Re: relayd and rdomain/prio defaults
On 03/05/12 21:10, Erik Lax wrote: On 3/2/12 5:09 PM, Gabriel Linder wrote: Since 5.0 rules injected by relayd includes on rdomain 0 and prio 0, I guess that's not intended ? I think you're right. And if so, the same problem seem to exist for the ftp-proxy (filter.c) as well. I guess this is what happens when default values aren't compatible with bzero :) Indeed :) Anything messing with anchors is probably concerned. I just saw that my MUA scrambled my previous diff by replacing tabs by spaces, here is a proper version http://dargor.servebeer.com/~dargor/openbsd/relayd/pfe_filter.c.diff
Re: [resend] ipv6 support for tftp
On 2011/01/22 19:40, Gleydson Soares wrote:
can anyone test this diff? your feedback will be most welcome
On Wed, Sep 08, 2010 at 11:51:11AM -0300, Gleydson Soares wrote:
hi,
- ipv6 support for tftp client.
based on an old itojun's diff.
weerd@ pointed out this old diff - here's a slightly updated version;
only minor tweaks from gsoares@ version: whitespace nits in some lines
touched in the diff, and I rewrote the manpage diff.
works for me against usr/sbin/tftpd; any comments?
Index: tftp.1
===
RCS file: /cvs/src/usr.bin/tftp/tftp.1,v
retrieving revision 1.19
diff -u -p -r1.19 tftp.1
--- tftp.1 1 Mar 2012 03:47:19 - 1.19
+++ tftp.1 6 Mar 2012 09:30:31 -
@@ -156,6 +156,10 @@ When using the
argument, the
.Ar host
will be used as the default host for future transfers.
+A
+.Ar host
+specified as a numeric IPv6 address must be wrapped in square brackets:
+.Ar [host]:filename .
If
.Ar remotename
is specified, the file is stored remotely as
Index: main.c
===
RCS file: /cvs/src/usr.bin/tftp/main.c,v
retrieving revision 1.30
diff -u -p -r1.30 main.c
--- main.c 27 Oct 2009 23:59:44 - 1.30
+++ main.c 6 Mar 2012 09:30:31 -
@@ -68,6 +68,7 @@ void put(int, char **);
voidquit(int, char **);
voidsetascii(int, char **);
voidsetbinary(int, char **);
+voidsetpeer0(char *, char *);
voidsetpeer(int, char **);
voidsetrexmt(int, char **);
voidsettimeout(int, char **);
@@ -86,9 +87,8 @@ static __dead void command(void);
struct cmd *getcmd(char *);
char *tail(char *);
-struct sockaddr_in peeraddr;
+struct sockaddr_storage peeraddr;
int f;
-short port;
int trace;
int verbose;
int connected;
@@ -98,7 +98,6 @@ intmargc;
char *margv[MAXARGV+1];
char *prompt = tftp;
voidintr(int);
-struct servent *sp;
int rexmtval = TIMEOUT;
int maxtimeout = 5 * TIMEOUT;
charhostname[MAXHOSTNAMELEN];
@@ -170,19 +169,7 @@ struct modes {
int
main(int argc, char *argv[])
{
- struct sockaddr_in s_in;
-
- /* socket, bind */
- sp = getservbyname(tftp, udp);
- if (sp == 0)
- errx(1, udp/tftp: unknown service);
- f = socket(AF_INET, SOCK_DGRAM, 0);
- if (f 0)
- err(3, socket);
- bzero((char *)s_in, sizeof(s_in));
- s_in.sin_family = AF_INET;
- if (bind(f, (struct sockaddr *)s_in, sizeof(s_in)) 0)
- err(1, bind);
+ f = -1;
/* set default transfer mode */
strlcpy(mode, netascii, sizeof(mode));
@@ -205,11 +192,69 @@ main(int argc, char *argv[])
}
void
-setpeer(int argc, char *argv[])
+setpeer0(char *host, char *port)
{
- struct hostent *host;
- const char *errstr;
+ struct addrinfo hints, *res0, *res;
+ int error;
+ struct sockaddr_storage ss;
+ char *cause = unknown;
+
+ if (connected) {
+ close(f);
+ f = -1;
+ connected = 0;
+ }
+
+ memset(hints, 0, sizeof(hints));
+ hints.ai_family = PF_UNSPEC;
+ hints.ai_socktype = SOCK_DGRAM;
+ hints.ai_protocol = IPPROTO_UDP;
+ hints.ai_flags = AI_CANONNAME;
+ if (!port)
+ port = tftp;
+ error = getaddrinfo(host, port, hints, res0);
+ if (error) {
+ warnx(%s, gai_strerror(error));
+ return;
+ }
+
+ for (res = res0; res; res = res-ai_next) {
+ f = socket(res-ai_family, res-ai_socktype, res-ai_protocol);
+ if (f 0) {
+ cause = socket;
+ continue;
+ }
+
+ memset(ss, 0, sizeof(ss));
+ ss.ss_family = res-ai_family;
+ ss.ss_len = res-ai_addrlen;
+ if (bind(f, (struct sockaddr *)ss, ss.ss_len) 0) {
+ cause = bind;
+ close(f);
+ f = -1;
+ continue;
+ }
+
+ break;
+ }
+
+ if (f 0)
+ warn(%s, cause);
+ else {
+ memcpy(peeraddr, res-ai_addr, res-ai_addrlen);
+ if (res-ai_canonname) {
+ (void) strncpy(hostname, res-ai_canonname,
+ sizeof(hostname));
+ } else
+ (void) strncpy(hostname, host, sizeof(hostname));
+
Re: relayd and rdomain/prio defaults
just to confirm, I've seen this, this is a problem and we're discussing how to fix the offenders (it's not just relayd) * Gabriel Linder lin...@jeuxvideo.com [2012-03-02 18:26]: Since 5.0 rules injected by relayd includes on rdomain 0 and prio 0, I guess that's not intended ? Index: pfe_filter.c === RCS file: /cvs/src/usr.sbin/relayd/pfe_filter.c,v retrieving revision 1.47 diff -u -r1.47 pfe_filter.c --- pfe_filter.c19 May 2011 08:56:49 -1.47 +++ pfe_filter.c2 Mar 2012 16:06:30 - @@ -439,6 +442,8 @@ rio.rule.dst.port[0] = address-port.val[0]; rio.rule.dst.port[1] = address-port.val[1]; rio.rule.rtableid = -1; /* stay in the main routing table */ +rio.rule.onrdomain = -1; +rio.rule.prio[0] = rio.rule.prio[1] = PF_PRIO_NOTSET; if (rio.rule.proto == IPPROTO_TCP) rio.rule.timeout[PFTM_TCP_ESTABLISHED] = -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
Re: relayd and rdomain/prio defaults
On 2012/03/06 10:20, Gabriel Linder wrote: On 03/05/12 21:10, Erik Lax wrote: On 3/2/12 5:09 PM, Gabriel Linder wrote: Since 5.0 rules injected by relayd includes on rdomain 0 and prio 0, I guess that's not intended ? I think you're right. And if so, the same problem seem to exist for the ftp-proxy (filter.c) as well. I guess this is what happens when default values aren't compatible with bzero :) Indeed :) Anything messing with anchors is probably concerned. I just saw that my MUA scrambled my previous diff by replacing tabs by spaces, here is a proper version http://dargor.servebeer.com/~dargor/openbsd/relayd/pfe_filter.c.diff Seems OK to me but somebody who uses multiple rtables needs to check it (and also for ftp-proxy where a similar diff is needed and it has some multiple rtable support already). Here it is for tftp-proxy which is single rtable. OK? Index: filter.c === RCS file: /cvs/src/libexec/tftp-proxy/filter.c,v retrieving revision 1.10 diff -u -p -r1.10 filter.c --- filter.c22 Jun 2011 08:40:14 - 1.10 +++ filter.c6 Mar 2012 09:55:29 - @@ -214,6 +214,9 @@ prepare_rule(u_int32_t id, struct sockad } pfr.rule.dst.port_op = PF_OP_EQ; pfr.rule.dst.port[0] = htons(d_port); + pfr.rule.rtableid = -1; + pfr.rule.onrdomain = -1; + pfr.rule.prio[0] = pfr.rule.prio[1] = PF_PRIO_NOTSET; pfr.rule.action = PF_PASS; pfr.rule.quick = 1; pfr.rule.log = rule_log;
ftp-proxy: use correct incoming rdomain
ftp-proxy has all the code to support on rdomain feature
in place, just not used. the change below uses an rdomain
obtained via the SO_RTABLE socket option of the accepted
socket. OK?
Index: filter.c
===
RCS file: /home/cvs/src/usr.sbin/ftp-proxy/filter.c,v
retrieving revision 1.16
diff -u -p -u -p -r1.16 filter.c
--- filter.c22 Jun 2011 08:44:02 - 1.16
+++ filter.c6 Mar 2012 12:21:57 -
@@ -83,7 +83,7 @@ add_nat(u_int32_t id, struct sockaddr *s
return (-1);
pfr.rule.direction = PF_OUT;
- /* XXX limit the source routing domain */
+ pfr.rule.onrdomain = s_rd;
pfr.rule.rtableid = -1;
pfr.rule.nat.proxy_port[0] = nat_range_low;
pfr.rule.nat.proxy_port[1] = nat_range_high;
@@ -110,7 +110,7 @@ add_rdr(u_int32_t id, struct sockaddr *s
return (-1);
pfr.rule.direction = PF_IN;
- /* XXX limit the source routing domain */
+ pfr.rule.onrdomain = s_rd;
pfr.rule.rtableid = d_rd;
pfr.rule.rdr.proxy_port[0] = rdr_port;
if (ioctl(dev, DIOCADDRULE, pfr) == -1)
@@ -207,6 +207,7 @@ prepare_rule(u_int32_t id, struct sockad
pfr.rule.dst.addr.type = PF_ADDR_ADDRMASK;
pfr.rule.nat.addr.type = PF_ADDR_NONE;
pfr.rule.rdr.addr.type = PF_ADDR_NONE;
+ pfr.rule.prio[0] = pfr.rule.prio[1] = PF_PRIO_NOTSET;
if (src-sa_family == AF_INET) {
memcpy(pfr.rule.src.addr.v.a.addr.v4,
Re: ftp-proxy: use correct incoming rdomain
On Tue, Mar 06, 2012 at 01:28:43PM +0100, Mike Belopuhov wrote:
ftp-proxy has all the code to support on rdomain feature
in place, just not used. the change below uses an rdomain
obtained via the SO_RTABLE socket option of the accepted
socket. OK?
Looks good to me.
Index: filter.c
===
RCS file: /home/cvs/src/usr.sbin/ftp-proxy/filter.c,v
retrieving revision 1.16
diff -u -p -u -p -r1.16 filter.c
--- filter.c 22 Jun 2011 08:44:02 - 1.16
+++ filter.c 6 Mar 2012 12:21:57 -
@@ -83,7 +83,7 @@ add_nat(u_int32_t id, struct sockaddr *s
return (-1);
pfr.rule.direction = PF_OUT;
- /* XXX limit the source routing domain */
+ pfr.rule.onrdomain = s_rd;
pfr.rule.rtableid = -1;
pfr.rule.nat.proxy_port[0] = nat_range_low;
pfr.rule.nat.proxy_port[1] = nat_range_high;
@@ -110,7 +110,7 @@ add_rdr(u_int32_t id, struct sockaddr *s
return (-1);
pfr.rule.direction = PF_IN;
- /* XXX limit the source routing domain */
+ pfr.rule.onrdomain = s_rd;
pfr.rule.rtableid = d_rd;
pfr.rule.rdr.proxy_port[0] = rdr_port;
if (ioctl(dev, DIOCADDRULE, pfr) == -1)
@@ -207,6 +207,7 @@ prepare_rule(u_int32_t id, struct sockad
pfr.rule.dst.addr.type = PF_ADDR_ADDRMASK;
pfr.rule.nat.addr.type = PF_ADDR_NONE;
pfr.rule.rdr.addr.type = PF_ADDR_NONE;
+ pfr.rule.prio[0] = pfr.rule.prio[1] = PF_PRIO_NOTSET;
if (src-sa_family == AF_INET) {
memcpy(pfr.rule.src.addr.v.a.addr.v4,
--
:wq Claudio
pkg_add/pkg_delete: include PID in syslog messages
This simple diff makes pkg_add and pkg_delete include their PID when
logging to syslog. This is useful when trying to determine whether
several packages were added (or removed) by the same pkg_add (or
pkg_delete) process.
Here is some sample output:
Mar 3 22:15:17 obsd-amd64 pkg_add[3530]: Added nano-2.2.6
Mar 3 22:15:26 obsd-amd64 pkg_delete[21136]: Removed nano-2.2.6
Mar 3 22:16:51 obsd-amd64 pkg_add[30666]: Added redland-1.0.8p1
Mar 3 22:16:54 obsd-amd64 pkg_add[30666]: Added mozilla-dicts-en-GB-1.3
Mar 3 22:16:56 obsd-amd64 pkg_add[30666]: Added hunspell-1.2.12
Mar 3 22:23:22 obsd-amd64 pkg_add[30666]: Added libreoffice-3.4.5.2v0
Mar 3 23:33:23 obsd-amd64 pkg_add[5948]: Added kdiff3-0.9.96p1
Comments?
Thanks,
Lawrence
Index: AddDelete.pm
===
RCS file: /cvs/src/usr.sbin/pkg_add/OpenBSD/AddDelete.pm,v
retrieving revision 1.53
diff -u -p -r1.53 AddDelete.pm
--- AddDelete.pm9 Oct 2011 16:43:50 - 1.53
+++ AddDelete.pm4 Mar 2012 04:37:04 -
@@ -185,7 +185,7 @@ sub handle_options
$state-{loglevel} //= $state-config-value(loglevel) // 1;
if ($state-{loglevel}) {
require Sys::Syslog;
- Sys::Syslog::openlog($state-{cmd}, nofatal);
+ Sys::Syslog::openlog($state-{cmd}, nofatal,pid);
}
}
