layer 2 pf question

Dear list, What do openbsd users do when they need to filter/redirect traffic based on layer 2 addresses? I'm using 4.0 generic on a 386. Many thanks poncenby

Re: Mail Server (seeking recommendations)

On Apr 17, 2007, at 2:35 PM, Timo Schoeler wrote: On Tue, 17 Apr 2007 00:06:57 -0700 Bryan Vyhmeister <[EMAIL PROTECTED]> wrote: Thanks for that tip. Unfortunately, it was with a server that did not support server-side sorting. The server was EIMS (http:// www.eudora.co.nz), a mail server that

Re: Static Ip's: Routing and Fowarding

On Apr 17, 2007, at 7:56 PM, Bray Mailloux wrote: Do you suppose that I should start checking for hardware problems or in other network configurations? Not just yet. Run: pfctl -sn and also: pfctl -sr and post the output of both. Bryan

Re: Static Ip's: Routing and Fowarding

On Apr 17, 2007, at 7:54 PM, Bray Mailloux wrote: # macros ext_if="rl0" int_if="rl1" #NAT nat on $ext_if from $int_if -> ($ext_if:0) #Pass pass in all pass out all keep state It still isn't working with keep state. Let's make it this: ext_if="rl0" int_if="rl1" set skip on { lo rl1 } scrub

Re: Static Ip's: Routing and Fowarding

On Apr 17, 2007, at 7:39 PM, Bray Mailloux wrote: Bryan Vyhmeister wrote: Do you have 'pass out' in your pf.conf? Yes, "pass out all". Can you post your pf.conf? Bryan

Re: Static Ip's: Routing and Fowarding

On Apr 17, 2007, at 7:20 PM, Bray Mailloux wrote: OK, I've tried your nat rule and am using a completely open pass rule to allow in all traffic but cannot ping the internet. Any other ideas? What are some trouble shooting techniques I could try? Actually, the rule should be 'pass out keep st

Re: Static Ip's: Routing and Fowarding

On Apr 17, 2007, at 7:20 PM, Bray Mailloux wrote: OK, I've tried your nat rule and am using a completely open pass rule to allow in all traffic but cannot ping the internet. Any other ideas? What are some trouble shooting techniques I could try? Do you have 'pass out' in your pf.conf? Bryan

Re: Static Ip's: Routing and Fowarding

BradenM - Sonoma Computer wrote: - Original Message - From: "Bryan Vyhmeister" <[EMAIL PROTECTED]> To: "Bray Mailloux" <[EMAIL PROTECTED]> Cc: Sent: Tuesday, April 17, 2007 9:08 AM Subject: Re: Static Ip's: Routing and Fowarding On Apr 17, 2007, at 8:30 AM, Bray Mailloux wrote: Shoul

Re: Blocking web content

[EMAIL PROTECTED] wrote: > I run an openbsd firewall. I want to block certain sites either by IP > address or by domain name. How do I get more information on how to set > this up? > > Thanks in advance. I'm very fond of DNS blocking: http://www.holland-consulting.net/tech/imblock.html simple

Re: Blocking web content

On 4/17/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: I run an openbsd firewall. I want to block certain sites either by IP address or by domain name. How do I get more information on how to set this up? Thanks in advance. 0) Search google. "layer 7 filtering" is a good keyword to start w

Blocking web content

I run an openbsd firewall. I want to block certain sites either by IP address or by domain name. How do I get more information on how to set this up? Thanks in advance.

Re: Sangoma S518 PCI ADSL Modem

On 4/17/07, Jeffrey C. Ollie <[EMAIL PROTECTED]> wrote: >I have seen inside some of the blobs, in my work on the driver. It might be that we > could get Sangoma to release the rest of the blobsource if we showed an interest in caring > for and improving it. They didn't make me provide a DNA s

Re: 10Gb Ethernet gear: CX4 cables needed

someone just sent me some cash via paypal, so i just bought myself a cx4 cable. hopefully we'll see some packets moving on the tehuti network cards in the next week or so. thanks guys, dlg On Tue, Apr 17, 2007 at 11:36:28AM +0200, Reyk Floeter wrote: > hi, > > dlg and me started working on drive

Re: Sangoma S518 PCI ADSL Modem

On Tue, 2007-04-17 at 15:51 -0600, Chris 'Xenon' Hanson wrote: > Jeffrey C. Ollie wrote: > > Unfortunately there is quite a bit of code in the Sangoma drivers that > > are binary blobs with no source. It's more than just firmware that is > > loaded onto the card itself, the binary blobs make up a

Re: Loading a Second Kernel

> Hi Hi > Im trying to find a way to do a sort of very soft reboot. For example I > want to boot up the computer into a kernel on one drive, and then after > saying reboot, the computer loads up a kernel from a second drive. forget about pc then move onto Sun and the like eeprom boot-device di

Re: Finding a ral(4) cardbus card

Luke Eckley wrote: > I am having a hard time finding a ral(4) cardbus card for my laptop. I > recently bought a Hawking Tech HWC54G - which happens to be acx(4) - > thinking I was buying a Hawking Tech HWC54GR (which is listed as > supported by ral(4)). I don't have any experience with cardbus ral

Re: Sangoma S518 PCI ADSL Modem

Jeffrey C. Ollie wrote: Unfortunately there is quite a bit of code in the Sangoma drivers that are binary blobs with no source. It's more than just firmware that is loaded onto the card itself, the binary blobs make up a large portion of the kernel modules that run on the host. The drivers work,

Re: Mail Server (seeking recommendations)

On Tue, 17 Apr 2007 00:06:57 -0700 Bryan Vyhmeister <[EMAIL PROTECTED]> wrote: > On Apr 16, 2007, at 11:54 PM, Timo Schoeler wrote: > > I can just vote for postfix/cyrus, or even better (from a licensing > > PoV), sendmail/cyrus. > > > > Speaking of Squirrelmail: Did you enable server-side sorting

Re: Sangoma S518 PCI ADSL Modem

On Tue, 2007-04-17 at 14:39 -0600, Chris 'Xenon' Hanson wrote: > The driver is open source, and there is an (old) version > of it integrated into the OBSD kernel. I doubt this old driver is something you want to > mess with though. > >There is some sort of special-purpose processor on the card

Re: openbsd on a geode

christian johansson wrote: ... I've been looking at some geode cards, like this one: http://www.commell-sys.com/Product/SBC/LE-342.htm (3.5" form factor) ... This looks very much like a board I tested about 6 years ago. It's just a small PC. Connect hard disk + CD to IDE (you'll need an adapt

Re: Sangoma S518 PCI ADSL Modem

christian johansson wrote: After reading all responses to my previous post (thanks guys!), I think its pretty clear I was barking up the wrong tree, not looking at the ready built soekrises :) So on to my next question, what to use for an internal dsl card. After googling around, it seems clear t

Re: openbsd on a geode

> hahaha.. I actually *just* started working on getting OpenBSD on the > geode. I picked up one of these (used): > http://www.alptech.com/html/embedded/em_351a.htm where did you buy it from, and how much was it, if you don't mind me asking? Found it around the engineering firm I have been wor

Sangoma S518 PCI ADSL Modem

After reading all responses to my previous post (thanks guys!), I think its pretty clear I was barking up the wrong tree, not looking at the ready built soekrises :) So on to my next question, what to use for an internal dsl card. After googling around, it seems clear there are no modern / reliabl

Re: openbsd on a geode

On 2007/04/17 11:26, christian johansson wrote: > I'm looking for a very small, cheap and low-power machine to use as a > (residential) firewall with openbsd on it. Runs ok on soekris net4501, net4801, and pcengines WRAP (1E for sure, probably 2C as well). They are rather cpu-limited, if you're ex

Re: openbsd on a geode

And PC Engines WRAP boards, too, but neither it nor the Soekris net4801 units are as small as what the other person is looking at. Greg Nor as feature-packed..these little Geode boards end up having quite a list of devices/chips integrated into the system. ~J -- IEEE Student Branch Presiden

Re: openbsd on a geode

On 4/17/07, Bryan Vyhmeister <[EMAIL PROTECTED]> wrote: On Apr 17, 2007, at 11:26 AM, christian johansson wrote: > I'm looking for a very small, cheap and low-power machine to use as a > (residential) firewall with openbsd on it. > > > I've been looking at some geode cards, like this one: > http

Re: openbsd on a geode

On Apr 17, 2007, at 11:26 AM, christian johansson wrote: I'm looking for a very small, cheap and low-power machine to use as a (residential) firewall with openbsd on it. I've been looking at some geode cards, like this one: http://www.commell-sys.com/Product/SBC/LE-342.htm (3.5" form factor)

Re: Static Ip's: Routing and Fowarding

- Original Message - From: "Bryan Vyhmeister" <[EMAIL PROTECTED]> To: "Bray Mailloux" <[EMAIL PROTECTED]> Cc: Sent: Tuesday, April 17, 2007 9:08 AM Subject: Re: Static Ip's: Routing and Fowarding On Apr 17, 2007, at 8:30 AM, Bray Mailloux wrote: Shouldn't the internet connection be pa

Re: Loading a Second Kernel

On Tue, 2007-04-17 at 14:33 -0400, Jon Steel wrote: > Hi > > Im trying to find a way to do a sort of very soft reboot. For example I > want to boot up the computer into a kernel on one drive, and then after > saying reboot, the computer loads up a kernel from a second drive. > > I have gotten thi

Re: Loading a Second Kernel

On Tue, Apr 17, 2007 at 02:33:33PM -0400, Jon Steel wrote: > Im trying to find a way to do a sort of very soft reboot. For example I > want to boot up the computer into a kernel on one drive, and then after > saying reboot, the computer loads up a kernel from a second drive. > > I have gotten this

Loading a Second Kernel

Hi Im trying to find a way to do a sort of very soft reboot. For example I want to boot up the computer into a kernel on one drive, and then after saying reboot, the computer loads up a kernel from a second drive. I have gotten this to work with the use of a file to pass information between boots

openbsd on a geode

I'm looking for a very small, cheap and low-power machine to use as a (residential) firewall with openbsd on it. I've been looking at some geode cards, like this one: http://www.commell-sys.com/Product/SBC/LE-342.htm (3.5" form factor) Commell-sys is based in S Korea and I can't seem to find an

Re: Recommendation for a UPS

what is the nut list - Original Message - From: "bofh" <[EMAIL PROTECTED]> To: "[EMAIL PROTECTED] Org" Sent: Monday, April 16, 2007 9:40 AM Subject: Re: Recommendation for a UPS On 4/15/07, bofh <[EMAIL PROTECTED]> wrote: Or, find an old ups with a serial port, make sure it's on th

OT: Live feedback for OpenBSD on Sun V125 vs X2100 M2

Hi, Can anyone provide me some live feedback on performance and possible difference pro/cons between the two Sun servers V125 & X2100 M2? Other then one being SCSI and the other being SATA, I am looking for performance differences, stability and how well it perform with OpenBSD 4.1 on it. I

Re: OpenBSD/alpha Status

On Apr 17, 2007, at 10:19 AM, Henning Brauer wrote: * Bryan Vyhmeister <[EMAIL PROTECTED]> [2007-04-17 18:29]: This doesn't sound so promising. I guess the basic idea is that I need to hope that any CS20 machines I get are not affected by the bug. they are, every alpha is. they seem to be a

Re: OpenBSD/alpha Status

* Bryan Vyhmeister <[EMAIL PROTECTED]> [2007-04-17 18:29]: > This doesn't sound so promising. I guess the basic idea is that I > need to hope that any CS20 machines I get are not affected by the bug. they are, every alpha is. they seem to be affected least tho. it's been a while that i saw The

Re: Distributed File System

try web DAV - works a treat for me on OpenBSD with linux, Mac & windows clients... /pete On 17 Apr 2007, at 2:28 AM, Rico Secada wrote: Hi all. At work I am experiencing with setting up some distributed file system, at the current moment working with NFS. The problem is that it is be

Re: Static Ip's: Routing and Fowarding

On Apr 17, 2007, at 8:30 AM, Bray Mailloux wrote: Shouldn't the internet connection be passed around to other hosts on the network without the use of nat and pf? Ip forwarding is on, isn't that enough? I'm just trying to get the internet connection out to other computers, filtering comes aft

Re: OpenBSD/alpha Status

On Apr 17, 2007, at 8:44 AM, Artur Grabowski wrote: Bryan Vyhmeister <[EMAIL PROTECTED]> writes: 1. There is a potential fix for "the alpha bug" coming up Very good! I'm glad to hear that. Hm. I think I've heard that one before.. Hell, I've even said it many times before.. This doesn't s

Re: OpenBSD/alpha Status

"J.C. Roberts" <[EMAIL PROTECTED]> writes: > -- The trouble is, when > you have a strange "mystery bug" floating out there, it may or may not > be correctly blamed for any and all problems. naaah. //art

Re: Mail Server (seeking recommendations)

On Mon, Apr 16, 2007 at 03:48:00PM -0500, Sam Fourman Jr. wrote: > > > >> Having the mail daemons use SQL for auth was too slow. > >> > would using postgreSQL for auth with postfix / Dovecot be slow even if > you used top of the line hardware say a dual core CPU and 4GB memory > w/ RAID 0?I am thin

Re: OpenBSD/alpha Status

Bryan Vyhmeister <[EMAIL PROTECTED]> writes: > > 1. There is a potential fix for "the alpha bug" coming up > > Very good! I'm glad to hear that. Hm. I think I've heard that one before.. Hell, I've even said it many times before.. //art

Re: Recommend Technical Networking Book?

> # The Tao of Network Security Monitoring: Beyond Intrusion Detection, > # > > > # by Richard Bejtlich > # >

Re: OpenBSD/alpha Status

On 4/16/07, J.C. Roberts <[EMAIL PROTECTED]> wrote: The trouble is, when you have a strange "mystery bug" floating out there, it may or may not be correctly blamed for any and all problems. So, that's the cause of global warming... :)

Audio for OpenAFS presentations

While we're on the topic of OpenAFS ... are there any good conference workshops, presentations or interviews online (MP3 / Vorbis / AAC) covering OpenAFS on OpenBSD? Or failing that, on OpenAFS security or OpenAFS in general? -Lars Lars NoodC)n ([EMAIL PROTECTED]) Ensure access to your

Re: OpenBSD/alpha Status

On Tue, 17 Apr 2007 16:10:28 +0200 (CEST) "Siegbert Marschall" <[EMAIL PROTECTED]> wrote: > Hi, > > > > > Hm, this could point to violated hardware specifications, memory cells > > that aren't used fast enough and thus not auto-refreshed in time. > > > > I presume the Alpha-bug is OpenBSD-only so

Re: OpenBSD/alpha Status

Hi, > > Hm, this could point to violated hardware specifications, memory cells > that aren't used fast enough and thus not auto-refreshed in time. > > I presume the Alpha-bug is OpenBSD-only so it's definitely not a > hardware problem? Could be that OpenBSD uses certain parts not often > enough. >

Re: driver question

On 4/17/07, Jonathan Gray <[EMAIL PROTECTED]> wrote: On Mon, Apr 16, 2007 at 05:09:12PM -0700, Ted Unangst wrote: > On 4/16/07, James Mackinnon <[EMAIL PROTECTED]> wrote: > >This was likely answered before. I went hunting and seemed to not find a > >solid > >answer, thus, after the time of lookin

Re: pciide: ATI IXP 600 SATA

Markus, It worked fine here. And i got a lot of increase in I/O subsystem. # dd if=/dev/rsd0f of=/dev/null bs=1024k ^C243+0 records in 243+0 records out 254803968 bytes transferred in 4.318 secs (59004868 bytes/sec) # expr 59004868 / 1024 57621 # I was getting just 1 MB/s. BTW, this machine i us

Re: Recommend Technical Networking Book?

On Mon, Apr 16, 2007 at 01:45:36AM -0700, Clint Pachl scribbled: [snip] # The Tao of Network Security Monitoring: Beyond Intrusion Detection, # # by Richard Bejtlich

Re: pciide: ATI IXP 600 SATA

On Mon, 16 Apr 2007, alemao wrote: I get the dmesg of ahci identifying my card. If you want to send me more patchs to test it's ok. I need to "set tty com0" at boot.conf and unplug my usb devices from it to boot (kbd and mouse, this machine don't have PS/2). It's strange, after the bootloader ti

8-Bit RISC Microcontroller Programming

What options are available for programming 8-bit microcontrollers? I found gputils for Microchip and avr for Amtel in the ports. What is the most supported option? gputils in ports is a three year old version; does it work well? Is anyone using Microchip's PICs; if so, what hardware programmer

uhai18 hmqt amltpmllep ppmaeqq error

Can anyone offer clues as to what may be happening? This is from an old-ish VIA EPIA 5000. The box is not accessible by console or network after this (no panic, though). It happens fairly often but not at predictable intervals. No other corrupted output is seen, just the 'uhai18 hmqt amltpmllep pp

10Gb Ethernet gear: CX4 cables needed

hi, dlg and me started working on drivers for the Tehuti Networks tht(4) and NetXen Inc. nx(4) 10Gb Ethernet devices. This is the second generation of PCI Express-based 10Gb chipsets and they're starting to become widely available. NetXen is beeing integrated in some Blade solutions and Tehuti is

Re: AFS Server on OpenBSD

> I have been trying to find some information on setting up a AFS server on OpenBSD, is it even possible? > > Rico. > If you have more questions regarding openafs, ask [EMAIL PROTECTED] what you're asking about is really AFS-centric, not openBSD-centric. -

Re: 4.0-stable lockup

Adam Hawes wrote: >> Any idea how to diagnose the problem? > > Turn on as much verbose logging as you can and see what you get. Do you > get any kernel crash messages on the console when the machine hangs or > does it just hang up and die? No, there are no kernel messages and nothing in the log

Re: driver question

On 4/17/07, Jonathan Gray <[EMAIL PROTECTED]> wrote: On Mon, Apr 16, 2007 at 05:09:12PM -0700, Ted Unangst wrote: > On 4/16/07, James Mackinnon <[EMAIL PROTECTED]> wrote: > >This was likely answered before. I went hunting and seemed to not find a > >solid > >answer, thus, after the time of lookin

Re: Distributed File System

On Tue, Apr 17, 2007 at 02:28:29AM +0200, Rico Secada wrote: > Hi all. > > At work I am experiencing with setting up some distributed file > system, at the current moment working with NFS. The problem is that it > is being setup at work and people, from their homes, need to be able > to mount the

Re: Mail Server (seeking recommendations)

On Mon, Apr 16, 2007 at 08:17:09PM -0700, Bryan Vyhmeister wrote: > On Apr 16, 2007, at 5:05 PM, Kian Mohageri wrote: > >Throwing in another vote for Dovecot for IMAP. I'm stuck with > >Qmail at the > >moment (works fine), but Postfix is nice. > > > >As for webmail, I haven't heard Roundcube men

important issues

BMO Bank of Montreal Make environmental statement Make an environmental statement BMO Bank of Montreal Estatement Caring for our environment is a huge responsibility, but every little bit helps. That's why we'd like to give you the opportunity to change your current eligible account from paper

Re: Mail Server (seeking recommendations)

On Apr 16, 2007, at 11:54 PM, Timo Schoeler wrote: I can just vote for postfix/cyrus, or even better (from a licensing PoV), sendmail/cyrus. Speaking of Squirrelmail: Did you enable server-side sorting? 4. General Options -> 10. Allow server thread sort: true 11. Allow server-side sorti

Re: driver question

On Mon, Apr 16, 2007 at 05:09:12PM -0700, Ted Unangst wrote: > On 4/16/07, James Mackinnon <[EMAIL PROTECTED]> wrote: > >This was likely answered before. I went hunting and seemed to not find a > >solid > >answer, thus, after the time of looking, I figured I need to take the > >moment > >to ask >