‐‐‐ Original Message ‐‐‐
On Saturday, October 6, 2018 6:00 PM, Jacqueline Jolicoeur
wrote:
> > Oh right, and the rest of us don't have day-jobs, plus other
>
> commitments outside of working hours ?
>
> That must be hard for you. You feel you want more time in your life.
>
> > If you wan
> Thank you for handling the logistics so I don't have to do that
> on top of everything else I'm doing.
> I am looking forward to receiving your shipment.
Oh right, and the rest of us don't have day-jobs, plus other commitments
outside of working hours ?
>From now on, I'll take a simple stance
I think the point I'm making here is it should be worthwhile to send the kit.
Unifi access points are so cheap, that second-hand ones "lying around" are not
likely to be worth the cost and effort to ship internationally (or even
nationally in the case of some postal systems).
Something like a 1
> That's the nature of a donation: it comes with
> no strings attached for the party receiving.
Evidently you have not heard of restricted funds.
If a donor gives on a restricted funds basis (happens all the time), then its
black and white, either (a) return the funds or (b) abide by the restric
‐‐‐ Original Message ‐‐‐
On Saturday, October 6, 2018 9:21 AM, Marcus MERIGHI
wrote:
> Dear all,
>
> not everyone is reading want.html every day, therefore I wanted to hint
> at: https://www.openbsd.org/want.html
>
> stsp@wifi is asking for gear and we should deliver :-)
>
> "Ubiquity Un
> Can confirm, typing on mine currently. Have to use an external wifi adapter,
> but most everything else works just fine. It's a little on the slow side, but
> it does well enough for daily computing.
Out of interest, did you find a OpenBSD friendly USB-C WIFI adapter or are you
using an adap
‐‐‐ Original Message ‐‐‐
On Friday, September 21, 2018 1:21 PM, Gregory Edigarov
wrote:
> Hello, list.
>
> I need to setup a CA for intranet. I have some (rather not very
> positive) experience with ejbca.
> before I will set it up, I want to take a look at alternatives, and so i
> nee
I've just done a tcpdump. About to look at it myself, but maybe eyes on list
will spot the issue (if any) quicker than my tired eyes.
198.51.100.167 is me (RFC5737 obfuscated)
52.216.65.232 is amazon (I used the IP to rule out any possible DNS issues even
though I've triple checked the DNS is wo
>
> Is there one OpenBSD BGP router or more, and is PF running there too?
> (Basically check with tcpdump on various interfaces along the way that
> the packets you expect to receive from the TLS server/s you're
> connecting to aren't being dropped somewhere - if there are paths
> to/from "the i
> This is a very bad advise you got. Syncookies should only be used in
> exterme situations because the they do lose some of the additional
> information that is part of the SYN packet. "syncookies always" is only
> there for testing but should not be used in production.
>
Thank you Claudio. Me
> I travel frequently. Often outside of the US. I decided when in Mexico
> that I could possibly lose the tiny notepad so I took photos of my
> passwords on it. I did this on a Mexican phone and I have often used
> these photos when I couldn't remember rarely used passwords and my
> notepad wasn't
> This feels like it might be an MTU related problem, especially likely
> if the connection is going via pppoe or a tunnel - you may need "scrub
> (max-mss ##)".
>
> The way Google's TLS server handshake is setup, it fits in pppoe without
> fragmentation, most other sites do not this.
>
> Otherwi
> Check the time and date.
> And enable ntpd if you already haven't.
Time and data are fine.
NTP already runs extensively on this network, so setting it up on OpenBSD
instances was a subconcious nobrainer. ;-)
Hi,
I'm wracking my brains here. I have just replaced
with one based on OpenBSD 6.3 PF. Nothing else has changed on the network, just
the firewall.
Lots of "stuff" that used to work (e.g. various nightly pushes of data to "the
cloud") have suddenly stopped working after the new firewall was
> Webmail isn't worth bothering with at all. Too complicated.
Let me rephrase that for you.
Webmail is easy. Open source webmail is all horrible stuff stuck in the last
century.
To make open source webmail look and behave like the is the complicated bit.
On Wednesday, 12 September 2018 20:49, Stuart Henderson
wrote:
> On 2018-09-11, Tim Jones b631093f-779b-4d67-9ffe-5f6d5b1d3...@protonmail.ch
> wrote:
>
> > I've had a quick look through the man pages and am still a bit unclear,
> > perhaps I'm just overthinkin
> sounds like a nexthop validation issue. What does`bgpctl show nexthop` gives
> you? Do you have a route to them?
It gives this :
Flags: * = nexthop valid
Nexthop Route Prio Gateway Iface
10.250.250.250
But surely I have a route if I can ping ? (As part of
I'm probably missing something silly, here's what I've got so far:
1/ Working VPN, I can ping between the BGP loopbacks on both sides
ping -S 192.168.1.1 10.250.250.250
ping -S 10.250.250.250 192.168.1.1
2/ The BGP sessions come up
3/ "bgpctl sho ri" shows all routes. But none of them have any
I've had a quick look through the man pages and am still a bit unclear, perhaps
I'm just overthinking this ?
Let's say I've got two perimeter "firewalls" running OpenBSD, talking BGP to
upstream routers.
On the "LAN" side I'm thinking about CARP, which is active/passive, and the
devices on "LA
Hi,
Thinking it might be something with my earlier config, I created a simple
one-liner:
ikev2 esp from 172.16.1.2 to 172.16.1.3
However iked does not appear to be sending out any packets ? Which I thought
would be the case in its default active mode ? It seems to just load the
config and t
> Note that this isn't commenting a line, this is commenting all lines
> that come after it. The parser joins the line first and removes
> comments afterwards, so the config above becomes
>
> ... group curve22519 #childsa enc aes-128 auth hmac-sha2-256 srcid ...
>
> and then everything after the #
Unless I misunderstand the 6.3 docs, the following should be valid :
childsa auth enc chacha20-poly1305 group curve25519
But i get an error "not a valid authentication mode". If I comment out that
line, my configuration validates OK.
The same happens if I copy/paste one of the examples from the
> I think you are mixing up 6.3 code with docs for -current, this was
> changed mid-June:
> https://marc.info/?l=openbsd-cvs&m=152888243922828&w=2
>
> There have been big changes in bgpd since 6.3, there are now methods
> to give a simpler/clearer configuration, and some big improvements in
> per
> "announce all" is probably missing here, since the default in 6.3 was
> "announce self" and so transit routes would be filtered.
>
Fabulous ! Thanks for that.
I was somewhere along the right lines, but I was confused with talk in the docs
of "announce all" being no-op which I took to mean "
Hi,
I'm working with something in a lab environment at the moment, testing out
OpenBGPD to see if it can replace "something else" on an internal network.
I have three OpenBSD instances (A <->B<->C), and whilst B is learning routes
from C, it is not pushing them out to A, no matter how relaxed I
Ken,
Putting all the OpenBSD evangelists to one side, there are two things to say.
First, like me, you might use OpenBSD for many things. And like me, you might
come to the conclusion that using OpenBSD for mail is not one of those
things.Personally I prefer to use a decent Linux stack for my m
the update.
Also, is anyone using BRU Server for backing up non-x64 OpenBSD
platforms such as SPARC or Itanium? Please respond to me directly.
Tim
--
Tim Jones
[EMAIL PROTECTED]
On Jan 17, 2007, at 11:41 PM, Mike Spenard wrote:
Could someone direct me to a howto on setting up Openbsd,sendmail
and spamassassin
to use milter-spamd?
Thank you,
-Mike
Mike -
Check out:
http://erdelynet.com/2005/03/26/openbsd/site-side-spamassassin-for-
openbsd-36/
While this uses
;ll update the build on our end and add a copy of the
libc from 3.5.
Thanks,
Tim
--
Tim Jones [EMAIL PROTECTED]
On 7/11/06, Tim Jones <[EMAIL PROTECTED]> wrote:
We've been providing BRU and BRU Server agents for OpenBSD since
OpenBSD 2.8.
For
olution to compile special versions of the BRU tools
for 3.9?
Tim
--
Tim Jones [EMAIL PROTECTED]
30 matches
Mail list logo
