> I was wondering if there is a way to collect all of the european AS numbers ?
> I took a look at the RIPE website, and I found nothing close to what I
> want to do.
> whois(1) was not of much help either.
http://iana.org/assignments/as-numbers/
Grep for RIPE.
> The ultimate goal is to have a l
> To have them work the partition can not be mounted nodev, which /var is. I
> shoukd have said it fails if it doesn't work. A simple test was to run
Why not make /var/named its own partition? I.e., one mounted without nodev.
cheers,
Matt
> I use OpenBSD 4.2-current on IBM ThinkPad X60, and face similar issue
> mentioned in PRs' #5239, and #5577 - as soon as I insert a PCMCIA
> card in the slot (mine is Sierra Wireless AirCard 555), the kernel
> panics. This happens if I boot with the card in the slot, or if I
> insert the card in t
> Some but not all. If you buy a Dell 2950 quad and load it up with 8
> Gig. You can spend $500 on an ESX 3i license and run 10 - 15 512 MB
> OpenBSD single processor VMs. The difference here is that you can
> max out the duty cycle on the box where as a single OS running on the
> same Iron won't
> rl0: flags=8843 mtu 1500
>lladdr 00:50:bf:3a:2e:66
>groups: egress
>media: Ethernet autoselect (100baseTX full-duplex)
>status: active
>inet 64.142.102.8 netmask 0xff00 broadcast 64.142.102.255
>inet6 fe80::250:bfff:fe3a:2e66%rl0 prefixlen 64 sc
> > best "simulation" is recording your real-world traffic using tcpdump and
> > then use tcpreplay. but that is tricky too.
>
> Henning has something in saying that most of the tools aren't great,
> in the end all benchmarks are artificial in some measure. Replaying
> traffic is equally artific
> I'm having NAT problems; could someone examine my pf file and make some
> recommendations?
> (Yes, Nat is well documented. I'm not here because of issues with clarity.
> Thanks;
Well, for starters, you have three 'nat' statements that you probably meant
to be 'binat' statements.
> #NAT and Bin
$ fdisk -l
displaying all partitions of a HD
man disklabel.
$ df -h
displaying all partitions with size and use
man df.
Not to be pedantic, but df displays mounted filesystems, not "all
partitions."
cheers,
Matt
Just looking for a recommendation on a good/cheap (but not necessarily
fast) microatx motherboard. Or possibly, one of those via
motherboards, but needs to fit in an atx case.
I _think_ the mini-itx form factor of the VIA EPIA motherboards will fit
in ATX cases, but I've never tried it.
That
Interesting. I hadn't tried using the external VGA output on my laptop.
I'm seeing pretty much what you describe, only I find that if I set the
Boot Display Device in the BIOS to VGA+LCD, then I get external video
output on the monitor. There's output in X, too. Even the Fn-F7
toggling seems
I can't reach that value with a Dell OptiPlex GX280 w/ onboard bge(4)
MP kernel, net.inet.ip.ifq.maxlen=250, 4.0 or -current, doesn't matter.
Collision count increases monotonically. Stops forwarding packets, etc.
Switching to em(4) carries limit to ~25k to ~30k.
consider trying to increase ifq.
Hi,
We've had one of our firewalls crash. I've included ps and trace output
below, along with the dmesg. Thanks! --Matt
kernel: page fault trap, code=0
Stopped at ip_output+0x7e0: testb$0x5,0x34(%eax)
ddb> ps
PID PPIDPGRP UID S FLAGS WAITCOMMAND
> serious question: can one get systems of this class with 'features' like
> ECC memory?
Not 100% sure, but I do not think so. There's no mention of ECC memory
support on VIA's webpages dedicated to the EPIA line. Also, the memory
selector tool on crucial.com lists non-ecc memory only.
--Matt
> 1. How well supported are the C3 boards such as the M1?
My home firewall is running on a PD1. Similar to the M1, except with
two NICs. NICs are supported. I don't think Xorg supports the VIA graphics
chip, but doesn't matter to me.
http://www.logicsupply.com/product_info.php/cPath
but isn't a way to route and translate connections via a existing
static IP address? To have 'internal' IPs acting as static in their
own right? How do ISPs 'create' their own static IPs?
You don't 'create' an IP address; the address is assigned. Basically,
from the IANA to the Regional Inter
> monitoring the congestion counter in pfctl -si helps a lot.
>
> you don't want too long queues tho, that is contraproductive.
What are the consequences of ifq set too large?
--Matt
> > Right now my box is doing ~28,000pps per direction per interface (out
> > public, in public, out internal, in internal), totalling around
> > 112kpps. It doesn't seem to want to go any higher than that. I've just
> > tried moving the internal connection off of the dualport PCI-X card
> > and on
> >what i can't really understand is, why bother making a tool like
> >this, if you are afraid that it is going to be used, or that someone
> >will ssh scan you from taiwan? so let's just block all the non us
> >countries or what?
>
> I'm not afraid that it's going to be used. I _want_ it to be
> Is anyone on the list running an Ultra 5 as firewall? I would like to
> move my firewall from an overpowered P4-3GHz box to a Sun Ultra 5 360MHz.
>
> My main concern is wondering if the Ultra 5 is slow enough to become a
> bottleneck from one interface to another interface. However, I know som
> As far as I know, this only applies to _active_ ftp, about which I am
> not concerned at the moment.
Ah yes... that's what I get for doing e-mail at 6am. :-/
Your problem description seems to imply that you have a block out all and
that you're only allowing selet outbound traffic. In which c
Of course, I do NAT on the pf box, that routes traffic from LAN to the
Internet. The mentioned rdr rule works, so traffic on 21 is redirected
to localhost:8021 ... However, thought the initial control connection
is redirected, the subsequent ones are not. tcpdump output:
pass in on em0: 172.16
According to
http://www.freebsd.org/security/
the current estimated EOL for 4.11 is January 31, 2007
That said, since you think IPF is causing problems, have your tried
disabling IPF and running either ipfilter or PF (or doing the filtering on
a dedicated firewall box)?
--Matt
--On Tuesday
22 matches
Mail list logo
