Has anyone else had problems with vic(4) in the Dec 11th i386 snap? I
have a guest on ESXi 3.5 that I upgraded from 4.3 to 4.4-release and
it was working fine, but then I upgraded to the latest i386 snap and I
no longer saw any traffic to/from the guest when viewing tcpdump, even
on other
On Dec 13, 2008, at 2:14 AM, David Gwynne wrote:
vic seems fickle with jumbos. ive backed them out very recently, so
try building your own kernel or wait for a new snapshot. it should
be working now.
dlg
On 13/12/2008, at 6:51 PM, Brian Keefer wrote:
Has anyone else had problems with vic
On Jan 3, 2009, at 7:41 AM, Daniel A. Ramaley wrote:
> Hello. I have what is hopefully a quick question. Has anyone
> successfully run OpenBSD 4.4 in a virtualized environment? If so,
> which
> one?
It works great in VMware ESXi and VMware Fusion. No special magic, it
Just Works(tm).
--
bk
On Jan 4, 2009, at 9:36 AM, Daniel A. Ramaley wrote:
Strangely enough, after asking my question, i reinstalled OpenBSD in
VirtualBox with slightly different settings and now it is working just
fine. I've managed to build a -stable release. I haven't tried running
X, but just being able to compil
I'm probably ignorant, but I can't seem to find a way to increase the
window scaling multiplier on an OpenBSD client. It's always zero. It
seems the only significantly value for net.inet.tcp.rfc1323 is 0
(disabled) vs. non-0 (ws=0). Am I missing something?
--
bk
On Jan 30, 2009, at 6:29 PM, jared r r spiegel wrote:
On Fri, Jan 30, 2009 at 05:55:48PM -0800, Philip Guenther wrote:
It seems the
only significantly value for net.inet.tcp.rfc1323 is 0 (disabled)
vs. non-0
(ws=0). Am I missing something?
You'll never see a scale size larger than zero u
On Jan 31, 2009, at 4:57 AM, Stuart Henderson wrote:
On 2009-01-31, Brian Keefer wrote:
Great, thanks for the pointers! I'm trying to fiddle with iperf
performance testing going to a Linux box. tcpbench works great on
OpenBSD, but it seems iperf is the only thing readily availabl
On Feb 8, 2009, at 9:31 PM, Thomas Pfaff wrote:
On Sun, 8 Feb 2009 15:53:01 -0700 (MST)
Marc Balmer wrote:
CVSROOT:/cvs
Module name:src
Changes by: mbal...@cvs.openbsd.org 2009/02/08 15:53:01
Removed files:
usr.sbin/wake : Makefile wake.8 wake.c
Log message:
Remove
On Feb 10, 2009, at 12:05 PM, Jakob Schlyter wrote:
actually, the ssi thingy is build but not included in the binary
package. I've updated the port to include it.
jakob
I just wanted to let you know that I did a "make update" on the latest
source and it worked great (macppc -curr
On Feb 13, 2009, at 4:47 PM, Jordi Beltran Creix wrote:
Hello,
Forgive me, but wouldn't
(echo "Subject: type of machine" ; dmesg ; sysctl hw.sensors) |
sendmail -f$YOUR_EMAIL dm...@openbsd.org
be better?
Else, if the hostname is not a valid domain, the mail does not get
through.
Regards,
On Feb 20, 2009, at 8:37 AM, Lars Noodin wrote:
E-Mail is not an acceptable surrogate for a networked filesystem.
Regards
-Lars
All right, I've had enough of your tilting at windmills. This battle
has been fought and lost already. E-mail is the de facto way to
collaborate, and that include
On Feb 25, 2009, at 12:18 PM, new_guy wrote:
Hi guys.
I'm helping a friend install 4.4 (Sparc64) on this SunFire V120 he
got for
free :) It's a very nice box with a working Solaris install. It
boots the
install.iso and proceeds to install, but when we get to the point of
selecting a root d
On Feb 28, 2009, at 12:28 PM, Laurent CARON wrote:
Steve Shockley wrote:
On 2/27/2009 8:43 AM, Laurent CARON wrote:
- Forcing speed on switch
- Forcing speed on nic
Why? This practice made sense when 10baseT gear from different
vendors wasn't compatible, but not for the last 15-20 years.
On Mar 25, 2009, at 8:14 AM, frantisek holop wrote:
hmm, on Wed, Mar 25, 2009 at 03:40:09PM +0100, Gilles Chehade said
that
Are you sure ?
just because you demonstrated a smtp session with
a questionably set up mail server it doesn't mean
you are right. sendmail by default does not check he
On Mar 25, 2009, at 9:41 AM, frantisek holop wrote:
of course its true downside (just like greyfiltering's) is that it
needs a considerable amount of babysitting. but it's worth it for me.
So basically, it's not reliable and any "work saved" from the MTA is
doubled by humans. You're failin
On Mar 27, 2009, at 12:46 PM, John Brooks wrote:
Their response:
... "my understanding of the security policy
is not to acknowledge mistakes in email addresses as a best
practice defense against phishing and other types of email
delivered attacks."
Anybody run into this kind of logic before?
On Apr 8, 2009, at 7:27 AM, Jose Fragoso wrote:
The user account is open. The user starts to opt-in some
mailing lists. He is added to some others with opt-out
policy. Sometime later, the user is removed before
he opts-out of the list he (was) subscribed.
...
I would like to hear from membe
OK, so just to be clear I'm not a terribly clever person. I have no
idea what I should be looking for to diagnose this issue. It's
entirely possible that I have something configured stupidly/wrong,
etc or that the answer is right in front of me, but I wouldn't know.
I've done a little go
On Dec 12, 2006, at 11:46 PM, Brian Keefer wrote:
OK, so just to be clear I'm not a terribly clever person. I have
no idea what I should be looking for to diagnose this issue. It's
entirely possible that I have something configured stupidly/wrong,
etc or that the answer is righ
n 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
biomask 0 netmask 0 ttymask 0
pctr: 686-class user-level performance counters enabled
mtrr: Pentium Pro MTRR support
apm0: disconnected
dkcsum: wd0 matches BIOS drive 0x80
root on wd0a
rootdev=0x0 rrootdev=0x300 rawdev=0x302
cpu1: unknown Core FSB_FREQ value 0 (0x0)
Brian Keefer
www.Tumbleweed.com
"The Experts in Secure Internet Communication"
On Dec 22, 2006, at 3:09 AM, Reyk Floeter wrote:
On Fri, Dec 22, 2006 at 02:35:00AM -0800, Brian Keefer wrote:
Not sure if anyone else has noticed, but VMware finally released
Fusion for public beta. It's the port to Macintel.
Only caveat so far is that Fusion wouldn't mount the O
On Dec 22, 2006, at 5:15 AM, Reyk Floeter wrote:
On Fri, Dec 22, 2006 at 03:59:10AM -0800, Brian Keefer wrote:
Here're the dmesg's from RAMDISK_CD and GENERIC.MP on a MBP 15"
CoreDuo 2.16GHz:
can you try 4.0-current (or a recent snapshot)? it should use the
new
vic(4) dr
On Dec 22, 2006, at 10:26 AM, Jason Dixon wrote:
On Dec 22, 2006, at 12:31 PM, Brian Keefer wrote:
Jason, what does your .vmx look like?
Oddly, I also found a statement: deploymentPlatform = "windows",
which I found rather odd since I choose other/other for the OS and
type.
(sorry for the repost, I guess there aren't many eyes on ppc@)
Has anyone else noticed extremely poor performance with gem(4)
devices, particularly on the Mac Mini G4?
dmesg is below, but the summary is that I have a gem(4), and after
finally being fed up with the poor performance I plugged
On Jan 21, 2007, at 6:36 AM, Mark Kettenis wrote:
Getting quite decent performance on my Mac mini G4:
gem0 at pci2 dev 15 function 0 "Apple Uni-N2 GMAC" rev 0x80: irq
41, address 00:0d:93:60:dd:1a
bmtphy0 at gem0 phy 0: BCM5221 100baseTX PHY, rev. 4
With an msk(4) at the other end and a dec
terms of cost-savings in other areas is something else to
consider--would a commercial product block more malware, have less
false-positives, be able to comply with government regulations, etc?
Brian Keefer
www.Tumbleweed.com
"The Experts in Secure Internet Communication"
of
third-party commercial software in addition to your own code, sadly
Linux is currently a better choice. I personally cannot stand Linux,
but even I consider Linux a safer choice for an embedded OS right now
(safer as in: you won't have to struggle for weeks to get your
software t
On Jan 21, 2007, at 4:34 PM, bofh wrote:
On 1/21/07, Brian Keefer <[EMAIL PROTECTED]> wrote:
Because driver support for Linux is a lot better than for OpenBSD,
I'm not sure if I believe this to be as strong an argument since, as
the blackbox maker, you have your choice of hard
On Jan 21, 2007, at 8:00 PM, L. V. Lammert wrote:
On Sun, 21 Jan 2007, Brian Keefer wrote:
The company I worked for considered switching our appliance OS to a
*BSD from Linux, but in the end we decided that commercial support
was too important to ignore.
There ARE a number of vendors
ly
isn't in "localnets" (hence, no recursion). Try manually adding your
subnets to the ACL, for instance 192.168.0.0/16; (or whatever your
internal network is).
Brian Keefer
www.Tumbleweed.com
"The Experts in Secure Internet Communication"
On Jan 19, 2007, at 10:58 AM, Tonnerre LOMBARD wrote:
We chose Gandi for controversial web sites (like ffii.org) because
they tend not to shut down the delegation whenever they receive a
preliminary injunction.
For any kind of Open Source movement, this might become crucial
in the future...
arounds.
In the case of a greylisting type of solution, it seems that
identification would be especially devastating since the work-around
is so trivial. Unless my understanding is very wrong, the whole
effectiveness of the solution depends on the spammers not realizing
the differe
;t have to pay for them (or very little for a bot herd
compared to "bulletproof hosting"), but it could make them a little
more efficient.
The history of fighting spam has tended to show that if any form of
combating spam becomes too effective (and wide-spread), spammers wi
On Feb 20, 2007, at 12:36 PM, Darren Spruell wrote:
On 2/20/07, Brian Keefer <[EMAIL PROTECTED]> wrote:
In the case of a greylisting type of solution, it seems that
identification would be especially devastating since the work-around
is so trivial. Unless my understanding is very wron
On Feb 20, 2007, at 1:51 PM, [EMAIL PROTECTED] wrote:
On Tue, 20 Feb 2007 12:57:54 -0800, "Brian Keefer" <[EMAIL PROTECTED]>
said:
Now they've evolved to using botnets and the vast majority of spam
comes from such systems, so the bandwidth costs are gone and the
hosting
on these issues over the last several weeks. The
normal caveat applies of course: OpenBSD named is not stock BIND,
but it'll point you in the right direction.
Brian Keefer
Sr. Systems Engineer
www.Proofpoint.com
"Defend email. Protect data."
On Jul 20, 2008, at 1:48 AM, Uwe Dippel wrote:
On Mon, 14 Jul 2008 12:47:40 -0500, Karl O. Pinc wrote:
I've an OpenBSD box that's been running postfix for a few
years, strictly as a "send-only" mta, and every night the
box gets rebooted. Every couple of months postfix does
not come up on reb
On Sep 20, 2008, at 10:02 PM, Sunnz wrote:
OK I am trying to completely erase the data of a hard disk so I though
I can just do `dd if=/dev/arandom of=/dev/rwd0c` as to my
understanding that is the entire hard disk (slice c) of wd0 in 'raw'
mode?
But that dd refuse to do it.
This is running of
On Sep 23, 2008, at 8:49 PM, Ted Unangst wrote:
On Tue, Sep 23, 2008 at 11:28 PM, Brian Keefer <[EMAIL PROTECTED]>
wrote:
I booted a Sunfire V120 off a 4.4 snapshot CD and dd if=/dev/zero
of=/rsd0
was humming along quite nicely when I left this evening.
You may want to go back a
On Sep 23, 2008, at 11:17 PM, Brian Keefer wrote:
On Sep 23, 2008, at 8:49 PM, Ted Unangst wrote:
On Tue, Sep 23, 2008 at 11:28 PM, Brian Keefer <[EMAIL PROTECTED]>
wrote:
I booted a Sunfire V120 off a 4.4 snapshot CD and dd if=/dev/zero
of=/rsd0
was humming along quite nicely when
On Oct 1, 2008, at 11:11 AM, Peter J. Philipp wrote:
Fernando Gont wrote:
If the discoverers of this bug don't make their sockstress
available to OpenBSD then I have a userland TCP/IP stack for
OpenBSD developers (mail me), but it's only written to be a server,
but I suspect it would be ea
The t-shirt looks great.
Thanks to everyone involved for another great release!
--
bk
I'm finally getting around to starting my project to build a home-
monitoring system. I'm going to need multiple capture devices inside
the home, and at least one outside as well. I'm looking for
recommendations on a video capture card, and wireless video cameras.
I don't mind spending >
On Nov 1, 2008, at 10:21 PM, Duncan Patton a Campbell wrote:
On Fri, 31 Oct 2008 20:28:34 -0700
Brian Keefer <[EMAIL PROTECTED]> wrote:
I'm finally getting around to starting my project to build a home-
monitoring system. I'm going to need multiple capture devices inside
On Nov 2, 2008, at 6:52 AM, Stuart Henderson wrote:
On 2008-11-02, Brian Keefer <[EMAIL PROTECTED]> wrote:
On Nov 1, 2008, at 10:21 PM, Duncan Patton a Campbell wrote:
Unless you have a good reason not to, use "WebCams" that implement
an http(s) server on camera.
The u
On Nov 11, 2008, at 2:01 PM, Administrator wrote:
Brian Keefer wrote:
On Nov 11, 2008, at 12:42 PM, Administrator wrote:
Nope, didn't help. There must be some other mistery. Now it stops
at DHCPOFFER part.
DHCPDISCOVER from 00:50:18:48:cb:3d via vlan51
DHCPOFFER on 192.168.51.3 to
On Nov 24, 2008, at 9:32 AM, K H A I wrote:
Hello,
I receive sunfire V100 hardware wifh 512K RAM , IDE cdrom without
hard disk.
Does any one know it support regular ide hard drive?
what bsd architecture support it? is it sparc 64 or sun ?
if any one has experience helps to make it work is
Make sure you're setting a state.
I had the same problem with gmail, and then I realized that I had
accidentally preempted the rule which was setting state on my DMZ
interface. Once I fixed that I didn't have any more problems.
--
chort
On Jun 24, 2008, at 10:56 AM, Monah Baki wrote:
On Jul 14, 2008, at 10:28 PM, Parvinder Bhasin wrote:
On Jul 14, 2008, at 10:00 PM, Ryan McBride wrote:
On Mon, Jul 14, 2008 at 09:48:22PM -0700, Parvinder Bhasin wrote:
what gives?
Oh, I missed this before:
pass in on $ext_if proto tcp from any to 75.36.44.22 port 80
pass in on $ext_if
om this morning's snapshot and the issue
hasn't resurfaced yet...
Brian Keefer
www.Tumbleweed.com
"The Experts in Secure Internet Communication"
On Nov 15, 2006, at 9:25 AM, Kian Mohageri wrote:
>
>
> On 11/14/06, Brian Keefer <[EMAIL PROTECTED]> wrote:
>
> FWIW I was having very similar problems with em(4) in OpenBSD 4.0-
> release under VMware (amd64 SMP). It would cease to recognize ARP
> replies and just
8. Of
course you can only upgrade if you install a minimal OS X... :-/
I don't have a mini (or any reasonably current Apple hardware) but the
issue you mentioned reminded me of this post by Brian Keefer:
http://marc.theaimsgroup.com/?l=openbsd-sparc&m=116483175532387&w=2
It may
Hello,
I'm trying to do roadwarrior VPN between OSX (mobile) and OpenBSD (gateway)
using certificates for peer identification. Is it possible to list a UFQDN as
a peer? When I try something like this on the gateway:
ike passive from any to any peer u...@host.tld \
main auth hmac-sha1 enc
This is with 4.9 GENERIC#48 macppc snapshot from ftp.openbsd.org . I had
originally updated from a 4.8 snapshot yesterday to 4.9-release, then a 4.9
snapshot from a few days prior (downloaded from ftp5.usa.openbsd.org). When I
pointed PKG_PATH to
ftp://ftp5.usa.openbsd.org/pub/OpenBSD/snapshots/p
On Jul 17, 2011, at 12:03 PM, Amit Kulkarni wrote:
>> I guess I missed a step in upgrading from 4.8 to 4.9, or from 4.9 to
-current,
>> but I can't seem to figure out what I missed from reading upgrade49.html
or
>> current.html.
>>
>>
>> Can't install libiconv-1.13p2 because of libraries
>> |libra
On Jul 17, 2011, at 12:24 PM, Amit Kulkarni wrote:
>> I was just doing pkg_add -ui. Individual packages might be attempting to
> upgrade to a specific version though, eh? I was looking for Python 2.7, but
I
> don't see it anywhere. I had previously symlinked /usr/local/bin/python to
> the 2.6 v
On Aug 28, 2011, at 8:00 AM, Tomas Bodzar wrote:
> Hi all,
>
> after reading this thread
> http://mail-index.netbsd.org/netbsd-users/2011/08/22/msg008819.html
> (and main link which caused that
> http://lists.freebsd.org/pipermail/freebsd-arch/2011-August/011412.html)
> I must really say thanks a
On May 10, 2010, at 4:52 AM, matteo filippetto wrote:
> Hi all,
>
> today cd arrived in Italy
>
> Thanks!
>
> --
> Matteo Filippetto
>
And California, USA.
Thanks for another great release.
--
bk
On Jan 7, 2010, at 10:23 AM, James Records wrote:
> Justin,
>
> The article doesn't say which option causes this, so its hard to tell, once
> you do find this info though
It's not like it's that difficult. Did you see the post on ptresearch? Just
test sending the 256 possible packets at a lab m
No I'm not using PHP. The only thing I can think of different from stock
httpd.conf is that I turned on Server Side Includes. I have some named-based
virtual hosts, but I can't imagine that's uncommon... Oh, I think I had
ExtendedStatus off before and it's on now.
I'm actually running a snapsho
On Jan 18, 2010, at 3:43 PM, Aaron Mason wrote:
> On Tue, Jan 19, 2010 at 10:31 AM, Brian Keefer wrote:
>> No I'm not using PHP. The only thing I can think of different from stock
>> httpd.conf is that I turned on Server Side Includes. I have some
> named-based
>&g
Hello,
I'm wondering what other folks are using to graph pf data beyond what is
provided by pfstat. The aggregate values are useful and I'd also like to
setup graphs of particular services, particular tables, etc. Is there a way
for pfstat to graph labeled traffic that I have overlooked?
I also
On Feb 15, 2010, at 3:29 PM, Jason Dixon wrote:
> On Mon, Feb 15, 2010 at 03:00:59PM -0800, Brian Keefer wrote:
>> Hello,
>>
>> I'm wondering what other folks are using to graph pf data beyond what is
>> provided by pfstat. The aggregate values are useful and I&#
# make
cc -O2 -pipe -DDEBUG -Wall -Wstrict-prototypes -Wundef -c /usr/src/
usr.bin/aucat/aucat.c
cc -O2 -pipe -DDEBUG -Wall -Wstrict-prototypes -Wundef -c /usr/src/
usr.bin/aucat/abuf.c
cc -O2 -pipe -DDEBUG -Wall -Wstrict-prototypes -Wundef -c /usr/src/
usr.bin/aucat/aparams.c
cc -O2 -
On Jul 26, 2009, at 11:17 PM, Alexandre Ratchov wrote:
On Mon, Jul 27, 2009 at 07:57:58AM +0200, Alexandre Ratchov wrote:
it seems that /usr/include/sndio.h is not up to date. Does
the following help?
cd /usr/src/include
cvs update sndio.h
sudo make install
On Jul 28, 2009, at 7:57 PM, frantisek holop wrote:
morning,
https://www.isc.org/node/474
http://www.kb.cert.org/vuls/id/725188
-f
--
if its stupid and it works - its not stupid
Works great vs. this snapshot:
OpenBSD 4.6-current (GENERIC) #46: Wed Jul 15 20:15:31 MDT 2009
dera...@spa
On Jul 28, 2009, at 8:40 PM, Robert wrote:
On Wed, 29 Jul 2009 04:57:29 +0200
frantisek holop wrote:
morning,
https://www.isc.org/node/474
http://www.kb.cert.org/vuls/id/725188
-f
Hi,
it's late/early so the following comes without warranty.
Compiles, install and works for me on -current
4.9 GENERIC#626 i386
I write a rule that says this:
pass in on $ext_if inet6 proto ipv6-icmp from any to 2620:0100:900f:c9::/56
and pfctl shows this:
pass in on em2 inet6 proto ipv6-icmp from any to 2620:100:900f::/56 keep
state
Maybe I'm crazy, but it seems 2620:100:900f:: would be /48 (assumin
On Feb 1, 2011, at 11:00 PM, Paul de Weerd wrote:
> On Tue, Feb 01, 2011 at 10:51:00PM -0800, Brian Keefer wrote:
> | 4.9 GENERIC#626 i386
> |
> | I write a rule that says this:
> | pass in on $ext_if inet6 proto ipv6-icmp from any to
2620:0100:900f:c9::/56
> |
> | and pfctl
69 matches
Mail list logo
