, Oct 22, 2008 at 11:52 PM, Chris Smith [EMAIL PROTECTED] wrote:
Was finally able to test the reboot scenario and two instances of
ftp-proxy do not get started from rc.conf.local. Needed to run the
second instance from rc.local.
Just wondering whether or not it's more proper to start
On Mon, Oct 27, 2008 at 4:52 AM, Camiel Dobbelaar [EMAIL PROTECTED] wrote:
rc.local is fine.
Thank you.
Chris
Hello,
Dmesg states: em3: unable to fill any rx descriptors with current.
Full dmesg:
==
# dmesg
OpenBSD 4.4-current (GENERIC) #1: Mon Dec 8 18:18:34 EST 2008
[EMAIL PROTECTED]/usr/src/sys/arch/i386/compile/GENERIC
cpu0:
On Mon, Dec 8, 2008 at 6:57 PM, David Gwynne [EMAIL PROTECTED] wrote:
what was the machine doing when that message appeared? was this the first
time you brought the interface up? had the interface previously been brought
up and down several times?
First boot after compiling the current kernel.
On Tue, Dec 9, 2008 at 12:12 AM, David Gwynne [EMAIL PROTECTED] wrote:
how strange. that line is printed if em(4) is unable to allocate
any memory at all to put on the rx ring. ive never known the mbuf
cluster allocator to fail.
is this reproducable?
Yes, every boot provides the same error,
On Tue, Dec 9, 2008 at 5:17 PM, Chris Smith obsd_m...@chrissmith.org wrote:
how strange. that line is printed if em(4) is unable to allocate
any memory at all to put on the rx ring. ive never known the mbuf
cluster allocator to fail.
is this reproducable?
Yes, every boot provides the same
1 - 100 of 238 matches
Mail list logo