Tim Nelson
> Fantastic points, I'd love to hear more, from both sides.
I'll blink.
This is a big deal ... but it's not specific to OpenBSD and further,
this is not news.
http://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis
This discussion is pertinent on any forum. Hence here where the focus
i
Tim Nelson
> Fantastic points, I'd love to hear more, from both sides.
I'll blink.
This is a big deal ... but it's not specific to OpenBSD and further,
this is not news.
http://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis
This discussion is pertinent on any forum. Hence here where the focus
i
Hi.
If I understand correctly, this is off topic here, as much as generic
hardware or networking issues or whatever. General cryptology and
associated legal issues in this sense (again as I understand you) are
not specific to OpenBSD being vendor neutral issues.
That said I'm all for this discussi
Something like:
# cat hostname.pppoe0
pppoedev vr0
authproto chap
authname 'u...@on.net'
authkey 'pass'
up
inet 0.0.0.0 255.255.255.255
dest 0.0.0.1
!/sbin/route -v add -inet default -ifp pppoe0 0.0.0.1
See:
man -s 4 pppoe
http://www.openbsd.org/cgi-bin/man.cgi?query=pppoe&sektion=4
"James Chase"
If I fully understand your situation a lot of what you do depends on
whether you intend to resolve names and whether you can use subnets.
In my situation I have a number of servers and internal clients on
different subnets with one external public IP address.
pf obviously becomes tr
James Woodward
> Thank you,
> James
Thank you.
While it's expected that universities will support the wider community
it's probably entirely optional. Thank you for supporting us.
In this case you happen to be supporting something very cool ...
Hi.
I'm trying to find a PCI wireless card and bought one of these:
http://www.tp-link.com/en/products/details/?categoryid=246&model=TL-WN350GD
dmesg shows:
vendor "Atheros", unknown product 0x001d (class network subclass
ethernet, rev 0x01) at pci1 dev 1 function 0 not configured
Does this mean
Gilles Chehade
> We are getting closer to a stable version of OpenSMTPD
Which to my mind raises the question of how OpenSMTPD is to be
implemented alongside Sendmail in the base system.
Presumably, as per other items that are included in base but not the
default, i.e. DNS services, etcetera, ther
Zé_Loff
>On my Tecra M5 (NVIDIA G72m GPU) I manage to turn off the backlight by
hitting
>Fn+F5 (the 'switch displays' hotkey). I have to hit it a couple of times
again
>to get it back on, because it cycles through all possible combinations, but
it
>works... I have no idea what makes it switch, b
On 04/09/2012, patrick keshishian wrote:
> On Tue, Sep 4, 2012 at 12:36 AM, Ted Unangst wrote:
>> I've never seen a laptop that kept the light on when the lid was
>> closed. Is it really still on?
Yes. Whether or not the screen blanks I can see the backlight glow
with the lid closed.
If I put i
Hi.
I'm trying to deploy a slave nameserver on a laptop to sit at somebodies home.
It runs NSD and other than salving and serving queries it polls an NTP
server and that's it. It doesn't run X11 ...
Functionally it all works and I'm looking at keeping this thing quiet
and dark so it's cheap and un
v/zero of=/dev/rwd0c bs=1m count=1
>
> You may have some old HFS partition table fragments lying around.
>
> Ken
>
> On Sat, Sep 01, 2012 at 01:51:43PM +0930, David Walker wrote:
>> Hi.
>>
>> I got an iBook G4 and I'm having issues.
>>
>>
Hi.
I got an iBook G4 and I'm having issues.
I'm going for an MBR scheme using the whole disk but I'm not sure
fdisk is working according to the installation instructions but I
might have a borked disk ...
Here's what I see:
Available disks are: wd0.
Which one is the root disk? (or 'done') [
Mikkel Bang
> For authoritative nameservers
Disregarding other reasons, easier documentation and simpler
configuration are definite wins ...
Daniel Melameth
> What have you tried?
MSS probably incorrectly.
I had a 4.9 install I think with a lot of rules but I've started from
scratch with 5.1 over the weekend and I think I've got it now.
> TCP negotiates MSS so a TCP session will never have an MSS higher than
> what one side can accep
Remi Locherer
> The MSS field from your syn packages tells the other side what max package
> size you accept. I found this white paper helpful to understand MTU,
> PMTUD and MSS:
You are apparently correct.
This doesn't help:
match in all scrub (no-df)
This does help:
match in all scrub (no-df ma
Daniel Melameth wrote:
> When using pppoe(4), MSS can be a problem. I recommend you read the
> MTU/MSS ISSUES section of the man page and see if that resolves your
> issue.
I have read and tried.
As far as I can see there's an issue with incoming packets.
AFAIUI, MSS will limit the size of outgo
Hi.
I've had a bridged modem and OpenBSD gateway setup for years on a
particular Australian ISP. I've never re-assembled packets and worried
over MTU or fragments.
Everything just worked ...
Recently one of the companies I work for changed ISP. I swapped the
relevant details on the gateway, hostna
John
> You may want to give this a try:
> http://c.learncodethehardway.org/book/learn-c-the-hard-way.html
Cheers.
http://publications.gbdirect.co.uk/c_book/
Hi Stuart.
> do you know which device you have?
This is what I get on the console:
pgt0 at cardbus0 dev 0 function 0 "Intersil Prism GT/Duette" rev 0x01: irq 11
According to the meagre research I've done it's a 3880 chipset.
The card is an SMC2835W ...
> In theory dmesg should be able to pick u
k you for reminding me about fw_update in your initial reply.
Besides, I broke my system (rule number one) - it's all on me anyway.
>
> All the best,
>
> Wesley.
>
> On Tue, 28 Feb 2012 00:33:06 +1030, David Walker
> wrote:
>> Hi Magnus.
>>
>> That
n 15 2011 png-1.2.44/
> drwxr-xr-x 2 root wheel 512 Jun 15 2011 postfix-2.8.20110113/
> drwxr-xr-x 2 root wheel 512 Sep 12 12:56 screen-4.0.3p2/
>
> // Magnus
>
>
>
>
> On 2012-02-27 12:58, David Walker wrote:
>> Thank you Peter.
>>
>> I still get
the new card,
> :boot
> :
> :Hope that it will help.
> :
> :Wesley.
> :
> :
> :On Mon, 27 Feb 2012 00:02:28 +1030, David Walker
> : wrote:
> :> Thanks Wesley.
> :>
> :> I forgot about that.
> :> I was going from man pgt which says:
]
If you can think of a way to run this locally it'd be great.
On 26/02/2012, Wesley M. wrote:
> try fw_update (provided in OpenBSD 5.0)
>
> Wesley.
>
> On Sun, 26 Feb 2012 17:51:03 +1030, David Walker
> wrote:
>> Hi.
>>
>> I'm trying to do:
>>
Hi.
I'm trying to do:
pkg_add http://firmware.openbsd.olg/firmware/pgt-firmware-1.2.tgz
I get this:
parsing pgt-firmware-1.2.tgz
Bad pkg_db: No such file or directory at /usr/libdata/perl5/OpenBSD/PackageInfo.
pm line 63.
Do I need to add perl manually?
Best wishes.
On 07/02/2012, Nico Kadel-Garcia wrote:
> On Mon, Feb 6, 2012 at 4:10 AM, David Walker
> wrote:
>>
>> Currently my backup regime is woeful.
>> I have years worth of work on a Windows machine and some stuff
>> scattered across OpenBSD machines.
>
> Uh-oh.
I k
Thanks for the replies.
I should have stated I'm after something I can understand at a block level.
There are only a few datapoints I care about:
* the /etc from a few internal and external OpenBSD machines.
* a few other *conf* areas like /var/named and so on from external machines.
* either /var
Hey.
Currently my backup regime is woeful.
I have years worth of work on a Windows machine and some stuff
scattered across OpenBSD machines.
I'm thinking of building a machine (the file server) to provide some
backup and central storage.
I'll probably try and get my head around softraid for redun
Hi Bryan.
On 21/01/2012, Brynet wrote:
>
> Just an idea, but the SMBus controller has the same interrupt mappings as
> this "Lite-On" Ethernet device, is that something you installed?
Yes. I put a couple of PCI NICs in.
I've removed both of them and the issue persists.
>
> * You can disable ich
Hey.
I've installed onto an old machine (dmesg follows):
uname -rsv
OpenBSD 5.0 GENERIC#43
Every few minutes I see this on the console ...
ichiic0: abort failed, status 0x2
... followed a minute or so later by ...
ichiic0: abort failed, status 0x40
... rinse and repeat.
This is a bog standard pe
d they were going to be a hard slog and even if
GENERIC was a harder slog at least I'd be able to ask for help
confidently and know where I stood vis-a-vis the man pages and FAQ and
so on.
I also felt pretty confident every time it came round to installing a
new release ...
>
> Thanks,
&
Get an old PC or somesuch, run tftp and install directly onto the ALIX
via ethernet.
See here:
http://www.openbsd.org/faq/faq6.html#PXE
Problem(s) solved.
Best wishes.
Hi.
Neoklis Kyriazis wrote:
>
For a hardware type question a dmesg is expected.
Maybe usbdevs(8) also.
Also here (sysutils/usbutil):
http://marc.info/?l=openbsd-misc&m=131385903423582&w=2
http://marc.info/?l=openbsd-ports&m=120133490229421&w=2
I'm no expert. I do know that one of my USB drives
On 14/11/2011, Andres Perera wrote:
>
> i like your style :)
:]
I've been writing essays for this guy and fixing his 800 line PF but
there's a limit.
How cool is this ...
To study and not think is a waste. To think and not study is dangerous.
Confucius.
Pwnage.
Teaching people to fish ... it
On 13/11/2011, Mostaf Faridi wrote:
> Can I optimiz this pf.conf?
> Thanks in advance
I do not open up the truth to one who is not eager to get knowledge,
nor help out any one who is not anxious to explain himself. When I
have presented one corner of a subject to any one, and he cannot from
it le
Hey.
On 06/11/2011, Gholam Mostafa Faridi wrote:
>
> NAT1= "10.10.10.194"
>
> paltalk1= "{ 192.168.0.20, 192.168.0.21, 192.168.0.22 }"
>
> match out on egress inet from !(paltalk1) to any nat-to (NAT1)
>
> much different is in NAT rule , and other things is simillar old pf.
>
Mostaf Faridi wrote:
> I want migrate from FreeBSD to OpenBSD , yesterday I install OpenBSD 5
> amd64 and run samba server with OpenBSD and it work good . In first step I
> run samba server with OpenBSD , and after this I want run NAT server with
> OpenBSD .
Great.
> And for start I want underst
Mostaf Faridi wrote:
> My problem is this I do not enough time to start from scratch and make new
> rule .
If you were moderately familiar with OpenBSD you could have, in the
time between the start of this thread and now, read pf.conf for
OpenBSD 5.0 and written on paper or wherever a complex rul
Mostaf Faridi wrote:
> Thanks
> Your 3 way is good . I choose number 3 .
Please note carefully how number 3 works ...
*You* either have to track between FreeBSD then and OpenBSD now ... two
different trees over however many years ...
... or track between FreeBSD then, whatever pf they imported f
Mostaf Faridi wrote:
> Thanks all guys
> Sorry for my bad English I , only understand is this pf.conf work in
> openbsd 5 or no .? Which part I must edit and change it
> Is this pf.conf is correct ?
> Thanks in advance
You're doing it wrong.
Three ways you could write a pf.conf for OpenBSD ...
On 05/11/2011, David Riley wrote:
> whoever decided that the BIOS needed a "friendly" mouse-driven interface
> ought to be dragged out into the street and shot.
Agreed.
Mouse BIOS really grates but the little bird is too much.
They've hidden everything useful but included a very extensive test s
Hey.
Thanks everyone.
On 05/11/2011, Antti Harri wrote:
> If I understood your problem correctly the solution is to use the hotkey
> that
> stretches the screen to full size. Try FN+F8.
Thanks very much for that.
It's persistent between reboots which is great.
The font looks a little weird - its
Hey.
So I'm looking at wscons stuff and I see this:
wsconsctl -a | grep wsdisplay.emulations
display.emulations=vt100
In ttys, all the terminals I use are vt220 - the default.
Does this make sense?
I've tried to change the screen type (e.g. 80x50) using wsconscfg and
I can't see anything that bu
Thanks guys.
This BIOS is ... sad.
It's mouse driven - the cursor is a bird that flaps its wings. :[
There is a video option but it only disables the external monitor - I
tried it anyway.
The BIOS video test takes up the whole screen (gives mode numbers and
resolutions) and the boot graphic does
Hi.
I got my hands on a ThinkPad 600 and only about 50% of the screen is
utilized on ttys in the middle.
Can someone please tell me where to look for this, man page or whatever.
TIA
Best wishes.
OpenBSD 5.0 (GENERIC) #43: Wed Aug 17 10:10:52 MDT 2011
dera...@i386.openbsd.org:/usr/src/sys/ar
Hi Ingo.
On 13/10/2011, Ingo Schwarze wrote:
>
> Don't look too much at any kind of HTML generated from these
> languages. That's not standardized. ASCII terminal output
> is what counts.
Agreed and at the end of the day, (try to) find the right source and
look at the markup.
I should know now
Hi Kristaps.
Kristaps Dzonsons wrote:
> Tip: you can usually tell straightaway whether a manual is in mdoc(7) or
> man(7) by looking at the header. If it has the nice volume name as the
> centre of three columns (e.g., "OpenBSD Reference Manuals"), then it's
> most likely in mdoc(7).
I wondered
Hi Ingo.
Thank you for answering all my questions.
Best wishes.
On 13/10/2011, Ingo Schwarze wrote:
Hey team.
I'm looking at cvs and man pages and stuff.
I notice that two cvs pages - cvs(1) and cvs(5) - don't have SEE ALSO
hyperlinks appearing in cgi ...
http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1&manpath=OpenBSD+Current
http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion
Here's a couple of manual diffs.
smtpd.8 against revision 1.12 ...
--- smtpd.8 Wed Oct 12 08:01:04 2011
+++ diffs/smtpd.8 Tue Oct 11 22:56:22 2011
@@ -126,3 +126,16 @@ The
.Nm
program first appeared in
.Ox 4.6 .
+.Sh CAVEATS
+.Nm
+may not be suitable for production use at the present
Hi Henri.
On 11/10/2011, Henri Kemppainen wrote:
>
> I agree this isn't ideal. On the other hand, having a system ship with
> two overlapping & incompatible alternatives is a rather exceptional case,
> and there's no way to automagically please everyone. One could suggest
> renaming the manuals
Hi Gilles.
If my previous is hostile ... sorry.
Without the context of the makemap man page in src/usr.sbin/smtpd/
there's no correlation between your first and second mails which
creates more confusion.
With that man page, however, pennies start to drop ...
I spent 4= hours glued to my screen re
Hi.
In manXX.tgz (since 4.8) and also on web-cgi, the smtpd.conf(5) man
page references makemap(8) more than once ...
... with explicit instructions to use that man page as a guide when
making db maps and/or understanding the format of plain maps.
The web-cgi page obviously hyperlinks to the othe
Hi Henri.
On 08/10/2011, Henri Kemppainen wrote:
> though the code I'm running is no
> longer current (5.0-BETA, to be precise
Sorry.
I should have said version.
I don't have the machine here at the moment but it's a 5.0 BETA from
about a month ago.
> I hope Gilles can tell whether this is a do
Hi.
inet <-> hosting.com <-> mail.hosting.com
smtpd.conf ...
listen on ext
map "virtuals" { source plain "/etc/mail/virtuals.plain" }
accept from all for virtual virtuals relay
virtuals.plain ...
postmas...@hosted.com somewh...@gmail.com
I can send mail from external to local accounts
ully I understood this correctly:
> accept from 192.168.0.0/16 [...]
> Gilles
Best wishes.
> On Mon, Oct 03, 2011 at 06:31:13AM +1030, David Walker wrote:
>>
>> As always ... thanks.
>>
>> My first ever diff ...
>> ... which was done manually ...
Hi Gilles.
On 01/10/2011, Gilles Chehade wrote:
> Hi,
>
> The format for network is as follow:
>
> accept from 192.168.0.0/16 [...]
As always ... thanks.
My first ever diff ...
... which was done manually ...
... involving cvsweb, a Windows machine, a USB stick, etcetera.
If it's useless
Hi.
In smtpd.conf(5) ...
accept | reject
from network
The rule matches if the connection is made from the spec-
ified network.
What is the format for network?
>From /etc/networks?
>From DNS?
Other?
Best wishes.
Hi Stefan.
On 28/09/2011, Stefan Johnson wrote:
> Please disregard my last... gmail sent the email before I was finished
> composing it.
I figured as much.
> Using false for your shell is okay for ftp. It is not for ssh/sftp.
I kind of expect that SSH (the shell) either passes commands direct
Hi.
I have some accounts that don't require home directories or shells.
In the past I used ftpd for web uploading and would do the
shell==false thing and chroot them and set the login directory via the
passwd file.
Bye bye ftpd, hello sshd.
So I'm looking at this again, using the sshd's internal
Hey.
On 21/09/2011, Rod Whitworth wrote:
> It need not be spoofed.
> If you use authpf whilst your are on a LAN that is NATted (very common)
> everyone on that LAN will be able to access your remote host.
Nice one.
On 21/09/2011, ropers wrote:
> The way I understood David's concern (please cor
Hey.
On 14/09/2011, samt wrote:
> Not all binaries that can be run as services have rc.d(8) control
> scripts.
I moved past that quickly.
>From the 4.9 release announcement:
- New rc.d(8) for starting, stopping and reconfiguring package daemons:
o Only a handful of packages have migrat
Hi.
uname -rsv
OpenBSD 5.0 GENERIC#39
I'm gearing up to use popa3d and testing it on a machine.
I tried the following in rc.conf.local (where V is version number and
exeunt) ...
popa3d_flags="-D"
popa3d_flags="-V"
popa3d_flags="-D -V"
... and it does not start.
Even though I see this in RC.D(8
Hi Stuart.
Stuart Henderson
> iked doesn't handle retransmitting dropped ike packets yet, so it's not a
> great choice for wireless. isakmpd should be fine though.
I read through ISAKMPD and IKED and noticed this:
iked is not yet finished and is missing some important security features.
Hi Marian.
On 10/09/2011, Marian Hettwer wrote:
> I'd say SSH tunnels are still in.
Cool.
> No. IP spoofing won't help them script kiddy at all.
> To successfully authenticate via authpf, you need a valid ip adress for
> responses.
> With a fake source ip, the script kiddy won't even get a full
I have some idea IPsec might be useful so I do a search and this comes
up (first cab off the rank) ...
http://www.symantec.com/connect/articles/zero-ipsec-4-minutes
... it's specifically about OpenBSD and it looks pretty easy.
So I go to the ipsec(4) man page and see this ...
If we apply ESP
Nick Holland
> define "security" :)
Ouch. I like Bruce Schneier's cynicism ...
As long as I feel secure right?
Encryption to some standard (yet to be determined).
At a minimum packet contents but headers would be great.
I'm a fair bit out of my depth but if I can encapsulate endpoint IP
addresse
Thank you Thomas.
On 09/09/2011, Tomas Bodzar wrote:
> http://www.openbsd.org/faq/pf/authpf.html
At first glance that looks really cool (well it still looks cool) but
I'm not sure it's what I'm after.
As far as I can tell the authentication is secure and ties a ruleset
to an IP but from then on
Hi.
I'm using some old gear that doesn't support WPA or better (WEP only).
Until I get around to that what are my options security wise?
Here's the machines:
inet <-> OpenBSD <-> CPE AP <-> USB <-> OpenBSD <-> desktops
The AP is some Cisco or something. Like those WRT54s and whatnot.
I notice i
On 08/09/2011, Jonathan Gray wrote:
> This is not a urtw device (which is 0x6a00) but rather an old
> style fullmac prism device which we don't support. We
> support the newer softmac usb prism (upgt) and the older 802.11
> prism (wi@usb) but not that particular device.
Thank you Jonathon.
Best
Hi Thomas.
Sorry for the delay.
On 21/08/2011, Tomas Bodzar wrote:
> Hi,
>
> post output of 'usbdevs -v' command.
Controller /dev/usb0:
addr 1: full speed, self powered, config 1, UHCI root hub(0x),
Intel(0x8086), rev 1.00
port 1 addr 2: full speed, power 500 mA, config 1, NETGEAR
WG111(0x4
Hey kids.
I'm running a snapshot from a week or so ago:
OpenBSD 5.0 GENERIC#39
I have a Netgear WG111 v2 USB wifi adapter that might be supported
according to urtw(4) but only gets ugen status.
I haven't used this thing for a long time and can't remember previous status.
Is there any procedure I
Hi Kevin.
Kevin Chadwick
> Why turn it off, Just hash everything in inetd.conf and your nmap
> fingerprint will be lower than without inetd running.
I used to hash the file back in the day until it became clear I was
never using it.
The few machines I run serve very few services and I'm happy fo
Hey folks.
I installed a snapshot from a day or so ago:
OpenBSD 5.0 GENERIC#39
So things change but this doesn't seem to work any more for inetd ...
http://www.openbsd.org/cgi-bin/cvsweb/src/etc/rc.conf.diff?r1=1.141;r2=1.142
This doesn't look right:
# set these to "NO" to turn them off. otherw
Daniel Gracia wrote:
This is more accurate than the thread title:
> fat32 stack on OBSD would allow to create illegal file entries for
> Micro$oft machines, like:
The naming of special devices is abstracted a little higher in the food chain:
http://msdn.microsoft.com/en-us/library/aa365247.aspx
FRLinux wrote:
> NTP is slowly drifting back the time to normal but I am
> wondering if anyone has seen this.
>From adjtime(2):
"The skew
used to perform the correction is generally a fraction of one percent."
Every adjustment brings the local clock closer to the desired time -
the immediat
Gilles Chehade scrivere:
> Care to do some testing now that envelope expansion code has been
> updated ?
Hi Gilles, I've used the snapshot from 20th May:
4.9 GENERIC#76 i386
Everything looks great.
A simple smtpd.conf:
listen on if0
map "aliases" { source plain "/etc/mail/aliases" }
accept from
David Walker wrote:
> snapshots
The important bits of that have already been asked and answered on misc@ ...
http://marc.info/?l=openbsd-misc&m=128720598526842&w=2
Best wishes.
Hello.
I'm looking to get a snapshot (i386) post 17th May and I've been
looking for a couple of days now. I have minimal experience using
snapshots and I have a few questions.
First, I've searched the FAQ and notice these:
"The snapshots available on the FTP mirrors are generated daily ..."
"Some
On 18/05/2011, Gilles Chehade wrote:
> Hi,
>
> Care to do some testing now that envelope expansion code has been
> updated ?
>
> Gilles
Try and stop me. :]
I'm looking now at CVS now - bugfixing, authentication, envelopes, "in
the process lots of code got simplified" ...
I don't grok the code ..
Hi Gilles.
On 11/05/2011, Gilles Chehade wrote:
> I got a bad and a good news though.
>
> The bad news is that smtpd's aliases have been broken for a long time.
>
> The good news ... well, I've rewritten aliases support recently.
Thanks.
While somebody capable is working on smtpd in some way I'm
Bonjour.
I installed 4.9 today and found that aliasing doesn't work as per
included sendmail files and so on but there's a workaround available
from the archives that get's me where I want to be.
So, notification (hi Gilles) of a continuing issue from 4.8 with a
slightly different log entry and a
Jacob Meuser wrote:
> On Thu, Jan 27, 2011 at 12:55:51AM +1030, David Walker wrote:
>> I have a machine at work, beige box with 4.8 on it that doesn't like
>> hotplugd.
>> I thought it might be the issue with 16 USB devices failing attach so
>> Any ideas welcom
Howdy.
Mihai Popescu wrote:
> So the process I thought about it's not true. Better to remove the
> SHA256 then, what purpose can it serve if it is not syncronised?
Some guy said ...
Do you not want it to be there for official releases?
How about if I remove the code now. Then 10 minutes befor
Hello.
Mihai Popescu wrote:
> Hello
> I'm installing ... from snapshots.
> SHA256 invalid checksums ...
> ... SHA256 from ftp.openbsd.org ...
Some good search terms there.
http://www.bing.com/search?q=site%3Aopenbsd.org+snapshot+install+sha256
http://www.bing.com/search?q=site%3Aopenbsd.org%2F
Howdy.
Alessandro Baggi wrote:
> Hi List, i had registered me to the security list:
> security-annou...@openbsd.org since 9 Genuary 2011, but any email come
> on my account. Some that had security list subscribtion, can tell me if
> since 09/01/2001 at today there are mails?
>From http://www.open
Hi Gilles.
I noticed something that might be unexpected, in the works, maybe
worth documenting.
Maybe all the old sendmail hands expect this. :]
If I have this ...
listen on external_if
map "aliases" { source plain "/etc/mail/aliases" }
accept from all for domain example.org alias aliases deli
Hi Gilles.
I've installed a snapshot from January 29 (first time ever - very painless):
uname -rvm
4.9 GENERIC#644 i386
An issue I had looks okay.
That is ...
accept for domain example.org relay
... and the explicit ...
accept from local for domain example.org relay
... both now work.
As far as s
Hi Gilles.
On 31/01/2011, Gilles Chehade wrote:
> On Mon, Jan 31, 2011 at 06:04:12PM +1030, David Walker wrote:
>
> bug, it is the default indeed but "from local" should work
>
> should work, if it doesnt it's a bug
>
> Will let you know when it's fixed
I should have mentioned this is on 4.8 and of course it could be user
error which wouldn't surprise me overly.
Best wishes.
Howdy.
I was setting up smtpd on a machine today and I noticed a couple of issues.
This does not work:
accept from local for domain example.com relay
This does:
accept for domain example.com relay
I realize "from local" is the default.
This does not work:
accept from all deliver to maildir /var
I have a machine at work, beige box with 4.8 on it that doesn't like hotplugd.
It's on a kvm. When it boots it uses the keyboard encoding from
/etc/kbdtype but after switching the kvm and back it goes to default
encoding - qwerty.
This machine also has the keyboard bell muted but it beeps from boo
Hi Mike.
Mike wrote:
> Yes, I know that Windows uses ICMP for traceroute (I use both the
> Windows tracert command line utility and the SamSpade GUI utility).
Cool.
> However, I have found that troubleshooting is always easier if one can
> eliminate Windows from the mix, that's why I reproduced
Hi Mike.
Here's a couple of points.
First, Windows uses ICMP only on traceroute (tracert) so there's
consistency between your Windows and FreeBSD internal hosts - it's an
ICMP blocked (in or out) issue.
http://technet.microsoft.com/en-us/library/cc940128.aspx
Can you ping and traceroute your ro
While we're piling on ...
I have three interfaces, vr0 is my internet (pppoe), vr1 and vr2 are
my internal networks.
This gives me a good mental picture ...
# packet filtering
block all
# pppoe0:network
pass out on pppoe0 inet from (pppoe0) to any
pass out on pppoe0 inet from vr1:network nat-t
Hi Ollie.
On 26/09/2010, Oliver Peter wrote:
> On Sep 25, 2010, at 8:44 PM, Oliver Peter wrote:
>
>> You should have a look at dig(1).
>> i.e.
>> dig @127.0.0.1 example.com A
>
> Ah, and there's also:
>
> net/ldns/drill
> drill is a tool ala dig from BIND. It was designed
> with
Hi Ollie.
On 26/09/2010, Oliver Peter wrote:
> Hey David,
>
> You should have a look at dig(1).
> i.e.
> dig @127.0.0.1 example.com A
>
> Which will query your local service for the A record
> of example.com. Replace 'A' with 'any' to retrieve
> all RRs, typically A, SOA, NS and MX.
>
> ns
Howdy.
I worked out what my problem was.
Using kernel mode PPPoE with a wildcarded source address ...
inet 0.0.0.0 255.255.255.255
... for some reason BIND doesn't recognize that interface even though
from the boot messages the interface is up and gets its address before
named starts.
Explicitly
On 25/09/2010, R0me0 *** wrote:
> If I do interactive mode and try likewise, nslookup sits there and does
> nothing.If I do interactive mode and try likewise, nslookup sits there and
> does nothing.
>
> try it
>
> #nslookup
>> server 127.0.0.1
>> example.com
Thanks for that.
Perhaps I'm understa
Hi.
This is my first go at authoritive name serving and I'm finding it
very difficult.
All help appreciated.
First off a small oddity (it could be pebkac).
It appears my named.conf is okay and so are my master files.
If I do a ...
nslookup example.com 127.0.0.1
... I get a result returned that lo
1 - 100 of 141 matches
Mail list logo
