Monthly Archives: June 2008

filtering on bridge

There used to be a flaw in using ipfw on bridge interface. It’s impossible to distinguish incoming packets on member interface from incoming packets on bridge itself. For example consider two rules:
add 1 allow ip from any to any in recv bridge
add 2 allow ip from any to any in recv member

First rule will never match. The logic is ok here (if you are aware of ipfw’s handling of interface options). But what do you expect if you disable filtering on member interfaces and perform filtering on bridge only. You expect rule 1 to match all incoming packets on bridge. It gets extremely annoying when using stateful filtering.

First time I came across this issue several years ago. But didn’t figure out how to fix it. At that time I’ve decided to switch to pf.

Actually ipfw is the only firewall that allow rules like
allow ip from any to any out recv if1 xmit if2
Such tricks are possible because ipfw gets input interface from mbuf of a packet. pf for example relies on pfil to provide interface.

I’ve added a hack into if_bridge to work around it. It contradicts traditional ipfw behaviour a little but seems to be much more useful. I think patches are useful enough and can be commited into FreeBSD:

perforce.freebsd.org/changeView.cgi?CH=143921
perforce.freebsd.org/changeView.cgi?CH=144238

Adding a Serial Port to a D-LINK DIR-615

A while ago, I added a serial port to the D-LINK DIR-615 (HW Rev A1). Today, I'll document how I did it.

First, you'll need a level converter circuit. There are many on the network. You can find a good write up on them and links from adding a serial port to a NSLU2. I always use the Parallax USB2SER that I bought years ago. It is very reliable, and I've had several provide years of good service to me. They convert 3.3V directly into a USB serial port, which vastly simplifies power and cabling. Since that's what I used for this project, all the instructions are geared towards it.

First, you'll need to disassemble the D-LINK DIR-615. There's only two screws so this is easy. Place the D-Link with the label with the serial number face up. There are four rubber feet on the bottom of this unit. Carefully pry up the two nearest to the Ethernet ports. Remove the screws found under them. The screws are clearly visible in this photo.



Carefully remove the lid. It should pry off just above the plastic bar that runs over the ethernet ports. You'll see a green PC board. On the right hand side of the unit, you'll find a header with 4 pins labeled CON5. They are labeled VCC, TX, RX, GND. This is the serial port. In my unit, it was hidden under the internal antenna, so the photos show it moved over a bit. Note also in figure two the board says "DIR635B1" on it...



I connected these pins to a ribbon cable and ran them out to a header that my USB2SER could fit on. I connected them so that they would match up to my USB2SER which had pins in the order GND, RX, TX, RES. The last one is unconnected. TX should go to RX, RX to TX and GND to GND. I didn't connect VCC, since it wasn't needed. USB2SER gets its power from the USB port. I reconnected everything and plugged the USB2SER into my computer. I threaded the ribbon cable out through the holes in the plastic, which is what you see in the first photo. Here's everything hooked up. I didn't include a photo of the USB2SER plugged into the serial port of my laptop for obvious reasons...



I see that it has a uboot bootloader:

% tip ucom0
U-Boot 1.1.1 (Jan 19 2007 - 11:08:07)
CAMEO uBoot Linux Loader version: 1.3.0.0

DRAM CS[0] base 0x00000000 size 32MB
DRAM Total size 32MB
before entry mvFlashInit
Flash: flashStructGet manu 0x89 id 0x17
INTEL 28F640J3A (64 Mbit)
Size: 8 MB,Bus Width: 1, device Width: 1.
Flash base: 0xff800000,Number of Sectors: 64 Type: REGULAR.
[8192kB@ff800000] Flash: 8 MB
Addresses 20M - 0M are saved for the U-Boot usage.
Mem malloc Initialization (20M - 16M): Done
*** Warning - bad CRC, using default environment


Soc: 88F5181 B1
CPU: ARM926 (Rev 0) running @ 500Mhz
SysClock = 166Mhz , TClock = 166Mhz


USB 0: host mode
PCI 0: PCI Express Root Complex Interface
PCI 1: Conventional PCI, speed = 33000000
Net: egiga0 [PRIME]
Hit any key to stop autoboot: 0
Marvell>>

So that's how you add a serial port.

The FreeBSD wiki history

As I have been asked several times why we use moinmoin for the FreeBSD Developers Wiki and the answer is mainly “historical reasons” I decided to write the history up so I can just point people at it :-).

The history, as I recall it, can now be found on the WikiHistory wiki page.

FreeBSD Errata Notices RSS Feed

Hello people,

we are working on the web based FreeBSD forums for some time now and we have added some rss feed based features to it, so that when a new item is added under News section or Security Advisories section of the www.freebsd.org page, it’s added to the approporiate forum and users can talk about the given item.
Recently, a new Errata Notice has been released (FreeBSD-EN-08:02.tcp.asc) and I have noticed that we do not have a RSS Feed for Errata notices. I have realized that it might be useful for our users to be able to subscribe to such feed so I have worked on this feature.
I have committed a few moments ago a code that brings support for Errata Notices RSS Feed to www.freebsd.org and it will be available from the following URL: http://www.freebsd.org/security/errata.xml.
So please subscribe now in order to be informed about new Errata Notices quickly and in an easy way.
This allows us to add this feed to the web based forum, so that users can disccus about errata notices as well.

More about the web based FreeBSD forums to come later.

A week for documentation

Productive week-and-a-half. I’ve done a brain-dump on the state of the FreeBSD systems at ISC, helped Brad Davis walk through the tasks that I wasn’t able to complete before I left there (thanks, Brad!), summarized and documented the last few months’ worth of discussion and ideas about BugBusting on the wiki (nearly a complete rewrite), created another new GNATS report that classifies bin/ and other PRs by manpage, helped generate a way for people to help work on sparc64, and told portsmon that RELENG_5 and ia64 were no longer relevant.

At this rate maybe I will catch up one of these years …

FWIW, if you have not seen the new GNATS reports, they are here; if you have not read my BSDCan paper about FreeBSD Bugbusting: Where We Are, Where We Ought To Be, you might want to do that as well.

These are the things that have been keeping me busy for a while.  If I haven’t responded to your email, that’s probably why.

Vagalume 0.6 for FreeBSD

 

Mir ist der offizielle last.fm Client wegen seiner Abhängigkeiten zu QT4 wieder mal tierisch auf den Senkel gegangen denn das passt so garnicht in meinen schön gepflegten GTK/Xfce Desktop. Zum Glück hab ich dann aber Vagalume gefunden. Eine wirklich tolle Applikation die auch meine hochgeliebten Last.fm Radios spielen kann doch leider ist der noch so neu, dass man ihn nicht in den Ports findet. Also die Fußballsocken hochgekrempelt und selber gemacht. Das Resultat nach knapp 2h sieht schon brauchbar aus.

The Joy of Bugbusting

While waiting for MIPS toolchain import to happen I entertain myself with bugbusting. You should try it sometime. GNATS jungle, small and large bugs are sneaking around, scent of rotten emails in the air. I don't feel like hunting down large bugs. They're dangerous beasts. It's much better to deal with small ones. Pick a (one|two|three|up-to-twenty)-liner and fix it. Then you can bring it home, varnish it and eventually MFC it. Nice outdoor activity for developers :) PS The first PR I've nailed: kern/123685.

The Joy of Bugbusting

While waiting for MIPS toolchain import to happen I entertain myself with bugbusting. You should try it sometime. GNATS jungle, small and large bugs are sneaking around, scent of rotten emails in the air. I don't feel like hunting down large bugs. They're dangerous beasts. It's much better to deal with small ones. Pick a (one|two|three|up-to-twenty)-liner and fix it. Then you can bring it home, varnish it and eventually MFC it. Nice outdoor activity for developers :)
PS
The first PR I've nailed: kern/123685.