More 'color' ;-)
proxmox iso's do, and they also include zfs on root as an option,
but they require gui bits to install from what I can tell.
https://www.proxmox.com/en/downloads
Penned by Carlos Cardenas on 20180823 8:45.44, we have:
| On Thu, Aug 23, 2018 at 12:43:17PM +0200, Martijn van Dure
52 secs, OK, Mon Feb 27 11:02:53.434
and this in ntpctl output:
sensor
wt gd st next poll offset correction
vmmci0
1 1 08s 15s 81357.122ms 0.000ms
suggests to me that the time passed to the guest is used as a timedelta sensor
using the native ntpd, no need
Penned by dikshie on 20131208 19:50.21, we have:
| On Mon, Dec 9, 2013 at 7:00 AM, Claudio Jeker
wrote:
| > Check with tcpdump if the packets go out and to the right place.
| > Maybe try to figure out if they arrive at the destination to figure out
| > where they get lost.
|
| sure, i'll check w
Penned by andy on 20130904 15:21.22, we have:
| Hi, one last question.
|
| I am reading through lots of examples and documentation on OpenBSD and v6
| and most seem to refer to adding the v6 address to /etc/hostname.X as an
| 'alias', e.g.;
| inet 10.0.0.1 255.255.255.0
| inet6 alias fec0:2029:f00
Penned by Andy on 20130829 9:57.29, we have:
| Hi everyone,
|
| I'm hoping someone can help me as I'm not having much luck with adding
| IPv6 to the mix of our already working IPv4 setup.
|
| What should /etc/hostname.carpX look like for an IPv6 setup? Is this
| correct;?
|
| inet 10.0.10.1 2
Penned by Andy on 20130704 9:25.40, we have:
| On Thu 04 Jul 2013 15:22:55 BST, Anders Berggren wrote:
| >>I'd rather not have to create extra tunnels or define VPN policies with
subnets which have prefixes wider than the internal LANs.
| >>That leaves mangling, but I cannot see how I would do th
I'm hoping someone out there knows more than my google searching skills.
I'm looking for a small (phone or slightly larger sized) computer that will
run OpenBSD, has audio and wifi supported, and has a decentish battery life.
I want to couple it with a mifi with verizon to do VoIP and IM and othe
Penned by Patrik Lundin on 20130507 16:02.25, we have:
| On Tue, May 07, 2013 at 09:16:25PM +0200, Stefan Bagdohn wrote:
| > Wasn't this check introduced as mitigation of CVE-2008-2476 five years ago?
| > E.g. http://ftp.openbsd.org/pub/OpenBSD/patches/4.4/common/001_ndp.patch
| >
|
| Maby someth
Penned by Jan Stary on 20121017 10:46.55, we have:
| This is current/i386 on an IBM Thinkpad T40.
|
| It comes with an ipw(4) wifi interface, which works fine. Anyway,
| the ipw(4) seems to be one of the substantial battery eaters. So
| I would like to not use the interface when running on battery
Penned by Claudio Jeker on 20120831 9:27.50, we have:
| On Fri, Aug 31, 2012 at 09:22:06AM +, Stuart Henderson wrote:
| > On 2012-08-31, Remi Locherer wrote:
| > > I rented a server from Hetzner where I installed OpenBSD 5.1. Hetzner also
| > > provides IPv6 but somehow with a strange setup.
Penned by Michael Mercier on 20120812 12:03.16, we have:
| Hello,
|
| I am seeing a behavior in pf that I don't understand.
|
| # uname -mrvp
| 5.0 GENERIC#36 sparc64 SUNW,UltraSPARC-IIIi (rev 2.4) @ 1062 MHz
|
| When I have the following configured:
|
| (not complete configuration)
|
| ext_if
Penned by Matt S on 20110411 16:59.09, we have:
| Okay, I did that but apparently I spoke too soon as a tcpdump reveals packets
| are still being blocked. Here is an example from a tcpdump on the pflog0
| interface:
|
| Apr 11 14:57:43.943764 rule 1/(match) block in on tun0: 172.16.254.2 >
| 1
Have you tried ping6 -n ff02::2%re0 ? Does anyone respond? Try using
the respond(ers) as your IPv6 default gateway.
Link local is best for IPv6 gateways for various reasons, if your upstream
isn't picky (unlike he.net tunnels, for example).
Penned by Moritz Grimm on 20110313 6:43.32, we have:
|
dhclient(8) on OpenBSD only supports IPv4, by design.
wide-dhcpv6 exists in the ports tree, that is the available option
for you if you want to use dhcpv6 and IPv6 today.
Penned by johnw on 20110301 7:50.28, we have:
| I search google, and all howto is assert isp not support ipv6 and use
| tunne
SEE ALSO
resolv.conf(5)
Search for 'family'
I suspect you want:
family inet6 inet4
I run with this myself.
Penned by Michael W. Lucas on 20110127 12:41.05, we have:
| Hi,
|
| My desktop, running the January amd64 snapshot, has a ipv6 tunnel via
| he.net. It seems that my applic
This will be corrected as new snaps go out. Building differently
didn't produce the same result as before, go figgure.
Penned by MERIGHI Marcus on 20110119 5:20.13, we have:
| hello all,
|
| just noticed that the SHA file is missing the checksums for the x*49.tgz
| files.
|
| bye,
|
| marc
Penned by Stuart Henderson on 20100614 12:28.46, we have:
| On 2010-06-14, rh...@hushmail.com wrote:
| > Hello list,
| >
| > I'm looking to explicitly disable IPv6 on interfaces where it is
| > not used. This includes link local addresses.
| >
| > However, this :
| >
| > # cat /etc/hostname.em0
Try s/hmac-sha2-256/hmac-sha1/ until you have updated all your firewalls.
Also try seeing http://www.openbsd.org/faq/current.html#20100110 ..
Penned by Toni Mueller on 20100317 17:55.34, we have:
| Hi,
|
| I've installed the latest snapshot, with kernel bsd.mp#488, on a
| machine that has severa
This might be a better option, no custom kernel..
http://undeadly.org/cgi?action=article&sid=20080724184757
Penned by Andris K?d?r on 20100310 18:59.06, we have:
| Hello,
|
| I try to build an ipv6-only network behind an OpenBSD box and
| I am having problems with faith.
|
| 'ifconfig -C'
You need a tun(4) device per qemu '-net tap' argument, sometimes multiple per
qemu instance, sometimes none per qemu instance..
Thanks,
Penned by Rogier Krieger on 20100202 16:51.31, we have:
| On Tue, Feb 2, 2010 at 15:27, Matthias Pfeifer wrote:
| > [...] Then the second:
|
| > this gives m
egard.
Penned by Denis Doroshenko on 20100108 18:31.28, we have:
| On 1/8/10, Todd T. Fries wrote:
| > You can chroot internal-sftp but not external.
|
| well i chrooted external no prob, just put insude the chroot what ldd
| /usr/libexec/sftp-server and i found out that the only thing, which i
You can chroot internal-sftp but not external.
Penned by Denis Doroshenko on 20100108 16:50.31, we have:
| hi,
|
| is there any benefits of using internal-sftp over
| /usr/libexec/sftp-server (which is being used with default
| sshd_config)? sshd_config(5) says:
|
| For file transfe
Penned by Joakim Aronius on 20091215 8:47.29, we have:
| * Todd T. Fries (t...@fries.net) wrote:
| > Must is there, granted. For IPSec tunnels encapsulating IPv6 inside IPv4,
| > there are tricky problems that were looked at during n2k9 but not solved
| > that prevent the proper icmp
Penned by Bob Beck on 20091214 13:43.50, we have:
| >
| > Current qemu releases (more recent than in the ports tree) do not run on
| > OpenBSD (have not been able to solve this yet *sigh*) so the above person
has
| > Linux running natively and OpenBSD inside a newer qemu. ?Originally it was
| > kv
Penned by Henning Brauer on 20091213 20:57.07, we have:
| * Sam Watkins [2009-12-13 20:45]:
| > I have been playing with qemu and finally found out how to get
| > networking going for OpenBSD and NetBSD guests. If you are
| > interested, please check out my qemu page. It shows my little
| > Eee
Must is there, granted. For IPSec tunnels encapsulating IPv6 inside IPv4,
there are tricky problems that were looked at during n2k9 but not solved
that prevent the proper icmp6 too big message from being sent with the
proper source address to match the VPN config so it might make it back
to the pr
Penned by Henry Sieff on 20091210 12:24.37, we have:
| On Thu, Dec 10, 2009 at 11:44 AM, FRLinux wrote:
| > On Thu, Dec 10, 2009 at 2:03 PM, Tomas Bodzar
wrote:
| >> http://www.openbsd.org/books.html#book3
| >
| > Thanks for that, was unaware of that book. Just ordered my copy now :)
|
| Not su
Penned by Jonas Thambert on 20091210 9:39.33, we have:
| Like a month ago we got a complain from a user that our website
| was unreachable over IPv6. We have 2x Native Ipv6 transits. The user
| had bought IPv6 from an ISP thay uses tunneling to deliver it
| to the organization. After some packet t
Penned by Corey on 20091206 13:52.42, we have:
| I'll don the Nomex here and say that rather than turning IPv6 "off",
| I just block it with pf. I don't know if that is what the OP wants,
| but it is relatively simple to do (as opposed to twiddling things in
| the kernel) and it keeps me from havi
Penned by Ted Unangst on 20091204 16:30.57, we have:
| On Fri, Dec 4, 2009 at 1:34 PM, Todd T. Fries wrote:
| > Unfortunately qemu has aio support.
|
| Does it really need it? I cooked up a basic userland implementation
| using pthreads last night.
They provide compatibility functions #ifn
Penned by Dope Ice Apollyon the Third on 20091204 10:43.03, we have:
| On Fri, Dec 4, 2009 at 10:20 AM, Luis Useche wrote:
| > On Fri, Dec 4, 2009 at 12:07 AM, Ted Unangst wrote:
| >> On Thu, Dec 3, 2009 at 11:47 PM, Dope Ice Apollyon the Third
| >> wrote:
| >>> On Thu, Dec 3, 2009 at 10:57 PM,
Penned by Justin Smith on 20091104 15:45.33, we have:
| Theo wrote:
|
| > For the record, this particular problem was resolved in OpenBSD a
| while back, in 2008.
|
| Nice, but:
|
| "Since 2.6.23, it has been possible to prevent applications from
| mapping low pages (to prevent null pointer dere
Penned by Thomas Schoeller on 20090902 21:50.14, we have:
| hello,
|
| i'm trying to make a ipv4 over ipv6 tunnel, but ifconfig tells me:
|
| ifconfig: error in parsing address string: temporary failure in name
| resolution
|
| when i'm issueing:
|
| ifconfig gif0 tunnel XX:XX:XX:0:0:0:0:1 XX:
Penned by Stuart Henderson on 20090828 8:51.04, we have:
| On 2009-08-28, Ian Chard wrote:
| > On 27/08/09 13:44, Schvberle Daniel wrote:
| >>> Hi,
| >>>
| >>> I'm using OpenBSD 4.5-stable, and I'm trying to configure RADIUS
| >>> authentication. What I want is for the system to try the
| >>> RA
Not sure what unix you're running, over here, uid_t is 32bit.
Penned by Robert on 20090827 20:52.31, we have:
| On Thu, 27 Aug 2009 13:23:18 -0400
| "Morris, Roy" wrote:
|
| > G'day,
| > I searched around but couldn't find a simple answer to this
| > question. I want to host a sftp server and th
Try TERM=xterm-color
Penned by Pieter Verberne on 20090617 22:39.56, we have:
| Hi,
|
| When I run mutt (or tmux/colorls -G/etc) from xterm, I have fancy
| colors=] But when I run:
|
| $ xterm -e mutt
|
| I don't have colors =[ (I'm running dwm and I want xterm to start tmux
| automaticly)
|
|
If you use the kernel mode pppoe, you can ifconfig add them as an
alias to the interface, you might be able to do the same to the tun
interface, see if it works...
You are showing your roots, tun0:0 and tun0:1 are Linux naming
conventions, here in OpenBSD we just add addresses to the device
itself
sane-project.org is in the ports tree for scanning as a backend,
and is the de facto scanning support project for all of unix. You
won't find anything usb related different between any of the unixes
here.
Penned by Joe Gidi on 20090520 17:31.26, we have:
| Christopher Intemann wrote:
|
| > Hi,
|
When dealing with web based submission, the best thing I have found is
to make sure the web based submission adds its own headers like what it
is and where the user came from and such so when diagnosing the problem
one can easily block based on that information. If there is an account
involved, you
I believe you want:
$ sudo route add -inet6 -net -blackhole 2607:f2f8:: -prefixlen 32 ::1
--
Todd Fries .. t...@fries.net
_
| \ 1.636.410.0632 (voice)
| Free Daemon Consulting, LLC \ 1.405
You cannot get internet access on a backup carp interface, period.
I have seen what you see before, and it comes from not starting things
up in proper order manually, i.e. configuring a system, and not
rebooting it after it was configured so that boot time configs get
processed in proper order.
T
To clarify. IPv6 nfs support does exist in the wild, just not for OpenBSD,
yet.
--
Todd Fries .. t...@fries.net
_
| \ 1.636.410.0632 (voice)
| Free Daemon Consulting, LLC \ 1.405.227.9094 (
There are power savings for 802.11 that OpenBSD does not support; this is
entirely independent from saving battery via cpu clocking and it is also
entirely independent from saving battery via adjusting the transmit power
of the radio. The power savings for 802.11 actually put the radio to sleep
fo
The other answer is, ESP provides AH, therefore AH is deprecated.
Unless you really really want to play with AH to verify it works and such
(which the below suggests it does not) ...
--
Todd Fries .. t...@fries.net
_
|
As mentioned in another post to this list recently I use IPv6 to secure
my tunnels when roaming to get pre-allocated IPv6 on my laptop..
Look for 'totd' in the subject and I think you'll see some useful examples.
Thanks,
--
Todd Fries .. t...@fries.net
_
You should try current. I have these very chipsets on a board I have, and
the IDE support works great for PATA drives, haven't plugged in any SATA
drives I will admit, mind showing a dmesg so we can get an idea of how
old a kernel you are running/
It was suggested to me the SIS 190 is such a rare
If you have a package that somewhere down the line has requirements for
libraries only provided by xbase, well, you're going to need xbase. If
you're concerned about security, you can always un-setuid the bin/ dir,
but you really do need xbase for packages that require freetype shared
libs. It's n
Try:
pkg_delete -n /var/db/pkg/*
Look for any lines mentioning failes are missing or files have the wrong
hash. For example, I added a '.' to README.OpenBSD in qemu:
$ pkg_delete -n qemu
/usr/sbin/pkg_delete should be run as root
Pretending to delete qemu-0.9.1p4
Problem: checksu
Penned by Stephan A. Rickauer on 20081216 16:14.32, we have:
| I started playing with ipv6. It feels like back in the early 90's, when
| I had to learn how 'the Internet' works ;)
Yes, I recall sitting in a basement with friends around that time, deciding
with enough parts and computers we would l
tried
bioctl -h softraid0
lately?
--
Todd Fries .. t...@fries.net
_
| \ 1.636.410.0632 (voice)
| Free Daemon Consulting, LLC \ 1.405.227.9094 (voice)
| http://FreeDaemonConsulting.
rlie Allom on 20081205 19:12.56, we have:
| On Fri, Dec 05, 2008 at 12:43:33PM -0600, Todd T. Fries wrote:
| >
| > Theory suggests that PMTUD should handle things such that fragments do not
| > appear, but encapsulation and tunneling via IPSec tend to generate them
| > anyway..
|
|
You've stumbled on a missing feature for v6 support in pf.
Nothing is available at present to solve this correctly.
You could do something that defies reason like 'block in inet' instead of
'block in' but .. the bottom line is, 'pf' only has support for reassembling
IPv4 fragments, not IPv6. An
Ironically, IPv6 cannot solve this scenario either, since by definition
using ipv6 tends to require a tunnel which would naturally fall to the
carped pair which would have the same constraints as the v4 side with
regards to sending to/from the internet, yes?
If you presume native v6, however, cudo
Just out of curiosity, humor me, run qemu as root with the following added
options:
-net nic,vlan=0 -net tap,vlan=0
I've observed that at some point user mode networking has started segv'ed on
amd64 when running any qemu guest, and am sorry to report I have not yet
tracked down the source
I think you might want to check to see if the file exists not just if the
asprintf succeeds..
But yes I do agree this is useful functionality that I've tested quite
thoroughly...
Index: authpf.c
===
RCS file: /cvs/src/usr.sbin/authpf
Did you read the pf suggestions via pppoe(4) ? AT&T tends to use pppoe(4)..
--
Todd Fries .. [EMAIL PROTECTED]
_
| \ 1.636.410.0632 (voice)
| Free Daemon Consulting, LLC \ 1.405.227.9094 (v
Hey guys,
I think I know what J.C. Roberts is looking for, but alas it is hard to find.
I also purchased one of these vga -> svideo cables, and it truly is just
that, some form of converter from vga to s-video with no logic inside.
So, you have to have the perfect sync on the vga side to make th
The mirrors are taking a bit to get caught up. You want to look for snaps
dated June 2, 17:00 or later .. another way to verify the newer ati driver
is included is if mach64_drv.so is in xbase44.tgz.
Thanks,
--
Todd Fries .. [EMAIL PROTECTED]
_
|
the mount command is clearly destined to fail unless you add
another line with network=10.0.1 or you change the mask to
mask=255.255.0.0
--
Todd Fries .. [EMAIL PROTECTED]
_
| \ 1.636.410.0632 (voice)
| F
Henning,
I think you need to realize what you are saying is misleading at best.
The v6 diff permits you to start listening on v6 _only_ if you specify
a Listen directive that contains a v6 address, including but not
limited to, a wildcard v6 address: :: .
The v6 diff changes the misleading *:80
isakmpd does not do the crypto processing of the actual IPSec tunnels, it
only does the ike negotiations.
Presuming you want to use aes-128, `openssl speed aes' shows that a 1ghz
system that is running 'vi' to type this message is capable of (at the
lowest end) 27mbyte per second.
I think you sho
Uh, why do we need to defer to courts and seek legal funds and feed the
sharks er lawyers just to comprehend what the two words "without
modification"?
As I explained to a friend of mine minutes ago ..
adding GPL to BSD is sad to the BSD people (we can't use the GPL code then)
adding GPL an
On Saturday 01 September 2007 07:52:45 David H. Lynch Jr. wrote:
> Theo de Raadt wrote:
> > For the record -- I was right and the Linux developers cannot change
> > the licenses in any of those ways proposed in those diffs, or that
> > conversation (http://lkml.org/lkml/2007/8/28/157).
> >
> > It i
IPv6 is supported with IPsec. Be aware that pf does not do IPv6 fragment
reassembly yet, so there are some cases where tunneling traffic inside
IPv6 IPsec connections has issues until you change the mtu to the remote
gateway to compensate.
I use IPSec over both IPv4 and IPv6 every week.
On Sund
It is as hard as digging into the code and making it work.
Apparently that's either not interesting or not easily doable.
I've heard rumblings toward the latter, but don't let that stop you
from having a look.
On Wednesday 15 August 2007 09:33:31 Edd Barrett wrote:
> Hi,
>
> On 15/08/07, Christi
I'm looking and probably just blind but haven't found any complete systems
using the via c7 esther chipset. Specifically I'm looking for rsa
accelleration.
I suspect I'm not the only one looking and interested.
Thanks,
--
Todd Fries .. [EMAIL PROTECTED]
___
I definately agree with those previously stating that not all php code
supports php5 yet.
phpBB.com states 'running phpBB 2.0.x with PHP5 is not supported'
.. though there is evidence in their changelogs that they are working on
support for php5.
This is definately not the only codebase in the
On Tuesday 20 June 2006 21:00, Clint Pachl wrote:
> Is IP compression/ipcomp flows implemented in ipsecctl(8)? I am trying
> to perform encryption (enc) and compression (ipcomp) between two
> OBSD3.9 hosts.
IPcomp is known broken for at least two years, perhaps longer. Do not use it.
> ipcom
I've been told that this is in the archives, but I couldn't find it, so I
re-invented it and am presenting it here for anyone else who may find
themselves in a similarly frustrating situation.
The problem is that 1and1 hosting choses to have any root servers
setup with `ip subnet zero'. That's a
New X snaps with a 'dlopen X server' diff are heading out to the mirrors
today and tomorrow as they get built.
I have put this into snapshots to get wide testing before Matthieu
commits this diff. When you test, simply verify your X server starts
and operates normally.
When you do this upda
70 matches
Mail list logo
