On Mon, Jan 16, 2017 at 11:04:48PM +, Luke Small wrote:
> I'm trying to have pf limit sending TCP packets over lo0 from a specific
> user. I made some rules, but they seem to be ignored when I check on pfctl
> -vvvs rules it goes to the default lo0 pass rule: "pass out quick on lo0
> proto { tc
Hi,
tomr wrote on Tue, Jan 17, 2017 at 05:47:05PM +1100:
> Could you confirm this, my conclusion in brief: either I need to accept
> reading dates MM/DD/ where ports use the equivalent of %x, or I need
> to rely on ports to present DD/MM/ themselves.
I'm not sure that is correct - it mig
Hi,
On 01/17/17 17:22, Ingo Schwarze wrote:
> Hi,
>
> tomr wrote on Tue, Jan 17, 2017 at 04:31:15PM +1100:
>
>> $ locale
>> LANG=en_AU.UTF-8
>> LC_CTYPE="en_AU.UTF-8"
>> LC_TIME=en_AU.UTF-8
>> LC_MESSAGES="en_AU.UTF-8"
>
> That's a bad idea, it will result in an inconsistent user
> experience.
Hi,
tomr wrote on Tue, Jan 17, 2017 at 04:31:15PM +1100:
> I'm trying to get
>
> %xthe date, using the locale's date format
>
> to show dates as DD/MM/, but I can only get MM/DD/. I've
> (attempted to) set my locale appropriately for en_AU, and also tried
> en_GB in case that made a
On Mon, Jan 16, 2017 at 11:04:48PM +, Luke Small wrote:
> I'm trying to have pf limit sending TCP packets over lo0 from a specific
> user. I made some rules, but they seem to be ignored when I check on pfctl
> -vvvs rules it goes to the default lo0 pass rule: "pass out quick on lo0
> proto { tc
I'm trying to get
%xthe date, using the locale's date format
to show dates as DD/MM/, but I can only get MM/DD/. I've
(attempted to) set my locale appropriately for en_AU, and also tried
en_GB in case that made a difference. Running 6.0 generic. Is there
something I'm missing or a way
I'm trying to have pf limit sending TCP packets over lo0 from a specific
user. I made some rules, but they seem to be ignored when I check on pfctl
-vvvs rules it goes to the default lo0 pass rule: "pass out quick on lo0
proto { tcp, udp } from self port 6379 to any port 6379 user luke" and
"block
On 2017-01-16, Damian McGuckin wrote:
> Sorry, lots of good ideas got thrown up while I was asleep.
>
>>> Which code, the 'dig' side or the daemon sucking on the port? I probably
>>> need to discuss this over a beer because there must e something I am
>>> missing.
>
> On Mon, 16 Jan 2017, Stuart H
Absolutely. Have been using OpenBSD as a custom ISO with Vultr for quite
some time now. I'm just pleased by the fact that it's now "officially
supported" as this, for better or worse, will bring in more users to
OpenBSD.
Hopefully this will be a big smack in the face to DigitalOcean as well,
seein
> On Jan 16, 2017, at 4:31 PM, Darren Tucker wrote:
>
> On Tue, Jan 17, 2017 at 6:05 AM, Jordon wrote:
>> What is the “official" way to pledge(2) a portable program?
>
> OpenSSH Portable checks for the presence of pledge in configure
> (https://anongit.mindrot.org/openssh.git/tree/configure.ac#n1
On Tue, Jan 17, 2017 at 6:05 AM, Jordon wrote:
> What is the “official" way to pledge(2) a portable program?
OpenSSH Portable checks for the presence of pledge in configure
(https://anongit.mindrot.org/openssh.git/tree/configure.ac#n1715) and
if not found defines a no-op pledge function
(https://
On Mon, 16 Jan 2017 22:57:31 +0100, Christian Weisgerber
wrote:
> How do you assemble a softraid volume manually?
>
> You can detach it with bioctl -d. But how do you get it back?
> Or in case it wasn't auto-assembled on boot.
>
With the same command you used to create it:
bioctl -c C -l /dev
How do you assemble a softraid volume manually?
You can detach it with bioctl -d. But how do you get it back?
Or in case it wasn't auto-assembled on boot.
--
Christian "naddy" Weisgerber na...@mips.inka.de
On Mon, 16 Jan 2017, Nick Holland wrote:
So. You can run a recursive resolver, an authoritative server, and a few
(or a lot) selectively poisoned forwarding resolvers (for DNS
filtering), each on their own 127/8 address, and use PF or unbound to
select which one a particular user gets access t
Sorry, lots of good ideas got thrown up while I was asleep.
On Mon, 16 Jan 2017, Stuart Henderson wrote:
In that case, unbound bound to an internal address, and NSD not bound to a
specific address, or bound to external and 127.0.0.1.
I did the last of these. Which still needs 'rdr-to' on the
On Mon, Jan 16, 2017 at 01:05:36PM -0600, Jordon wrote:
> What is the ???official" way to pledge(2) a portable program?
>
> Put #ifdef __OpenBSD__ around the pledge call?
>
> Make an #ifndef __OpenBSD__ block that defined the function to always return
> 0?
>
> Something better?
pledge() itself
On 01/16/17 06:58, Damian McGuckin wrote:
> On Mon, 16 Jan 2017, Stuart Henderson wrote:
>
>> On 2017/01/16 15:37, Damian McGuckin wrote:
>>> On Mon, 16 Jan 2017, Stuart Henderson wrote:
>>>
In normal operations NSD _does_ run on port 53.
>>>
>>> Yes. But if you want both NSD and UNBOUND runn
Jordon writes:
> What is the “official" way to pledge(2) a portable program?
>
> Put #ifdef __OpenBSD__ around the pledge call?
>
> Make an #ifndef __OpenBSD__ block that defined the function to always
return
> 0?
This kind of tests harm portability in the long run.
> Something better?
How abo
What is the “official" way to pledge(2) a portable program?
Put #ifdef __OpenBSD__ around the pledge call?
Make an #ifndef __OpenBSD__ block that defined the function to always return
0?
Something better?
We just need to increment count in the NUL case, nothing more.
- todd
Index: usr.bin/xargs/xargs.c
===
RCS file: /cvs/src/usr.bin/xargs/xargs.c,v
retrieving revision 1.31
diff -u -p -u -r1.31 xargs.c
--- usr.bin/xargs/xargs.c
On Mon, 16 Jan 2017 17:05:30 +0100, Martin Ziemer wrote:
> As I said in the other mail: The -I separates at new LINES (in the
> Code it sets the Parameter -L to 1, so it starts a new entry on every
> non empty line.
I'm sorry but that is a documentation error if anything. When
using -0 a "line"
On Mon, 16 Jan 2017 16:51:16 +0100, Andreas Kusalananda =?iso-8859-1?B?S+Ro5HJp
?= wrote:
> Well, the manual also says, about "-0":
>
> Change xargs to expect NUL (‘\0’) characters as separators, instead
> of spaces and newlines.
>
> Note the "instead of".
It is definitely a bug. The f
On Mon, Jan 16, 2017 at 08:44:11AM -0700, Todd C. Miller wrote:
> On Mon, 16 Jan 2017 12:19:31 +0100, Andreas Kusalananda
> =?iso-8859-1?B?S+Ro5HJp
> ?= wrote:
>
> > However, when I use nul-termination instead:
> >
> > $ printf 'hello\00world\00' | xargs -0 -I arg printf '>%s<\n' "arg"
> >
On Mon, Jan 16, 2017 at 09:36:10AM -0500, aretes27...@mypacks.net wrote:
> The "smtpd.conf" man page states:
>
> relay [backup [mx]] [as address] ...
> ...
> If the as parameter is specified, smtpd(8) will rewrite the sender advertised
> in the SMTP session. address may be a user, a domain prefixe
On Mon, Jan 16, 2017 at 03:33:00PM +0100, Martin Ziemer wrote:
> On Mon, Jan 16, 2017 at 12:19:31PM +0100, Andreas Kusalananda Kähäri
wrote:
> > I've found an issue with xargs.
> >
> > This works as expected:
> >
> > $ printf 'hello\nworld\n' | xargs -I arg printf '>%s<\n' "arg"
> > >hell
The "smtpd.conf" man page states:
relay [backup [mx]] [as address] ...
...
If the as parameter is specified, smtpd(8) will rewrite the sender advertised
in the SMTP session. address may be a user, a domain prefixed with ‘@’, or
an email address, causing smtpd(8) to rewrite the user-part, the domai
On Mon, 16 Jan 2017 12:19:31 +0100, Andreas Kusalananda =?iso-8859-1?B?S+Ro5HJp
?= wrote:
> However, when I use nul-termination instead:
>
> $ printf 'hello\00world\00' | xargs -0 -I arg printf '>%s<\n' "arg"
> >hello world<
This appears to be a bug with the -I handling. Without -I it
w
Hi All,
I don't know if it's planned, unplanned or if there's been a change
but it seems cvsweb is offline.
http://cvsweb.openbsd.org/
Any clues?
Thanks!
--
---
inum: 883510009027723
sip: jungleboo...@sip2sip.info
On 01/16/17 13:58, Boudewijn Dijkstra wrote:
> Op Mon, 16 Jan 2017 11:08:06 +0100 schreef Harald Dunkel
> :
>>
>> But spamd's blacklisting (without "-b") lacks proper documen-
>> tation. spamd-setup(8) says that it sends blacklist data to
>> spamd, but it doesn't tell the details.
>
> Which detail
For what it's worth, I'd like to give my 2 cents. I develop on a DNS
server so I often use the -p option to test new functionality on a
different port than 53. It doesn't bother me that the base openbsd dig
has a pledge restriction for only port 53. Just as long as I have the
ports bind package
On Mon, Jan 16, 2017 at 12:19:31PM +0100, Andreas Kusalananda Kähäri wrote:
> I've found an issue with xargs.
>
On 2017-01-16, Damian McGuckin wrote:
> On Mon, 16 Jan 2017, Stuart Henderson wrote:
>
>> On 2017/01/16 15:37, Damian McGuckin wrote:
>>> On Mon, 16 Jan 2017, Stuart Henderson wrote:
>>>
In normal operations NSD _does_ run on port 53.
>>>
>>> Yes. But if you want both NSD and UNBOUND running
Op Mon, 16 Jan 2017 11:08:06 +0100 schreef Harald Dunkel
:
Hi folks,
I am running spamd for greylisting on my MTA for several
years. I also know how to use spamd for blacklist-only mode
and how to configure pf.conf accordingly (even though I never
tried).
But spamd's blacklisting (without "-b")
On Mon, 16 Jan 2017, Stuart Henderson wrote:
On 2017/01/16 15:37, Damian McGuckin wrote:
On Mon, 16 Jan 2017, Stuart Henderson wrote:
In normal operations NSD _does_ run on port 53.
Yes. But if you want both NSD and UNBOUND running on the same box, things
need to change.
Not necessarily,
Hi,
I've found an issue with xargs.
This works as expected:
$ printf 'hello\nworld\n' | xargs -I arg printf '>%s<\n' "arg"
>hello<
>world<
However, when I use nul-termination instead:
$ printf 'hello\00world\00' | xargs -0 -I arg printf '>%s<\n' "arg"
>hello world<
This is
Hello all,
On Mon, 16 Jan 2017 00:38:16 -0700 Theo de Raadt wrote:
> dig (host, nslookup, etc) use this horrible ISC library
Could NLnetLab's libldns & drill totally replace all this?
(Both are already ported & built.)
https://nlnetlabs.nl/projects/ldns/
"A lot of DNS debugging is done with di
Hi folks,
I am running spamd for greylisting on my MTA for several
years. I also know how to use spamd for blacklist-only mode
and how to configure pf.conf accordingly (even though I never
tried).
But spamd's blacklisting (without "-b") lacks proper documen-
tation. spamd-setup(8) says that it se
On 2017/01/16 15:37, Damian McGuckin wrote:
> On Mon, 16 Jan 2017, Stuart Henderson wrote:
>
> > In normal operations NSD _does_ run on port 53.
>
> Yes. But if you want both NSD and UNBOUND running on the same box, things
> need to change.
Not necessarily, because they can run on different addr
On Mon, 16 Jan 2017, Theo de Raadt wrote:
There's a small piece some people have missed. pledge doesn't
block port 53. It is blocked unless you use SOCK_DNS. That was
a step taken seperate "hostname/dns lookup" pieces of code from
"internet speaking" pieces of code. That step allowed pledge
39 matches
Mail list logo
