On Fri, May 23, 2014 at 12:42:31PM +0200, Alexandre Ratchov wrote:
On Wed, Apr 30, 2014 at 01:06:48AM +0200, Alexandre Ratchov wrote:
This diff attempts to unify volume keys; it makes pckbd and ukbd
volume keys behave like all other volume keys (acpithinkpad,
acpiasus, macppc/abtn and
Support for Appeltalk (sys/netatalk) was removed about 3 years ago but
netintro(4) still mentions it.
Remi
Index: netintro.4
===
RCS file: /cvs/src/share/man/man4/netintro.4,v
retrieving revision 1.44
diff -u -p -r1.44 netintro.4
On Tue, Jun 10, 2014 at 06:25:33PM +0300, Paul Irofti wrote:
After discussions with Theo we decided to walk the table where needed
instead of using the soft state variables.
Also adding all the Samsung models to the quirks table (as per the
Linux EC quirks table).
I tried this diff with
On Wed, Jun 11, 2014 at 09:11:54AM +0300, Paul Irofti wrote:
On Tue, Jun 10, 2014 at 11:50:02PM +0200, Remi Locherer wrote:
On Tue, Jun 10, 2014 at 06:25:33PM +0300, Paul Irofti wrote:
After discussions with Theo we decided to walk the table where needed
instead of using the soft state
On Mon, Jun 02, 2014 at 03:25:19PM +0200, Stefan Sperling wrote:
On Mon, Jun 02, 2014 at 11:41:52AM +0200, Stefan Sperling wrote:
On Sun, Jun 01, 2014 at 09:17:09PM +0200, mijenix wrote:
Hope someone can commit the new product id.
Connecting to a WLAN network works and also hostap mode.
On Wed, Aug 13, 2014 at 07:41:08PM +0100, Jason McIntyre wrote:
hi!
notice how ksh's history command (fc -l) does not list the last typed history
command:
$ ls
$ date
Wed Aug 13 19:29:59 BST 2014
$ history
1 ls
2 date
the only thing
Mark Kettenis mark.kettenis at xs4all.nl writes:
On amd64/i386 there is this nasty thing called SMM mode. This allows
BIOS writers to run code behind the back of the OS to do all sorts of
crazy stuff like simulating a legacy PC keyboard controller on systems
that don't have one, or spin up
This patch privides a new login style: yubikey-and-pwd. The idea is from
login_totp-and-pwd from the login_oath port.
I tried to keep the patch small and not touch to many things. But probably
it would be bette to chang more stuff (eg: there are now two backchannels:
*back from login_passwd.c
password changes.
Even without the encrypt/decrypt functionality a tool like ssh-keygen for
yubikey in base would be nice. It could be used to generate the key and id
file and write it to the yubikey.
On Sat, Jan 04, 2014 at 10:55:39AM +0100, Remi Locherer wrote:
This patch privides a new login
On Sun, Jan 05, 2014 at 12:26:05PM +, Stuart Henderson wrote:
On 2014/01/05 13:10, Remi Locherer wrote:
+ /* only test the password if yubikey auth was successful */
This should be done even if Yubikey auth fails, to avoid disclosing
information due to timing.
Good point! I changed
On Sun, Jan 05, 2014 at 06:44:22PM -0600, Kent R. Spillner wrote:
Still haven't tested, but I also saw:
+password_pwd = malloc(password_pwd_len + 1); /* +1 for \0 */
+
+/* extract the password */
+for ( cnt = 0 ; cnt password_pwd_len ; cnt++ )
+password_pwd[cnt] =
Hi
I think the following additions to the rdomain(4) man page would be
usefull for people that want to start using rdomains and rtables.
Remi
Index: rdomain.4
===
RCS file: /home/remi/cvs/src/share/man/man4/rdomain.4,v
retrieving
Hi
Since we have efiboot creating a multiboot environment on amd64/i386
became simpler. One obstacle is that (all?) OSs write their bootloader
to the default loction efi/boot/ on the EFI Sys partition.
Some OSs also create an efi/XXX directory where they put most of their
stuff (centos, ubuntu,
Nobody else using OpenBSD on in an UEFI multiboot setup?
On Thu, Jan 28, 2016 at 09:04:40AM +0100, Remi Locherer wrote:
> Hi
>
> Since we have efiboot creating a multiboot environment on amd64/i386
> became simpler. One obstacle is that (all?) OSs write their bootloader
> to the
On Sat, Mar 19, 2016 at 05:09:34PM -0400, Brandon Mercer wrote:
> I've recently acquired a usb3.0->gigabit ethernet adapter. It did not
> attach reliably, pass traffic reliably, and it made my machine panic
> when I unplugged it. Takahiro HAYASHI suggested that the reset
> code doesn't do anything
The resolver supports more than 3 nameservers.
Index: resolv.conf.5
===
RCS file: /cvs/src/share/man/man5/resolv.conf.5,v
retrieving revision 1.48
diff -u -p -r1.48 resolv.conf.5
--- resolv.conf.5 23 Nov 2015 18:04:53 -
Hi
I think there is a small mistake in relayd.conf.5.
Remi
Index: relayd.conf.5
===
RCS file: /cvs/src/usr.sbin/relayd/relayd.conf.5,v
retrieving revision 1.170
diff -u -p -r1.170 relayd.conf.5
--- relayd.conf.5 29 Jul 2016
On Wed, Sep 14, 2016 at 08:10:29PM -0600, Theo de Raadt wrote:
> > > wont this also mean if it is not running i have to wait for the localhost
> > > attempt to fail before the resolver moves on? (ASR_STATE_NEXT_NS, etc) so
> > > i
> > > slow everything down for a timeout?
> >
> > Not if he
On Thu, Sep 15, 2016 at 10:04:00AM +0100, Stuart Henderson wrote:
> On 2016/09/15 10:39, Remi Locherer wrote:
> > On Wed, Sep 14, 2016 at 08:10:29PM -0600, Theo de Raadt wrote:
> > > > > wont this also mean if it is not running i have to wait for the
> > > > &
Hi,
I ran into problems with mtu sizes on interfaces (gif in my case) and
ospfd. mtu was not the same on both sites so adjacency could not be
formed. The mtu mismatch is also logged by ospfd.
Just changing the MTU with ifconfig is not enough in such a case. I did
not want to restart ospfd since
On Sat, Nov 26, 2016 at 09:39:40AM +0100, Jeremie Courreges-Anglas wrote:
> Remi Locherer <remi.loche...@relo.ch> writes:
>
> > Hi,
> >
> > I ran into problems with mtu sizes on interfaces (gif in my case) and
> > ospfd. mtu was not the same on both sites
Hi,
In the output of ospfd -nv I miss metric and type for the redistribute
statement. The below patch adds this.
Sample output:
remi@mistral:..in/ospfd% doas obj/ospfd -nv
WARNING: IP forwarding NOT enabled, running as stub router
router-id 10.10.10.1
fib-update yes
rfc1583compat yes
stub
On Mon, Dec 05, 2016 at 06:06:42PM +0100, Remi Locherer wrote:
> On Tue, Nov 29, 2016 at 12:14:40PM +0100, Jeremie Courreges-Anglas wrote:
> > Remi Locherer <remi.loche...@relo.ch> writes:
> >
> > > On Sat, Nov 26, 2016 at 09:39:40AM +0100, Jeremie Courreges-Angl
On Tue, Nov 29, 2016 at 12:14:40PM +0100, Jeremie Courreges-Anglas wrote:
> Remi Locherer <remi.loche...@relo.ch> writes:
>
> > On Sat, Nov 26, 2016 at 09:39:40AM +0100, Jeremie Courreges-Anglas wrote:
> >> Remi Locherer <remi.loche...@relo.ch> writes:
>
On Wed, Dec 21, 2016 at 12:08:23PM +0100, Jeremie Courreges-Anglas wrote:
>
> Hi,
>
> After ospfd here's a diff to make ospf6d refresh his view of an
> interface's MTU at runtime. This needs a fresh kernel.
>
> The parent should pass the IFINFO message to its children first, and
> then decide
On Tue, Jul 04, 2017 at 11:00:18PM +0200, Remi Locherer wrote:
> On Sun, Jun 25, 2017 at 11:47:09PM +0200, Remi Locherer wrote:
> > Hi,
> >
> > ospfd does not react nicely when running "sh /etc/netstart if".
> >
> > This is because adding the
On Fri, Jul 21, 2017 at 06:24:06PM +0200, Remi Locherer wrote:
> On Fri, Jul 21, 2017 at 02:45:03PM +0200, Florian Riehm wrote:
> > On 06/25/17 23:47, Remi Locherer wrote:
> > > Hi,
> > >
> > > ospfd does not react nicely when running "sh /etc/netstart
On Fri, Jul 21, 2017 at 02:45:03PM +0200, Florian Riehm wrote:
> On 06/25/17 23:47, Remi Locherer wrote:
> > Hi,
> >
> > ospfd does not react nicely when running "sh /etc/netstart if".
> >
> > This is because adding the same address again
On Sun, Jun 25, 2017 at 11:47:09PM +0200, Remi Locherer wrote:
> Hi,
>
> ospfd does not react nicely when running "sh /etc/netstart if".
>
> This is because adding the same address again do an interface results
> in RTM_DELADDR and RTM_NEWADDR. ospfd hand
Hi,
ospfd does not react nicely when running "sh /etc/netstart if".
This is because adding the same address again do an interface results
in RTM_DELADDR and RTM_NEWADDR. ospfd handles the former but the later.
If this happens ospfd says "interface vether0:192.168.250.1 gone".
Adjacencies on that
On Sun, Oct 08, 2017 at 09:22:46AM -0500, joshua stein wrote:
> This adds support for Hybrid mode for Windows Precision Touchpads
> (ihidev/imt). If yours only works with one finger, this should fix
> that.
>
> This also changes the way SET_REPORTs are sent to put the touchpad
> into touchpad
On Wed, Oct 04, 2017 at 10:52:31PM +0200, Jan Klemkow wrote:
> Hi,
>
> This diff adds support for the "TEMPer1F_H1V1.5F" USB temperature and
> humidity sensor to the ugold(4) driver. I got reasonable values from
> the device, but as mentioned in this github issue [1] they are not very
>
On Tue, Sep 19, 2017 at 09:43:37PM +0200, Ulf Brosziewski wrote:
> This patch adapts hidmt - which is used by imt(4) - to the multitouch
> interface of wsmouse, and it adds the compat-mode configuration required
> by the wsmouse-internal touchpad input driver.
>
> Tests with both the synaptics
On Wed, Aug 23, 2017 at 12:22:03AM +0200, Florian Riehm wrote:
> On 08/21/17 18:57, Remi Locherer wrote:
> > On Mon, Jul 24, 2017 at 04:59:46PM +0200, Remi Locherer wrote:
> > > On Fri, Jul 21, 2017 at 06:24:06PM +0200, Remi Locherer wrote:
> > > > On Fri, Jul 21, 201
On Mon, Jul 24, 2017 at 04:59:46PM +0200, Remi Locherer wrote:
> On Fri, Jul 21, 2017 at 06:24:06PM +0200, Remi Locherer wrote:
> > On Fri, Jul 21, 2017 at 02:45:03PM +0200, Florian Riehm wrote:
> > > On 06/25/17 23:47, Remi Locherer wrote:
> > > > Hi,
> > >
Hi,
ospfd.conf(5) should mention what ospfd does automatically when
configured on carp interfaces.
ok?
Remi
Index: ospfd.conf.5
===
RCS file: /cvs/src/usr.sbin/ospfd/ospfd.conf.5,v
retrieving revision 1.48
diff -u -p -r1.48
On Fri, Nov 03, 2017 at 12:01:15PM -0500, joshua stein wrote:
> Intel 100 Series laptops have the DesignWare I2C controller
> attaching via PCI instead of ACPI, so move the guts of dwiic(4) into
> ic/ and add dwiic_acpi and dwiic_pci files. Unfortunately the PCI
> attachment still needs to
Hi,
in 2015 remote(5) was trimmed down when tip was removed. It looks like
documentation for capability "dc" was also removed by accident. cu(1) still
supports this (src/usr.bin/cu/cu.c):
381 if (is_direct == -1 && cgetcap(cp, "dc", ':') != NULL)
382 is_direct = 1;
Below
On Tue, May 22, 2018 at 05:43:01PM +0200, Mark Kettenis wrote:
> > Date: Mon, 21 May 2018 17:25:47 -0700
> > From: Mike Larkin
> >
> > On Mon, May 21, 2018 at 12:44:47PM +0200, Mark Kettenis wrote:
> > > The diff below fixes I2C_OP_WRITE_WITH_STOP operations. Currently we
Hi,
in some circumstances ospfd behaves not the way a user would expect and
it's not easy understand how to recover. With below diff ospfd recovers
automatically from the following three cases.
1) netstart
When someone runs the netstart script on a running system it most likely
assigns the
Hi,
ospf6d does not resend LSAs when a carp interface goes into backup state.
This is unfortunate since other routers may still use the route to the
backup router or they even do ECMP and send traffic to the master and backup.
This minimal diff adds braces to fix it:
Index: rde.c
Hi,
ospfd sends LSAs with MAX_METRIC for carp interfaces in state backup.
This does the same for ospf6d.
While here also document how ospf6d treats carp interfaces.
OK?
Remi
Index: ospf6d.conf.5
===
RCS file:
On Tue, Jun 19, 2018 at 03:59:24PM +0100, Stuart Henderson wrote:
> On 2018/06/18 08:53, Remi Locherer wrote:
> > Index: ospfd.h
> > ===
> > RCS file: /cvs/src/usr.sbin/ospfd/ospfd.h,v
> > retrieving re
On Sat, Jun 02, 2018 at 10:33:11PM +0200, Denis Fondras wrote:
> Applying otto@'s diff to ospfd.
> Fixes an off-by-one line count when using include statements.
>
> Ok ?
I applied your diff and verified that the line number for errors
in included files is now correct.
ok remi@
>
> Index:
On Sat, Jun 02, 2018 at 10:33:07PM +0200, Denis Fondras wrote:
> Applying otto@'s diff to ospf6d.
> Fixes an off-by-one line count when using include statements.
>
> Ok ?
I applied your diff and verified that the line number for errors
in included files is now correct.
ok remi@
>
> Index:
Hi,
this adds "Metric: " to the output of "ospf6ctl show database intra".
It looks like this:
--
LS age: 1152
LS Type: Intra Area (Prefix)
Link State ID: 1.0.0.0
Hi,
the ospf6ctl manual misses two database filters.
OK?
Remi
Index: ospf6ctl.8
===
RCS file: /cvs/src/usr.sbin/ospf6ctl/ospf6ctl.8,v
retrieving revision 1.11
diff -u -p -r1.11 ospf6ctl.8
--- ospf6ctl.8 5 Nov 2017 17:45:02 -
Hi,
RfC 5340 says that for intra area prefix LSAs metric should be set to 0
in case of point-to-multipoint or loopback interfaces. Otherwise metric
should be set to the value of the interfaces output cost.
ospf6d currently sends intra area prefix LSAs *always* with metric 0.
Below diff fixes
On Wed, Jun 06, 2018 at 09:01:49AM +0200, Claudio Jeker wrote:
> On Wed, Jun 06, 2018 at 08:06:30AM +0200, Remi Locherer wrote:
> > Hi,
> >
> > RfC 5340 says that for intra area prefix LSAs metric should be set to 0
> > in case of point-to-multipoint or loopback i
On Fri, Jun 22, 2018 at 12:25:40AM +0200, Jeremie Courreges-Anglas wrote:
> On Tue, Jun 19 2018, Remi Locherer wrote:
> > On Tue, Jun 19, 2018 at 03:59:24PM +0100, Stuart Henderson wrote:
> >> On 2018/06/18 08:53, Remi Locherer wrote:
>
On Thu, Jan 04, 2018 at 12:30:39PM +, Stuart Henderson wrote:
> On 2018/01/04 12:47, Martin Pieuchot wrote:
> > I'm not writing any isakmpd.policy(5) file. I don't know anybody sane
> > we do.
>
> This means you trust your ipsec peers not to request an invalid flow.
> That's reasonable if
On Wed, Jan 24, 2018 at 11:27:51PM +, Tom Smyth wrote:
> Hello, Martin, Remi, All
> Im very excited about this feature, Thanks Martin,
> Please see Comments inline below
>
> On 23 January 2018 at 18:06, Remi Locherer <remi.loche...@relo.ch> wrote:
> > On Mon, Jan 2
On Sun, Feb 04, 2018 at 05:19:59AM +0100, Claudio Jeker wrote:
> On Sun, Feb 04, 2018 at 12:42:22AM +0100, Remi Locherer wrote:
> > Hi
> >
> > This adds a new feature to ospfd: depend on interface.
> >
> > A ospfd.conf using it looks like this:
> >
>
Hi
This adds a new feature to ospfd: depend on interface.
A ospfd.conf using it looks like this:
--%<--
redistribute default depend on carp0
area 0.0.0.0 {
interface em2 { depend on carp0 }
[...]
}
--%<--
This router would send out the default route and the em2 network with
On Thu, Feb 08, 2018 at 11:52:01AM +0100, Sebastian Benoit wrote:
> can someone confirm that ospf6d still works with this change?
>
> oks?
ospf6d works as before with this change. It also matches what ospfd does.
OK remi@
>
> (benno_ospf6d_kroute.diff)
>
> diff --git usr.sbin/ospf6d/kroute.c
On Fri, Feb 09, 2018 at 03:39:43AM +0100, Claudio Jeker wrote:
> On netsplits it can happen that on join multiple ospfd end up as DR.
> In my case with 3 routers the one cut off stays DR even though the rest of
> the network already has a DR and BDR.
>
> Looking into this it seems that in some
On 2018-08-09 03:53, Carlos Cardenas wrote:
On Mon, Aug 06, 2018 at 08:18:23PM -0700, Carlos Cardenas wrote:
Howdy.
Attached is a patch from my work that started at g2k18 on adding
administrative knobs to our LACP driver.
The driver now has a new ioctl (SIOCxTRUNKOPTS), which for now only
has
Hi tech,
recently we had a short outage in our network. A script started an additional
ospfd instance because the -n flag for config test was missing.
What then happend was not nice:
- The new ospfd unlinked the control socket of the first ospfd
- The new ospfd removed all routes from the first
On Fri, Aug 24, 2018 at 08:58:12AM +0200, Claudio Jeker wrote:
> On Wed, Aug 22, 2018 at 12:12:10AM +0200, Remi Locherer wrote:
> > On Tue, Aug 21, 2018 at 05:54:18PM +0100, Stuart Henderson wrote:
> > > On 2018/08/21 17:16, Remi Locherer wrote:
> > > > Hi tech,
&g
On Tue, Aug 21, 2018 at 05:54:18PM +0100, Stuart Henderson wrote:
> On 2018/08/21 17:16, Remi Locherer wrote:
> > Hi tech,
> >
> > recently we had a short outage in our network. A script started an
> > additional
> > ospfd instance because the -n
On Tue, Aug 28, 2018 at 07:56:43AM +0200, Claudio Jeker wrote:
> On Mon, Aug 27, 2018 at 11:33:19PM +0200, Remi Locherer wrote:
> > On Fri, Aug 24, 2018 at 12:21:31PM +0200, Remi Locherer wrote:
> > > On Fri, Aug 24, 2018 at 08:58:12AM +0200, Claudio Jeker wrote:
[ snip ]
On Fri, Aug 24, 2018 at 12:21:31PM +0200, Remi Locherer wrote:
> On Fri, Aug 24, 2018 at 08:58:12AM +0200, Claudio Jeker wrote:
> > On Wed, Aug 22, 2018 at 12:12:10AM +0200, Remi Locherer wrote:
> > > On Tue, Aug 21, 2018 at 05:54:18PM +0100, Stuart Henderson wrote:
> >
Hi,
Since slaacd is able to use pledge in the parent process I thought it may
be possible for ospfd too.
It works fine until ospfd gets reloaded. At this point it uses setsockopt
to set the priority filter on the routing socket.
Since I could not find a promise for this I extended wroute. Does
On Sat, Sep 01, 2018 at 10:38:09PM +0200, Sebastian Benoit wrote:
> Remi Locherer(remi.loche...@relo.ch) on 2018.09.01 21:53:21 +0200:
> > Hi,
> >
> > Since slaacd is able to use pledge in the parent process I thought it may
> > be possible for ospfd too.
> >
&
On Sat, Sep 01, 2018 at 10:38:09PM +0200, Sebastian Benoit wrote:
> Remi Locherer(remi.loche...@relo.ch) on 2018.09.01 21:53:21 +0200:
> > Hi,
> >
> > Since slaacd is able to use pledge in the parent process I thought it may
> > be possible for ospfd too.
> >
&
On Sun, Sep 02, 2018 at 08:05:55AM +0200, Remi Locherer wrote:
> On Sat, Sep 01, 2018 at 10:38:09PM +0200, Sebastian Benoit wrote:
> > Remi Locherer(remi.loche...@relo.ch) on 2018.09.01 21:53:21 +0200:
> > > Hi,
> > >
> > > Since slaacd is able to use pledge in
Hi,
this is the adaption of the recent ospfd commit to ospf6d.
Early in the startup the main process checks if another process is listening
on the control socket and exits if that is the case. Otherwise the master
process opens the control socket and passes it on to the ospf engine.
OK?
Remi
Hi,
With the "depend on" option routes are sent out with a metric of 65535 if
the referenced interface is down or in state backup. This is especially
useful on a carp cluster to ensure all traffic goes to the carp master.
This is similar to what we have for ospfd.
A configuration using this
Hi,
This changes the name of the ospfd control socket to include the rdomain.
It's similar to what bgpd does.
OK?
Remi
Index: ospfd/ospfd.c
===
RCS file: /cvs/src/usr.sbin/ospfd/ospfd.c,v
retrieving revision 1.98
diff -u -p
On Tue, Jul 10, 2018 at 07:12:01PM +0200, Florian Riehm wrote:
> Hi,
>
> this adds pledge to the ospf6d route decision engine and the ospf engine.
> It is compared to the ospfd quite simple, since ospf6d does not support
> reload,
> rdomains and kif-interfaces.
>
> ok?
builds and runs fine. OK
On Wed, Jul 11, 2018 at 12:43:41AM +0200, Sebastian Benoit wrote:
> hi,
>
> allows you to announce prefixes from the kernel routing table selected by
> priority.
>
> lightly tested, as in, the config part works.
>
> network inet priority 32
>
> ok?
works in my lab setup. OK remi@
>
>
On Tue, Jul 10, 2018 at 03:22:43PM +0200, Remi Locherer wrote:
> Hi,
>
> With the "depend on" option routes are sent out with a metric of 65535 if
> the referenced interface is down or in state backup. This is especially
> useful on a carp cluster to ensure all traffi
This makes "ospfd -nv" print the rdomain config option if present.
OK?
Remi
Index: printconf.c
===
RCS file: /cvs/src/usr.sbin/ospfd/printconf.c,v
retrieving revision 1.18
diff -u -p -r1.18 printconf.c
--- printconf.c 5 Feb 2018
Hi,
This adds rdomain support to ospf6d. It works the same as in ospfd.
OK?
Remi
Index: ospf6ctl/ospf6ctl.c
===
RCS file: /cvs/src/usr.sbin/ospf6ctl/ospf6ctl.c,v
retrieving revision 1.48
diff -u -p -r1.48 ospf6ctl.c
---
On Wed, Jul 11, 2018 at 02:59:30PM +0200, Florian Riehm wrote:
> Hi,
>
> successfully tested. I like the feature!
Thanks!
> Some (mostly cosmetic) comments inline.
I fixed them. Updated diff below.
> Index: ospfe.c
> ===
> RCS
On Mon, Jul 09, 2018 at 10:42:16AM +0200, Claudio Jeker wrote:
> On Mon, Jul 09, 2018 at 10:31:15AM +0200, Remi Locherer wrote:
> > later on it is set with:
> > log_setverbose(ospfd_conf->opts & OSPFD_OPT_VERBOSE);
> >
> > OK?
>
> Shouldn't we in
later on it is set with:
log_setverbose(ospfd_conf->opts & OSPFD_OPT_VERBOSE);
OK?
Index: ospf6d.c
===
RCS file: /cvs/src/usr.sbin/ospf6d/ospf6d.c,v
retrieving revision 1.35
diff -u -p -r1.35 ospf6d.c
--- ospf6d.c5 Nov 2017
On Mon, Jan 22, 2018 at 04:23:59PM +0100, Martin Pieuchot wrote:
> Diff below adds a new feature to bridge(4), similar to Cisco's Protected
> Port but with more possibilities.
>
> The idea is to prevent traffic to flow between some members of a bridge(4).
> For example:
> - you want to prevent
On 2018-04-20 14:46, Kapetanakis Giannis wrote:
On 04/02/18 01:42, Remi Locherer wrote:
Hi
This adds a new feature to ospfd: depend on interface.
A ospfd.conf using it looks like this:
--%<--
redistribute default depend on carp0
area 0.0.0.0 {
interface em2 { depend on ca
On 2018-04-20 15:39, Kapetanakis Giannis wrote:
On 20/04/18 16:20, Remi Locherer wrote:
On 2018-04-20 14:46, Kapetanakis Giannis wrote:
While it does the job for local connected/static networks (on the
router),
it doesn't do it for forwarded routes which I learn from remote OSPF
routers
Hi,
this restricts ospfd's parent process to only read it's config file (reload)
and unlink the control socket on exit. I added unveil after the setup of
the control socket is done since chmod is used in control_init.
OK?
Remi
Index: ospfd.c
st_list, entry);
> free(r);
>
> On 15:58 Sun 28 Oct , Florian Obser wrote:
> > Sorry, I'm on a phone. The diff context looks like the control FD is
> > already open at this point. Does ospfd later re-open it?
> >
> > On October 27, 2018 11:2
11:25:58 PM GMT+02:00, Remi Locherer
> wrote:
> >On Fri, Oct 26, 2018 at 10:19:01AM -0600, Theo de Raadt wrote:
> >> Remi Locherer wrote:
> >>
> >> > On Fri, Oct 26, 2018 at 06:01:40PM +0200, Florian Obser wrote:
> >> > > This breaks usage o
gt;
> > ospfd_shutdown();
> > @@ -308,7 +313,6 @@ ospfd_shutdown(void)
> > msgbuf_clear(_rde->ibuf.w);
> > close(iev_rde->ibuf.fd);
> >
> > - control_cleanup(ospfd_conf->csock);
> > while ((r = SIMPLEQ_FIRST(_conf->redist_list)) != NU
Hi,
ospf6d does not support reloading so its parent proc does not need
filesystem access with the exception of the control socket cleanup on
exit. Once we teach it how to reload the config it is easy to unveil "/"
readonly as I just did for ospfd.
OK?
Remi
cvs diff: Diffing .
Index: ospf6d.c
2018 5:26:06 PM GMT+02:00, Remi Locherer
> wrote:
> >Hi,
> >
> >this restricts ospfd's parent process to only read it's config file
> >(reload)
> >and unlink the control socket on exit. I added unveil after the setup
> >of
> >the control socket
On Tue, Oct 30, 2018 at 10:54:10AM -0600, Theo de Raadt wrote:
> Remi Locherer wrote:
>
> > On Tue, Oct 30, 2018 at 03:20:35PM +, Ricardo Mestre wrote:
> > > Hi,
> > >
> > > After all files are opened ripd(8) can have the fs access disabled just
&g
On Tue, Oct 30, 2018 at 03:20:35PM +, Ricardo Mestre wrote:
> Hi,
>
> After all files are opened ripd(8) can have the fs access disabled just before
> each process main loop. Its 2 childs already run under chroot, but since they
> are still not pledged at least they have no way to
On Tue, Oct 30, 2018 at 05:31:04PM +, Ricardo Mestre wrote:
> clearly an oversight due to looking at too many daemons at the same
> time. since the only thing ripd needs to do is unlink the socket I think
> we can remove control_cleanup, even though I'd rather do this
> introducing pledge, but
On Fri, Oct 26, 2018 at 10:19:01AM -0600, Theo de Raadt wrote:
> Remi Locherer wrote:
>
> > On Fri, Oct 26, 2018 at 06:01:40PM +0200, Florian Obser wrote:
> > > This breaks usage of the "include" keyword. Something that all the
> > > parse.y daemon
On Mon, Nov 05, 2018 at 12:30:08PM +, Ricardo Mestre wrote:
> Hi,
>
> dhclient(8)'s privileged process cannot be pledged yet due to some route
> related sysctl(2)'s, but it seems it only needs to access two files. One is
> /etc/resolv.conf with write/create permissions and saved_argv[0]
Hi,
the default for triggered-updates is no.
OK?
Remi
cvs diff: Diffing .
Index: ripd.conf.5
===
RCS file: /cvs/src/usr.sbin/ripd/ripd.conf.5,v
retrieving revision 1.15
diff -u -p -r1.15 ripd.conf.5
--- ripd.conf.5 18 Jun 2018
Hi,
ripd wants curly braces for interface blocks even if no parameters are
specified. This is inconsistent with other daemons and a bit annoying.
Below diff makes ripd accepting
interface if0
without { } afterwards. The example in the man page shows the interface
statement with and
On Sun, Nov 11, 2018 at 09:48:38AM +0100, Claudio Jeker wrote:
> On Sat, Nov 10, 2018 at 09:17:57PM +0100, Remi Locherer wrote:
> > Hi,
> >
> > ripd wants curly braces for interface blocks even if no parameters are
> > specified. This is inconsistent with other
On Mon, Nov 12, 2018 at 08:12:37AM +0100, Claudio Jeker wrote:
> On Sun, Nov 11, 2018 at 04:40:54PM -0700, Theo de Raadt wrote:
> > Makes sense to me, I suppose.
> >
> > Isn't another approach to swap the opening of the sockets?
> >
> > Or why does failure to control :179 sockets not stop
Hi,
I heard from two devs that started a 2nd bgpd by accident (forgot -n for
a config check) which then caused downtime.
Below diff adds a check to bgpd similar to the one we have now in ospfd and
ospf6d: if another process is listening on the control socket bgpd exits.
The situation is a bit
On Sat, Sep 22, 2018 at 08:22:52AM +0100, Tom Smyth wrote:
> OpenBGPd Feature Request / Question if the Feature Request
> is something the community would use ?
>
> Background,
> Ideally we would run full tables so that we have visibility
> on reachibility of a prefix via a transit provider,
>
On Sat, Dec 29, 2018 at 02:06:32PM +0100, Denis Fondras wrote:
> On Fri, Dec 28, 2018 at 09:50:50PM +0100, Remi Locherer wrote:
> > Hi tech,
> >
> > this allows to adjust the priority of the routes that ospf6d inserts
> > into the kernel routing table.
> >
&
On Mon, Dec 31, 2018 at 01:33:39PM +0100, Jeremie Courreges-Anglas wrote:
> On Sun, Dec 30 2018, Remi Locherer wrote:
> > Hi tech,
> >
> > after adding the config option "fib-priority" to ospfd/ospf6d I figured out
> > that it is almost the same change to a
Hi tech,
when removing an interface from ospdf.conf and doing a reload other
OSPF routers should get a router LSA update. Then they can remove the
affected route. But currently this does not happen. The affected route
might be used by other routers a long time after removing it from the
config
1 - 100 of 207 matches
Mail list logo