ok
Florian Obser(flor...@openbsd.org) on 2020.02.07 16:49:08 +0100:
> Slightly tweaked diff by me, fixing "new sentence new line" in the man
> page.
>
> This is OK florian@ if someone wants to commit it or I can commit it
> if someone OKs it.
>
> diff --git httpd.conf.5 httpd.conf.5
> index f4ea
Ingo Schwarze(schwa...@usta.de) on 2020.02.09 00:33:06 +0100:
> Hi,
>
> Jason McIntyre wrote on Sat, Feb 08, 2020 at 10:15:08PM +:
>
> > - i'm ok with adding the path to these files to a FILES section
>
> So, here is a specific patch for bgpf.conf(5) and bgpd(8) such
> that we can agree on a
read ok
Florian Obser(flor...@openbsd.org) on 2020.02.09 10:46:34 +0100:
> Anyone? I'll commit this soon if I don't hear back, I don't think this
> is contentious.
>
> On Fri, Feb 07, 2020 at 03:59:50PM +0100, Florian Obser wrote:
> > Moving from misc to tech.
> >
> > This is effectively Ulrich'
ok
Claudio Jeker(cje...@diehard.n-r-g.com) on 2020.02.14 14:06:37 +0100:
> Move and rename copy_filterset to rde_filter.c as filterset_copy.
> This way it matches the other filterset_* functions.
>
> OK?
> --
> :wq Claudio
>
> Index: bgpd.h
>
in relayd we use -v for that, so you need to run -d to get lots of
output. check main() there?
i think thats more intuitive, but maybe i'm just used to it.
Brent Cook(bust...@gmail.com) on 2016.01.20 06:31:44 -0600:
> Since the relatively recent logging unification, log_init needs a
> debug l
Christian Weisgerber(na...@mips.inka.de) on 2016.01.30 17:45:14 +0100:
> From a similar FreeBSD commit:
> Use standard name for ASCII LF and FF control codes.
>
> Only overdue by a few decades. OK?
ok
> Index: ascii.7
> ===
> RC
add missing RTF_CONNECTED.
remove ESIS (End System to Intermediate System Protocol), ann NDP in
comment.
add information about RTF_FMASK.
ok?
diff --git share/man/man4/route.4 share/man/man4/route.4
index 7c1402c..d17dbf3 100644
--- share/man/man4/route.4
+++ share/man/man4/route.4
@@ -356,23 +35
ok
Jeremie Courreges-Anglas(j...@wxcvbn.org) on 2016.03.31 19:16:14 +0200:
> Jeremie Courreges-Anglas writes:
>
> > Mike Belopuhov writes:
> >
> >> Good day, Dimitris.
> >>
> >> Long time ago in a galaxy far far away I've been using this
> >> alongside the -F option that I've added. While mana
Hi Fritjof,
frit...@alokat.org(frit...@alokat.org) on 2016.03.31 11:43:58 +0200:
> Wipe out the key from "user.key".
>
> --f.
>
> Index: login_yubikey.c
> ===
> RCS file: /cvs/src/libexec/login_yubikey/login_yubikey.c,v
> retrieving
Christian Weisgerber(na...@mips.inka.de) on 2016.04.12 14:43:50 +:
> On 2016-04-12, Martin Pieuchot wrote:
>
> > Relying on the "scopeid" field is not a viable long-term solution. I'm
> > spending too much time these days trying to figure out which interface
> > correspond to which index.
>
Martin Pieuchot(m...@openbsd.org) on 2016.04.12 16:25:36 +0200:
> On 12/04/16(Tue) 14:03, Stuart Henderson wrote:
> > On 2016/04/12 14:18, Claudio Jeker wrote:
> > > On Tue, Apr 12, 2016 at 01:47:53PM +0200, Stefan Sperling wrote:
> > > > On Tue, Apr 12, 2016 at 12:27:10PM +0100, Stuart Henderson w
Sebastien Marie(sema...@openbsd.org) on 2016.04.20 08:38:40 +0200:
> Hi,
>
> I noted that iked(8) default key (generated at boot time by rc(8) if it
> doesn't exist yet) aren't present in changelist(5), whereas the same
> keys for isakmpd(8) are.
>
> Does adding /etc/iked/local.pub and /etc/iked/
frit...@alokat.org(frit...@alokat.org) on 2016.03.31 23:43:54 +0200:
> On Thu, Mar 31, 2016 at 10:17:45PM +0200, Sebastian Benoit wrote:
> > Hi Fritjof,
> >
> > frit...@alokat.org(frit...@alokat.org) on 2016.03.31 11:43:58 +0200:
> > > Wipe out the key fro
Jonathan Matthew(jonat...@d14n.org) on 2016.04.18 07:17:55 +1000:
> On Sun, Apr 10, 2016 at 04:36:15PM +1000, Jonathan Matthew wrote:
> > A while back (s2k15?), reyk@ suggested I take a look at converting ldapd to
> > use
> > libtls rather than the openssl api. Today I finally got around to it,
>
ok benno@
Stefan Sperling(s...@stsp.name) on 2016.04.27 13:36:51 +0200:
> I'd like to add some 802.11n-related counters to netstat -W output.
>
> The first diff below is for the kernel, the second for netstat.
>
> ok?
>
> Index: ieee80211_input.c
> ==
ok
J??r??mie Courr??ges-Anglas(j...@wxcvbn.org) on 2016.05.02 13:21:51 +0200:
>
> ndp.c doesn't have any #ifdef INET6 preprocessor directive, I can't see
> how keeping that in CPPFLAGS changes anything. While here, -I${.CURDIR}
> isn't needed either. Verified with sha256(1).
>
> ok?
>
> Index
ok
Ted Unangst(t...@tedunangst.com) on 2016.05.13 15:00:22 -0400:
> overzealous use of errx() hides useful information about the error.
>
>
> Index: bioctl.c
> ===
> RCS file: /cvs/src/sbin/bioctl/bioctl.c,v
> retrieving revision 1.
Paul Irofti(p...@irofti.net) on 2017.05.26 14:26:46 +0300:
> On Fri, May 26, 2017 at 06:55:34AM -0400, Ted Unangst wrote:
> > let's say, hypothetically, you're working with a blasphemer who mails you a
> > git diff which looks a little like this:
> >
> > diff --git a/d2/bar.c b/d2/bar.c
> > index
Peter Hessler(phess...@openbsd.org) on 2017.05.26 21:40:49 +0200:
> On 2017 May 26 (Fri) at 20:01:00 +0200 (+0200), Peter Hessler wrote:
> :Apropos of "I found it", I implemented support for RFC 7607. It's a
> :super short RFC, but basically it forbids use of AS 0 anywhere.
> :
> :OK?
> :
> :
>
>
ok
Florian Obser(flor...@openbsd.org) on 2017.05.27 08:06:04 +:
> It's probably best to use basename(3) here like for the cert file
> instead of incorrectly handrolling the functionality ;)
>
> OK?
>
> diff --git main.c main.c
> index f8dc22c8756..9a7c3c5568c 100644
> --- main.c
> +++ main.c
(benno_pflow_try3_1_task.diff)
move sending of pflow packet into a task, seperated from the data
collection by a mbuf queue.
diff --git sys/net/if_pflow.c sys/net/if_pflow.c
index a40fe23862b..8cfffa1e4e7 100644
--- sys/net/if_pflow.c
+++ sys/net/if_pflow.c
@@ -67,6 +67,7 @@ struct pflows
(benno_pflow_try3_2_locked_arg.diff)
Introduce a 'locked' argument to sobind(), socreate() and soclose() to
indicate if its called with a lock held.
In pflow in the ioctl path, these functions can now be used without
giving up the netlock first.
diff --git sys/kern/sys_socket.c sy
Peter Hessler(phess...@openbsd.org) on 2017.05.27 12:17:56 +0200:
> Right now, we have 'neighbor-as' that can be used as magic syntax sugar
> for filter rules. I want to have magic syntax sugar for 'local-as',
> which expands to our ASN. It already plays nicely with the local-as
> diff I sent, an
(benno_pflow_try4_task.diff)
ok?
diff --git sys/net/if_pflow.c sys/net/if_pflow.c
index a40fe23862b..20ab4e0e88d 100644
--- sys/net/if_pflow.c
+++ sys/net/if_pflow.c
@@ -67,6 +67,7 @@ struct pflowstats pflowstats;
void pflowattach(int);
intpflow_output(struct ifnet *ifp, struct mbuf
reads ok
and yes on sthens suggestion
Peter Hessler(phess...@openbsd.org) on 2017.05.27 14:50:25 +0200:
> Allow us to receive our own AS paths from a neighbor.
>
> Like several of the related diffs, this also invites dragons and grues
> into your network.
>
> Probably needs the most love in th
in a bgpd.conf config with
network 2a00:15a8:6:100::/56 set ext-community soo 23:42
network 2a00:15a8:6:100::/56
the second line "overwrites" the first line.
this prints a warning, because i wasted 30 minutes wondering why i could not
see the community on the wire...
ok?
(benno_bgpd_parse_dup
Sebastian Benoit(be...@openbsd.org) on 2017.05.27 18:35:06 +0200:
>
> in a bgpd.conf config with
>
> network 2a00:15a8:6:100::/56 set ext-community soo 23:42
> network 2a00:15a8:6:100::/56
>
> the second line "overwrites" the first line.
>
> this prints a
thanks for both this and your httpd diff, both commited.
Hiltjo Posthuma(hil...@codemadness.org) on 2017.05.07 20:56:25 +0200:
> Hey,
>
> This replaces the prefix in log messages to __func__. Some older code had
> the prefix still set to another name. Patch below:
>
>
> diff --git a/usr.sbin/re
ok benno@
Florian Riehm(m...@friehm.de) on 2017.05.27 10:15:45 +0200:
> Hi,
>
> This patch fixes the carp mode 'balancing ip-stealth'.
>
> Problem:
> System A
> carp1: flags=8843 mtu 1500
> lladdr 00:00:5e:00:01:01
> description: Carp-intern
> index 7 priority 15 llprio 3
Hi,
testing hennigs diff i found having to specify the socket on the command
line annoying:
bgpctl -s /var/run/rdomain123.bgpd.sock sh rib
srly?
I figure when you are debuging things in rdomain , you will want to route
-T exec ksh anyway, so this makes bgpd create /var/run/bgpd.sock. when
r
Peter Hessler(phess...@theapt.org) on 2017.05.28 20:56:39 +0200:
> looks fine to me, OK
>
>
> On 2017 May 28 (Sun) at 19:12:34 +0200 (+0200), Sebastian Benoit wrote:
> :Hi,
> :
> :testing hennigs diff i found having to specify the socket on the command
> :line annoying:
> "servers ntp.ring.nlnog.net \
> local-address 165.254.255.27,2001:728:1808::26"
yes
>
> or allow one to repeat the 'local-address' keyword:
>
> "servers ntp.ring.nlnog.net \
> local-address 165.254.255.27 \
> local-address 2001:728:1808::26"
>
> or use differe
David Gwynne(da...@gwynne.id.au) on 2017.05.29 15:34:51 +1000:
> this rolls vnetid and parent into a single encap line in ifconfig.
>
> eg:
>
> - vnetid: 7
> - parent: ix1
> + encap: vnetid: 7 parent: ix1
>
> after this i would like to get rid of the vlan compat goo.
>
> ok?
add option -R for printing the routing table id is running under
ok?
diff --git usr.bin/id/id.1 usr.bin/id/id.1
index 35728ee53ee..c5727927bc6 100644
--- usr.bin/id/id.1
+++ usr.bin/id/id.1
@@ -55,6 +55,8 @@
.Fl p
.Op Ar user
.Nm id
+.Fl R
+.Nm id
.Fl u Op Fl nr
.Op Ar user
.Sh DESCRIPTION
this is basically the code i had before mpi told me that mq_ was not needed.
*sigh*
ok.
Visa Hankala(v...@openbsd.org) on 2017.05.30 16:19:46 +:
> On Wed, May 31, 2017 at 01:52:31AM +1000, Jonathan Matthew wrote:
> > On Tue, May 30, 2017 at 01:04:07PM +, Visa Hankala wrote:
> > > Index:
ok
David Gwynne(da...@gwynne.id.au) on 2017.05.31 15:34:53 +1000:
> the vlan specific output is redundant because vlan supports the
> generic vnetid and parent ioctls now.
>
> this leaves the code for setting vlan specific stuff because there's
> a slight semantic change i want to discuss separat
Claudio Jeker(cje...@diehard.n-r-g.com) on 2017.05.31 00:27:21 +0200:
> After looking at what IETF and IANA did to extended communities I decided
> to refactor the code a major bit and hopefully that will work a bit better
> than what we had before. When I implemented it first I foolishliy assumed
Claudio Jeker(cje...@diehard.n-r-g.com) on 2017.06.07 16:05:15 +0200:
> Be careful, AFAIK the capitalisation of IEEE standards does matter.
> You're right 802.1Q is the correct spelling but not for 802.1ad (where the
> lowercase version is the offical standard). IIRC the status of the
> standard is
Rob Pierce(r...@2keys.ca) on 2017.06.11 18:04:31 -0400:
> This minimizes differences with the latest log.c.
>
> I was not sure how to handle verbosity, as the current implementation is
> verbose by default in debug mode. The diff below requires actually
> requesting (double) verbosity on the comma
Rob Pierce(r...@2keys.ca) on 2017.06.13 19:12:18 -0400:
> On Tue, Jun 13, 2017 at 08:44:46AM +0200, Sebastian Benoit wrote:
> > Rob Pierce(r...@2keys.ca) on 2017.06.11 18:04:31 -0400:
> > > This minimizes differences with the latest log.c.
> > >
> > > I was
ok
Stefan Sperling(s...@stsp.name) on 2017.06.24 07:09:20 +0200:
> The kernel rejects IPv6 destination addresses on point-to-point
> interfaces if the prefixlen is not 128. Because ifconfig defaults
> to prefixlen 64, configuring IPv6 on e.g. gif(4) requires an
> explicit prefix length, for instan
ok
Job Snijders(j...@instituut.net) on 2017.06.23 16:02:13 +0200:
> Dear team,
>
> This patch adds support for the "graceful shutdown" well-known
> community as described in draft-ietf-grow-bgp-gshut.
>
> An example implementation would be to add the following to your
> bgpd.conf:
>
> matc
ok
as wor the WELLKNOWN, what do other implementations do?
If others print it or accept it as input, lets keep it.
If not, remove it from both your diff and bgpctls output.
/Benno
Job Snijders(j...@instituut.net) on 2017.06.25 14:59:21 +0200:
> Small update.
>
> I renamed the 'msb' argument ('m
commited with the (int)(long)arg cast.
Thanks!
(waiting for more...) /Benno
Rob Pierce(r...@2keys.ca) on 2017.06.27 12:45:43 -0400:
> Hoist some privileged code in preparation for future work.
>
> Is this the correct use of intptr_t?
>
> Based on an approach in vmd with mc146818/ns8250.
>
> N
3 lines are longer than 80 chars.
otherwise ok benno@
Job Snijders(j...@instituut.net) on 2017.06.27 11:00:55 +0200:
> Dear all,
>
> This patch adds a '-v' option to cp(1), mv(1), and rm(1). If the '-v'
> option is used, the utility will display the name of each file after it
> has been successf
commited, thx
Rob Pierce(r...@2keys.ca) on 2017.06.27 21:33:06 -0400:
>
> Index: ifstated.c
> ===
> RCS file: /cvs/src/usr.sbin/ifstated/ifstated.c,v
> retrieving revision 1.43
> diff -u -p -r1.43 ifstated.c
> --- ifstated.c2
This makes netstat show only listening sockets for tcp sockets
when invoked as netstat -l.
With it "netstat -l -finet -p tcp" is equivalent to
"netstat -a -finet | grep LISTEN"
I (re)used -l because Linux has the same option.
FreeBSD does not have -l, but it does not error out when invoked with
Sebastian Benoit(be...@openbsd.org) on 2017.07.01 16:44:14 +0200:
> This makes netstat show only listening sockets for tcp sockets
> when invoked as netstat -l.
>
> With it "netstat -l -finet -p tcp" is equivalent to
> "netstat -a -finet | grep LISTEN"
>
Sebastian Benoit(be...@openbsd.org) on 2017.07.01 20:40:17 +0200:
> Sebastian Benoit(be...@openbsd.org) on 2017.07.01 16:44:14 +0200:
> > This makes netstat show only listening sockets for tcp sockets
> > when invoked as netstat -l.
> >
> > With it "netstat -l
Thanks, i commited all three.
/Benno
Rob Pierce(r...@2keys.ca) on 2017.07.02 00:32:27 -0400:
> Remove unused variable from header file.
>
> Index: ifstated.h
> ===
> RCS file: /cvs/src/usr.sbin/ifstated/ifstated.h,v
> retrieving rev
Rob Pierce(r...@2keys.ca) on 2017.07.02 12:06:25 -0400:
> I am currently using this regression script for basic ifstated sanity testing.
>
> Still a work in progress. Requesting commit for safe keeping.
Hi,
this should go into /usr/src/regress/usr.sbin/ifstated
(which does not esist yet).
Also
commited, thanks.
Rob Pierce(r...@2keys.ca) on 2017.07.03 09:45:35 -0400:
> On Sun, Jul 02, 2017 at 11:50:56PM -0400, Rob Pierce wrote:
> > Remove obvious clear_config() comments and misleading state_change()
> > comments.
> >
> > Also relocate do_action() calls for the init block from change_st
Florian Obser(flor...@openbsd.org) on 2017.07.04 19:27:15 +:
> On Fri, Jun 23, 2017 at 01:52:52PM +0300, Kapetanakis Giannis wrote:
> > Hi,
> >
> > Using relayd's redirect/forward on ipv6 addresses I discovered problems
> > relating to setting TTL.
> >
> > There is no check for address famil
Rob Pierce(r...@2keys.ca) on 2017.07.04 07:34:27 -0400:
> On Mon, Jul 03, 2017 at 04:24:30PM -0400, Rob Pierce wrote:
> > ifstated monitors interface state and the return state of invoked commands,
> > and takes action accordingly, all of which is managed with the help of a
> > finite state machine
Florian Obser(flor...@openbsd.org) on 2017.07.11 19:27:54 +:
> from bgpd.
>
> OK?
ok
> benno, is this the right way to do it? I kinda lost track on your
> log merging efforts...
yes thats ok. I neglected rtadvd a bit.
> diff --git log.c log.c
> index 357ef35b79c..08afcebcac0 100644
> ---
ok
Florian Obser(flor...@openbsd.org) on 2017.07.11 19:25:58 +:
> ... we want to log_warn what went wrong.
> OK?
>
> diff --git if.c if.c
> index 4683bcffac9..c4a4fea1984 100644
> --- if.c
> +++ if.c
> @@ -111,7 +111,7 @@ if_nametosdl(char *name)
> int
> if_getmtu(char *name)
> {
> - i
ok with one question.
Florian Obser(flor...@openbsd.org) on 2017.07.11 19:29:44 +:
> replace
> log_warnx("foo"):
> exit(1);
> with
>fatalx("foo):
>
> OK?
>
> diff --git config.c config.c
> index 85d14efedca..e6f48fffec7 100644
> --- config.c
> +++ config.c
> @@ -85,9 +85,8 @@ get
Florian Obser(flor...@openbsd.org) on 2017.07.11 19:30:37 +:
>
> OK?
yes
> diff --git if.c if.c
> index 95f83d8e822..cc878bd5916 100644
> --- if.c
> +++ if.c
> @@ -435,7 +435,7 @@ parse_iflist(struct if_msghdr ***ifmlist_p, char *buf,
> size_t bufsize)
> lim = buf + bufsize;
>
Jeremie Courreges-Anglas(j...@wxcvbn.org) on 2017.07.12 21:00:44 +0200:
> Jeremie Courreges-Anglas writes:
>
> > Kapetanakis Giannis writes:
> >
> >> On 10/07/17 17:22, Jeremie Courreges-Anglas wrote:
> >>> Using -1 for IPV6_UNICAST_HOPS is correct.
> >>>
> >>> Note that you can also use -1 for
Hi,
i wanted to commit this, but saw that it does not have a licence yet.
Can i add /usr/share/misc/license.template with your name and email-Adress?
/Benno
Rob Pierce(r...@2keys.ca) on 2017.07.06 13:12:26 -0400:
> On Sun, Jul 02, 2017 at 06:29:07PM +0200, Sebastian Benoit wrote:
>
Florian Riehm(m...@friehm.de) on 2017.07.21 15:42:21 +0200:
> On 03/03/14 00:33, Florian Riehm wrote:
> > Hi all,
> >
> > ospfd can't export the default gateway via route label because
> > get_rtaddrs gets confused by a netmask (RTAX_NETMASK) of 0 because
> > sa->sa_len in get_rtaddrs is 0 and ROU
ok benno@
Jeremie Courreges-Anglas(j...@wxcvbn.org) on 2017.07.23 02:10:35 +0200:
> On Sat, Jul 22 2017, Rob Pierce wrote:
> > On Sun, Jul 23, 2017 at 12:26:53AM +0200, Jeremie Courreges-Anglas wrote:
> >> On Sat, Jul 22 2017, Rob Pierce wrote:
> >> > With the most recent commit ifstated can no
Jeremie Courreges-Anglas(j...@wxcvbn.org) on 2017.07.22 21:40:53 +0200:
>
> If you destroy the interface pflogd(8) listens on, you get killed
> because socket(2) is denied by the current pledge(2) restrictions:
>
> pflogd(15868): syscall 97 "inet"
>
> The ioctl(SIOCGIFDATA) call would be fatal
wow, and ok benno@
Alexander Bluhm(alexander.bl...@gmx.net) on 2017.07.25 18:07:19 +0200:
> Hi,
>
> The LINK_STATE_IS_UP() macro considers LINK_STATE_UNKNOWN as up.
> So the em driver never gets out of that state. The change was in
> sys/net/if.h
>
> revision 1.123
> date: 2011/07/03 17:41:50;
Denis Fondras(open...@ledeuns.net) on 2017.07.26 18:42:13 +0200:
> Hi,
>
> I use route(8) a lot and I thought being able to use shorter commands/keywords
> could be nice. Like :
>
> route a default 192.0.2.1
> route del default
>
> Regards,
> Denis
This will lead to usage and documentation issu
Florian Obser(flor...@openbsd.org) on 2017.07.27 19:51:38 +:
> ... pointed out by clang
>
> OK?
ok benno@
> diff --git usr.bin/bgplg/misc.c usr.bin/bgplg/misc.c
> index 38837cc88c8..1834f38fa0d 100644
> --- usr.bin/bgplg/misc.c
> +++ usr.bin/bgplg/misc.c
> @@ -51,7 +51,7 @@ lg_checkperm(str
Florian Obser(flor...@openbsd.org) on 2017.07.27 19:48:24 +:
> /usr/src/usr.bin/netstat/inet.c:342:19: warning: comparison of unsigned
> expression < 0 is always false [-Wtautological-compare]
> if (kf->t_state < 0 || kf->t_state >= TCP_NSTATES)
>
Rob Pierce(r...@2keys.ca) on 2017.08.06 00:04:46 -0400:
> Improve error checking during processing of routing messages. Handling of
> RTM_DESYNC encouraged by deraadt. Regression tests pass.
>
> I have another diff ready to go that handles interface depature, but I thought
> it best to separate th
Hi,
this adds a -N option to pfctl that turns of dns resolution for all the
things where a dns entry is a possible thing, i.e. in rules ("pass in from
www.openbsd.org") or table entries.
Its usefull to make sure the configuration will load when DNS is not
available.
ok?
diff --git regress/sbin
ok with 2 comments below
Rob Pierce(r...@2keys.ca) on 2017.08.11 16:35:21 -0400:
> The following diff pledges two of three processes in snmpd: the parent snmpd
> process and the trap handler. We cannot currently pledge snmpe as snmp
> requests
> asking for privileged kernel info are disallowed by
Bryan Steele(bry...@openbsd.org) on 2017.09.05 16:17:46 -0400:
> pflogd(8) currently spams the console on shutdown if syslogd wins the
> race to die, this logging probably comes from the fact that pflogd was
> largely based on syslogd.
i looked at that some time ago: a and found that lot of our da
Stuart Henderson(s...@spacehopper.org) on 2017.09.13 12:27:40 +0100:
> A user knowing that they want to provide services for slaac on
> a network might do 'man -k slaac' and from the title and at least a
> quick read of the manual it's not clear that this is the client side.
>
> I think it would b
David Gwynne(da...@gwynne.id.au) on 2016.05.30 17:16:24 +1000:
> llinfo_nd6 thinks its expiry may extend beyond a timeout interval.
>
> so it keeps track of the number of ticks it really wants via ln_ntick
> in llinfo_nd6 and schedules multiple timeouts to reach it.
>
> i think this is a waste of
Hi,
this allows to have
allow from any AS 64512 - 65534 ...
allow from any AS > 100
etc in bgpd.conf.
Ignore the example file for now, i will commit that seperatly anyway.
One obvious improvment would be to be able to use this in bgpctl to restrict
the output of "show rib" a bit more. Howe
Claudio Jeker(cje...@diehard.n-r-g.com) on 2016.05.31 08:10:22 +0200:
> On Mon, May 30, 2016 at 10:43:49PM +0200, Sebastian Benoit wrote:
> > Hi,
> >
> > this allows to have
> >
> > allow from any AS 64512 - 65534 ...
> > allow from any AS > 100
>
ok
Ted Unangst(t...@tedunangst.com) on 2016.06.01 13:41:01 -0400:
> Relative timestamps are much easier to decipher than absolute, when attempting
> to determine a program's behavior. Most of the time I care about how long
> since the last time. However, if I grep the output, then I lose the basi
with feedback from florian, sthen and claudio:
- i removed operators < <= > >=
- i kept != and = for symmetry.
- i thought about just using ! , but then it would be different from the
prefix operators. Willing to change it if you want that.
- i left the forth argument to aspath_match(), as its e
Yes please.
I played with lower values in the past too and saw no problems.
And if we notice problems, we can fine tune it further.
ok.
Ted Unangst(t...@tedunangst.com) on 2016.06.01 15:37:53 -0400:
> Is there a reason the reboot timeout is so long?
>
> Here's what I observe. I connect to one n
Bob Beck(b...@openbsd.org) on 2016.05.31 23:25:47 -0600:
> Honestly, I care little about the incompatibility because we are
> already different.
>
> However I do not think this is any "easier" - I never use
> /etc/services because frankly I can't
> predict what other non-openbsd systems will have
Add format attributes to the proper functions and then fix the warning in
session.c.
ok?
diff --git bgpd.h bgpd.h
index 5fa046e..eaf93e6 100644
--- bgpd.h
+++ bgpd.h
@@ -989,15 +989,24 @@ struct in6_addr *prefixlen2mask6(u_int8_t prefixlen);
/* log.c */
voidlog_init(int);
void
In ospfd, add format attributes to the proper functions and then fix the
warning in rde.c.
ok?
diff --git log.h log.h
index e0034e8..a682f67 100644
--- log.h
+++ log.h
@@ -23,13 +23,21 @@
void log_init(int);
void log_verbose(int);
-void logit(int, const char *, ...);
-void vlog(int, c
In ospf6d, add format attributes to the proper functions and then fix the
warning in rde.c
ok?
diff --git log.h log.h
index 0cc7403..8cccd8f 100644
--- log.h
+++ log.h
@@ -23,14 +23,22 @@
voidlog_init(int);
voidlog_verbose(int);
-voidlogit(int, const char *, ...);
-voidvlog(in
hei,
thanks! i forgot that we print the config.
ok benno@, with whitespace fixed.
Denis Fondras(open...@ledeuns.net) on 2016.06.05 10:06:29 +0200:
> > This didn't quite work, as log_as will override itself when used twice
> > in the same printf.
> >
>
> I should not have sent this late at nigh
Martin Pieuchot(m...@openbsd.org) on 2016.06.05 20:06:17 +0200:
> On 04/06/16(Sat) 18:33, Sebastian Benoit wrote:
> > Add format attributes to the proper functions and then fix the warning in
> > session.c.
>
> Shouldn't you introduce a log.h instead an make sure al
ok!
Stuart Henderson(s...@spacehopper.org) on 2016.06.06 13:40:00 +0100:
> I don't think we should be encouraging anyone to do this...ok?
>
> Index: ssl.8
> ===
> RCS file: /cvs/src/share/man/man8/ssl.8,v
> retrieving revision 1.63
>
Jonathan Matthew(jonat...@d14n.org) on 2016.06.06 17:14:53 +1000:
> We've finally got srp and art to the point where we can use srp to manage the
> internal links in the art data structures. This allows us to do route lookups
> without holding any locks, which is kind of nice.
>
> As we're not do
Martin Pieuchot(m...@openbsd.org) on 2016.06.08 20:50:29 +0200:
> On 08/06/16(Wed) 19:51, Sebastian Benoit wrote:
> > [...]
> > i dont see why this would be a problem
> >
> > however:
> >
> > + ... if we were going to use
> > +
i would like to make bgpd a bit more quiet.
This type of message
bgpd[59424]: nexthop 1.2.3.4 now valid: via 192.168.0.1
happens quite often depending on your upstreams. This makes it a debug
message only.
ok?
diff --git usr.sbin/bgpd/bgpd.c usr.sbin/bgpd/bgpd.c
index 8e0031e..8925086 100644
manpage documents that af-to does not work on pass out rules, but the
pf.conf parser allows it, which leads a non working configuration being
loaded.
this changes the parser to make pass out .. af-to an error.
ok?
diff --git sbin/pfctl/parse.y sbin/pfctl/parse.y
index 934438c..0fecba8 100644
---
Mike Belopuhov(m...@belopuhov.com) on 2016.06.20 00:01:28 +0200:
> On Sun, Jun 19, 2016 at 23:43 +0200, Sebastian Benoit wrote:
> > manpage documents that af-to does not work on pass out rules, but the
> > pf.conf parser allows it, which leads a non working configuration b
Mike Belopuhov(m...@belopuhov.com) on 2016.06.20 00:11:03 +0200:
> On Sun, Jun 19, 2016 at 23:43 +0200, Sebastian Benoit wrote:
> > manpage documents that af-to does not work on pass out rules, but the
> > pf.conf parser allows it, which leads a non working configuration b
Alexander Bluhm(alexander.bl...@gmx.net) on 2016.06.21 00:14:19 +0200:
> Hi,
>
> I have seen a problem with pf divert when the dynamic port in a nat
> rule got reused. The function pf_state_key_attach() reused the
> state as it was in TCPS_FIN_WAIT_2. The corresponding socket was
> not reused, a
sven falempin(sven.falem...@gmail.com) on 2016.06.20 17:38:40 -0400:
> Dear Tech Readers,
>
> in a pf.conf file one can do
> "silly things" = egress
Thanks for your diff, but
one, i dont think spaces in macros are useful in pf.conf.
second, we want to keep this consistent across all the parse.y
yyerror("macro name cannot contain whitespace");
+ YYERROR;
+ }
if (symset($1, $3, 0) == -1)
err(1, "cannot store variable %s", $1);
free($1);
Sebastian Benoit(be...@op
Stefan Sperling(s...@stsp.name) on 2016.06.21 10:23:13 +0200:
> On Tue, Jun 21, 2016 at 10:14:52AM +0200, Sebastian Benoit wrote:
> >
> > same thing without a stupid helper function, pointed out by henning.
> >
> > diff --git sbin/pfctl/parse.y sbin/pfctl/parse.y
Henning Brauer(hb-openbsdt...@ml.bsws.de) on 2016.06.21 13:11:16 +0200:
> * Stefan Sperling [2016-06-21 11:15]:
> > Generally, I would appreciate more detailed error messages from the pf.conf
> > parser. I recall several occasions where pfctl threw "syntax error" and more
> > specific error report
Ted Unangst(t...@tedunangst.com) on 2016.06.22 12:25:04 -0400:
> Marc Espie wrote:
> > This would allow pkg_add to auto-configure a mirror, for the case where
> > PKG_PATH was not specified and where pkg.conf does not exist.
> >
> > It only triggers when a location ends up empty and when run in in
ok
Jeremie Courreges-Anglas(j...@wxcvbn.org) on 2016.07.06 13:48:51 +0200:
> j...@wxcvbn.org (Jeremie Courreges-Anglas) writes:
>
> > Nobody cares about route6d, and it shows: runas as root, not chrooted.
> > Also it uses wide pledge(2) permissions.
> >
> > I have diffs to switch the logging to l
Hei,
i finally commited this.
Thank you.
Denis Fondras(open...@ledeuns.net) on 2016.06.05 11:02:31 +0200:
> On Sun, Jun 05, 2016 at 10:28:05AM +0200, Sebastian Benoit wrote:
> > hei,
> >
> > thanks! i forgot that we print the config.
> >
> >
maybe session cache disable should disable tickets too.
some little things below, otherwise ok
Claudio Jeker(cje...@diehard.n-r-g.com) on 2016.07.19 15:32:13 +0200:
> At the moment relayd's TLS session caching is a bit busted because
> the multiple relay processes do not share state.
> The follow
501 - 600 of 763 matches
Mail list logo