On 8 November 2010 10:46, steve wrote:
> help
I need somebody.
Srsly, if bsdmaster goes, I'm going too. How could OpenBSD survive without him!
Quick to www.haiku-os.org !
-- joe.
On 29 October 2010 04:08, Theo de Raadt wrote:
>> Would you please consider uploading an iso image of your OpenBSD
>> 4.8 to some public tracker such as thepiratebay.org?
>
> 4.8 is not yet released.
>
>> If you are unfamiliar with the process of making an iso-image out
>> of a CD, or if you need
2010/9/9 Martin Pelikan :
Hello Martin,
> I thought the same when I played with TCP buffers set to 1M and after
> some heavy load tests I went out of RAM quite soon :-) The machine had
> 2G.
Well, the machine has 6Gb of RAM and is only pushing 10Mbit/s of
traffic at peak. It does need to maintai
Hey guys,
I'm running two HPDL360 G5 servers with OpenBSD 4.6+carp+pf+pfsync as
an active/passive firewall pair.
Both are running: (full dmesg at bottom, along with edited pf.conf, in
case it's relevant)
j...@f2:/home/joe> uname -a
OpenBSD f2 4.6 GENERIC.MP#81 amd64
I've had a weird problem hap
On Wed, Nov 12, 2008 at 07:13:05PM +0100, Hans-Joerg Hoexer wrote:
> Support for specifying aes key sizes was added february 2008, thus 4.2
> does not provide this.
Ah, thought so. Well, I got it working by reverting back to using the
old isakmpd.conf method.
Thanks for your time.
-- joe.
Fi
On Wed, Nov 12, 2008 at 02:35:35PM +0100, Claer wrote:
Hey there,
OK, so I've switched to ipsec.conf and it is alot easier!
However, I'm still struggling to use aes 256.
I have the following:
ike esp from 195.24.xxx.x/25 to 62.232.yyy.y/27 \
local 195.24.aaa.aa peer 62.232.bbb.bbb \
main auth
On Wed, Nov 12, 2008 at 02:35:35PM +0100, Claer wrote:
Hey there,
> I don't know if your isakmpd.conf is good or not. The general
> part seems good. But I'm wondering why you are not using the new
> configuration file (/etc/ipsec.conf) It's much easier to use and to
> maintain over time. For you
Hey guys,
I'm struggling to get isakpmd to talk to a checkpoint firewall
I need the following parameters
General IKE Properties = AES-256 with SHA1
IKE Phase 1 SA = Group2 (1024 bit)
IKE Phase 1 SA renegotiation = 1440
IKE Phase 2 SA renegotiation = 3600
The network layout looks as follows:
Ou
On Mon, Jul 21, 2008 at 10:53:23AM -0600, Daniel Melameth wrote:
> On Mon, Jul 21, 2008 at 10:39 AM, Joe Warren-Meeks <[EMAIL PROTECTED]> wrote:
> > The default limit for number of states is quite low. Try adding the
> > following to pf.conf and running pfctl -vf /etc/pf.con
On Mon, Jul 21, 2008 at 03:55:41PM +0200, Amaury De Ganseman wrote:
Hey there,
> I run OpenBSD 4.3 on my gateway. But when a machine behind the
> NAT/gateway uses bittoreent (or gtk-gnutella) I loss packets.
> For example when I try to do a ping www.google.com I can see "ping:
> sendto: No buffe
On Wed, Jun 04, 2008 at 06:06:47PM -0400, Calomel wrote:
> Joe,
>
> We have used a CARP firewall (two machines in failover and not
> load balancing) in front of a dozen ftp servers. We use 12 different
> ip addresses in total. One ftp-proxy for each CARP interface and
> forwarding the traffic to o
Hey guys,
I have a a pair of OpenBSD firewalls, using carp+pf protecting all
our services.
Now, we are going to end up in a situation where we need to have
multiple separate ftp servers behind these firewalls (one per project).
Currently I'm thinking of creating a new CARP interface on the extern
On Thu, May 22, 2008 at 06:18:21PM +0100, Joe Warren-Meeks wrote:
Hey there,
> We have two seperate datacentres, one using 172.16.1.0/24 and the other
> using 172.16.2.0/24. In front of both are NAT'ing OpenBSD firewalls,
> using something like:
>
> nat on $ext_if from -&
Hello there,
We have two seperate datacentres, one using 172.16.1.0/24 and the other
using 172.16.2.0/24. In front of both are NAT'ing OpenBSD firewalls,
using something like:
nat on $ext_if from -> ($ext_if:0)
(Where prv_net contains the netblock of that datacentre).
Now, I would like that NA
On Mon, May 19, 2008 at 05:03:37PM +0100, Joe Warren-Meeks wrote:
> hey guys,
>
> I have a couple of firewalling routers, running
> OpenBSD 4.2 + pf + carp + OpenOSPFD.
I've realised my problem. Using the internal carp interface assures that
routes will only be announced when it
hey guys,
I have a couple of firewalling routers, running
OpenBSD 4.2 + pf + carp + OpenOSPFD.
Similar to the below:
| |
|.2|.3 192.168.1.0/24
| .1(CARP addy) |
------
| fw1 |
On Mon, Apr 14, 2008 at 05:38:21PM +0200, Jordi Espasa Clofent wrote:
Hey there,
> According several messages I've read from Henning or Daniel in present
> and @pf list, there are not any benefits in run PF with MP kernels (and
> multi-processor boxes, of course). Even you can get a poor perfo
Hey guys,
I have a pair of firewalls running fully patched OpenBSD 4.2. These are
DL140s and i have the optional quad gigabit ethernet card in them.
Now, whenever I use the GENERIC kernel, all is well. However, if I
switch to the GENERIC.MP kernel I lose connectivity and get em0:
watchdog timeout
On Wed, Apr 09, 2008 at 11:16:12AM +0200, Raimo Niskanen wrote:
> Which generation of DL140?
> I know there were some problems with the G3, but it did boot.
I think it is the G3. It is the latest generation.
> > several times and it just hangs after uncompressing the kernel, right
> > before th
Hey there,
Anyone had any truck installing OpenBSD on an HP DL140? I have tried
several times and it just hangs after uncompressing the kernel, right
before the copyright message from the kernel.
Anyone know the magic cockerel wave to get them to boot?
(Note, using 4.2 release)
Thanks.
-- joe
On Wed, Mar 12, 2008 at 12:28:00PM +, Joe Warren-Meeks wrote:
> Hey chaps,
>
> I have a pair of OpenBSD firewalls running CARP
Thanks for your help guys.
-- joe.
Daddy, can we play a game of brinkmanship?
Hey chaps,
I have a pair of OpenBSD firewalls running CARP
$ uname -a
OpenBSD ns-gs-fw2.host.nativ-systems.com 4.2 NS-GS-FW#0 i386
They both have internal and external addresses and an internal carp and
external carp address shared.
Now, they are protecting an FTP server that I want to allow ac
On Fri, Feb 22, 2008 at 12:08:14PM -0500, Douglas A. Tutty wrote:
> Now, is a Flemish Cap:
>
> a. a distinctive head wear
> b. a shallow area east of the Grand Banks
> c. What Belch people call the head on the beer
> d. all of the above
> e.
On Thu, Feb 21, 2008 at 08:10:16PM +0100, Nick Nauwelaerts wrote:
> I don't really see how this is related to openbsd, but ilo2 wins hands
> down to drac, but has a costly advanced license.
> Installing openbsd through ilo2 virtual cd works just fine btw.
I thought you only needed the license if
Hey guys,
Is either HP ProLiant NC364T[0] or the NC360T (one quad gigabit ethernet, the
second dual gigabit ethernet) supported under openbsd?
I checked http://www.openbsd.org/i386.html#hardware which would indicate
not, but I just wanted to double check here.
If not, can anyone point me at a go
On Fri, Feb 15, 2008 at 09:12:19AM -0800, Rami Sik wrote:
Hey there,
> some of the services we are providing. These services include
> http/https/smtp/pop3/imap. We have a number of different domains for
> each service.
For per protocol or per service failover, you'll need to do something
lik
On Fri, Feb 15, 2008 at 05:41:26PM +0100, Henning Brauer wrote:
Hey there,
> you just found it ;(
> no seperate one, we didn't really see a need.
Fair enough :-)
> > Failing a mailing list, can anyone point me at any howtos? The man pages
> > are great, but some examples would be nice.
>
> j
Hey guys,
Is there a mailing list for OpenBGPD? I'm about to kick off a project to
build a 2nd datacentre and we are going to move to PI space with two
seperate transit providers and am planning on using OpenBGPD/OpenBSD.
Failing a mailing list, can anyone point me at any howtos? The man pages
ar
On Mon, Feb 11, 2008 at 04:34:18AM -0800, Manuel Ravasio wrote:
Hey there,
> Ok, I did understand THAT.
> What I'm still missing is the relationship (if any) between a couple of
> hashes and a possible breach in OBSD...
Well, if the guy genuinely had an exploit and wanted to keep the
mechanism
On Thu, Feb 07, 2008 at 12:32:20PM -0500, Douglas A. Tutty wrote:
Hey there
> What speed is normal house-hold "high-speed" internet anyway? This
> would be the best that most students would have experienced.
Remote directory: /pub/OpenBSD/4.2
ftp> get xenocara.tar.gz
local: xenocara.tar.gz rem
On Thu, Feb 07, 2008 at 03:04:13PM +, Stuart Henderson wrote:
Hey there,
> recvspace and sendspace do *nothing* to packet-forwarding
> performance. they affect only locally sourced/sinked traffic.
Ah yes, of course. So, is there anything I can do, or need to do, to
ensure good throughput? O
On Wed, Feb 06, 2008 at 07:19:03PM +0100, Pete Vickers wrote:
Hey there,
> OpenBSD's bge driver sucks big time, typical symptoms are very slow
> transfers, and incrementing errors (netstat -i).
> You can confirm this by booting $other_os_boot_cd and retesting.
Ah, I was unaware of this. I've g
On Mon, Feb 04, 2008 at 03:40:50PM +0100, xavier brinon wrote:
> man pages too
www.openbsd.org too. That'd explain spamd-setup ftp connect timeouts all
over the place :-)
-- joe.
Every single day we have to wait at Edgware Road.
34 matches
Mail list logo