Subject: Re: www.netbsd.org && frags?
To: Adam Bozanich <firstname.lastname@example.org>
From: Manuel Bouyer <email@example.com>
Date: 08/01/2003 11:00:03
On Thu, Jul 31, 2003 at 10:17:29PM -0700, Adam Bozanich wrote:
> On Thu, 31 Jul 2003, Manuel Bouyer wrote:
> > On Wed, Jul 30, 2003 at 08:32:07PM -0700, Adam Bozanich wrote:
> > >
> > > Hi all. Whenever I try to http://www.netbsd.org, ipfilter drops packets
> > > with this:
> > >
> > You can tell by matching the @0:7 with the output of ipfstat -i -n
> Thanks, it's the default drop. Which makes me wonder... how the heck do I
> let these in w/out a port number???
Add keep frags to your 'pass' rules.
> > What is your network setup ?
> Nothing special, just a couple of boxes directly connected to the switch side
> of a lynksys ADSL router.
I guess the fragmentation happens on the ISP side.
> This whole thing turned up another damm problem though... ipmon on the sparc64
> isn't working.
> The man page says to use facility local0, so I put this in /etc/syslog.conf:
> local0.* /var/log/ipfilter_log
> Nothing. I even tried catching it with *.*
> I also tried it from the command line, no errors or anything, but no output
> there either.
> to be sure...
> adam@ultra% ls -l /var/log/ipfilter_log
> -rw------- 1 root wheel 0 Jul 31 10:51 /var/log/ipfilter_log
> I'm using the GENERIC kernel and I see that IPFILTER_LOG is turned on.
> maybe somebody can tell me where I'm going wrong here?
I think this is known problem. Something like a compiler bug.
You may want to ask on port-sparc64
> Or maybe somebody knows how to convert those 'foo.giv,v' files that are
> avaliable via ftp into files I can use (I'm stuck on 'sitedrivenby.gif' on my
> apache install) (from the 'htdocs' dir)
These are CVS files. You want to use anonymous cvs instead of ftp,
you want to checkout htdocs
Manuel Bouyer, LIP6, Universite Paris VI. Manuel.Bouyer@lip6.fr
NetBSD: 24 ans d'experience feront toujours la difference