DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 11th December 2010
ripp3r ripp3r is offline
New User
 
Join Date: Dec 2010
Posts: 5
Thanked 0 Times in 0 Posts
Default PF - ifconfig problem

Hi all,

I'm doing my graduation with openBSD and PF.

Everything seemed to be fine... but right now I need to delete / create a interface and I have some problem:

(I'm logged on as ROOT, anyway I tried also with SUDO but same problem)

Code:
# ifconfig TestIF create
ifconfig: SIOCIFCREATE: Invalid argument
#
So I tried to DELETE this interface:

Code:
# ifconfig vic2 destroy
ifconfig: SIOCIFDESTROY: Invalid argument
#
NO LUCK AT ALL!

Who can help me please???
Reply With Quote
  #2   (View Single Post)  
Old 12th December 2010
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Helpful companion
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Thanked 193 Times in 184 Posts
Default

What exactly are you trying to accomplish? create/destroy are for network pseudo-devices only.. not physical interfaces.

You can see a list of pseudo-interface types using ifconfig -C, and the default output will show if any of these exist.

So, please explain yourself.
Reply With Quote
  #3   (View Single Post)  
Old 12th December 2010
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 2,906
Thanked 190 Times in 160 Posts
Default

Quote:
Originally Posted by ripp3r View Post
...but right now I need to delete / create a interface...
Why?

Posting the output of dmesg(8) would be helpful too.
Reply With Quote
  #4   (View Single Post)  
Old 12th December 2010
ripp3r ripp3r is offline
New User
 
Join Date: Dec 2010
Posts: 5
Thanked 0 Times in 0 Posts
Default

Thanks for your replies.

I'm trying to create a CARP interface using the phisical VIC2.

Code:
# ifconfig -C
pppoe vether trunk vlan tun sl ppp lo gre gif carp bridge pflow pfsync pflog
#
Here you can find the dmesg output:

Code:
# dmesg 
OpenBSD 4.7 (GENERIC) #558: Wed Mar 17 20:46:15 MDT 2010
    deraadt@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Core(TM)2 Quad CPU Q9450 @ 2.66GHz ("GenuineIntel" 686-class) 2.68 GHz
cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,SSE3,CX16
real mem  = 418934784 (399MB)
avail mem = 397213696 (378MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 09/18/09, BIOS32 rev. 0 @ 0xfd780, SMBIOS rev. 2.4 @ 0xe0010 (98 entries)
bios0: vendor Phoenix Technologies LTD version "6.00" date 09/18/2009
bios0: VMware, Inc. VMware Virtual Platform
acpi0 at bios0: rev 2
acpi0: tables DSDT FACP BOOT APIC MCFG SRAT
acpi0: wakeup devices PCI0(S3) USB_(S1) P2P0(S3) S1F0(S3) S2F0(S3) S3F0(S3) S4F0(S3) S5F0(S3) S6F0(S3) S7F0(S3) S8F0(S3) S9F0(S3) Z00P(S3) Z00Q(S3) Z00R(S3)
Z00S(S3) Z00T(S3) Z00U(S3) Z00V(S3) Z00W(S3) Z00X(S3) Z00Y(S3) Z00Z(S3) Z010(S3) Z011(S3) Z012(S3) Z013(S3) Z014(S3) Z015(S3) Z016(S3) Z017(S3) Z018(S3) Z019
(S3) Z01A(S3) Z01B(S3) P2P1(S3) S1F0(S3) S2F0(S3) S3F0(S3) S4F0(S3) S5F0(S3) S6F0(S3) S7F0(S3) S8F0(S3) S9F0(S3) Z00P(S3) Z00Q(S3) Z00R(S3) Z00S(S3) Z00T(S3)
 Z00U(S3) Z00V(S3) Z00W(S3) Z00X(S3) Z00Y(S3) Z00Z(S3) Z010(S3) Z011(S3) Z012(S3) Z013(S3) Z014(S3) Z015(S3) Z016(S3) Z017(S3) Z018(S3) Z019(S3) Z01A(S3) Z01
B(S3) P2P2(S3) S1F0(S3) S2F0(S3) S3F0(S3) S4F0(S3) S5F0(S3) S6F0(S3) S7F0(S3) S8F0(S3) S9F0(S3) Z00P(S3) Z00Q(S3) Z00R(S3) Z00S(S3) Z00T(S3) Z00U(S3) Z00V(S3
) Z00W(S3) Z00X(S3) Z00Y(S3) Z00Z(S3) Z010(S3) Z011(S3) Z012(S3) Z013(S3) Z014(S3) Z015(S3) Z016(S3) Z017(S3) Z018(S3) Z019(S3) Z01A(S3) Z01B(S3) P2P3(S3) S1
F0(S3) S2F0(S3) S3F0(S3) S4F0(S3) S5F0(S3) S6F0(S3) S7F0(S3) S8F0(S3) S9F0(S3) Z00P(S3) Z00Q(S3) Z00R(S3) Z00S(S3) Z00T(S3) Z00U(S3) Z00V(S3) Z00W(S3) Z00X(S
3) Z00Y(S3) Z00Z(S3) Z010(S3) Z011(S3) Z012(S3) Z013(S3) Z014(S3) Z015(S3) Z016(S3) Z017(S3) Z018(S3) Z019(S3) Z01A(S3) Z01B(S3) PE40(S3) S1F0(S3) PE50(S3) S
1F0(S3) PE60(S3) S1F0(S3) PE70(S3) S1F0(S3) PE80(S3) S1F0(S3) PE90(S3) S1F0(S3) PEA0(S3) S1F0(S3) PEB0(S3) S1F0(S3) PEC0(S3) S1F0(S3) PED0(S3) S1F0(S3) PEE0(
S3) S1F0(S3) PE41(S3) S1F0(S3) PE42(S3) S1F0(S3) PE43(S3) S1F0(S3) PE44(S3) S1F0(S3) PE45(S3) S1F0(S3) PE46(S3) S1F0(S3) PE47(S3) S1F0(S3) PE51(S3) S1F0(S3)
PE52(S3) S1F0(S3) PE53(S3) S1F0(S3) PE54(S3) S1F0(S3) PE55(S3) S1F0(S3) PE56(S3) S1F0(S3) PE57(S3) S1F0(S3) PE61(S3) S1F0(S3) PE62(S3) S1F0(S3) PE63(S3) S1F0
(S3) PE64(S3) S1F0(S3) PE65(S3) S1F0(S3) PE66(S3) S1F0(S3) PE67(S3) S1F0(S3) PE71(S3) S1F0(S3) PE72(S3) S1F0(S3) PE73(S3) S1F0(S3) PE74(S3) S1F0(S3) PE75(S3)
 S1F0(S3) PE76(S3) S1F0(S3) PE77(S3) S1F0(S3) PE81(S3) S1F0(S3) PE82(S3) S1F0(S3) PE83(S3) S1F0(S3) PE84(S3) S1F0(S3) PE85(S3) S1F0(S3) PE86(S3) S1F0(S3) PE8
7(S3) S1F0(S3) PE91(S3) S1F0(S3) PE92(S3) S1F0(S3) PE93(S3) S1F0(S3) PE94(S3) S1F0(S3) PE95(S3) S1F0(S3) PE96(S3) S1F0(S3) PE97(S3) S1F0(S3) PEA1(S3) S1F0(S3
) PEA2(S3) S1F0(S3) PEA3(S3) S1F0(S3) PEA4(S3) S1F0(S3) PEA5(S3) S1F0(S3) PEA6(S3) S1F0(S3) PEA7(S3) S1F0(S3) PEB1(S3) S1F0(S3) PEB2(S3) S1F0(S3) PEB3(S3) S1
F0(S3) PEB4(S3) S1F0(S3) PEB5(S3) S1F0(S3) PEB6(S3) S1F0(S3) PEB7(S3) S1F0(S3) SLPB(S4) LID_(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: apic clock running at 66MHz
ioapic0 at mainbus0: apid 1 pa 0xfec00000, version 11, 24 pins
acpiprt0 at acpi0: bus 0 (PCI0)
acpicpu0 at acpi0
acpibat0 at acpi0: BAT1 not present
acpibat1 at acpi0: BAT2 not present
acpiac0 at acpi0: AC unit online
acpibtn0 at acpi0: SLPB
acpibtn1 at acpi0: LID_
bios0: ROM list: 0xc0000/0x8000 0xc8000/0x1000 0xc9000/0x1000 0xca000/0x1000 0xcb000/0x1000 0xdc000/0x4000! 0xe0000/0x4000! 0xee200/0x1e00!
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 "Intel 82443BX AGP" rev 0x01
ppb0 at pci0 dev 1 function 0 "Intel 82443BX AGP" rev 0x01
pci1 at ppb0 bus 1
piixpcib0 at pci0 dev 7 function 0 "Intel 82371AB PIIX4 ISA" rev 0x08
pciide0 at pci0 dev 7 function 1 "Intel 82371AB IDE" rev 0x01: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility
wd0 at pciide0 channel 0 drive 0: <VMware Virtual IDE Hard Drive>
wd0: 64-sector PIO, LBA, 15360MB, 31457280 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: <NECVMWar, VMware IDE CDR10, 1.00> ATAPI 5/cdrom removable
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
piixpm0 at pci0 dev 7 function 3 "Intel 82371AB Power" rev 0x08: SMBus disabled
"VMware Virtual Machine Communication Interface" rev 0x10 at pci0 dev 7 function 7 not configured
vga1 at pci0 dev 15 function 0 "VMware Virtual SVGA II" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
bha3 at pci0 dev 16 function 0 "BusLogic MultiMaster" rev 0x01: apic 1 int 17 (irq 11), BusLogic 9xxC SCSI
bha3: model BT-958, firmware 5.07B
bha3: sync, parity
scsibus1 at bha3: 8 targets, initiator 7
ppb1 at pci0 dev 17 function 0 "VMware Virtual PCI-PCI" rev 0x02
pci2 at ppb1 bus 2
vic0 at pci2 dev 0 function 0 "AMD 79c970 PCnet-PCI" rev 0x10: apic 1 int 18 (irq 10), address 00:0c:29:5a:4a:ce
eap0 at pci2 dev 1 function 0 "Ensoniq AudioPCI97" rev 0x02: apic 1 int 19 (irq 5)
ac97: codec id 0x43525913 (Cirrus Logic CS4297A rev 3)
audio0 at eap0
midi0 at eap0: <AudioPCI MIDI UART>
vic1 at pci2 dev 3 function 0 "AMD 79c970 PCnet-PCI" rev 0x10: apic 1 int 17 (irq 11), address 00:0c:29:5a:4a:d8
vic2 at pci2 dev 4 function 0 "AMD 79c970 PCnet-PCI" rev 0x10: apic 1 int 18 (irq 10), address 00:0c:29:5a:4a:e2
vic3 at pci2 dev 5 function 0 "AMD 79c970 PCnet-PCI" rev 0x10: apic 1 int 19 (irq 5), address 00:0c:29:5a:4a:ec
ppb2 at pci0 dev 21 function 0 "VMware Virtual PCIE-PCIE" rev 0x01
pci3 at ppb2 bus 3
ppb3 at pci0 dev 21 function 1 "VMware Virtual PCIE-PCIE" rev 0x01
pci4 at ppb3 bus 4
ppb4 at pci0 dev 21 function 2 "VMware Virtual PCIE-PCIE" rev 0x01
pci5 at ppb4 bus 5
ppb5 at pci0 dev 21 function 3 "VMware Virtual PCIE-PCIE" rev 0x01
pci6 at ppb5 bus 6
ppb6 at pci0 dev 21 function 4 "VMware Virtual PCIE-PCIE" rev 0x01
pci7 at ppb6 bus 7
ppb7 at pci0 dev 21 function 5 "VMware Virtual PCIE-PCIE" rev 0x01
pci8 at ppb7 bus 8
ppb8 at pci0 dev 21 function 6 "VMware Virtual PCIE-PCIE" rev 0x01
pci9 at ppb8 bus 9
ppb9 at pci0 dev 21 function 7 "VMware Virtual PCIE-PCIE" rev 0x01
pci10 at ppb9 bus 10
ppb10 at pci0 dev 22 function 0 "VMware Virtual PCIE-PCIE" rev 0x01
pci11 at ppb10 bus 11
ppb11 at pci0 dev 22 function 1 "VMware Virtual PCIE-PCIE" rev 0x01
pci12 at ppb11 bus 12
ppb12 at pci0 dev 22 function 2 "VMware Virtual PCIE-PCIE" rev 0x01
pci13 at ppb12 bus 13
ppb13 at pci0 dev 22 function 3 "VMware Virtual PCIE-PCIE" rev 0x01
pci14 at ppb13 bus 14
ppb14 at pci0 dev 22 function 4 "VMware Virtual PCIE-PCIE" rev 0x01
pci15 at ppb14 bus 15
ppb15 at pci0 dev 22 function 5 "VMware Virtual PCIE-PCIE" rev 0x01
pci16 at ppb15 bus 16
ppb16 at pci0 dev 22 function 6 "VMware Virtual PCIE-PCIE" rev 0x01
pci17 at ppb16 bus 17
ppb17 at pci0 dev 22 function 7 "VMware Virtual PCIE-PCIE" rev 0x01
pci18 at ppb17 bus 18
ppb18 at pci0 dev 23 function 0 "VMware Virtual PCIE-PCIE" rev 0x01
pci19 at ppb18 bus 19
ppb19 at pci0 dev 23 function 1 "VMware Virtual PCIE-PCIE" rev 0x01
pci20 at ppb19 bus 20
ppb20 at pci0 dev 23 function 2 "VMware Virtual PCIE-PCIE" rev 0x01
pci21 at ppb20 bus 21
ppb21 at pci0 dev 23 function 3 "VMware Virtual PCIE-PCIE" rev 0x01
pci22 at ppb21 bus 22
ppb22 at pci0 dev 23 function 4 "VMware Virtual PCIE-PCIE" rev 0x01
pci23 at ppb22 bus 23
ppb23 at pci0 dev 23 function 5 "VMware Virtual PCIE-PCIE" rev 0x01
pci24 at ppb23 bus 24
ppb24 at pci0 dev 23 function 6 "VMware Virtual PCIE-PCIE" rev 0x01
pci25 at ppb24 bus 25
ppb25 at pci0 dev 23 function 7 "VMware Virtual PCIE-PCIE" rev 0x01
pci26 at ppb25 bus 26
ppb26 at pci0 dev 24 function 0 "VMware Virtual PCIE-PCIE" rev 0x01
pci27 at ppb26 bus 27
ppb27 at pci0 dev 24 function 1 "VMware Virtual PCIE-PCIE" rev 0x01
pci28 at ppb27 bus 28
ppb28 at pci0 dev 24 function 2 "VMware Virtual PCIE-PCIE" rev 0x01
pci29 at ppb28 bus 29
ppb29 at pci0 dev 24 function 3 "VMware Virtual PCIE-PCIE" rev 0x01
pci30 at ppb29 bus 30
ppb30 at pci0 dev 24 function 4 "VMware Virtual PCIE-PCIE" rev 0x01
pci31 at ppb30 bus 31
ppb31 at pci0 dev 24 function 5 "VMware Virtual PCIE-PCIE" rev 0x01
pci32 at ppb31 bus 32
ppb32 at pci0 dev 24 function 6 "VMware Virtual PCIE-PCIE" rev 0x01
pci33 at ppb32 bus 33
ppb33 at pci0 dev 24 function 7 "VMware Virtual PCIE-PCIE" rev 0x01
pci34 at ppb33 bus 34
isa0 at piixpcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pmsi0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pmsi0 mux 0
pcppi0 at isa0 port 0x61
midi1 at pcppi0: <PC speaker>
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
mtrr: Pentium Pro MTRR support
vscsi0 at root
scsibus2 at vscsi0: 256 targets
softraid0 at root
root on wd0a swap on wd0b dump on wd0b
Here's the ifconfig output:

Code:
# ifconfig
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33200
        priority: 0
        groups: lo
        inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
vic0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        lladdr 00:0c:29:5a:4a:ce
        priority: 0
        groups: egress
        media: Ethernet autoselect
        status: active
        inet 192.168.220.10 netmask 0xffffff00 broadcast 192.168.220.255
        inet6 fe80::20c:29ff:fe5a:4ace%vic0 prefixlen 64 scopeid 0x1
vic1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        lladdr 00:0c:29:5a:4a:d8
        priority: 0
        media: Ethernet autoselect
        status: active
        inet 10.0.0.10 netmask 0xff000000 broadcast 10.255.255.255
        inet6 fe80::20c:29ff:fe5a:4ad8%vic1 prefixlen 64 scopeid 0x2
vic2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        lladdr 00:0c:29:5a:4a:e2
        priority: 0
        media: Ethernet autoselect
        status: active
        inet 175.0.0.10 netmask 0xff000000 broadcast 175.255.255.255
        inet6 fe80::20c:29ff:fe5a:4ae2%vic2 prefixlen 64 scopeid 0x3
vic3: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        lladdr 00:0c:29:5a:4a:ec
        priority: 0
        media: Ethernet autoselect
        status: active
        inet 192.168.245.10 netmask 0xffffff00 broadcast 192.168.245.255
        inet6 fe80::20c:29ff:fe5a:4aec%vic3 prefixlen 64 scopeid 0x4
enc0: flags=0<> mtu 1536
        priority: 0
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33200
        priority: 0
        groups: pflog
#
Anyway my goal is to issue this command successfully:

Code:
# ifconfig carpHA1 vhid 1 pass mypass carpdev vic2 175.0.0.11 netmask 255.0.0.0
ifconfig: SIOCGVH: Device not configured
#
Where I'm wrong?
Reply With Quote
  #5   (View Single Post)  
Old 12th December 2010
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,198
Thanked 182 Times in 149 Posts
Default

You have to use a nr instead of a string e.g. carp0 instead of carpHA1. From the carp(4) man page.
Code:
    A carp interface can be created at runtime using the ifconfig carpN
     create command or by setting up a hostname.if(5) configuration file for
     netstart(8).

Code:
j65nko@hercules[~/SNAP/AMD64]sudo ifconfig carp0 vhid 1 pass mypass\
 carpdev re0 175.0.0.11 netmask 255.0.0.0 
 
j65nko@hercules[~/SNAP/AMD64] ifconfig carp0
carp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        lladdr 00:00:5e:00:01:01
        priority: 0
        carp: MASTER carpdev re0 vhid 1 advbase 1 advskew 0
        groups: carp
        inet6 fe80::200:5eff:fe00:101%carp0 prefixlen 64 scopeid 0x7
        inet 175.0.0.11 netmask 0xff000000 broadcast 175.255.255.255
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #6   (View Single Post)  
Old 12th December 2010
ripp3r ripp3r is offline
New User
 
Join Date: Dec 2010
Posts: 5
Thanked 0 Times in 0 Posts
Default

Oh my... I AM SOOOOO STUPID!

of course carpN means that YOU MUST supply a number -.-

What can I say... thank you!

Have a great day.

ps: thanks @ all for your help!
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ifconfig: SIOCAIFADDR: File exists zomo OpenBSD General 7 23rd December 2008 10:20 PM
need some basic help on ifconfig daemon-dd FreeBSD General 4 29th July 2008 03:21 PM
FreeBSD's Ifconfig for WEP tz24 FreeBSD General 15 13th June 2008 02:17 AM
hard lock on ifconfig wi0 up reuteler OpenBSD General 11 25th May 2008 06:22 PM
ifconfig problem ichigo OpenBSD General 3 20th May 2008 10:59 PM


All times are GMT. The time now is 08:53 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick