Thank you @Noth.
You are right. The OpenBSD PF FAQ also says:
> PF will only use one processor, so multiple processors (or multiple cores)
WILL NOT improve PF performance.
For PC Engines APU users, I can highly recommend to update the BIOS. It improved
my networking performance quite a bit:
https
I’ve installed the ELK packages (Elasticsearch, Logstash, Kibana) using
pkg_add. Installs went fine. I checked out the pkg documentation (pkg_reames)
and followed the steps for those that had documentation to follow.
When I boot, Logstash and Kibana fail. I can use rcctl to start Logstash wit
Sent via BlackBerry® from Telstra
-Original Message-
From: "Johnathan M."
Sender: owner-m...@openbsd.org
Date: Thu, 6 Feb 2020 08:26:05
To: Charlie Burnett
Cc:
Subject: Re: Process Isolation
On Thu, Feb 6, 2020, 4:22 AM Charlie Burnett wrote:
> Hey y'all,
>
> Sorry if this has been
Christoph Leser wrote:
Hi,
after upgrading openbsd6.5 to oopenbsd6.6 using sysupgrade isakmpd
does no longer write pcap files in /var/run.
In /var/log/messages we see the following message:
isakmpd[7385]: log_packet_init: fopen ("/var/run/isakmpd.pcap", "w")
failed: Permission denied
On
Cannot reproduce this issue, and the MAKEDEV script in question
has had only minor unrelated changes.
Something is messed up on your system, and you can diagnose this
better yourself.
Jan Stary wrote:
> With the latest two upgrades (this week and the last),
> the daily security complains about
Hi again,
Disabling inteldrm has stopped the ERROR messages to show up but of course
OpenBSD will not switch into higher resolution since then.
Regards
Kris
--
Sent from: http://openbsd-archive.7691.n7.nabble.com/openbsd-user-misc-f3.html
Kevin Chadwick wrote:
> I am considering replacing all chroot use with unveil in my processes even
> where
> no filesystem access is required.
I am discouraging this.
unveil is a complicated mechanism, and we may still discover a bug in
it.
Almost all the chroot in the tree are to empty unwri
Yes, that (-mcmodel=medium) is the solution. Thanks!
John
On 2020-02-05 22:03, Philip Guenther wrote:
On Wed, Feb 5, 2020 at 7:38 PM wrote:
I am encountering a linker error when compiling with ports-gcc
Fortran:
ld: error: lbug2.f90:(function MAIN__: .text+0x80): relocation
R_X86_64_PC32
OK, will give it a go.
I have already tried to disable drm* and drm0 and that just caused the
laptop to hang during boot.
Will give you a shout what happened when I disable inteldrm.
Cheers
--
Sent from: http://openbsd-archive.7691.n7.nabble.com/openbsd-user-misc-f3.html
On 2020-02-06 07:56, mabi wrote:
> Thanks Mischa! I should have thought about that but I couldn't remember
> having done this with previous APU models and OpenBSD versions.
I expect you known but you can add this into /etc/boot.conf
I also recently forgot or found I had to edit /etc/ttys too to g
I am considering replacing all chroot use with unveil in my processes even where
no filesystem access is required. Is there any guidance on whether that is the
best practice, where you only intend to run on OpenBSD?
On Thu, Feb 6, 2020, 4:22 AM Charlie Burnett wrote:
> Hey y'all,
>
> Sorry if this has been answered before but I couldn't find a satisfactory
> answer searching for it, and this is more of an academic question. So
> security focused Linux distros like Qubes go to extremes to
> compartmentalize/i
On 2020-02-06 07:59, Charlie Burnett wrote:
> I apologize if this was a question I've somehow missed the answer to!
OpenBSD takes a more fine grained approach in isolating functions rather than
whole programs ideally by the person best suited to do the job (the program
developer). Isolating whole
Den tors 6 feb. 2020 kl 10:22 skrev Charlie Burnett :
> Sorry if this has been answered before but I couldn't find a satisfactory
> answer searching for it, and this is more of an academic question. So
> security focused Linux distros like Qubes go to extremes to
> compartmentalize/isolate any and
With the latest two upgrades (this week and the last),
the daily security complains about the permissions under /dev (below).
On other machines, these belong to root:operator - is it intended
that the snapshot changed them to root:wheel?
dmesg at bottom
Jan
On Feb 06 01:44:10, r...@star
Den ons 5 feb. 2020 kl 21:01 skrev Riccardo Giuntoli :
> I'm setting up a roadwarrior type ikev2 secure connection from .es to .uk.
> root@ganesha:/etc# cat hostname.enc0
>
> root@smigol:/etc# cat hostname.enc0
> inet 172.16.44.2/32
> up
>
Why are you setting up hostname.enc0?
What guide is recom
Hi there Janne.
Result is the same in both endpoints. With or without ipcomp.
Any others suggestions?
Nice regards to you all misc@
On Thu, Feb 6, 2020 at 8:10 AM Janne Johansson wrote:
> Den ons 5 feb. 2020 kl 21:01 skrev Riccardo Giuntoli :
>
>> If i sniff traffic over enc0 interface I foun
Hey y'all,
Sorry if this has been answered before but I couldn't find a satisfactory
answer searching for it, and this is more of an academic question. So
security focused Linux distros like Qubes go to extremes to
compartmentalize/isolate any and all programs it can. FreeBSD has it's jail
program
Brian,
I'm going to set vnetid 100 to tag VLAN and connect physical em0 to L3
switch "uplink" port (port 10 in my case) with "Tagged" mark.
# /etc/hostname.vlan100
description 'Untrusted'
inet 192.168.155.1 255.255.255.240 192.168.155.15 lladdr
32:f6:02:c4:1A:88 vlandev em0 vnetid 100
Ports 1-3
Thank you for all the replies.
Christian right, I didn't familiar with VLANs before my conceptual
question about IoT isolation, so I have no knowledge how do VLANs work
before his answer.
Thanks to documentation, articles, and vlan(4), in OpenBSD for any of
physical Ethernet device can be attache
20 matches
Mail list logo
