headers
R. Tyler Ballance | 1 Feb 2010 08:21
Gravatar

Re: Weekend PR smashing


On Fri, 22 Jan 2010, Giorgos Keramidas wrote:

> On Sun, 17 Jan 2010 13:30:50 -0800, "R. Tyler Ballance" <tyler <at> monkeypox.org> wrote:
> > Are there similar resources I've not stumbled across yet? I would like to help,
> > I have but one machine running -CURRENT and sporadic free time over the
> > weekends.
> 
> Hi there.  I just noticed this post in among others in -hackers.  If you
> don't know about the bugbuster team already, you should check it out.
> There's a mailing list at freebsd-bugbusters and an IRC channel at the
> EFnet network.

Righteo, I stumbled across that shortly after my email to the list, I've been
lurking in there since (rtyler).

> 
> Since you are looking for pointers to get you started, the following may
> help a bit:
> 
>   http://www.freebsd.org/doc/en_US.ISO8859-1/articles/contributing/
>   http://www.freebsd.org/doc/en_US.ISO8859-1/articles/pr-guidelines/
>   http://www.freebsd.org/doc/en_US.ISO8859-1/articles/problem-reports/
> 
> Finally, it's worth noting that it is not a huge problem if you only have
> weekend-time to contribute.  We welcome all the help we can get, so please
> feel free to jump in and help in any way you can with the existing bugs (or
> new ones that you have noticed).

I certainly get that impression, one of the things that concerns me is the
(Continue reading)

Permalink | Reply | 3 comments |
headers
Lukasz Jaroszewski | 1 Feb 2010 12:02
Favicon

PFIL: how to get tcp/ip fields from mbuf

Hello,
I am wondering about most elegant and proper way to get IP header
fields from mbuf, using PFILs. I have read Murat Balaban paper on
PFIL_HOOKS where I found some example function. Question is how can I
access IP header field in such manner.

static int
hisar_chkinput(void *arg, struct mbuf **m, struct ifnet *ifp, int dir,
struct inpcb *inp)
{
        in_bytes += (*m)->m_len;
        return 0;
}
Regards
LVJ.
_______________________________________________
freebsd-hackers <at> freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe <at> freebsd.org"
Permalink | Reply | 2 comments |
headers
Robert Watson | 1 Feb 2010 14:26
Picon
Favicon

Re: PFIL: how to get tcp/ip fields from mbuf


On Mon, 1 Feb 2010, Lukasz Jaroszewski wrote:

> I am wondering about most elegant and proper way to get IP header fields 
> from mbuf, using PFILs. I have read Murat Balaban paper on PFIL_HOOKS where 
> I found some example function. Question is how can I access IP header field 
> in such manner.

The best reference here is probably firewall source code that already exists 
in the tree.  For IP-layer hooks, you'll need to use the m_pullup() call to 
ensure the bytes you want are contiguously stored, and then mtod() to cast the 
mbuf pointer appropriately.  Although I notice ipfw, at least, doesn't call 
m_pullup() for the base header, as it assumes the calling context will already 
have arranged for it to be contiguous:

static int
ipfw_check_hook(void *arg, struct mbuf **m0, struct ifnet *ifp, int dir,
     struct inpcb *inp)
{
...
                if (mtod(*m0, struct ip *)->ip_v == 4)
                         ret = ip_dn_io_ptr(m0, dir, &args);
...

Robert

>
> static int
> hisar_chkinput(void *arg, struct mbuf **m, struct ifnet *ifp, int dir,
> struct inpcb *inp)
(Continue reading)

Permalink | Reply | 0 comments |
headers
Eitan Adler | 1 Feb 2010 16:43
Picon

[patch] pkill verbose option

Here is a patch that adds a -V option which prints out what PIDs it is
taking action on.

Index: pkill.c
===================================================================
--- pkill.c     (revision 203347)
+++ pkill.c     (working copy)
 <at>  <at>  -105,6 +105,7  <at>  <at> 
 static int     oldest;
 static int     interactive;
 static int     inverse;
+static int     flagPrint = 0;
 static int     longfmt;
 static int     matchargs;
 static int     fullmatch;
 <at>  <at>  -182,7 +183,7  <at>  <at> 
        pidfilelock = 0;
        execf = coref = _PATH_DEVNULL;

-       while ((ch = getopt(argc, argv,
"DF:G:ILM:N:P:SU:ad:fg:ij:lnos:t:u:vx")) != -1)
+       while ((ch = getopt(argc, argv,
"DF:G:ILM:N:P:SU:Vad:fg:ij:lnos:t:u:vx")) != -1)
                switch (ch) {
                case 'D':
                        debug_opt++;
 <at>  <at>  -272,6 +273,9  <at>  <at> 
                case 'v':
                        inverse = 1;
                        break;
(Continue reading)

Permalink | Reply | 0 comments |
headers
Lawrence Stewart | 2 Feb 2010 04:47
Picon
Favicon

Re: PFIL: how to get tcp/ip fields from mbuf

On 02/01/10 22:02, Lukasz Jaroszewski wrote:
> Hello,
> I am wondering about most elegant and proper way to get IP header
> fields from mbuf, using PFILs. I have read Murat Balaban paper on
> PFIL_HOOKS where I found some example function. Question is how can I
> access IP header field in such manner.
>
> static int
> hisar_chkinput(void *arg, struct mbuf **m, struct ifnet *ifp, int dir,
> struct inpcb *inp)
> {
>          in_bytes += (*m)->m_len;
>          return 0;
> }

I hacked on a tool that uses pfil hooks to do in-kernel TCP data 
gathering. Probably has some useful snippets for you to look at in 
addition to Robert's suggestion.

http://svn.freebsd.org/base/projects/tcp_ffcaia2008_head/sys/netinet/siftr.c

Cheers,
Lawrence
_______________________________________________
freebsd-hackers <at> freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe <at> freebsd.org"
Permalink | Reply | 0 comments |
headers
Christoph Kukulies | 2 Feb 2010 16:21

our little daemon abused as symbol of the evil

Look here:

http://www.spiegel.de/fotostrecke/fotostrecke-51396-2.html

--
Christoph

_______________________________________________
freebsd-hackers <at> freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe <at> freebsd.org"
Permalink | Reply | 22 comments |
headers
jhell | 2 Feb 2010 18:27

Re: our little daemon abused as symbol of the evil


On Tue, 2 Feb 2010 10:21, kuku <at>  wrote:
> Look here:
>
> http://www.spiegel.de/fotostrecke/fotostrecke-51396-2.html
>
> --
> Christoph
>

OH! no! someone quick get a Microsoft Solicitation! "I mean solution"

--

-- 

  jhell

_______________________________________________
freebsd-hackers <at> freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe <at> freebsd.org"
Permalink | Reply | 0 comments |
headers
Julian H. Stacey | 2 Feb 2010 19:30
Favicon

Re: our little daemon abused as symbol of the evil

Christoph Kukulies wrote:
> Look here:
> 
> http://www.spiegel.de/fotostrecke/fotostrecke-51396-2.html

( Well spotted Christoph ! )
For those that don't read German, tracing back,
Text article starts here 
	http://www.spiegel.de/netzwelt/web/0,1518,675395,00.html

That is in German, 
	(some might like a translator web, eg http://babelfish.org )
	I did read the german article (but skipped graphics).

Key paragraph:
	Es ist ein Horrorszenario für Datenschützer, was Thorsten
	Holz, Gilbert Wondracek, Engin Kirda und Christopher Kruegel
	in ihrem 15-seitigen Aufsatz beschreiben ( PDF-Datei hier,
	803 KB): Die Experten vom Isec-Forschungslabor für
	IT-Sicherheit, einer Kooperation der Technischen Universität
	Wien, dem Institute Eurcom und der University of California,
	dokumentieren einen technisch eher simplen Angriff, der
	eine seit zehn Jahren bekannte Sicherheitslücke ausnutzt.

In key para there I could click & download
	sonda-TR.pdf
(though now I can't seem to redownload
	http://www.iseclab.org/papers/sonda-TR.pdf	)
A 15 page article in Engish.
	Page 4 uses the Firefox & BSD logos.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Kirk McKusick | 2 Feb 2010 22:09

Re: our little daemon abused as symbol of the evil

Thanks for the pointer. As you note, the damage (or benefit :-) is
done. Still I have sent an email to the editor at Spiegel notifying
them of my copyright in the hopes that they will at least ask in the
future.

	Kirk McKusick

=-=-=-=

From:    "Julian H. Stacey" <jhs <at> berklix.com>
Date:    Tue, 02 Feb 2010 19:30:29 +0100
To:      Christoph Kukulies <kuku <at> kukulies.org>
Subject: Re: our little daemon abused as symbol of the evil 
Cc:      freebsd-hackers <at> freebsd.org, Kirk McKusick <mckusick <at> mckusick.com>
Organization: http://www.berklix.com BSD Unix Linux Consultancy, Munich Germany

Christoph Kukulies wrote:
> Look here:
> 
> http://www.spiegel.de/fotostrecke/fotostrecke-51396-2.html

( Well spotted Christoph ! )
For those that don't read German, tracing back,
Text article starts here 
	http://www.spiegel.de/netzwelt/web/0,1518,675395,00.html

That is in German, 
	(some might like a translator web, eg http://babelfish.org )
	I did read the german article (but skipped graphics).
(Continue reading)

Permalink | Reply | 3 comments |
headers
Julian H. Stacey | 2 Feb 2010 23:36
Favicon

Re: our little daemon abused as symbol of the evil

Kirk McKusick wrote:
> Thanks for the pointer. As you note, the damage (or benefit :-) is
> done. Still I have sent an email to the editor at Spiegel notifying
> them of my copyright in the hopes that they will at least ask in the
> future.
> 
> 	Kirk McKusick

Good idea.  You might want to contact authors of that PDF paper too.
In case, as my browser still is fails on URL I posted earlier:
	http://www.iseclab.org/papers/sonda-TR.pdf
I'll send you an off list copy of what I downloaded earlier
at 2nd Feb 18:14 TZ=GMT+01:00.

> =-=-=-=
> 
> From:    "Julian H. Stacey" <jhs <at> berklix.com>
> Date:    Tue, 02 Feb 2010 19:30:29 +0100
> To:      Christoph Kukulies <kuku <at> kukulies.org>
> Subject: Re: our little daemon abused as symbol of the evil 
> Cc:      freebsd-hackers <at> freebsd.org, Kirk McKusick <mckusick <at> mckusick.com>
> Organization: http://www.berklix.com BSD Unix Linux Consultancy, Munich Germany
> 
> Christoph Kukulies wrote:
> > Look here:
> > 
> > http://www.spiegel.de/fotostrecke/fotostrecke-51396-2.html
> 
> ( Well spotted Christoph ! )
> For those that don't read German, tracing back,
(Continue reading)

Permalink | Reply | 1 comment |

Gmane