Database backups here at work are enormous. A TB is nothing these days.
On 9/9/06, Peter Fraser <[EMAIL PROTECTED]> wrote:
Multi system backups to disk
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of pedro la peu
Sent: Friday, September 08, 2006 8:50
That's not an easy scenario.
Perhaps the simplest solution would work for you.
You could implement a generic account on the firewall called say
"wifi-user". SSH into the filewall (not using Kerberos or anything)
and log in using the shared password for "wifi-user".
The login shell could point
man pf.conf
Secondly, it's been discussed numerous times on the list that bridges
have their place (I use them in production environments at our data
centre) but you'll find filtering a bridge much more difficult than
filtering a NAT.
On 7/29/06, elaconta.com Webmaster <[EMAIL PROTECTED]> wrote:
On 7/20/06, Rob Baldassano <[EMAIL PROTECTED]> wrote:
Please forgive me if I am wrong but...
This thread should die.
Question is:
Why would you WANT your clients to constantly get new IPs?
it disrupts SSL communication traffic, especially when you are dealing with
external ly available
On 7/20/06, Rahul Sharma <[EMAIL PROTECTED]> wrote:
Hi Peter Phillips,
It is not Mr. Eric Pancer but me (rahulthehacker) who is asking for help on
dhcpd lease.
Wrong:
http://www.sigmasoft.com/~openbsd/archives/html/openbsd-misc/2006-06/msg01371.html
for recompiling dhcpd code i require sendmail
patch.
Can u Plz explain me that.
Warm regards
Rahul
On 7/7/06, Peter Blair <[EMAIL PROTECTED]> wrote:
> First, *don't* download source from the cvsweb website. That source
> is handy for browsing, but you should be getting
First, *don't* download source from the cvsweb website. That source
is handy for browsing, but you should be getting your code from a cvs
repository.
Look at the instructions for a given patch for guidance:
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/001_sendmail.patch
"And then rebui
Perhaps this is an old issue?
http://lists.debian.org/debian-sparc/1997/06/msg0.html
Then again, perhaps not.
On 7/6/06, Peter Philipp <[EMAIL PROTECTED]> wrote:
I just tested running hexdump -x on two different systems. One system is a
macppc and the other and amd64. On the same file th
my have a \26 network, but their IP
is part of a \16 network that has been privately subnetted. So it's
difficult to say "ok, jerk.com has xxx.yyy.zzz.xyz IP, and that
belongs to xxx.yyy\16 network, so I'll block out all 65 thousand
addresses."
On 7/6/06, Peter Blair <[E
Something like:
pass in quick on $ext_if from { $friendly_networks } to any port ssh keep state
block in on $ext_if from any to any port ssh
should work. You can place "$friendly_networks" into a table that
gets loaded from a file if the list is large. And/or update it via
pftcl on the fly.
O
Hello lists! (sorry if cross-list posting is frowned upon)
I'm setting up a BSD/pf machine that will be working as a binat
firewall for a number of hosts on two /28 subnets belonging to the
same co-location provider.
The BSD machine is already live, working hard for one subnet, and I
don't have
<[EMAIL PROTECTED]> wrote:
On Tue, 4 Jul 2006 18:48:28 +0200, Joachim Schipper
<[EMAIL PROTECTED]> wrote:
>On Tue, Jul 04, 2006 at 12:16:45PM -0400, Nick Guenther wrote:
>> On 7/4/06, Peter Blair <[EMAIL PROTECTED]> wrote:
>> >On 6/29/06, J.C. Roberts <[EMAIL
If you have no parts of X installed, then how do you expect to link
against it? If you plan to use your OpenBSD machine as a headless X
client, then you'll need to install the requisite libs.
You'll save yourself a lot of time and headache if you just install the X set.
On 7/4/06, Lawrence Horv
Has anyone tried recently to connect to ftp.hifn.com ? I haven't been
able to connect from multiple locations.
-Pete
On 6/29/06, J.C. Roberts <[EMAIL PROTECTED]> wrote:
Howdy misc@
Though I stayed out of the last public fiasco regarding HiFn here on the
misc@ list, I privately contacted the p
I haven't tried under OpenBSD, but mounting /tmp as a ramdisk could
prove viable.
On 7/4/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Some days ago I read a question related to encrypting a partition.
I just know that swap gets encrypted automaticly.
Wouldn`t it be possible to encrypt also /
SSL certificates for a hostname requires a unique IP address. Are you
trying to do virtual name hosting with https?
On 6/27/06, FTP <[EMAIL PROTECTED]> wrote:
On Mon, Jun 26, 2006 at 08:30:29AM -0700, Scott Francis wrote:
> On 6/26/06, FTP <[EMAIL PROTECTED]> wrote:
> >Hi there,
> >
> >I was tr
s, and contains:
add dc0 add dc1 up
It was running for a good 300 days or so. It was set up and
configured by my predecessor, and I am not completely sure on all of
its configurations.
On 6/26/06, Peter Blair <[EMAIL PROTECTED]> wrote:
> That sorta makes sense if your firewall was work
That sorta makes sense if your firewall was working as a bridge, but I
don't think that you mentioned anything about a bridgename.bridge0.
Was/Is your machine acting as a nat-style firewall? If so, then
you'll have to assign it some IPs.
How long was it running since its last reboot? Were the
And your root password. Please e-mail that to the list.
On 6/26/06, Bryan Irvine <[EMAIL PROTECTED]> wrote:
On 6/26/06, Matt Singerman <[EMAIL PROTECTED]> wrote:
> I'm sorry if I didn't give enough info - what else would you have to know?
At the bare minimum, your pf.conf.
Also desirable are t
Paste the entire contents of /etc/pf.conf
On 6/26/06, Matt Singerman <[EMAIL PROTECTED]> wrote:
I'm sorry if I didn't give enough info - what else would you have to know?
]> wrote:
On Saturday 24 June 2006 18:13, Peter Blair wrote:
> At work we run Nagios across Linux, OpenBSD & FreeBSD machines.
> Compiling it from source is the only way to ensure config file
> compatibility.
Say what? How does the compilation affect the config file? The config fi
On 6/23/06, Spruell, Darren-Perot <[EMAIL PROTECTED]> wrote:
Incidentally, if you haven't used the package(s) for Nagios, do. I had no
problems and I went with a package install. No mysteries.
At work we run Nagios across Linux, OpenBSD & FreeBSD machines.
Compiling it from source is the only w
Obvious, but ensure that /var/www/cgi-bin/nagios is a valid directory
from the perspective of your chroot'd server.
Another caveat is to ensure that the named pipe is accessable to both
the nagios executable, and to the chroot'd cgi's (once they start
working that is). Nagios references the pipe
And here's another for you:
http://www.openbsd.org/faq/pf/pools.html#outgoing
On 6/17/06, S t i n g r a y <[EMAIL PROTECTED]> wrote:
Is it possible to combine 2 external interface into
one in openBsD ?
actually its cheaper for me to buy two smaller
internet connection then a big one.
so i was t
RTFM:
man trunk
On 6/17/06, S t i n g r a y <[EMAIL PROTECTED]> wrote:
Is it possible to combine 2 external interface into
one in openBsD ?
actually its cheaper for me to buy two smaller
internet connection then a big one.
so i was thinking ...
*:$., 88,.$:*(((*$ Stingray *:$., 88,.$:*((*$
Tir
Here's a quick perl script to extract the html:
#!/usr/bin/perl
#
# cvs_dates.pl
while()
{
my($line) = $_;
chomp($line);
if( $line =~ /(\d{4}-\d{2}-\d{2}).{28}(\d{10,20})/ )
{
my($d) = $1;
my($id) = $2;
print $d, " ", $id,
Are you saying that OpenBSD is targetted as a Dom0 OS? I couldn't
tell from the above mentioned links.
On 5/30/06, Dries Schellekens <[EMAIL PROTECTED]> wrote:
Peter Blair wrote:
> That project (if/once completed) would be very useful. I just cringe
> at the thought of run
Gak! The "should" was hedged with quotes because I couldn't verify
how it behaved. Apparently it's just a quick way to access argv[0].
Thanks!
On 30 May 2006 16:29:31 +0200, Artur Grabowski <[EMAIL PROTECTED]> wrote:
"Peter Blair" <[EMAIL PROTECTED]&g
That project (if/once completed) would be very useful. I just cringe
at the thought of running a guestOS of openbsd under linux or Solaris
;)
On 5/30/06, Dries Schellekens <[EMAIL PROTECTED]> wrote:
Anil Madhavapeddy wrote:
> We've put up some Xen-related projects for the Google Summer of
> Co
Be careful -- if you have an application "say /usr/local/whatever/foo"
that is linked from "/usr/local/bin/bar" then when you call
"/usr/local/bin/bar" it will populate "bar" as the argv[0] element.
This may be what you want, but then again, perhaps you want to know
that "foo" is the application b
Don't use iostream.h, as it's old, and only there for backwards
compatibility. If possible, use instead.
On 5/25/06, Toni Mueller <[EMAIL PROTECTED]> wrote:
Hello,
I'd like to compile a small C++ program (part of building the HylaFAX
port). This is the program:
-
#in
Another alternative is to use
http://httpd.apache.org/docs/1.3/mod/mod_proxy.html#proxypass to proxy
your iso directory to another httpd instance running on a private IP,
eg:
setup your webserver with the regular public IP address(es), and
additionally setup a number of private IP addresses.
Sta
I haven't personally tested this, but give it a look:
http://www.whoopis.com/howtos/web-bandwidth-limit.html
Unfortunately it doesn't have the same kind of benefits that altq/pf
provide, but as stated in the previous messages, you'd have to place
your webmail and iso services on different IPs.
Since CEST is +2hours from GMT, then the cvs timestamp looks fine.
On 5/18/06, Darrin Chandler <[EMAIL PROTECTED]> wrote:
On Thu, May 18, 2006 at 04:42:47PM +0200, Didier Wiroth wrote:
> I put a $Id$ in a file and do a commit
> cvs -q -d $MYCVS ci -m "test" index.html
>
> The index.html file $ID
woops -- replied before reading entire message. *ducks*
On 5/18/06, Peter Blair <[EMAIL PROTECTED]> wrote:
What's your timezone?
On 5/18/06, Didier Wiroth <[EMAIL PROTECTED]> wrote:
> Hello,
> (openbsd novice)
>
> I'm experimenting with cvs.
>
> I'
What's your timezone?
On 5/18/06, Didier Wiroth <[EMAIL PROTECTED]> wrote:
Hello,
(openbsd novice)
I'm experimenting with cvs.
I'm running:
a) cvs repository on openbsd 3.9-stable:
repo:~ $ ls -la /etc/localtime && date
lrwxr-xr-x 1 root wheel 37 May 12 17:34 /etc/localtime ->
/usr/share/z
Perhaps this is what it's talking about.
http://www.ralphb.net/IPSubnet/cidr.html
On 5/15/06, S t i n g r a y <[EMAIL PROTECTED]> wrote:
No this book is only about openbsd PF no types of
networks
Does the section of the book talk about frame relay? More context would help.
On 5/15/06, S t i n g r a y <[EMAIL PROTECTED]> wrote:
Well i am learning OpenBSD PF from a book & in the
book when creating sample rules the author refers to
CIR's when defining Macros but in the form of
prv_ad = "p
arpwatch
http://ee.lbl.gov/
And lock down the permitted mac addresses on your switch.
On 5/9/06, S t i n g r a y <[EMAIL PROTECTED]> wrote:
Ok i know PF dont filter using MAC address but can you
point me to package that has the feature of Anti MAC
Spoofing ?
regards
*:$., 88,.$:*(((*$ Stin
man getsomeoneelsetodoit
On 5/8/06, Nick Guenther <[EMAIL PROTECTED]> wrote:
On 5/8/06, S t i n g r a y <[EMAIL PROTECTED]> wrote:
> i have a network script that i want to execute before
> any host on the network connects to my computer.
>
> thanks
man rc
man netstart
Perhaps I'm confused, but it doesn't look (from your diagram) that
your pf machine is acting as a firewall for anything but itself.
If you want to filter traffic to your public machines, then you'll
have to either:
1) Use the pf-machine as a bridge between the "internet" ethernet
segment, and th
http://undeadly.org/cgi?action=article&sid=20060222180512
On 5/5/06, carlopmart <[EMAIL PROTECTED]> wrote:
Hi all,
Somebody knows when ipsec faq will be published on openbsd website?? i
need to deploy two openbsd 3.9 HA firewalls with vpn, dhcp and x509
certificates included? Somebody have so
I forgot to mention in my previous e-mail, that if you were to
implement the scenerio outlined in your e-mail, then the other company
would have to 'trust' that you're setting up your firewall to not
exceed your 100k of bandwidth.
Just setup a single queue that caps at 100k.
On 5/1/06, Chris Bul
ALTQ Should do the trick:
http://www.openbsd.org/faq/pf/queueing.html
On 5/1/06, Chris Bullock <[EMAIL PROTECTED]> wrote:
Can queues be used to queue overall bandwidth? We have a project where we
will be sharing an Internet connection with another company, we will have an
IP and they will have
But perhaps you're confusing ports & packages:
http://www.openbsd.org/faq/faq15.html#PkgMgmt
Packages are pre-compiled. Ports creates packages from source. You
don't need the ports tree to install packages.
-Pete
On 4/28/06, Peter Blair <[EMAIL PROTECTED]> wrote:
ftp:/
ftp://ftp.openbsd.org/pub/OpenBSD/3.7/ports.tar.gz
On 4/28/06, S t i n g r a y <[EMAIL PROTECTED]> wrote:
Well i just installed my First OpenBSD BOX :) feels
good !!! but to install packages i cannot find ports
collection in /usr how can i get them ? i am using 3.7
version.
regards
*:$., 88,.
As an aside: I recently read "The Design and Implementation of 4.2 BSD
Operating System", which focused on the VAX architecture, and was
published sometime in the early 80s. In spite of its age, I found the
concepts clearly stated and on a high level, I believe that reading
the book forwarded my g
Perhaps: http://www.benzedrine.cx/pfstat.html would interest you.
On Thu, Apr 27, 2006 at 07:50:22AM +0700, riwanlky wrote:
> > I just installed a pf on my openBSD box as a firewall. However I need
> > to install MRTG and SNMP so that I can get the network utilization.
> >
> > Any documentation i
48 matches
Mail list logo
