After some digging, what it _appears_ to me that when "af-to" is used
together with "rtable" like the following:
pass in log on re0 inet6 proto {tcp, udp} \
from (re0:network) to 64:ff9b::/96 \
rtable 1 af-to inet from 127.0.0.1
the origin rtable information is not kept in the pf state,
Hi misc,
I've been trying to do NAT64 across different rdomains, but haven't had
any success so far. My test setup is as follows:
+---+
|client |
| . . . . . . . . . . . |
| fd00::2/112 |
+---+---+
|
Ethernet |
> pass out on egress from trunk:network to any nat-to egress
> pass out on egress
Looks like you (incorrectly) assumed that first matching rule wins?
On 12/20/21 15:05, Ben Raskin -X (braskin - HIGH TECH GENESIS INC at
Cisco) wrote:
Hello, Misc;
I'm attempting to configure a firewall using pf
Sounds like the feature is already there, in a different way.
Enable:
pfctl -aFooBar -f PathToFooBar
Disable:
pfctl -aFooBar -F all
Regards.
On 12/17/21 07:34, Holger Glaess wrote:
hi
is there an possibility to enable / disable anchors with pfctl ?
like
pfctl -aFooBar -T enable
Feat
What I'm trying to solve is that static part of the configuration being
mixed up with configuration generated runtime in a single file, which
leads to a few inconveniences:
- resolv.conf will show up in the diff between backups all the time
even if nothing has really changed;
Oh come on.
I am not sure about what problem you are trying to solve. Won't the
lines added by resolvd be overwritten anyway the first time you use the
backed up file?
What I'm trying to solve is that static part of the configuration being
mixed up with configuration generated runtime in a single file, whi
Hi all,
I was reading the manual page of resolv.conf(5) today and realized that
paragraph on resolv.conf.tail has disappeared since the upgrade to 7.0,
so I assume that resolv.conf.tail has been deprecated in response to
resolvd being enabled by default.
Previously, my backup strategy was to
Check your system time maybe?
On 11/1/21 18:06, rahul deshmukh wrote:
Hi Team,
while installing new packages i am getting below error.
myhost01$ doas pkg_add rust
https://cdn.openbsd.org/pub/OpenBSD/7.0/packages-stable/amd64/: TLS
handshake failure: ocsp verify failed: ocsp response not curren
I believe he meant (11g), or (11a with channel >= 36).
On 10/31/21 10:18, rahul deshmukh wrote:
Hi Stefan,
I was able to connect even though on 11g and channel 36 give me invalid
argument at boot time.
On Sun, 31 Oct, 2021, 7:35 pm rahul deshmukh,
wrote:
If I change mode I am getting as inv
Have you tried replacing u-boot.bin with the one from 6.9 on the
FAT partition of your SD card? Doing that solved the issue for me.
https://marc.info/?l=openbsd-arm&m=163430263914511&w=2
On 10/20/21 10:12 AM, Nenhum_de_Nos wrote:
Hi,
I just upgraded my RPi4B 4G router to 7.0 and, unlike the RP
I'm trying to load OpenBSD on a Raspberry Pi 4 Model B and I'm not
having much luck. I've tried OpenBSD 6.9's miniroot69.img and the
install process does not go past the U-Boot prompt.
I was able to install OpenBSD 6.9 on that hardware. What issue did
you encounter?
Thanks a lot Stuart! Really appreciate your insights.
I've been running some more tests and here are some new results:
1.
Without MAC spoofing and a statically assigned IP address, axe lasted
around twelve days on an AX88772B before throwing the following error:
axe0: watchdog timeout
ax
Sorry, there was a typo: The problem *does disappear* with
`lladdr random` removed .
It seems that with `lladdr random` removed, the problem does not
seem to disappear.
> My first suggestion might be to stay with a single lladdr for a
> while to see if your setup works for more than a day and a half.
Thanks for the suggestion!
It seems that with `lladdr random` removed, the problem does not
seem to disappear.
lladdr random
Why this line?
I was wondering th
Hi all,
Me again on some DHCP-related issues...
So I started using OpenBSD as my home router around two weeks ago,
running openBSD 6.9. It obtains its IP address from the ISP via
DHCP. The setup is pretty simple, just the following two lines in
my hostname.if file:
lladdr random
inet autoconf
Thanks Theo for the answer!
I'm still having difficulty wrapping my head around it.
I have two packets: DHCPREQUEST and DHCPACK
{timestamp} {my_ip}.68 > {ip1}.67: xid:0xfe51c9a3 [|bootp]
{timestamp} {ip2}.67 > {my_ip}.68: xid:0xfe51c9a3 Y:{my_ip} G:{ip1}[|bootp]
I get that tcpdump taps to bpf s
Hi all,
I'm running OpenBSD 6.9 as a home router, and observed some behavior of
pf that I can't really make sense of.
The router runs dhcpleased to obtain its IP address from the ISP, and I
have
the following pf rules (only the relevant ones are shown):
block drop all
pass out on $ext_if inet
17 matches
Mail list logo
