ine, but obviously aliases are not
resolved.
Other combinations involving expand-only, forward-only, and virtual
are mentioned by name, without being actually documented in any obvious
place. So, is there any way to make this work again?
Regards,
Liviu Daia
f there is a better
> approach.
unbound(8) probably does exactly what you want. It's mainly a
recursive resoler, but it can also answer authoritatively for "local"
zones, or simply override addresses for given hosts (think anti-spam).
Unless you also want to answer queries for your domain comming from the
Internet, you don't need a separate authoritative server.
Regards,
Liviu Daia
On 29 June 2017, Liviu Daia wrote:
[...]
> On the server:
>
> # iked -d
> ikev2_recv: IKE_SA_INIT request from initiator 89.136.163.27:500 to
> x.y.z.t:500 policy 'sb1' id 0, 510 bytes
> ikev2_msg_send: IKE_SA_INIT response from x.y.z.t:500 to 89.136.163.
ys/ipv4/x.y.z.t, nor if I install it in
/etc/iked/certs. And then there's this, which doesn't look normal:
ikev2_ike_auth_recv: unexpected auth method RSA_SIG, was expecting SIG
I'm using 6.1 release on the server, and the current snapshot on the
home router:
OpenBSD sb1.x.net 6.1 GENERIC#10 amd64
OpenBSD router.x.net 6.1 GENERIC.MP#44 amd64
Regards,
Liviu Daia
On 28 June 2017, Philipp Buehler
wrote:
> Am 28.06.2017 11:18 schrieb Liviu Daia:
> >
> > set skip on { lo, enc }
> > pass in quick on egress inet proto udp to any port { isakmp,
> > ipsec-nat-t }
>
> needs (on both) a 'pass quick inet p
.1
Anyone, a clue stick please?
Regards,
Liviu Daia
On 12 October 2016, Liviu Daia wrote:
> On 11 October 2016, physkets wrote:
> > Hello!
> >
> > I'd asked a related question on the OpenBSD subreddit, and someone
> > pointed me here. Hope this is appropriate.
> > https://ww
r whatever reasons the rate
of packet loss increased steadily over time. I've since re-purposed an
old Netgear WNDR 3800 as a bridged AP, and I'm much happier with it.
805.11n, full power management, and no dropped connections ever, despite
it being located in the exact same spot as the old AP.
Regards,
Liviu Daia
ems like this, and make sure your family know about them, and know
how to restore your files from them. Only when you have that sorted out
spend time optimizing your local bakup system.
Regards,
Liviu Daia
have a cron job resolve the name and update the table when the IP
changes. Obviously this only works with rules that can take tables to
begin with, but that's good enough in many situations.
Regards,
Liviu Daia
dress 0x81 EP 1 IN
bmAttributes3
Transfer TypeInterrupt
Synch Type None
Usage Type Data
wMaxPacketSize 0x0008 1x 8 bytes
bInterval 232
Any idea?
Regards,
Liviu
On 12 October 2015, Sebastien Marie wrote:
> On Mon, Oct 12, 2015 at 08:02:11AM +0300, Liviu Daia wrote:
> >
> > I get something similar without nagios:
> >
> > $ grep syscall /var/log/messages
> > Oct 10 07:50:26 router /bsd: tty(2446): syscall 54
> >
router /bsd: tty(9186): syscall 54
Oct 10 08:06:23 router /bsd: tty(9710): syscall 54
Oct 11 01:30:01 router /bsd: tty(6080): syscall 54
Oct 12 01:30:01 router /bsd: tty(15518): syscall 54
$ uname -a
OpenBSD router.lcd047.linkpc.net 5.8 GENERIC.MP#1449 amd64
I'd tentatively correlate most of them with login(1) run in a serial
console. But the last two entries seem to be triggered by /etc/daily.
Regards,
Liviu Daia
gently with isopropyl
alcohol or similar.
Regards,
Liviu Daia
nd out that his
backup disk had bad sectors in the middle of some large files. He
wasn't amused.
Regards,
Liviu Daia
e_ special privileges. You can't make these things up, I'm
telling ya.
Regards,
Liviu Daia
rsync is resource-hungry if you tell
it to deal with hardlinks, and cpio has other limitations on file names.
Really, dump / restore is the only viable choice for this kind of task.
Regards,
Liviu Daia
k to news
> http://www.phoronix.com/scan.php?page=news_item&px=CompuLab-Fitlet-Linux-PC
>
> as always, other/similar choices:
> APU1D4
> soekris net6801-xx
Regards,
Liviu Daia
hat
> small catch-up syncronization errors are made, that they get fixed by
> real people, then PLEASE DON'T RUN SNAPSHOTS.
[...]
Oh, I wasn't accusing anybody, or pointing fingers, or anything like
that. I was just saying it's currently broken, that's all. Sorry if it
came accross any other way.
Regards,
Liviu Daia
-r-- 1 root bin 1518902 Oct 29 03:25 /usr/lib/libssl.so.27.2
-r--r--r-- 1 root bin 1512855 Nov 16 09:49 /usr/lib/libssl.so.28.0
-r--r--r-- 1 root bin 1518550 Dec 8 07:54 /usr/lib/libssl.so.29.0
$ dmesg | head -1
OpenBSD 5.6-current (GENERIC.MP) #668: Wed Dec 10 12:43:55 MST 2014
Regards,
Liviu Daia
On 29 November 2014, Gilles Chehade wrote:
> On Sat, Nov 29, 2014 at 02:13:46AM +0200, Liviu Daia wrote:
> > On 28 November 2014, Gilles Chehade wrote:
> > > On Thu, Nov 27, 2014 at 10:00:19PM -0500, Hugo Villeneuve wrote:
> > [...]
> > > > No, it is not pro
On 29 November 2014, Liviu Daia wrote:
[...]
> Not sure about Postfix being "right", but it does solve the
> initial problem: you fix the relay, you run "postfix -r ALL", and the
> messages go on their way.
[...]
s/postfix -r ALL/postsuper -r ALL/
Regards,
Liviu Daia
message. Then
when a message is re-queued the entire envelope is resolved again from
scratch, according to the current config: problem solved. This is
essentially what Postfix does, and I have yet to hear anybody arguing it
should do something else. :)
Regards,
Liviu Daia
on't see the issue.
>
> It probably started around when chromium switched to Aura for its
> gfx system...
Regards,
Liviu Daia
> yet?
I believe the new sysmerge looks at /etc/examples?
Regards,
Liviu Daia
nless I get a
> >serial terminal from a junkyard.
>
> Use USB and a USB-to-serial cable ... something like this:
>
> http://www.dicksmith.co.nz/tv-video-cables/dse-serial-usb-adaptor-dsnz-xh8290
Yes, but you also need to make sure it's supported by the OS on your
laptop. Something based on Prolific PL-2303 is probably a good choice,
on OpenBSD it's supported by uplcom(4).
Regards,
Liviu Daia
a live USB flash disk is an useful thing to
have around anyway. You can take it with you, and turn (almost) any
Windows PC into an useful terminal in less than a minute. :)
Regards,
Liviu Daia
U.1C, it's a nice machine, much faster than ARM boards.
I'd also buy a small mSATA disk for system (pretty much any model would
do, except the Chinese thing sold by PC Engines), and an external 3.5"
USB disk with an external power brick for DLNA. Don't try to mount a
2.5" SATA disk inside the case; it would overheat, and it would need
more power than the power brick that comes with APU.1C can provide. For
similar reasons, you should probably avoid external disks powered over
USB (that is, most 2.5" external disks these days). Also make sure to
upgrade to the latest firmware if you want to run OpenBSD.
Regards,
Liviu Daia
trip 1
> root "/dokuwiki"
> directory index "doku.php"
> fastcgi socket "/tmp/php.sock"
> }
What about redirect, say from http://mumble to https://mumble?
Regards,
Liviu Daia
nisms to override termcap /
terminfo, Mutt doesn't. The termcap / terminfo clusterfuck was much
worse 20+ years ago. It has slowly improved over time, but IMO things
like Vim and Midnight Commander mostly working out of the box have kept
people from fixing it sooner.
Regards,
Liviu Daia
rising the case legs, so that there's better air circulation
below it. Room temperature makes a big difference too.
Regards,
Liviu Daia
pped by PCEngines
that has problems, not the firmware. A quick search reveals that many
other people had to replace it with something else. Just make sure to
search before you buy.
Regards,
Liviu Daia
putty's
formats (which you can do with puttygen).
Regards,
Liviu Daia
On 2 May 2014, Jeremy Evans wrote:
> On Fri, May 2, 2014 at 8:42 AM, Liviu Daia wrote:
>
> > Unless I'm doing something stupid, sshd seems to be broken in
> > today's snapshot.
> >
> > From a Linux machine:
> >
> > $ ssh tes
d_preauth: daia has been authenticated by privileged process
debug1: Enabling compression at level 6. [preauth]
debug1: monitor_read_log: child log fd closed
User child is on pid 11401
debug1: Entering interactive session for SSH2.
debug1: server_init_dispatch_20
debug1: do_cleanup
At this po
them to the interface, and
said interface went away under their feet. :) I haven't checked in a
long while if this is still the case, but it's something you might want
to keep in mind.
Regards,
Liviu Daia
this guy, the chipset is Ralink 5370. Supported
(badly) on Linux as mt7601, not supported on OpenBSD.
Regards,
Liviu Daia
/after patching).
[...]
Check for the bug that was supposedly fixed by the patch. In this
particular case: run a SSL server with "openssl s_server", and use one
of the many many heartbleed checkers out there to see if the problem is
still there.
Regards,
Liviu Daia
On 16 April 2014, Kenneth Westerback wrote:
> On 16 April 2014 19:20, Liviu Daia wrote:
> > On 15 April 2014, ohh, whyyy wrote:
> >> Hey, Thanks! yes, it looks like the sys.tar.gz was missing.. I created a
> >> small howto for it (for patching 5.4):
> >> cd
tically chosen partitions:
# df -h /root
Filesystem SizeUsed Avail Capacity Mounted on
/dev/wd0a 129M110M 12.9M89%/
Regards,
Liviu Daia
would like to make available for ssh loggin.
[...]
You can do that with ssh alone:
Host internal_machine
ProxyCommandssh -A -q -l %r -W %h:%p firewall
Regards,
Liviu Daia
er way is
to patch usb_quirks.c, as pointed out by somebody else.
You also need r/w permissions for group _ups to /dev/usb* and
/dev/ugen0*, and possibly other things (use ktrace to find out).
Regards,
Liviu Daia
On 22 August 2013, patrick keshishian wrote:
> On 8/22/13, Liviu Daia wrote:
> > On 22 August 2013, patrick keshishian wrote:
> >> Hi,
> >>
> >> Anyone else notice that sqlite3 in base got slower somewhat
> >> recently?
> >>
> >>
tions
are possible too, but I believe these are the important ones. In my
case, I cut database creation time from more than an hour to 80 seconds,
on a relatively slow machine. FWIW.
Regards,
Liviu Daia
socket = /var/www/run/mysql.sock
in the /etc/my.cnf, then copy /etc/my.cnf to /var/www/etc/my.cnf, and
set
socket = /run/mysql.sock
in the client section in /var/www/etc/my.cnf. There is no advantage in
doing things like this though, you'd be just looking for future trouble.
Regards,
Liviu Daia
pic: the official way to start mysql on
5.3 is to add mysqld to pkg_scripts in /etc/rc.conf.local. See:
http://www.openbsd.org/faq/faq10.html#rc
Regards,
Liviu Daia
Please, stop repeating this nonsense. This "solution" works until
you restart the server manually, since mysqld removes the socket before
re-creating it.
The real solution is either to use TCP connections, or move the
socket inside the jail and make /etc/my.cnf and /var/www/etc/my.cnf
point to it accordingly.
Regards,
Liviu Daia
en.wikipedia.org/wiki/Comparison_of_open_source_configuration_management_software
https://news.ycombinator.com/item?id=5983918
https://news.ycombinator.com/item?id=5932608
https://news.ycombinator.com/item?id=3090800
Regards,
Liviu Daia
er lose mail with it, and you won't end up with duplicate messages
or corrupt mailboxes, regardless of how many times your connection goes
down during transfers. Use stunnel and relayd to wrap it in SSL, and
you're done.
Regards,
Liviu Daia
good
packet capture might save you a lot of time when switching equipment.
Regards,
Liviu Daia
ng.
Regards,
Liviu Daia
On 2 June 2010, Eugene Yunak wrote:
> On 2 June 2010 20:48, Liviu Daia wrote:
> > On 2 June 2010, Eugene Yunak wrote:
> >> On 1 June 2010 16:30, What you get is Not what you see
> >> wrote:
> >> > Freshly installed on openbsd 4.6 mysql,php and php5-mysql
s to it from inside and outside
the jail, using my.cnf. Not tested:
- in /etc/my.cnf:
socket = /var/www/var/run/mysql/mysql.sock
- in /var/www/etc/my.cnf:
socket = /var/run/mysql/mysql.sock
Regards,
Liviu Daia
--
Dr. Liviu Daia http://www.imar.ro/~daia
/fdupe.pl
It's still faster than all of its competitors I'm aware of (most of
them written in C). :)
Regards,
Liviu Daia
--
Dr. Liviu Daia http://www.imar.ro/~daia
t using PXE should be placed in the root of the tftp server.
[...]
Create a file etc/boot.conf in your TFTP root directory, with the
contents
boot tftp:/bsd.rd
If that still doesn't help, enable logging to see what the TFTP
server is trying to do and where it's looking the file
m fine. You need some really expensive hardware for that.
Also, just like disks, there is no such thing as a perfect error-free
memory. So the answer to any conceivable test will be a statistic,
not a definitive true / false. The difference between memtest and a
hardware tester is how accurat
On 12 March 2008, Hannah Schroeter <[EMAIL PROTECTED]> wrote:
> Hi!
>
> On Wed, Mar 12, 2008 at 12:05:29PM +0200, Liviu Daia wrote:
> >On 12 March 2008, Lars NoodC)n <[EMAIL PROTECTED]> wrote:
> >[...]
> >> And, is there a generic way to prevent the
On 12 March 2008, Lars NoodC)n <[EMAIL PROTECTED]> wrote:
[...]
> And, is there a generic way to prevent them? The cause is a perl CGI
> called by apache2
Depending on what you're doing, make the parent wait(2) for the
processes or setsid(3).
Regards,
Liviu Daia
Any experiences with Intel S5000VSA motherboards?
Regards,
Liviu Daia
--
Dr. Liviu Daia http://www.imar.ro/~daia
lder ones;
(3) Historically, none of the new brances have been backward compatible;
many applications don't support 2.6 yet.
Regards,
Liviu Daia
--
Dr. Liviu Daia http://www.imar.ro/~daia
On 26 December 2007, Hannah Schroeter <[EMAIL PROTECTED]> wrote:
> Hi!
>
> On Wed, Dec 26, 2007 at 09:28:33AM +0200, Liviu Daia wrote:
> >On 25 December 2007, Girish Venkatachalam
> ><[EMAIL PROTECTED]> wrote:
> >[...]
> >> I just checked out
gets goofed up. One has to
> do it with little more care I guess.
[...]
Or use Par instead of fmt; textproc/par in ports.
Regards,
Liviu Daia
--
Dr. Liviu Daia http://www.imar.ro/~daia
On 3 December 2007, Amarendra Godbole <[EMAIL PROTECTED]>
wrote:
> On Nov 30, 2007 4:32 PM, Liviu Daia <[EMAIL PROTECTED]> wrote:
> > On 30 November 2007, Amarendra Godbole <[EMAIL PROTECTED]>
> > wrote:
> > > Please note that postfix does not undergo t
On 30 November 2007, Geoff Steckel <[EMAIL PROTECTED]> wrote:
> Liviu Daia wrote:
> > On 30 November 2007, Amarendra Godbole <[EMAIL PROTECTED]>
> > wrote:
> >> Please note that postfix does not undergo the rigorous code scrub
> >> that sendmail goes t
have against Postfix are related to its license, not the
code quality.
Regards,
Liviu Daia
--
Dr. Liviu Daia http://www.imar.ro/~daia
ool* - it's good for what it's good for -
> stopping stuff that is easily identifiable in the smtp dialogue. It is
> not intended for other things.
We are in violent agreement here...
Regards,
Liviu Daia
--
Dr. Liviu Daia http://www.imar.ro/~daia
On 26 September 2007, Jeremy C. Reed <[EMAIL PROTECTED]> wrote:
> On Wed, 26 Sep 2007, Liviu Daia wrote:
>
> > Same, 28 minutes later:
> >
> > Sep 25 18:42:52 ns1 postfix-localhost/smtpd[13055]: 72BCD142A7:
> > client=unknown[212.239.40.101]
> >
On 26 September 2007, Peter N. M. Hansteen <[EMAIL PROTECTED]> wrote:
> Liviu Daia <[EMAIL PROTECTED]> writes:
>
> > Why should it? The second copy is sent in a separate run,
> > that's the whole point. The only thing the bot has to figure out
> > is
On 26 September 2007, Liviu Daia <[EMAIL PROTECTED]> wrote:
> On 26 September 2007, Luca Corti <[EMAIL PROTECTED]> wrote:
> > On Wed, 2007-09-26 at 17:02 +0300, Liviu Daia wrote:
> > > > Another delivery attempt would be needed after this time to pass
> > &g
On 26 September 2007, Luca Corti <[EMAIL PROTECTED]> wrote:
> On Wed, 2007-09-26 at 17:02 +0300, Liviu Daia wrote:
> > > Another delivery attempt would be needed after this time to pass
> > > spamd.
> > Moral: randomize the greylisting time...
>
> Bet
On 26 September 2007, Craig Skinner <[EMAIL PROTECTED]> wrote:
> Liviu Daia wrote:
> >
> > How does spamd distinguish between a legitimate retry and a
> > re-injection of the same message with the same Message-Id, sender
> > etc.?
>
> It doesn't.
&
On 26 September 2007, Damien Miller <[EMAIL PROTECTED]> wrote:
> On Wed, 26 Sep 2007, Liviu Daia wrote:
>
> > Greylisting is trivial to bypass, with or without a queue: just
> > send the same messages twice. Some spammers have figured that out
> > long ago. E
etimes you receive 2 or 3 copies of the same spam,
from the same IP, with the same Message-Id etc., a few minutes apart?
Regards,
Liviu Daia
--
Dr. Liviu Daia http://www.imar.ro/~daia
On 26 September 2007, RW <[EMAIL PROTECTED]> wrote:
> On Tue, 25 Sep 2007 14:14:46 +0300, Liviu Daia wrote:
>
> >On 25 September 2007, RW <[EMAIL PROTECTED]> wrote:
> >[...]
> >> My defence was to write a couple of scripts. One parsed the output
> >&g
fix you can use anvil(8) to control concurrency.
Regards,
Liviu Daia
--
Dr. Liviu Daia http://www.imar.ro/~daia
e going to want a FPU with openbsd.
[...]
The DX series did have FPU. The SX didn't.
Regards,
Liviu Daia
--
Dr. Liviu Daia http://www.imar.ro/~daia
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
uhub5 at uhub4 port 2
uhub5: NEC product 0x013e, rev 2.00/0.07, addr 2
uhub5: 4 ports with 4 removable, self powered, multiple transaction translators
ugen0 at uhub0 port 1
ugen0: Cambridge Silicon Radio Bluetooth, rev 1.10/4.43, addr 2
dkcsum: wd0 matches BIOS drive 0x80
wd1: no disk label
dkcsum: wd1 matches BIOS drive 0x81
wd2: no disk label
dkcsum: wd2 matches BIOS drive 0x82
root on wd0a
rootdev=0x0 rrootdev=0x300 rawdev=0x302
FWIW, the unconfigured device at pci0 dev 14 is a Quicknet PhoneJACK
(FXS phone card).
Regards,
Liviu Daia
--
Dr. Liviu Daia http://www.imar.ro/~daia
Depending on how fragmented the fs was when
you erased the FAT, there is a tiny chance some of the blocks are
contiguous, but that's just about all you can hope for.
You can try lazarus from Wietse Venema's Coroner Toolkit:
http://www.porcupine.org/forensics/tct.html
However
d look at plan9 / inferno first.
Regards,
Liviu Daia
--
Dr. Liviu Daia http://www.imar.ro/~daia
us. You'll need a script to convert
your users' mailboxes to Maildir, but that's about the only problem
you're likely to have with it. Some time ago I used mb2md to convert
some 300 GB of mailboxes to Maildir, and I was happy with thne result:
http://batleth.sapi
ete evaluations,
(2) is still in use today, and (3) has a significant amount of code
written in it, is Pascal. The Wirth-Jensen definition of Pascal
specified complete evaluations. The once popular Borland Pascal
implemented that as an option. Don't know about gpc.
Regards,
Liviu Daia
--
Dr. Liviu Daia http://www.imar.ro/~daia
On 22 May 2006, Jacob Meuser <[EMAIL PROTECTED]> wrote:
> On Mon, May 22, 2006 at 02:52:59PM +0300, Liviu Daia wrote:
> > On 22 May 2006, Jacob Meuser <[EMAIL PROTECTED]> wrote:
> > > On Mon, May 22, 2006 at 12:27:18PM +0300, Liviu Daia wrote:
> > > > On 2
picking apart of my post based on minutae that seem relevant in
> liviu's local frame is what i'm fully expecting. i feel stupid having
> spent the time i just did writing this, another waste of human energy.
Regards,
Liviu Daia
--
Dr. Liviu Daia http://www.imar.ro/~daia
On 22 May 2006, Can Erkin Acar <[EMAIL PROTECTED]> wrote:
> On Monday 22 May 2006 Liviu Daia wrote:
> > On 22 May 2006, Lars Hansson <[EMAIL PROTECTED]> wrote:
> > > On Monday 22 May 2006 17:27, Liviu Daia wrote:
> > > > Ok, let me rephr
On 22 May 2006, steven mestdagh <[EMAIL PROTECTED]>
wrote:
> Liviu Daia [2006-05-22, 12:27:18]:
> > Ok, let me rephrase this. How realistic will be to run an
> > OpenBSD firewall or router without xbase a few years from now?
>
> Huh? You do not and will not need xba
On 22 May 2006, Jacob Meuser <[EMAIL PROTECTED]> wrote:
> On Mon, May 22, 2006 at 12:27:18PM +0300, Liviu Daia wrote:
> > On 20 May 2006, Jacob Meuser <[EMAIL PROTECTED]> wrote:
> > > On Sat, May 20, 2006 at 10:09:15AM +0300, Liviu Daia wrote:
> > >
> >
On 22 May 2006, Marc Balmer <[EMAIL PROTECTED]> wrote:
> * Liviu Daia wrote:
>
> > The consistent answer I got on ports@ was that "it has been
> > decided" that "installing X is not a showstopper", and a number of
> > personal attacks
On 22 May 2006, Lars Hansson <[EMAIL PROTECTED]> wrote:
> On Monday 22 May 2006 17:27, Liviu Daia wrote:
> > Ok, let me rephrase this. How realistic will be to run an
> > OpenBSD firewall or router without xbase a few years from now?
>
> Very, in my opinion.
>
&
On 20 May 2006, Jacob Meuser <[EMAIL PROTECTED]> wrote:
> On Sat, May 20, 2006 at 10:09:15AM +0300, Liviu Daia wrote:
>
> > I have a simpler question: is there any plan to make installing
> > xbase a requirement in the foreseeable future?
>
> no. nothing in {base
d to produce frequent
kernel panics), read-write has never worked properly. I also doubt
there is much interest in fixing it.
Regards,
Liviu Daia
--
Dr. Liviu Daia http://www.imar.ro/~daia
ts :(
So what you're saying here is that installing 30MB of xbase without
the user requesting it is acceptable, but making an install script some
30 bytes larger isn't, right?
Regards,
Liviu Daia
--
Dr. Liviu Daia http://www.imar.ro/~daia
rovided your motherboard has USB ports. Mine doesn't. :-)
Regards,
Liviu Daia
--
Dr. Liviu Daia http://www.imar.ro/~daia
his morning. As above, everything else works, and the
keyboard also works with a non-MP 3.9 GENERIC kernel. dmesg below.
Regards,
Liviu Daia
OpenBSD 3.9-stable (GENERIC.MP) #0: Sat May 13 15:57:00 EEST 2006
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP
cpu0: Intel Pentium
ations. I went by the manual page
> and saw no mention of restrictions there for cpio, either.
>
> Still good to know about that recommendation, I might have some use for
> it too.
See also the classical articles by Elizabeth Zwicky:
http://berdmann.dyndns.org/doc/dump/zwicky/te
94 matches
Mail list logo
