Hello,
I ave this 5.0 box I just setup. It works nicely but on boot network
interfaces order seems to randomly change. The box has two bye nics, bge0 and
bge1.
Basically on reboot the box may pick a different device for the physical
interfaces than the time before. Swapping cables restores operati
On Sat, 2011-06-25 at 01:57 +1000, Joel Sing wrote:
> On Thursday 02 June 2011, Luca Corti wrote:
> > This is basically a rip off of ntfs_vfsops.c r1.25 and allows the use
> > of DUIDs in fstab for ext2fs.
> Unfortunately, it is a little more complex than this due to the existin
This is basically a rip off of ntfs_vfsops.c r1.25 and allows the use
of DUIDs in fstab for ext2fs.
Works for me on amd64 GENERIC.MP.
Index: ext2fs_vfsops.c
===
RCS file: /cvs/src/sys/ufs/ext2fs/ext2fs_vfsops.c,v
retrieving revisio
On Tue, 24 May 2011 18:26:43 -0600, Theo de Raadt wrote:
$ grep sd0k /etc/fstab
/dev/sd0k /home/luca/ext2fs ext2fs rdonly,nodev,nosuid 0 0
^^
There is no such keyword in a fstab file.
Obvious PEBKAC here, blindly putting mount(1) options into fstab(5).
Hello,
$ grep sd0k /etc/fstab
/dev/sd0k /home/luca/ext2fs ext2fs rdonly,nodev,nosuid 0 0
$ sudo mount /dev/sd0k
mount: can't find fstab entry for /dev/sd0k.
but
$ sudo mount_ext2fs -o rdonly,nodev,nosuid /dev/sd0k /home/luca/ext2fs/
$ mount|grep sd0k
/dev/sd0k on /home/luca/ext2fs type ext2fs (
On Wed, 2010-12-08 at 21:00 -0500, Ted Unangst wrote:
> google's dns hosting would be great except for the minor inconvenience
> of google not hosting other people's DNS...
Sure, should get some sleep before reading, posting and mistaking
requests about secondary DNS services with requests about r
On Wed, 2010-12-08 at 11:49 -0500, Scott McEachern wrote:
> I know how to use Google to find free alternatives, I'm looking for
> *recommendations* for a simple two-domain home network.
Since you are already using Google, you probably won't mind using...
google.
http://code.google.com/speed/publ
On Sun, 2010-10-31 at 23:33 +, percy piper wrote:
> Thanks Luca, would you mind sending me a pcidump -v please?
Sorry, I'm a bit late with my reply.
Unfortunately the fan of *my* T60 was noisy for a reason, it was
failing. The new one works like a charm and quietly :)
So here is my pcidump
Il giorno 17/nov/2010, alle ore 23.43, Rod Whitworth ha scritto:
> I've used RFC1918 addresses for each on the WAN facing NICs and let
> carp assign the global IP to whichever one should have it.
>
> That let me access the individual hosts from the LAN.
Why not just assign LAN addresses on the LA
Il giorno 17/nov/2010, alle ore 22.49, Jeff Ross ha scritto:
> I don't think Bresnan is going to take kindly to me just grabbing a couple
of IPs next to my static IP.
>
> If it really doesn't matter then *that's* the source of my confusion.
You don't need to assign an IP address to each physical i
On Sun, 2010-10-31 at 23:07 +, percy piper wrote:
> >> It has an ATI Radeon Mobility X1400 btw.
> > I have the same issue with resume.
> Did either of you have working resume ever before?
Yes, this started to happen lately with current.
It seems the guilty commit has been just backed out.
ci
On Sun, 2010-10-31 at 18:16 -0430, Andres Perera wrote:
> Whatever works out better for you I guess. It's a great
> technology, in my opinion, specially when you take in account that it's
> 33% faster than IPv4.
Only if your router has a last generation 3D graphics chip onboard.
ciao
Luca
On Sun, 2010-10-31 at 14:45 -0400, STeve Andre' wrote:
> > My Lenovo ThinkPad won't resume after suspend. When suspending, the
> > little moon led lights up, and when resuming it blinks, but that's all.
> > Typing reboot and stuff blindly doesn't work, so I guess not just the
> > video device stays
On Sat, 2010-10-23 at 19:47 +0200, Henning Brauer wrote:
> > That used to be the case, but with current lately my wpi is not losing
> > connectivity anymore.
> you have 3 free guesses on what i run
Probably -current and wpi.
What I still get are occasional kernel asserts at boot at wpi firmware
l
On Sat, 2010-10-23 at 15:04 +0200, Henning Brauer wrote:
> the wpi is crap (if anyone wants to do me a favor: send me something
> that works reliably. the wpi in the X61s is the same shit, btw). loses
> connectivity regularily and needs an down & up dance.
That used to be the case, but with curren
On Fri, 2010-10-22 at 19:25 -0700, Clint Pachl wrote:
> I've seen T60 with Core or Core 2 selling here locally on craigslist. I
> figured, if I go with a 64-bit Core 2, I would just opt for the T61 with
> the slightly faster bus and supposedly lower acoustics. Plus they are
> selling for the sam
--- usr.sbin/ldapd/ldapd.conf.5 Fri Sep 10 23:21:15 2010
+++ usr.sbin/ldapd/ldapd.conf.5 Thu Oct 7 01:56:27 2010
@@ -147,7 +147,7 @@
}
.Ed
.Pp
-When matching requests aginst namespace suffixes, the most specific
+When matching requests against namespace suffixes, the most specific
match is use
On Thu, 2010-02-11 at 23:24 +0100, Claudio Jeker wrote:
> So Henning and Oga are working at offloading pf into the graphic card
> cores by using the DRI interface. The shader will evaluate the ruleset
> and packets in parallel and use the graphic memory for the state table.
> Additionally if the sp
On Tue, Jan 26, 2010 at 11:44:01AM -0500, Bryan Allen wrote:
> They're solid, and they fly.
That's what I hoped to hear.
> You can pick up RAM cheap from crucial, and get disk sleds from memoryx
> (541-2123) so you don't have to pay disk markup.
This is not an issue. The one I'll have at hand ha
Hello,
Anyone has any experience with this Sun box? I'm looking for decent hardware to
run OpenBGPd over a 1 Gbps Internet transit.
It's an Intel Xeon 5520 quad-core with an Intel 5520 chipset and ICH10R, I
guess no problem here.
It comes with 4 gigabit ports (Intel 82575EB) which should be fin
On 1/26/2010 12:14 AM, Eric wrote:
How about BSHurd?
Now, that's a really aBSHurd idea.
ciao
Luca
instead of .
ciao
Luca
--- plus.html 2009-09-08 20:22:38.0 +0200
+++ plus.html 2009-09-09 12:28:27.0 +0200
@@ -110,7 +110,7 @@
Added support for the "Slots Power" sensor on the PowerMac9,1.
Added support in href="http://www.openbsd.org/cgi-bin/man.cgi?query=sysctl&sektion
On 5/6/09 5:07 PM, Feifei (??) wrote:
> The Grub version is distributed with the Ubuntu 8.04 which is installed in
> (hd0,6)
>
> How to resolve it?
>
Use the chainloader to call the OpenBSD bootloader. Something like:
|title OpenBSD
root (hd0,a)
makeactive
chainloader +1
ciao
Luca
|
On Thu, 2009-04-30 at 21:57 +0200, Henning Brauer wrote:
> > # pfctl -si
> > Status: Enabled for 49710 days 04:40:06 Debug: Urgent
>
> that really looks like userland and kernel out of sync or similiar. I
> cannot reproduce that.
It happens when i start ntpd with -s to set the clock. The c
Hello,
on my just booted T60 pfctl reports
# pfctl -si
Status: Enabled for 49710 days 04:40:06 Debug: Urgent
State Table Total Rate
current entries 59
searches 15911
inserts
On Thu, 2008-09-11 at 18:27 +0200, Michiel van Baak wrote:
> You can also look at dnsmasq. dnsmasq has some nice alias features.
djbdns is also able to provide different responses based on query source
IP address.
ciao
Luca
On Mon, 2007-11-19 at 22:53 -0700, Clint Pachl wrote:
> In my DMZ research, some sources state that all services need to be
> replicated in each DMZ. Following that advice, I would have to setup
> Kerberos, ntp, backup, and DNS in each DMZ and the LAN; that sounds like
> a lot of work. What do y
On Tue, 2007-10-23 at 01:11 +0200, ropers wrote:
> unavoidable. The question is, is that a worthwhile trade-off? Is this
> a reason not to support Xen? Or should the user be given that option
> regardless of the inherent limitations and consequences?
A proper Dom0 port of XEN to OpenBSD would solv
On Fri, 2007-10-19 at 09:14 -0700, Darren Spruell wrote:
> It *is* a requirement to comment intelligently on what is or is not
> being worked on.
Yeah, sorry for that.
ciao
Luca
On Fri, 2007-10-19 at 12:07 +0200, Paul de Weerd wrote:
> I disagree. This is not true from a 'user perspective' at all. Unless
> a user is totally ignorant - you don't expect a new building to just
> *poof* out of thin air and have it ready for use the same moment ?
> Construction takes time. Care
On Fri, 2007-10-19 at 10:35 +0200, Paul de Weerd wrote:
> Work is being done to add support. How is this 'preliminary' ? Is it
> only not preliminary when the final commit is made that makes WPA
> work ?
Well, I think that's correct from a user perspective. The question was
by a user and about WPA
On Thu, 2007-10-18 at 22:43 -0400, Nick Guenther wrote:
> > WPA is not supported. AFAIK noone is working on it.
> http://www.openbsd.org/plus42.html
> search for "WPA".
"Lots of 802.11 improvements and code in preparation for WPA and other
auth styles."
This says pretty nothing about actual imple
On Thu, 2007-10-18 at 02:04 -0700, Predrag Punosevac wrote:
> I was wondering if somebody can direct me to some reading material about
> using WAP/WAP2 wireless networks under OpenBSD.
WPA. WAP is a different thing.
> I read carefully FAQ as well as man pages for ifconfig and it seems to
> me
On Tue, 2007-10-09 at 16:29 -0700, Ted Unangst wrote:
> On 10/9/07, Sean Darby <[EMAIL PROTECTED]> wrote:
> > Does OpenBSD = UNIX? Or, does OpenBSD = Unix? (or unix or unix-like or
> > etc.)?
> does it matter?
It does! UNIX *is* case sensitive! ;)
ciao
Luca
On Tue, 2007-10-09 at 22:04 +0100, Sevan / Venture37 wrote:
> CD's turned up via UPS today here in the UK.
Is there a tracking number? I have not received the CDs yet (Italy).
ciao
Luca
On Wed, 2007-09-26 at 16:01 +0100, Craig Skinner wrote:
> The defaults work very well:
> See: http://www.ualberta.ca/~beck/nycbug06/spamd/mgp1.html
> Hear: http://www.fetissov.org/public/nycbsdcon06/2.4.mp3
Maybe this also has to do with amount and type of traffic you get.
Small shops are prob
On Wed, 2007-09-26 at 17:38 +0300, Liviu Daia wrote:
> That's up to you. The minimum should be large enough to keep away
> "naive" bots, as it does now. The maximum should be as large as you
> can afford without being too anti-social. :) Some crap will still pass
> through anyway.
Sometimes
On Wed, 2007-09-26 at 17:02 +0300, Liviu Daia wrote:
> > Another delivery attempt would be needed after this time to pass
> > spamd.
> Moral: randomize the greylisting time...
Between which min/max valuse? Keep in mind that this corresponds to the
(minimum) delay introduced in delivering a goo
On Wed, 2007-09-26 at 10:54 +1200, Josh wrote:
> So any suggestions on how to have a rdr rule in pf.conf take over when
> this happens?
Why? If hoststated crashes, then it's a bug. If it doesn't crash, what
are you trying to achieve?
ciao
Luca
On Wed, 2007-09-26 at 00:01 +1200, Josh wrote:
> What happens if hoststated crashes? Does its latest table entry's and
> rdr rules still remain?
Maybe you can try a kill -9 and see what happens.
ciao
Luca
On Sat, 2007-09-22 at 22:50 +, [EMAIL PROTECTED] wrote:
> i have a feeling that the funds currently available for your virtualisation
> project would improve the quality and delivery of these requirements.
If I had such project and funds I'd certainly contribute. In the
meantime I have assigne
On Sat, 2007-09-22 at 00:34 +0200, Claudio Jeker wrote:
> > We are talking about OpenBSD here, and support for VRF is not there.
> That may change faster then you expect
These are great news. If the implementation will allow to assign
interfaces to different VRFs it would solve the virtual router/
On Fri, 2007-09-21 at 14:29 -0500, bofh wrote:
> That's why god created competant network admins and NAT.
You are not always in control of all things. Powerful technology is
about choice, not about one absolute right way. BTW, NAT sucks.
ciao
Luca
On Fri, 2007-09-21 at 20:51 +0100, Stuart Henderson wrote:
> On 2007/09/21 14:29, bofh wrote:
> > That's why god created competant network admins and NAT.
> And VRF.
We are talking about OpenBSD here, and support for VRF is not there.
ciao
Luca
On Fri, 2007-09-21 at 10:52 -0400, Douglas A. Tutty wrote:
> I don't understand the logic of having multiple firewalls on one box.
> If one box can handle the throughput requirements of all the NICs, why
> not just one big firewall?
Overlapping IP address space.
ciao
Luca
Hello,
I've setup hoststated for load balancing of some services, and it works
well. If I'm not missing something hoststated actually works just for
TCP. Is there any plan to implement UDP support?
ciao
Luca
On Mon, 2007-05-21 at 14:01 +0200, Alberich de megres wrote:
> But i got a question: carp0 for example, uses em0 to listen my shared IP,
> and sends advsken on this nic ( em0 ). The same thing with internal lan carp
> device. But i don't want carp advske to travel in all net. I got a third
> NICs u
On Sat, 2007-05-19 at 21:56 +0200, Almir Karic wrote:
> anyone managed to get obsd to run as xen guest OS? care to share how?
You can install OpenBSD under XEN as an HVM guest. Performance will not be
particularly high and there are some quirks with console output.
> the only document i found is
On Wed, 2007-05-16 at 10:43 -0300, Rivanor P. Soares wrote:
> I have been digging for it on the internet, to OpenBSD, but was not
> able to find anything "worth".
Just install snmpd from packages or ports and then monitor the host with
your favorite monitoring tool. I'm using Cacti successfully.
On Mon, 2007-05-07 at 14:42 +0200, Michael wrote:
> I got a sparc64 (Sun Ultra 5) running here which I upgraded from
> 4.0-stable to 4.1-stable. Just recompiled the kernel without any problems.
I've got an Ultra 5 too. I'll retry a fresh source checkout from CVS.
thanks
Luca
On Wed, 2007-05-02 at 14:11 -0400, Josh Grosse wrote:
> Just a wild guess, but did you forget to include comp41.tgz in your
> install/upgrade?
No. I've just reextracted it just to be sure, but I still get the same
error.
ciao
Luca
I've checked out the source for 4.1-stable and started building the
kernel. At make depend I get:
mkdir -p /usr/src/sys/arch/sparc64/compile/GENERIC/lib/kern
depending the kern library objects
depending the compat library objects
sh /usr/src/sys/arch/sparc64/compile/GENERIC/../../../../kern/gena
Stuart Henderson wrote:
It may be a hack, but 'virtual routing' is becoming more common as
people need to connect networks on the same address range (e.g. with
company mergers, or VPNs involving multiple organisations, where it
would be "challenging" to renumber everything). Google: vrf nat.
In
On Fri, 2007-04-13 at 12:04 +0200, Rafael Sadowski wrote:
> Have you a digital camera? Can you make photos of the box/cds?
OpenBSD release fetish :D
ciao
Luca
On Sun, 2007-03-25 at 14:26 -0700, Darrin Chandler wrote:
> Have you measured the time from ntpd startup until it logs `clock is now
> synced' in the log? On the same machine, I see anywhere from 10 minutes
> to about 1 hour. In normal cases, machines acting as time servers are
> always on. If it t
On Fri, 2007-03-23 at 15:14 -0600, Shane Harbour wrote:
> Look at the "-S" option and see if that's what you want.
I think you mean "-s". Yes I use it but still the clients report they
won't sync because of the server not being synced.
ciao
Luca
Hello,
I've set up OpenNTPD 3.9p1 on Linux with a couple of servers to sync to
and listen on to sync my machines to OpenNTPD. Clients (some openntpds,
some ntpds, some Cisco routers) refuse to sync to my server. OpenNTPD on
a client reports my OpenNTPD server is not synced.
This is not documented
On Fri, 2007-03-09 at 00:17 +0100, Wijnand Wiersma wrote:
> > HVM is not good for non-Windows guests. Without accelerated guest
> > drivers disk and network I/O is very limited. Xen Enterprise ships with
> > optimized guest drivers for Windows.
> Then it is a useless feature in my opinion.
This is
On Wed, 2007-03-07 at 17:40 +0100, Christoph Peus wrote:
> BTW: Though XenEnterprise is a commercial product, there's a free
> version with limited features available too.
HVM is not good for non-Windows guests. Without accelerated guest
drivers disk and network I/O is very limited. Xen Enterpris
On Wed, 2007-01-24 at 10:47 -0600, L. V. Lammert wrote:
> Much better to want on the Xen implementation, which in the works.
> Possibly at the Hackthon?
Apart from the mercurial repository there is little information on the
status of the XEN effort. There's this bsdtalk interview
http://ropersonl
On Mon, 2007-02-12 at 21:07 -0200, Paulo Roberto Candido dos Santos
wrote:
> CARP can do that? If not, is there any other robust open source product
> that can do the job?
I think for outgoing traffic PF could balance between the three links
(see route-to in the docs), but for incoming traffic loa
On Wed, 2007-01-24 at 05:51 -0800, Lawrence Horvath wrote:
> classify them as spam of if i should just delete them, i was concerned
If they use bayesian filters for classification only the message body
should be passed to the filter. Blacklisting (if done by gmail
automatically when you report spa
On Wed, 2007-01-24 at 17:46 +0800, Lars Hansson wrote:
> What does that even mean? What is non-standard?
I think the article refers to the fact that OpenBGPd is integrated with
OpenBSD specific features like PF/CARP.
ciao
Luca
On Tue, 2007-01-02 at 20:03 -0700, Jack J. Woehr wrote:
> postings and headhunter poop of course ... Why should we chase away
> employers
> looking for experts in our slightly arcane and recondite OBSD environment?
What about a jobs@ mailing-list?
ciao
Luca
On Tue, 2007-01-02 at 16:50 -0700, Christopher Snell wrote:
> And who appointed you list manager? My post was permitted based on my
> reading of the rules in http://www.openbsd.org/mail.html.
Quoting from the page you cite:
>Stay on topic
>Please keep the subject of the post relevant to users of
Hello,
while reading the mailing list I noticed these opposite statements about
realistic pps throughput reachable with OpenBSD. I'm quite interested in
the topic, and would like to have an idea of the order of magnitude we
are talking about. I should also say that the second post doesn't sound
pa
On Thu, 2006-11-30 at 17:33 -0600, Miguel wrote:
> Hi, how can i check the servers' health and delete a server from the
> pool when it loses connection with the load balancer, is such thing
> posible?
http://slbd.sourceforge.net does this with pf.
ciao
Luca
On Mon, 2006-11-13 at 14:04 +1100, Craig Barraclough wrote:
> Last time I had a look, the platform was essentially a PII, with fxp
> NICs and a PCI (or was it ISA?) flash card for the OS.
PIX 525 has an Intel PIII 600Mhz CPU with fxp NICs.
It uses Intel fxp boards but I have been told the NICs h
Hello,
Is there a native way to configure interface groups in hostname.if
instead of doing manually
ifconfig if ... group mygroup
or calling ifconfig from the hostname.if file like this
...
!ifconfig if group mygroup
?
This is not documented in hostname.if(5).
thanks
On Thu, 2006-10-26 at 09:16 -0400, ICMan wrote:
> I admit that I am not the most up to date on the release process, but
> why is 4.0 not out on the FTP server yet if people are receiving it in
It is not uploaded on the FTP until Nov, 1st, which is the official
release date.
> their homes on CD
On Wed, 2006-09-27 at 21:05 -0400, Daniel Ouellet wrote:
> Just in case you haven't seen it yet.
>
> http://www.undeadly.org/cgi?action=article&sid=20060927091645
Hello,
a comment to the article mentions that x86 is not a good arch for high
pps firewalls because it has limits in interrupts per
On Thu, 2006-09-14 at 15:12 +0400, Igor Zinovik wrote:
> I have old box which runs OpenBSD 3.6 and i want to upgrade it to last
> release.
> So my question is can go directly to OPENBSD_3_9 or i have to go through all
> further versions (3.6->3.7->3.8->3.9)? I'm worry about that further versions
On Tue, 2006-07-04 at 12:56 +0200, Luca Corti wrote:
Sorry, forgot to google a bit before posting. This is a known issue.
Here is the solution.
http://www.benzedrine.cx/pf/msg04544.html
thanks
Hello,
I've two i386 boxes running 3.9-stable acting as redundant firewalls
with PF + CARP/pfsync behind a Cisco router.
xDSL
|
|
cisco
|
|
-
| |
FW1 FW2
| |
-
|
DMZ
Public IP addresses used below are faked.
The router:
#sh ip int brief
Interface
74 matches
Mail list logo
