At 07:39 AM 11/30/2009, Dag-Erling Smørgrav wrote: >Gary Jennejohn <gary.jennejohn_at_freenet.de> writes: > > Sean C. Farley (scf_at_) recently reported this on this list > > > Also, cvsupd will core dump (SIGILL) [...] when a connection to it > > > is made from csup. > > Might be related. Don't know whether Sentex is runng i386 or AMD64. > >No, the server runs just fine, but rejects connections from the builder. Server looks ok. I can check out sources as root from the box as well. The daemon's config is -0.0.0.0/0 4 # Limit total connections -199.212.134.18/32 4 -64.7.128.98/32 4 -64.7.128.100/32 4 -0.0.0.0/0/32 2 +0.0.0.0/0 I changed it to -0.0.0.0/0 8 # Limit total connections -199.212.134.18/32 8 # Allow only 1 connection from each host -64.7.128.98/32 8 # Allow only 1 connection from each host -64.7.128.100/32 8 # Allow only 1 connection from each host -0.0.0.0/0/32 4 # Allow only 1 connection from each host +0.0.0.0/0 # If we reach this rule, we let the client in 0(freebsd-current)# csup -g -L2 standard-supfile Parsing supfile "standard-supfile" Connecting to cvsup.sentex.ca Connected to 64.7.153.5 Server software version: SNAP_16_1h Negotiating file attribute support Exchanging collection information Establishing multiplexed-mode data connection Running Updating collection src-all/cvs cvsup.sentex.ca mirrors off cvsup4.freebsd.org which seems to reject connections about 50% of the time. Looking at the server's logs, Nov 29 17:17:10 backup3 cvsupd[35748]: +0 tinderbox_at_freebsd-current.sentex.ca [CSUP_1_0/17.0] Nov 29 17:17:32 backup3 cvsupd[35748]: =0 [899Kin+687Kout] src-all/cvs Nov 29 17:17:32 backup3 cvsupd[35748]: -0 [899Kin+687Kout] Finished successfully Nov 29 17:18:16 backup3 cvsupd[35769]: +1 tinderbox_at_freebsd-current.sentex.ca [CSUP_1_0/17.0] Nov 29 17:18:38 backup3 cvsupd[35769]: =1 [899Kin+687Kout] src-all/cvs Nov 29 17:18:38 backup3 cvsupd[35769]: -1 [899Kin+687Kout] Finished successfully Nov 29 17:19:07 backup3 cvsupd[35785]: +2 tinderbox_at_freebsd-current.sentex.ca [CSUP_1_0/17.0] Nov 29 17:19:29 backup3 cvsupd[35785]: =2 [899Kin+687Kout] src-all/cvs Nov 29 17:19:29 backup3 cvsupd[35785]: -2 [899Kin+687Kout] Finished successfully The only pf blocks I see are things like 0[backup3]# bzcat pflog.0.bz2 | tcpdump -ner - host 64.7.128.98 and action block reading from file -, link-type PFLOG (OpenBSD pflog file) 05:21:48.104604 rule 2/0(match): block in on vlan2: 64.7.128.98.64479 > 64.7.153.5.5999: F 2465763434:2465763434(0) ack 1536020875 win 8326 <nop,nop,timestamp 2361530507 3408181659> 05:21:48.104629 rule 2/0(match): block in on vlan2: 64.7.128.98.40992 > 64.7.153.5.5999: F 2286333931:2286333931(0) ack 656209946 win 8326 <nop,nop,timestamp 2361530507 944778773> 05:21:48.104636 rule 2/0(match): block in on vlan2: 64.7.128.98.44218 > 64.7.153.5.5999: F 2472100328:2472100328(0) ack 1971781143 win 8326 <nop,nop,timestamp 2361530507 2515530998> 05:21:48.205534 rule 2/0(match): block in on vlan2: 64.7.128.98.51944 > 64.7.153.5.5999: F 341584713:341584713(0) ack 1261150224 win 8326 <nop,nop,timestamp 2361530608 2967557127> 05:21:48.205653 rule 2/0(match): block in on vlan2: 64.7.128.98.58652 > 64.7.153.5.5999: F 133362219:133362219(0) ack 347682957 win 8326 <nop,nop,timestamp 2361530608 8467470> 05:21:48.205657 rule 2/0(match): block in on vlan2: 64.7.128.98.14737 > 64.7.153.5.5999: F 1166740951:1166740951(0) ack 2344064018 win 8326 <nop,nop,timestamp 2361530608 344110128> 05:23:07.489480 rule 2/0(match): block in on vlan2: 64.7.128.98.64479 > 64.7.153.5.5999: R 1:1(0) ack 1 win 8326 <nop,nop,timestamp 2361609890 3408181659> 05:23:07.489486 rule 2/0(match): block in on vlan2: 64.7.128.98.40992 > 64.7.153.5.5999: R 1:1(0) ack 1 win 8326 <nop,nop,timestamp 2361609890 944778773> 05:23:07.489490 rule 2/0(match): block in on vlan2: 64.7.128.98.44218 > 64.7.153.5.5999: R 1:1(0) ack 1 win 8326 <nop,nop,timestamp 2361609890 2515530998> 05:23:07.590477 rule 2/0(match): block in on vlan2: 64.7.128.98.51944 > 64.7.153.5.5999: R 1:1(0) ack 1 win 8326 <nop,nop,timestamp 2361609991 2967557127> 05:23:07.590595 rule 2/0(match): block in on vlan2: 64.7.128.98.58652 > 64.7.153.5.5999: R 1:1(0) ack 1 win 8326 <nop,nop,timestamp 2361609991 8467470> 05:23:07.590599 rule 2/0(match): block in on vlan2: 64.7.128.98.14737 > 64.7.153.5.5999: R 1:1(0) ack 1 win 8326 <nop,nop,timestamp 2361609991 344110128> ---Mike >DES >-- >Dag-Erling Smørgrav - des_at_des.no >_______________________________________________ >freebsd-current_at_freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-current >To unsubscribe, send any mail to "freebsd-current-unsubscribe_at_freebsd.org" -------------------------------------------------------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike_at_sentex.net Providing Internet since 1994 www.sentex.net Cambridge, Ontario Canada www.sentex.net/mikeReceived on Mon Nov 30 2009 - 15:00:39 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:58 UTC