Re: 5.0 kernel won't compile on 4.9 i386 system

r own kernel, as the community so gladly will remind me of. 2012/1/28 David Higgs > On Sat, Jan 28, 2012 at 12:42 PM, Stefan Midjich > wrote: > > Thanks everyone for the info, I clearly didn't read the whole FAQ but > only > > the parts I needed. > > > > The

Re: 5.0 kernel won't compile on 4.9 i386 system

. Alternatively be satisified with a binary install and generic kernel. 2012/1/28 Christer Solskogen > On Sat, Jan 28, 2012 at 5:25 PM, Stefan Midjich wrote: > > So what do I do to get 5.0 compiled? > > > > You upgrade to 5.0 first. > > -- > chs, > -- Hd

5.0 kernel won't compile on 4.9 i386 system

initializer ioconf.c:230: warning: (near initialization for 'cfdata[6]') The last ones continue for many more lines for 68 members of the array before the make process exits. Now this has happened twice, on brand new systems, also I've found other list posts describing the same errors but no solutions applying to my situation. So what do I do to get 5.0 compiled? -- Hdlsningar / Greetings Stefan Midjich [De omnibus dubitandum]

Re: Perplexed by PF rules in NAT

mpare.lb02 The remote source I'm testing from has been censored by the EPA. ;) 2011/10/17 Stefan Midjich : > I had this gateway with NAT working fine until I added another for > load balancing using carp. So now I've been slowly discovering the ins > and outs of carp in PF rule

Perplexed by PF rules in NAT

ow there is actually another issue here that is of lower priority, the fact that I can ping the external IP of the gateway without issue but I can't have my LAN servers ping their gateways, meaning the IP-addresses of carp1 and carp2. In that case I can see packets going in on the physical interface behind carp1, but no reply comes back. Oct 17 07:45:48.710962 rule 16/(match) pass in on vic3: 10.221.181.21 > 10.221.181.10: icmp: echo request (DF) This is strange to me as the rule to allow ICMP on the external interface is nearly identical to the ones to allow on the internal interfaces. -- Med vdnliga hdlsningar / With kind regards Stefan Midjich

Re: Dennis Ritchie

;> >> int main() >> { >> printf("goodbye, dad\n"); >> return 0; >> } > > That was really touching. > > Rest in peace, Dennis Ritchie. > > -- Med vdnliga hdlsningar / With kind regards Stefan Midjich

Re: Help setting up a PF NAT gateway

After all that I was still doing NAT wrong, I thank you Norman! It works perfectly now and it makes much more sense as NAT must be done from the lo0 too out on the external IF. 2011/10/13 Norman Golisz : > Hi Stefan, > > On Wed Oct 12 2011 14:59, Stefan Midjich wrote: >> I must say

Re: Help setting up a PF NAT gateway

I must say that thanks to your help on this list I've finally managed to get it working. I have bought FreeBSD CD sets in the past as a means to donate and I intend to buy 5.0 sets now because I believe strongly in open source software. Well it was also thanks to some pf.conf samples I found onlin

Re: Help setting up a PF NAT gateway

It works now that I started over from scratch, I have a block in all and a pass out all by default and NAT is working. I can see packets on both in and out-interfaces with tcpdump. Of course ICMP response is not being sent back since I have a block in all but at least NAT is working and it is forwa

Re: Help setting up a PF NAT gateway

gt; !route add 65.65.65.65 10.0.1.13 > up > > I hope it helps. > Regards, > Stefan > > From: Stefan Midjich > To: Mark (obsd) > Cc: misc@openbsd.org > Sent: Tuesday, October 11, 2011 2:06 AM > Subject: Re: Help setting up a PF NAT gatewa

Re: Help setting up a PF NAT gateway

connect to anything but themselves and the gateway ip 10.221.181.10. They cannot go further. The gateway can ping them and connect to them just like on a vlan. 2011/10/10 Peter N. M. Hansteen : > Stefan Midjich writes: > >> Not sure what you mean but they're both in switched vlans,

Re: Help setting up a PF NAT gateway

not connect even though there is no block rule now. 2011/10/10 Christiano F. Haesbaert : > On 10 October 2011 15:05, Stefan Midjich wrote: >> That was from the output of pfctl -vf /etc/pf.conf so it expands the >> rules and adds all that is implied, like keep state for example. >

Re: Help setting up a PF NAT gateway

Not sure what you mean but they're both in switched vlans, two different vlans. Point to Point is a crossover cable right? I'm not sure what it means in English. This is all a virtual environment I use for training so there are no cables as such. 2011/10/10 Peter N. M. Hansteen : > S

Re: Help setting up a PF NAT gateway

irst rules for management network and of course the block rule when it was in place. 2011/10/10 James Shupe : > What does `pfctl -sr | grep nat-to` say? > > On 10/10/11 10:38 AM, Stefan Midjich wrote: >> Simplest of things but I'm failing miserably. >> >> $ sudo

Re: Help setting up a PF NAT gateway

0.7 XX:50:87:14 UHLc 00 - 4 vic2 224/4 127.0.0.1 URS00 33160 8 lo0 Please note that I have removed public ip-address and other private details. 2011/10/10 Christiano F. Haesbaert : > On 10 October 2011 12:38, Stefan Midjich wro

Re: Help setting up a PF NAT gateway

uot;? > also you need > pass in on $local_if from $localnet to any > pass out on $ext_if from $localnet to any > > > 10 P>P:QQP1QQ 2011, 19:42 P>Q Stefan Midjich : > > Simplest of things but I'm failing miserably. > > $ sudo cat /etc/hostname.vic2 # Extern

Re: Help setting up a PF NAT gateway

Yes forwarding is enabled. I have followed the Book of PF 2nd Edition so far. 2011/10/10 Mark (obsd) : > Hi Stefan, > > On Mon, Oct 10, 2011 at 10:38 AM, Stefan Midjich wrote: >> >> Simplest of things but I'm failing miserably. >> >> ... >> >> Wi

Help setting up a PF NAT gateway

etwork machines without issues. So please tell me, what am I missing in this nat-to rule? -- Med vdnliga hdlsningar / With kind regards Stefan Midjich

Re: Can I use carp with just one public IP?

e an issue with this setup? 2011/10/9 Johan Ryberg : > 2011/10/9 Stefan Midjich : >> I assume you mean balancing? I wanted to go for balancing ip but >> that's only because I read about it in the carp(4) manual, now I think >> I'll go with just vhid carpdev and pass set

Re: Can I use carp with just one public IP?

d foremost. But maybe you have something to add about that. 2011/10/9 Johan Ryberg : > 2011/10/9 Stefan Midjich : >> Everything I read about CARP, including my Book on PF 2nd edition, >> says you're supposed to have two different ip-addresses set for each >> carp device, for

Can I use carp with just one public IP?

balance on the first hop of a network this means I need to allocate three external static IPs for my system of two OpenBSD gateway hosts. Is there a less wasteful way of doing load balancing with carp using IPv4? -- Med vdnliga hdlsningar / With kind regards Stefan Midjich http://swehack.se