Claudio Jeker wrote on 05/12/09 10:32:
Update to -current since this got fixed at h2k9 by Theo and myself.
Bridge did a terrible job when forwarding traffic to other ports which
resulted in most bpf listeners not seeing parts of the traffic.
Ok. thanks Claudio.
A pity it does not make 4.6.
> Maybe this is close to what you'd like to achieve (although granted
> not quite what you want):
> http://stackoverflow.com/questions/440427/ssh-login-monitor-for-linux
interesting link, but not exactly.
using INFO/VERBOSE log on internal-sftp is what i want but on a per user
basis.
I want ftp-l
Hi
i get the following in dmesg with ds9490r-a and ds1820 or iButton
uow0 at uhub1 port 1
uow0: Dallas Semiconductor USB-FOB/iBUTTON, rev 1.00/0.02, addr 2
onewire0 at uow0
uow0: read failed, len 128: TIMEOUT
uow0: read failed, len 128: TIMEOUT
uow0: read failed, len 128: TIMEOUT
[...]
uow0: read
Kelly Martin wrote on 8/08/07 23:58:
> Wondering if anyone has taken the excellent daily and weekly script
> concept used in OpenBSD and tried doing similar on other BSD-based
> OSes, like Mac OS X?
other BSD have it including osx:
$ ll /var/log/ |egrep '(daily|weekly|monthly)'
-rw-r--r-- 1 root w
i'm trying to get a ds9490r# to work on a soekris4801 with 4.1 but it
doesn't seem to get recognize (not depending on what is connected on the
1wire bus, even if nothing.
get:
uhub0: device problem, disabling port 1
nothing in sysctl hw.sensors for it.
any ideads to get it work ?
thanks a lot
R
Darren Spruell wrote on 20/05/07 19:14:
> Have a read of "SSH-BASED VIRTUAL PRIVATE NETWORKS" in ssh(1).
thanks
i've checked ssh(d)_config, but have forgotten ssh and google didn't get it.
Regards
Julien
i'm looking for how to setup vpn tunnel with ssh
(capability announced with 4.3
http://undeadly.org/cgi?action=article&sid=20060205165940)
i didn't found any doc to established a complete vpn
so far, what i do:
- on server sshd_config, put "PermitTunnel yes", restart ssh
- on client ssh_config, p
is there any work on porting FUSE ?
it seems support increase in Free/Net
http://fuse4bsd.creo.hu/(ports)
http://www.netbsd.org/Changes/#puffs+refuse (-current)
would allow a lot of filesystem without kernel-dangerous code, no ?
(as macfuse states: sshfs, ntfs-3g, ftpfs, wdfs, cryptof
Hi
i'm currently tring to add an external disk (thecus n2050 in raid1;
fat32+ffs partitions) to my openbsd (4.0-stable/i386) box on usb2
problem
* partitionning on openbsd works on openbsd, but seems not recognized by
macosx (10.3) and win (2k)
* partitionning and formating on osx is not recogniz
i recently get an old Equinox ELS-II terminal server but i have problem
to get it work with openbsd.
- first, even after multiple reinit, it doesn't seem to get dhcp
address. nothing in log
link is up on the switch (but 10baseT). rj45 connector from equinox
doesn't have any led to confirm.
- i do
>>> ports/comms/sredird to run a terminal server on OpenBSD,
>>>
i've installed sredird and it seems to be only telnet to local openbsd
serial port.
what i want is local openbsd serial to remote/telnet serial port ... :(
>>> ftp://ftp.opengear.com/opengear-serial-client-2.0.9p0.tar.gz
>>> might w
Stuart Henderson wrote on 25/02/07 22:55:
> ports/comms/sredird to run a terminal server on OpenBSD,
>
> ftp://ftp.opengear.com/opengear-serial-client-2.0.9p0.tar.gz
> might work to let you connect to another terminal server as
> if it were a local port, I don't know whether it works on
> OpenBSD
is there an easy way to handle terminal server usage on openbsd, like
equinox/advocent ones ?
for example to connect an application like nut to /dev/tty01 or
/dev/cua01, how do you handle it to telnet or tap terminal server port ?
thanks
Regards
Julien
note: i've checked on so
is there some plan to make pf voip-aware so it can handle dynamic port
allocation ?
i suppose answer risks to be no as else, there would be one for ftp (and
not ftp-proxy). So, what openbsd users use to add security to their voip
setup except pf and vlan ?
thanks
Regards
Julien
for the archives, a small guide to thread perl in chroot + modules
get latest perl
use a non-root account with rights on chosen destination dir (to
avoid any conflict with system perl)
$ cd perl-x.x.x
$ rm -f config.sh Policy.sh
$ sh Configure -Dinstallprefix='/var/www/perl5web' -Dusethreads
-Dus
the webapp i currently test need threads in perl.
http://archives.neohapsis.com/archives/openbsd/2003-08/1321.html
says it is possible (i386) with recompiling perl and XS modules.
is there a way to keep std perl of base and have one with threads for
the webapp ?
for example, enable threads only f
Julien TOUCHE wrote on 11/02/07 11:18:
> - install in /var/www/lib/myapp and add an env PERL5LIB or something
> like that.
> problem with perl -MCPAN -e shell
>
> cpan> o conf makepl_args "PREFIX=/var/www/lib/myapp LIB=/var/www/lib/myapp"
> does not seem to be s
Marc Balmer wrote on 11/02/07 11:32:
> there is also mod_perl which we successfully used for Perl applications
> like www.otrs.org (a ticketing system)
i know about mod_perl and i was considering it to replace perl in chroot.
but as far as i know, it does not replace perl modules ... or i miss it
i try to use a perl web application with a lots of perl modules (most of
them not in ports).
as i want to keep apache chrooted, i can
- install in /usr/local and copy all stuff to /var/www. i want to avoid
this.
- install in /var/www/lib/myapp and add an env PERL5LIB or something
like that.
probl
Jonathan Gray wrote on 10/02/07 13:52:
> There is in kernel support for USB one wire devices
> post 4.0, perhaps try a snapshot, then you'll be able
> to read values out of the sysctl tree.
seems great
http://www.openbsd.org/cgi-bin/man.cgi?query=uow&sektion=4&format=html
>
> Failing that you wa
Hi
has someone used digitemp with usb adapter on openbsd ?
i currently test digitemp 3.5.0 on 4.0-stable with a ds9490R usb adapter
and it segfault like this
$ ./digitemp_DS2490 -s /dev/ttyU1 -w
DigiTemp v3.5.0 Copyright 1996-2007 by Brian C. Lane
GNU Public License v2.0 - http://www.digitemp.com
Eric Huiban wrote on 10/11/2006 01:10:
> After a long time of lurking and looking through solutions like USB,
> Ethernet, serial busses, home produced, commercial ones, etc : i ended to
> buy a scraped terminal server allowing me to connect up to 40
> traditionnal 9600 serial devices as well as 576
Antti Harri wrote on 09/11/2006 14:37:
> My friend has the diagram and the part listing although some texts
> are in Finnish but I can translate them into English if you want. The
> parts are pretty cheap, less than 10 euros in here for one sensor,
> the DS1820 is the most expensive part.
there is
Hi
i'm currently looking for solution to monitor external environment from
an openbsd server.
i've found some (linux) apps
http://www.digitemp.com/software.shtml
http://www.redge.net/frogd/fr/
http://owfs.sourceforge.net/index.html
http://misterhouse.sourceforge.net/
some integrated sensor (a bi
Steffen Schuetz wrote on 02/09/2006 22:47:
>> "native-getuid: permit as root" doesn't work in a systrace policy
>
> You should try "true then permit as root"
yes, that's it.
have forgotten the true :)
thanks
Regards
Julien
Ted Unangst wrote on 01/09/2006 23:54:
>> isn't it limited to a deny (returning an errorcode) ? so how ?
>>
>> native-getuid: permit
>>
>> native-getuid: permit[0] => error
>> native-getuid: permit as root => error
>
> yeah, actually i think you want "as root", but for geteuid or whatever
> the ri
Ted Unangst wrote on 01/09/2006 21:21:
>> seems fping runs a root check which cannot be overcome by a switch (at
>> least in man)
>> even if the policy of fping is with "as root" for everything it can't
>> run ...
>> anything beyond editing the code ?
>
> tried setting the policy to have getuid re
i want to use fping with with nrpe/nagios. as security doc of OpenBSD
state, i want to use systrace privilege elevation but ...
$ sudo /bin/systrace -a -c 556:556 /usr/local/sbin/fping localhost
This program can only be run by root, or it must be setuid root.
$ sudo /bin/systrace -a /usr/local/sbi
Denis Augusto Araujo de Souza wrote on 30/08/2006 17:11:
> I'm needing to mount a /tmp partition in a secure mode. Which is
> the best way to fstab file configuration?
it depends on what secure is for you ?
no /tmp maybe ?
or restricting to root access ?
or using noexec,nodev,nosuid flags ?
Joachim Schipper wrote on 26/08/2006 23:29:
> At a random guess, ssh-agent(1). Or ssh -A.
i don't have ssh-agent on the two system. i have one on a third which is
connected on the soekris with putty using password
Could it be the putty option "Allow agent forwarding" ???
(equivalent of -A in cli,
i have a small problem with a ssh authentification, hope i misunderstood
it, but.
i try to copy a file with scp from server to another and scp doesn't ask
me for a password. problem, i don't setup any key on this box ...
here the details:
soekris4801:touche$ ls ~/.ssh
authorized_keys known_hos
tony sarendal wrote on 22/08/2006 08:32:
> I wrote a script to generate graphs for the queues using python and
> rrdtool a while back when I needed it, although it only works with
> CBQ. http://www.prefixmaster.com/eyeonpf.php
>
awesome tool. i try it yesterday evening and it is really simple t
$ last |more
date { Wed Aug 16 22:54
date | Wed Aug 16 22:54
date { Wed Aug 16 22:54
date | Wed Aug 16 22:54
date {
comments on these ?
http://www.psc.edu/networking/projects/hpn-ssh/
http://www.onlamp.com/pub/a/onlamp/2005/11/17/tcp_tuning.html?page=2
seems to say problem is in openssl but patch is against openssh ?
thanks
Regards
Julien
Bryan Irvine wrote on 01/11/2005 17:56:
I had this exact saem thing once and it turned out that it was my
fault...somehow. I managed to get 2 copies of cron running so
newsyslog ran twice but one was always behind the other.
exactly.
two entries in crontab. seems i've restore config a bit two
has anyone try fsvs (http://fsvs.tigris.org/), on openbsd (3.8) ?
i try to compile it (need pkg: subversion, apr-util, pcre, gmake) but
there are still some missing points.
it seems src use struct stat64 from linux which doesn't exist in sys/stat.h
by replacing with struct stat and corresponding
i've installed openbsd 3.8 on a i386 box this week-end (to replace a
3.6) and all went smoothly except one thing.
i get many mail from newsyslog like this
=
newsyslog: can't mv /var/cron/log to /var/cron/log.0: No such file or
directory
gzip: /var/cron/log.0.gz already has .gz suffix -- unchanged
Hi
i want to know if some folks from openbsd (or others) have a solution
for L7 failover. more precisely, what are good solutions for a proxy (be
it, http, ftp, smtp, or else; transparent or not) to have active/active
failover or active/passive but in all case keep sessions ? or best is to
use de
Julien TOUCHE wrote on 20/08/2005 17:41:
lan & internet setup is working ok for years, dmz is used recently.
problem is when i'm on the dmz (static or dhcp ip, wire or wireless),
http browsing is damn slow.
ok, found it
# ifconfig sis2
sis2: flags=8843 mtu 1500
addre
i'm currently testing a setup with soekris and the followinf network:
lan, dmz (private network too), internet (real common, no ?).
lan & internet setup is working ok for years, dmz is used recently.
problem is when i'm on the dmz (static or dhcp ip, wire or wireless),
http browsing is damn slow.
40 matches
Mail list logo
