I use openbsd 4.3 i386 with vlans over a bridge and traffic is filtered.
When I add the vlan116 after vlan120 to the bridge, traffic on the vlan120
will be filtered by pf on the vlan116.
In pf.conf I need "pass in on vlan116" for incoming traffic on vlan120.
If I add the vlans in the correct ord
hello,
it works.
on openbsd
trunk device em0
ifconfig vlan 1 vlandev em0 up (for example)
on cisco (2950 or 2960)
interface GigabitEthernet0/1
switchport trunk allowed vlan 1
switchport mode trunk
no cdp enable
spanning-tree portfast trunk
spanning-tree bpdufilter enable
thats all
-
hi list,
i'm looking for a reporting tool that can read the
output of /var/log/flowd or the ascii data of flowd-reader.
has anyone an idea ?
thanks
thomas
hi folks,
if everyone want to see the openbsd debugger,
here a nice tipp or bug :-)
as root
---snip---
mount -o ro /&
mount -o ro /
---snip---
-Thomas
Hi List,
the problem is solved with the following patch for the
flashdisk.sh
---snip---
--- flashdist.shMon Nov 13 04:15:50 2006
+++ flashdist-new.shWed Aug 1 13:37:49 2007
@@ -473,6 +473,24 @@
# Here we setup an 'a' partition that takes up the whole flash media
# and a 'b' partit
Hi List,
i've probleme with flashdist and OpenBSD 4.1. 4.0 works
fine but on 4.1 i've problems with the partiontables.
here my setup procedure
-
# dd if=/dev/zero of=flashimg bs=512 count=250368
250368+0 records in
250368+0 reco
i've now testet this device here:
http://www.ipc2u.de/catalog/E/EL/33640.html
my config:
linuxbox1 <-> new box obsd 3.9 <-> pc obsd 3.9 <-> linuxbox1
between the new box and the pc with obsd 3.9 is a
ethernet crosscable. on both boxes is running a
ipsec tunnel with isakmp with aes encryption an
yes i tried, but it doesn't work, you need an ip adress on sis0
Thomas
On Wed, 2006-09-27 at 22:23 +0200, Johan wrote:
> Hi,
>
> We are trying to put an OpenBSD server (3.9 with all patches) between an
> ADSL modem and a commercial firewall.
> Using transparent bridge and PF, is it possible to
i've ordered this one here and will test it next week ...
http://www.ipc2u.de/catalog/E/EL/33640.html
Thomas
On Tue, 2006-09-19 at 09:34 +0100, Stuart Henderson wrote:
> On 2006/09/19 08:34, Siegbert Marschall wrote:
> > > I thought these look interesting, has anyone tried them already?
> > > ht
bridging doesn't work with wireless lan.
Thomas
On Mon, 3 Jul 2006, Novak, Trevor SCIC wrote:
> I'm trying to setup a wireless bridge with openbsd on a Toshiba laptop. I'm
> using an SMC2532W-B (Prism 2.5) wireless card and a 3Com 3C574-TX. I've
> created a bridgename.bridge0 file and added wi0
i tried 2 usb ralink RT2571F usb with openbsd 3.9 and -current.
ural0 at uhub0 port 1
ural0: ASUS 802.11g WLAN Drive, rev 2.00/0.01, addr 2
ural0: MAC/BBP RT2570 (rev 0x05), RF RT2526, address 00:17:31:2e:ae:34
problem:
this ifconfig works
ifconfig ural0 192.168.2.2 netmask 255.255.255.0 nwid r
with the vpn1411 crypto card i get only
700 - 720 KB/s
CPU 30%
by the way the driver of the crypto card is buggy. i have
a lot of cards here removed in the last year. i got several
hangs. hans-joerg has no time to fix it. this was discussed on
this list very often.
On Wed, 2006-06-28 at 09:08 -
hi list,
i've done several tests and i got bad values :-(
2 soekris net 4801
pc --- net4801 --- net 4801 ---pc
Test Transfer of an 10MB File with SCP from pc to pc
1. test
between the net4801 wlan with ralink
no encryption no isakmp
-> good 2 MByte/s
CPU < 10 %
2. test
same as 1. with isak
it's shure no power-saving problem, because:
i'm using the boxes as router with ral.
with the RT2561 Chip i had this problem only after 500MB
transferred data, with the RT2560 Chip i had this problem
after some MB and 3 seconds. And thats no power-saving
after 3 seconds. i've no problem with a ethe
ok i tried it and it works, ... strange ...
the throughout is a little bit higher, without the
patch it was 2,4 MB/s and with the patch 2,7 MB/s.
(scp) and i've 1500 total interrupts more.
But i think the problem is on another place in the code.
Thomas
On Thu, 2006-06-22 at 17:59 +0100, Stuart H
an additional info:
in the first step i use the ralink RT2561T.
now i tried the ralink RT2560F and i must
press ifconfig sis0 up every 3 seconds and
the throughput is also very bad.
i think it's can also be a problem of the
ralink driver.
-Thomas
hi folks,
my setup
pc1 <-> soekris 4801 <-> so
hi folks,
my setup
pc1 <-> soekris 4801 <-> soekris 4801 <-> pc2
between the soekris boxes wlan with ralink (2561)
default 3.9 setup without isakmp ...
pc1
ifconfig eth0 192.168.20.2 netmask 255.255.255.0 up
route add default gw 192.168.20.1 eth0
box1
sysctl -w net.inet.ip.forwarding=1
ifconf
please try the version from ftp.sernet.de there is also heimdal
for krb support with samba.
Thomas
Am Dienstag, den 06.06.2006, 17:06 +0200 schrieb Thomas Schoeller:
> hi list,
> i try to build the samba ldap port with kerberos support. i have added
> the --with-ads --with-krb5 options to the Mak
Hi list,
hy rules:
pass in quick on $extif ...
pass in quick on $extif ...
pass out quick on $extif ...
an so on about 100 rules
the order of the rules is optimized
the first rules are the rules with the most
traffic
now a want to do accouting with labels
after this rules i place
pass in qu
i found a solution ...
create a label
pass in from 0/0 to label "in $dstaddr"
read an reset the counter with
pfctl -sl -z
thats it
Thomas
On Wed, 2006-05-10 at 13:05 +0200, Thomas Bvrnert wrote:
> Hi @all
>
> i want to use pf for accounting.
>
> pfctl -s Interfaces -i interface -vv
> s
Hi @all
i want to use pf for accounting.
pfctl -s Interfaces -i interface -vv
shows the statistics; fine :-)
but i want reset this statistics every day and
write them to a file. does everyone know how i
can reset the statistics ? pfctl -F info doesn't
clear it.
another way can be using netstat
no, only 11b with atheros. there is no implementation for 11g in
openbsd.
Thomas
On Tue, 2006-02-21 at 22:02 -0500, Melameth, Daniel D. wrote:
> Is ANYONE doing hostap with 802.11g? If so, is it working well? And
> doing WEP? If not, any thoughts on doing this with -current?
>
> Thoughts appr
5212 will not work, i've spend hours on hours
only 5213 will work. I've talked to Reyk ... and it is strange.
Thomas
On Wed, 2006-02-22 at 07:22 +0100, Johan Torin wrote:
> On Wednesday 22 February 2006 03:07, b h wrote:
> > Hi
> >
> > I have a (slightly older, but still snazzy) generic
> > actin
pix isn't so easy as openbsd :-|
rdr from outside:
global (outside) 1 interface
nat (inside) 1 INTERNALPC 255.255.255.255
static (inside,outside) tcp EXTERNALIP smtp INTERNALPC smtp netmask
255.255.255.255
Thomas
On Sat, 2006-02-18 at 13:13 -0500, Rod Dorman wrote:
> On Saturday, February 18, 2
not on openbsd, but i think you need heimdal and not the krb5
Thomas
On Mon, 2006-01-30 at 14:16 -0500, Paolo Supino wrote:
> Hi
>
>I'm trying to compile Samba 3.0.21a on OpenBSD 3.8 with active
> directory enabled and when I run the configure script it fails to find
> libkrb5. Has anyone
yes, see here its only for pf i think
http://www.allard.nu/pfw/
-Thomas
On Fri, 2006-01-27 at 22:46 +0800, [EMAIL PROTECTED] wrote:
> guys do you have any idea if their's another package like webmin for openbsd?
>
> what is your comment also about webmin.. is it safe to use?
>
> thanks guys..
Hi,
in german is a small good bank www.martinbank.de. They have really
no costs per month and per booking. it's the cheapest bank
in german that i know. and they have firewalls with a
very secure operating system. They will also support client
certificates in the next weeks for a much securer inte
Thanks Claudio. Is there also an security issue on MPLS VPN ?
Or is a normal VPN much secure als MPLS VPN ?
Thanks ... its very interesting.
Thomas
> >
>
> Why what?
> Why I'm not intersted in it or why I think MPLS is evil?
>
> MPLS is doing label switching on a hop by hop basis. In larger ne
Am Freitag, den 06.01.2006, 12:33 +0059 schrieb Claudio Jeker:
> On Thu, Jan 05, 2006 at 09:26:23PM -0500, [EMAIL PROTECTED] wrote:
> > Hi,
> > I was wondering if there were any plans to add MPLS/VPN support into
> > OpenBSD? NetBSD had some folks working on the Amaye project
> > (http://www.ayame
On Wed, 2005-12-21 at 23:20 +, Stuart Henderson wrote:
> > now i've a sun netra t1 105 with openbsd 3.8 with the same
> > card and i've problems.
>
> irq swizzling is broken on the t1 on OpenBSD. Cards requiring an irq
> mostly won't work right, it is possible to work around for some cards
> i
hi folks,
i've a sun ultra 5 running openbsd 3.5 with a 5 port levelone
switch ethernet card without any problems.
the card runs also on a intel pc with openbsd 3.8 without
any problems.
now i've a sun netra t1 105 with openbsd 3.8 with the same
card and i've problems.
ifconfig vr0 up
interrupt
Yes, you need only 22 MB :-)
Thomas
On Thu, 2005-12-08 at 09:41 -0200, Gustavo Rios wrote:
> One ore question:
>
> I was thinking going for net4526-30 model. Is 64MB CF enough to run
> openbsd 3.8 for a wireless router?
>
> Thanks in advance.
>
> 2005/12/8, Rick Aliwalas <[EMAIL PROTECTED]>:
>
Hi all
it's fixed.
i'd installed gmake and thats was the problem.
after removing gmake it works.
thanks.
Thomas
On Tue, 6 Dec 2005, Tom Cosgrove wrote:
> >>> "=?ISO-8859-1?Q?Thomas_B=F6rnert?=" 6-Dec-05 08:08 >>>
> >
> > you wrote "due to lack of details"
> >
> > what details do you nee
you wrote "due to lack of details"
what details do you need ?
it's quite simple: i use only the brand new 3.8 cd.
no stuff from the internet.
build a new GENERIC kernel
cd /usr/src/sys/arch/i386/conf
config GENERIC
cd ../compile/GENERIC
make clean && make depend && make
make install
thats it !
i wrote "cd" it mean "compact disc" and there is no
-current on the "cd". i had mixed something.
Thomas
On Mon, 5 Dec 2005, Nick Holland wrote:
> Thomas Bvrnert wrote:
> > Hi List,
> >
> > i've a problem with 3.8
> >
> > systat vm
> >
> > shows this error above and no memory values ...
> >
>
Hi List,
i've a problem with 3.8
systat vm
shows this error above and no memory values ...
BUT:
if i'm using the original kernel from the 3.8 cd
that it works without this error.
BUT:
if i build the 3.8 GENERIC kernel by myself without
any changes pf the GENERIC config, then the error appear
36 matches
Mail list logo
