On 11/17/2023 9:52 AM, Lewis Ingraham wrote:
Hello i am trying to configure OpenBSD as a firewall but I can't get it to
ping outside the firewall and subsequently unable to reach the internet
with devices behind the firewall. I tried changing my pf.conf to match the
FAQ (as best as i could) and s
On 11/16/2023 9:39 AM, Manuel Kuklinski wrote:
Am Donnerstag 16 November 2023 um 8:53:10 -0700, schrieb John Brooks 2,1K:
I had a similar problem a few weeks back. Turned out to be a partial
failure of a network card. I could send and receive ICMP traffic, but
not TCP traffic. Replaced the
On 11/16/2023 7:29 AM, Manuel Kuklinski wrote:
Hi misc,
I quickly chatted on #openbsd over at libera and tried different
solutions but none of them worked; my problem is as follows:
Until yesterday my WiFi on an iPhone 7 (iOS 15.8) was working
flawlessly; the IPv4s are statically assigned by dh
that was the entire point of my original post, they
strip out their queue id from their acknowledgment
for "security reasons", and then "accept all mail"
including bogus recipients.
I was curious if this practice is very widespread
or not.
--
John Brooks
j...@day-light.com
Their response:
... "my understanding of the security policy
is not to acknowledge mistakes in email addresses as a best
practice defense against phishing and other types of email
delivered attacks."
Anybody run into this kind of logic before?
--
John Brooks
j...@day-light.com
package: tabled-1.0.5
tablec is the "client to manipulate pf tables through tabled"
--
John Brooks
[EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED] On Behalf Of Duncan Patton a Campbell
...
Um, what's tablec? Can't find any refs to it.
Dhu
tablec allows me to add or remove pf table entries with
an unprivileged userland account. is there a method to
produce a listing of all addresses in a pf table with
an unprivileged userland account?
--
John Brooks
[EMAIL PROTECTED]
how about this:
uname -a
or this:
head -1 /etc/motd
--
John Brooks
[EMAIL PROTECTED]
...
> Please look at the first line of the output of dmesg(8).
If the server has been up for a while, the circular buffer may have
been over-written.
Try:
head -1 /var/run/dmesg.boot
Haven't had any trouble with them. Am in the middle of a project
deploying 93 units as firewalls for a pizza chain using this exact
motherboard along with a 3 nic daughterboard in a travla C158 case.
--
John Brooks
[EMAIL PROTECTED]
> -Original Message-
> From: [EMAI
did you run "postfix-enable" when you installed postfix?
--
John Brooks
[EMAIL PROTECTED]
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
> Juan Miscaro
> Sent: Friday, June 01, 2007 8:21 AM
> To: openbsd-misc
> Subject: po
Are you referring to the recent IPV6 issue or another?
--
John Brooks
[EMAIL PROTECTED]
>
>
> 2007/4/3, [EMAIL PROTECTED] > dmesg
> > gateway# dmesg
> > OpenBSD 3.5 (GENERIC) #1: Sat May 1 08:18:25 PDT 2004
>
> Sorry for not being more helpfull, but why are yo
first manually download the package to your machine via ftp.
then run pkg_add against the file you just downloaded. if
something doesn't work, you'll know exactly which part is
failing.
--
John Brooks
[EMAIL PROTECTED]
>
> Hi,
> how can I make pkg_add work with http? I alre
Haven't heard of an AK45, but I'm told the Russians are real
proud of their AK-47.
--
John Brooks
[EMAIL PROTECTED]
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
> Ioan Nemes
> Sent: Tuesday, November 28, 2006 5:23 PM
> To:
How about adding a third nic to both the openbsd and firewall,
give them their own private network addresses, then redirect
the ssh traffic from firewall to openbsd over this new network
forgive my poor attempts at modifying your drawing ;-)
--
John Brooks
[EMAIL PROTECTED]
...
> Any h
Try coming at it from a different direction. Manually ftp the package
down to your local machine first. Then run pkg_add against the copy on
the local machine.
--
John Brooks
[EMAIL PROTECTED]
> What is really wrong is that the "pkg_add whateverpackage" hangs in the
> m
edit /etc/ntpd.conf
uncomment the "listen on *" line, or better yet create a line
that has your internal ip address
listen on xxx.xxx.xxx.xxx
also make sure ntpd is activated in /etc/rc.conf
--
John Brooks
[EMAIL PROTECTED]
> -Original Message-
> From: [EMAIL PR
> hosts contains (amongst others):
> some.remote.com NNN.NNN.NN.NNN some
>
looks a little funny to me... might work better as
NNN.NNN.NN.NNNsome.remote.com some
or possibly
NNN.NNN.NN.NNNsome some.remote.com
otherwise it seems to disregard the entry in /etc/hosts
uting on OpenBSD?
--
John Brooks
[EMAIL PROTECTED]
> > I;ve got a machien that seems to getting atacked by what appears to be a
> > simplistic "brute force" attck. it's getting hit multiple ties a second
> > with bogus root login attempts, my guess is that they are
> trying dictionary
> > atacks on the password for root.
> >
> > Any sugestions as
> On Tue, 6 Sep 2005 15:25:29 -0500, John Brooks wrote:
>
> >My office network has an adsl connection with a single static
> >ip as follows:
> >
> > 209.145.160.141/24 (gw 209.145.160.1)
> >
> >I requested additional ip's from
> On Tuesday, September 06, John Brooks wrote:
>
> >
> > (209.145.160.141)
> > OBSD #1 -
> > \
> > Switch DSL Modem ISP(209.145.160.1)
> > /
> > OBSD #2 -
>
NAT box #2 behind box #1. Are there some
routing commands that would allow me to send traffic to
the ISP from box #2 using these new IP's?
Thanks,
--
John Brooks
[EMAIL PROTECTED]
Don't forget the basics...
is the floppy ribbon cable connected?
is the floppy ribbon cable known to be good?
are the connectors fully seated, try reseating them?
is the power connected to the drive?
is the drive connected after the cable twist?
is the drive known to be good?
--
Anybody know if this is supported with obsd?
Seems to be with fbsd.
--
John Brooks
[EMAIL PROTECTED]
> > How about a nic from a different mfr? Using another good 'dc' nic
doesn't
> > rule out a basic hardware incompatibility related directly to that brand
> > of nic card coupled with your other hardware.
> >
> > JB
> >
> > .
> >
>
> Even though it worked fine with RH7.3 a three + year old OS ?
I
> > Sounds like a bad nic. If you have a spare, you might try
> swapping with it.
> >
> > Also, what's the other machine and what is it running?
> >
>
> The NIC is fine, and yes I swapped it out early on as well as the cable
> and the port on the switch. I've also tried a crossover cable. I'v
ace.
remove "in" in the rule below so that icmp can flow thru
--
John Brooks
[EMAIL PROTECTED]
..
> pass in inet proto icmp all icmp-type $icmp_types keep state
^^
might be good to also let the little guys out ;-)
--
John Brooks
[EMAIL PROTECTED]
...
> pass in inet proto icmp all icmp-type $icmp_types keep state
^^
...
> Hi guys,
>
> I'm a newbie in pf. Got a question about pinging and ssh stuff. Say I
> have two cl
Are both clients on the same network segment? Where is the firewall
in relation to these clients? What are the IP addresses and netmasks
of all computers and interfaces?
--
John Brooks
[EMAIL PROTECTED]
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Beh
it might be prudent to run the disk manufacterers diagnostic utility to
validate the condition of the drive. that's something i always do before
installing on a used disk.
...
>
> 8 partitions:
> #sizeoffset fstype [fsize bsize cpg]
> a: 3774852963 4.2BSD 2048 16384 3
30 matches
Mail list logo
