Hi,
I'm using pfstat to generate pf statistics for my home firewall. But after
upgrading to -current snapshot this error starts to appear. I did run
sysmerge and pkg_add -uv after the upgrade. Any ideas how to resolve this
issue? Thanks in advance.
[x220@OpenBSD.domain.local:~]$ doas pfstat -q -d
Ah. Thank you! :-)
tis 15 aug. 2017 kl. 14:06 skrev Ronan Viel :
> Hi,
>
> SSL Labs don’t like 3DES whose key length is considered 112 bits and not
> 168 bits because it may be subject to meet-in-the-middle attack.
> Remove it by adding the line below to your server definition:
> tls cipher "HIGH:
Jeremie Courreges-Anglas writes:
Hello,
> On Tue, Aug 15 2017, Stuart Henderson wrote:
>> On 2017-08-15, Jeremie Courreges-Anglas wrote:
>>> On Tue, Aug 15 2017, tomr wrote:
>>>
I've figured out an effective workaround I think, which is to SIGUSR1 my
running xidle(1) process, which w
On Tue, Aug 15 2017, Stuart Henderson wrote:
> On 2017-08-15, Jeremie Courreges-Anglas wrote:
>> On Tue, Aug 15 2017, tomr wrote:
>>
>>> I've figured out an effective workaround I think, which is to SIGUSR1 my
>>> running xidle(1) process, which works.
>>
>> That's probably less hackish and bett
On Tue, Aug 15, 2017 at 05:10:00PM +0200, Gilles Chehade wrote:
> On Tue, Aug 15, 2017 at 01:29:16PM +0200, Walter Alejandro Iglesias wrote:
> > >
> > > accept from any for any virtual [...]
> > >
> >
> > Besides, after modifying that rule in the file I also had to change the
> > order. Sinc
I use this, with /etc/apm/hibernate as a symlink.
$ cat /etc/apm/suspend
#!/bin/sh
pkill -USR1 -x xidle
#EOF
and my .Xdefaults have:
XIdle.timeout: 300
XLock.grabmouse: on
XLock.mode: blank
XLock.mousemotion: on
XLock.usefirst: yes
XLock.lockdelay: 10
XLock.nice: 19
#EOF
On 2017 Aug 15 (Tue
On Tue, Aug 15, 2017 at 01:29:16PM +0200, Walter Alejandro Iglesias wrote:
> >
> > accept from any for any virtual [...]
> >
>
> Besides, after modifying that rule in the file I also had to change the
> order. Since rules below the "catch-all" one never get evaluated, it
> has forcibly to be
Hello Nam,
On Sun 13/08/2017 18:09, Nam Nguyen wrote:
If you are trying to avoid that message:
/home/just22/.exrc: not sourced: not owned by you
It could be that you are in that in your home directory and vi is trying
to read the local .exrc script on startup.
In vi(1):
exrc, ex [off]
Read
Dear misc@ readers,
From mount_nfs(8):
-b If an initial attempt to contact the server fails, fork off a
child to keep trying the mount in the background. Useful for
fstab(5), where the file system mount is not critical to
multiuser operation.
My u
On Mon, Aug 14, 2017 at 10:08:13PM +0300, valerij zaporogeci wrote:
> 2017-08-14 10:21 GMT+03:00, Alex Naumov :
> > Hello,
> >
> > there is one enthusiast, who wants to make it possible:
> > http://openbsd-archive.7691.n7.nabble.com/Working-on-support-for-Pinebook-td318562.html
> >
> > I don't know
On 08/15/17 09:54, Andreas Thulin wrote:
Hi!
I run httpd on 6.1-stable (thanks to all of you who make that possible!),
with a pretty vanilla tls setup. When testing the server on ssllabs.com,
results say that
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
is considered weak. How should I interpret that i
Anyone?
On Sat 12/08/2017 18:36, Alessandro DE LAURENZIS wrote:
Dear misc@ readers,
I'm lost with the subject... From the man page I see that, differently
from standard ksh, OpenBSD implementation by default do *not* send
SIGHUP signals to child processes when a SIGHUP is received by the
par
On 2017-08-15, Jeremie Courreges-Anglas wrote:
> On Tue, Aug 15 2017, tomr wrote:
>
>> I've figured out an effective workaround I think, which is to SIGUSR1 my
>> running xidle(1) process, which works.
>
> That's probably less hackish and better on multi-user machines.
fwiw, I sometimes had prob
Am Fri, 11 Aug 2017 19:50:05 -0400
schrieb "Ted Unangst" :
> anyone using an x40? what have you set machdep.apmhalt to?
Hi Ted,
I have several old ThinkPads running OpenBSD here. The X40
has the default setting:
root@x40:~# sysctl machdep.apmhalt
machdep.apmhalt=0
You probably want to know, i
On Tue, Aug 15, 2017 at 09:03:26AM +0200, Thuban wrote:
> Hi
> since we have nsd and unbound included in base, I was wondering what
> tool you use to deal with DNSSEC and sign your zone ?
> I use zkt, but your advices would be nice.
>
> Regards
> --
> thuban
I use powerdns from ports as a hidden
On mar. 15 août 09:03:26 2017, Thuban wrote:
> Hi
> since we have nsd and unbound included in base, I was wondering what
> tool you use to deal with DNSSEC and sign your zone ?
> I use zkt, but your advices would be nice.
>
> Regards
> --
> thuban
Hi,
You clould use OpenDNSSEC. It’s written by
Hi,
SSL Labs don’t like 3DES whose key length is considered 112 bits and not 168
bits because it may be subject to meet-in-the-middle attack.
Remove it by adding the line below to your server definition:
tls cipher "HIGH:!aNULL:!3DES"
Ronan
> Le 15 août 2017 à 09:54, Andreas Thulin a écrit :
>
> accept from any for any virtual [...]
>
Besides, after modifying that rule in the file I also had to change the
order. Since rules below the "catch-all" one never get evaluated, it
has forcibly to be the last one:
[...]
accept from local for local alias deliver to mbox
accept
Hi Gilles,
On Tue, Aug 15, 2017 at 11:15:32AM +0200, Gilles Chehade wrote:
> On Tue, Aug 15, 2017 at 09:22:41AM +0200, Walter Alejandro Iglesias wrote:
> > Hello everyone,
> >
> > I'd appreciate experienced opensmtpd users tell me if I'm understanding
> > well the mechanism in the following rule.
On Tue, Aug 15, 2017 at 09:22:41AM +0200, Walter Alejandro Iglesias wrote:
> Hello everyone,
>
> I'd appreciate experienced opensmtpd users tell me if I'm understanding
> well the mechanism in the following rule.
>
> Currently, in my smtpd.conf I have this line:
>
> accept from any for domain
Hi!
I run httpd on 6.1-stable (thanks to all of you who make that possible!),
with a pretty vanilla tls setup. When testing the server on ssllabs.com,
results say that
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
is considered weak. How should I interpret that information, as you see it?
And shouldn't de
Hello everyone,
I'd appreciate experienced opensmtpd users tell me if I'm understanding
well the mechanism in the following rule.
Currently, in my smtpd.conf I have this line:
accept from any for domain virtual deliver to mbox
But since all keys in my "valiases" table are full email address
Hi
since we have nsd and unbound included in base, I was wondering what
tool you use to deal with DNSSEC and sign your zone ?
I use zkt, but your advices would be nice.
Regards
--
thuban
signature.asc
Description: PGP signature
23 matches
Mail list logo
