i can 't start the pool without ipf and i get an i/o error when starting
ipf with the pool rule…
On Tue, Mar 17, 2015 at 9:05 AM, Brad Spencer b...@anduin.eldar.org wrote:
yea=E2=80=A6 that's what thought=E2=80=A6
i did read all the man pages i could find on any bsd for the ipf tools
i think i got it…
the ipf needs to run first. so i start it with the rule to block the hash
of ranges like this:
block in quick on if0 from hash/666 to any
this complains that: ioctl(add/insert rule): No such process
ignoring this for now and starting ippool. after ippool loads the hash
yea=E2=80=A6 that's what thought=E2=80=A6
i did read all the man pages i could find on any bsd for the ipf tools and
none mentions anything about being able to block more than one range at a
time - like macros or lists or tables, etc. according to ipdeny.com china
has about 5300
On Sat, Mar 14, 2015 at 7:14 AM, Manuel Bouyer bou...@antioche.eu.org
wrote:
On Fri, Mar 13, 2015 at 11:25:50PM -0400, el kalin wrote:
it didn't work. this is what happened:
# sysctl net.inet.tcp.tso=0
sysctl: fourth level name 'tso' in 'net.inet.tcp.tso' is invalid
yes, this sysctl
On Fri, Mar 13, 2015 at 07:43:06PM -0400, el kalin wrote:
actually what's with this:
modload: Function not implemented
stuff on the instance? is this because the kernel can not load any modules
at all?!
yes. modules built for bare-metal kernels won't work on xen kernels.
--
Manuel
On Fri, Mar 13, 2015 at 11:25:50PM -0400, el kalin wrote:
it didn't work. this is what happened:
# sysctl net.inet.tcp.tso=0
sysctl: fourth level name 'tso' in 'net.inet.tcp.tso' is invalid
yes, this sysctl doesn't exist on netbsd.
is there any firewall / packet filter that would work