hi,
case in point: openvpn passing username/password in the environment to
openvpn_bsdauth.
so there's actually a bit of a sensitive data in env that current
wisdom rightly tends to want to junk as soon as possible.
getenv(3) states, "If getenv() is successful, the string returned
should be c
ok, so i'm not *entirely* sure it's with pppoe(4), but as far as i can
put bits and pieces together, it's always happening after "ifconfig
pppoe0 down; ifconfig pppoe0 destroy" and then either "sh
/etc/netstart pppoe0" or (the second case) starting ppp(8).
box has 4 interfaces, one of them (vr0
On Thu, 13 Jul 2006, Chris Kuethe wrote:
> Secret Sharing schemes.
> http://freshmeat.net/projects/sharesecret/
> http://freshmeat.net/projects/shsecret/
also http://freshmeat.net/projects//
--
[-]
mkdir /nonexistent
hello,
i was setting up my wrap.1e board when the following happened. this is
not the first actual installation of 3.8 on this very hardware, but i
never got around to actually start configuring the box (i was playing
with the etherboot upgrade mentioned earlier).
everything is via wrap's seri
On Tue, 20 Dec 2005, Matthew Closson wrote:
matt, all,
[Remote-peer-quick-mode]
EXCHANGE_TYPE= QUICK_MODE
Transforms= QM-ESP-3DES-SHA-SUITE
notice the typo (s/Transforms/Suites/ for correct operation) that only
became obvious after a healthy dose of sleep.
thanks anyway.
On Tue, 20 Dec 2005, J.C. Roberts wrote:
> I hit a panic while doing make build on the Alpha PSW-433. My uneducated
> guess
http://marc.theaimsgroup.com/?t=11082572061&r=1&w=2
--
[-]
mkdir /nonexistent
hello,
dec 18 snap, running on i386
given is an ipsec gateway (i think it's running some older openswan or
some other swan) to which i need to connect, establishing a net-net
tunnel. the parameters needed are "IKE rekeying 1440 minutes (24
hours), IPSEC 3600 seconds (1 hour), both with 3DES/SHA1,
On Fri, 16 Dec 2005, J.C. Roberts wrote:
> Eventually, the boot_osflags in the SRM needs to be set to "a" but the
> default is "A" -The case would make no difference for some OS's but
> OpenBSD probably won't like it. ;-)
fwiw i've been doing fine with `A' for ages.
--
[-]
mkdir /nonexisten
On Fri, 16 Dec 2005, J.C. Roberts wrote:
> (1) When booting the cd38.iso with either bsd or bsd.rd you go into UKC
> rather than directly into the installation. I'm guessing this is normal
> since I'm sure there might be some things that need doing for some of
> the more esoteric alpha hardwa
On Sat, 10 Dec 2005, Adriaan Misc wrote:
> I interpret it that you need a "pass" before the log ;)
that was unfair.
sorry for the noise :(
--
[-]
mkdir /nonexistent
hello,
judging from google and the archives, this does (or used to) give
headaches to people. it does so to me as well.
the situation is pretty ordinary, a road warrior having established a
tunnel with a network behind some other peer's security gateway, needs
to nat its own internal network so t
hi,
diff below removes the `log' keyword from the nat, binat and rdr bnf
descriptions. ok, i can't quite read code as much to actually verify
the validity of this, but i simply couldn't get it to work (it doesn't
seem so hard to insert a `log' between a `nat' and a `pass' in an
otherwise working s
On Fri, 11 Nov 2005, Daniel Hartmeier wrote:
> I'm pretty sure your theory is correct. You can query the list of
> interfaces with pfctl -vsI, which prints '(skip)' on those that are
> currently being skipped.
ah, yes, thank you. i did check, and yes, it's the skip flag that gets
cleared.
>
hi,
i just observed a strange phenomenon, which, if it's intended
behavior, i could not really find it documented anywhere (or failed to
understand the doc, if it is).
in its simplest form, it is as follows.
given is a machine with a de0, part of a simple lan. the following
configuration is load
On Thu, 15 Sep 2005, Miod Vallat wrote:
> This problem is caused by a bug in sys/dev/pci/pciide.c. If you revert
> it to revision 1.201, your kernel will work again on your machine.
confirmed. by the time i woke up, jsg already reverted it in cvs, i
just took that. machine is a happy hippo agai
On Thu, 15 Sep 2005, Martin Reindl wrote:
> > i ultimately wanted to try martin reindl's alpha patch on my pws500au
> > (even if i wouldn't have scored extra anyway), when i realized my
> > alpha was hosed, so i grabbed the sept 10 snapshot, installed it fine,
> > cvs'd src/, compiled a generi
hi,
i ultimately wanted to try martin reindl's alpha patch on my pws500au
(even if i wouldn't have scored extra anyway), when i realized my
alpha was hosed, so i grabbed the sept 10 snapshot, installed it fine,
cvs'd src/, compiled a generic kernel, and upon reboot:
[...]
sd0 at scsibus1 targ 0 l
On Wed, 14 Sep 2005, Spruell, Darren-Perot wrote:
> Incidentally, something I hadn't noticed before was the updates to the IPsec
> control framwork - this looks terribly exciting as well. ;)
actually, now that we are on the subject, i don't really understand
the relation between ipsecadm and ip
On Sun, 11 Sep 2005, Jason Dixon wrote:
> Yes, there is a PIX (eventually to be replaced with OpenBSD/PF), but
> I don't understand how that could interfere. If I remove the
> external system from , I get redirected to spamd as
> expected:
pix interferes in every possible way, but your curre
On Sun, 21 Aug 2005, Rod.. Whitworth wrote:
> I suppose that I'm going to have to try to remember something about the
> [gnt]roff things I had very small experience with back in the '70s
>
> So apart from the mdoc-samples man page are there other
> required/recommended documents for rust-
hi,
i was fooling around with bridging together ural0 and dc0, when out of
bad habit i wanted to assign an ip address to bridge0 (yes, i
understand it's not how it works on probably anything else than linux,
it was my fat fingers), which got me an instant panic.
upon further investigation, it loo
hi,
i have a situation where a branch office with multiple,
non-overlapping, non-aggregatable local networks need to connect to
the head office, via an ipsec tunnel. "of course", the security
gateway is also acting as a gateway to the internet (nat and the usual
collateral stuff), and, as a matter
22 matches
Mail list logo
