Tue, 11 Apr 2017 15:31:57 -0500 "Adam Thompson"
> > > Plus, this year it appears that Peter is co-delivering the seminar
> > > with Massimiliano Stucchi from RIPE, so it will presumably cover
> > > a lot of IPv6 topics as well, which are poorly represented in
> > > existing materials and yet incre
> -Original Message-
> From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On
> Behalf Of bytevolc...@safe-mail.net
> Sent: April 10, 2017 19:31
>
> > Plus, this year it appears that Peter is co-delivering the seminar
> > with Massimiliano Stucchi from RIPE, so it will presumably c
On April 11, 2017 5:54:31 AM GMT+02:00, Ingo Schwarze
wrote:
>bytevolc...@safe-mail.net wrote on Tue, Apr 11, 2017 at 10:30:35AM
>+1000:
>
>> Another issue with the man pages is that there is extremely limited
>> indexing.
>
>That isn't true on OpenBSD. It still is true on most Linux
>distributio
bytevolc...@safe-mail.net wrote on Tue, Apr 11, 2017 at 10:30:35AM +1000:
> Another issue with the man pages is that there is extremely limited
> indexing.
That isn't true on OpenBSD. It still is true on most Linux
distributions, and even on FreeBSD by default, but at least FreeBSD
has an option
> Another issue with the man pages is that there is extremely limited
> indexing.
They are manual pages, not manual books.
You are welcome to spend your time building an entire new subsystem
and proving the value of your work. Go knock yourself out.
On Mon, 10 Apr 2017 17:10:55 -0500
Adam Thompson wrote:
> You've asked almost the same question as "why does anyone need
> tutorials? just read the man pages!" just at the next level up. The
> answer is because the man pages aren't adequate to cover every
> scenario, and not everyone can read
On 8 April 2017 at 07:41, Mihai Popescu wrote:
> I don;t want to offend you folks, but I'm curious and I will ask: is
> this BSDCon so useful? Does it pay the efforts?
>
> If someone has time and knowledge to do a PF tutorial he/she can do it
> and post. Do you need the Con?
>
>
I'm traveling 170
On 2017-04-07 16:41, Mihai Popescu wrote:
I don;t want to offend you folks, but I'm curious and I will ask: is
this BSDCon so useful? Does it pay the efforts?
If someone has time and knowledge to do a PF tutorial he/she can do it
and post. Do you need the Con?
I'm asking this having in my mind
Hi All,
Here's my config I'm using on my apu2 on my home network:
[apu2@apu2.domain.local:~]$ doas cat /etc/pf.conf
doas (apu2@apu2.domain.local) password:
# $OpenBSD: pf.conf,v 1.54 2014/08/23 05:49:42 deraadt Exp $
#
# See pf.conf(5) and /etc/examples/pf.conf
# Macros
ext_if =
On 2017-04-05, Marko Cupać wrote:
> I still haven't found a way to throttle down queues to desired values
> without using fixed min and max values.
I haven't done very well with this either. I've had better luck with
kernels built with higher HZ but haven't been really happy with it (and
what I r
Am 07.04.2017 18:38 schrieb Peter N. M. Hansteen:
On 04/07/17 18:00, I love OpenBSD wrote:
I second to more IPv6 related information.
I am curious about blocking port scanning in IPv6 Web. Does pf let me
put a CIDR into the named table based on offending IPv6 address and
64-bit mask? I mean so
On Fri, 7 Apr 2017 17:39:16 + (UTC)
Stuart Henderson wrote:
> On 2017-04-06,
> wrote:
> > On Wed, 5 Apr 2017 22:44:54 + (UTC)
> > Stuart Henderson wrote:
> >
> >> On 2017-04-05,
> >> wrote:
> >> > I've been using a trick to emulate scheduled rules using IP
> >> > tables.
> >>
I don;t want to offend you folks, but I'm curious and I will ask: is
this BSDCon so useful? Does it pay the efforts?
If someone has time and knowledge to do a PF tutorial he/she can do it
and post. Do you need the Con?
I'm asking this having in my mind Google Summer of (no)Code thread from misc@.
Dear Peter,
May I suggest the following topic of interest:
PF with VLAN interfaces (with LACP trunk interface behind) and CARP of course.
Regards,
M.
Original Message
Subject: Topics for revised PF and networking tutorial
Local Time: April 1, 2017 10:52 AM
UTC Time: April 1
On 2017-04-06, wrote:
> On Wed, 5 Apr 2017 22:44:54 + (UTC)
> Stuart Henderson wrote:
>
>> On 2017-04-05,
>> wrote:
>> > I've been using a trick to emulate scheduled rules using IP
>> > tables.
>>
>> Nice trick. Anchors are also good for this.
>>
>> But don't forget that active connect
On 2017-04-07, I love OpenBSD wrote:
> I second to more IPv6 related information.
> I am curious about blocking port scanning in IPv6 Web. Does pf let me put a
> CIDR into the named table based on offending IPv6 address and 64-bit mask? I
> mean something similar to 'overload ' option.
"overloa
On 04/07/17 18:00, I love OpenBSD wrote:
> I second to more IPv6 related information.
> I am curious about blocking port scanning in IPv6 Web. Does pf let me put a
> CIDR into the named table based on offending IPv6 address and 64-bit mask? I
> mean something similar to 'overload ' option.
Table
+1 Queue Prioritization and ToS ( set prio / set tos combinations ) by
examples will be great
2017-04-07 13:00 GMT-03:00 I love OpenBSD :
> I second to more IPv6 related information.
> I am curious about blocking port scanning in IPv6 Web. Does pf let me put
> a CIDR into the named table based on
I second to more IPv6 related information.
I am curious about blocking port scanning in IPv6 Web. Does pf let me put a
CIDR into the named table based on offending IPv6 address and 64-bit mask? I
mean something similar to 'overload ' option.
On 04/07/17 13:36, Markus Rosjat wrote:
> Since not everyone can attend to this Conference will there be a
> recording of this session?
At previous BSDCans, talks have generally been recorded but not
tutorials. So probably not. Slides likely will be available after the
session has concluded.
On
Since not everyone can attend to this Conference will there be a
recording of this session? I use pf not so much on a daily basis but I
would like to get more insight too ;)
And I admit I'm more the visual guy
regards
Markus
Am 07.04.2017 um 06:25 schrieb li...@wrant.com:
Wed, 5 Apr 2017 17
On Fri, 7 Apr 2017 07:25:58 +0300 li...@wrant.com wrote:
> Thank you ALL for the hard work over the years to complement OpenBSD.
Yes.
Wed, 5 Apr 2017 17:46:18 +0200 Marko Cupać
> On Sat, 1 Apr 2017 10:52:20 +0200
> "Peter N. M. Hansteen" wrote:
>
> > Hi,
> >
> > I thought I'd like to give you a heads up that there will be a "PF and
> > networking" tutorial at BSDCan 2017 in Ottawa this June.
> >
> > The session will however not
Without hijacking this thread completely, but touching on some of the
elements discussed above (and I think these are great inclusions for the
tutorial).
We have implemented a variety of queues to manage our internet links and
ikev2 VPNs tunnels to remote offices. We have also done something simi
On Wed, 5 Apr 2017 22:44:54 + (UTC)
Stuart Henderson wrote:
> On 2017-04-05,
> wrote:
> > I've been using a trick to emulate scheduled rules using IP
> > tables.
>
> Nice trick. Anchors are also good for this.
>
> But don't forget that active connections won't be dropped unless you
> al
On 2017-04-05, wrote:
> I've been using a trick to emulate scheduled rules using IP tables.
Nice trick. Anchors are also good for this.
But don't forget that active connections won't be dropped unless you
also flush the relevant states.
I've been using a trick to emulate scheduled rules using IP tables.
It would be nice to have something like this covered.
I have even seen it in the silliest of home router firewalls.
First, create a rule with a table like so:
# Schedule Table
table persist
# Scheduled access to HTTP
pass in o
On Sat, Apr 1, 2017 at 10:52 AM, Peter N. M. Hansteen
wrote:
> Hi,
>
> I thought I'd like to give you a heads up that there will be a "PF and
> networking" tutorial at BSDCan 2017 in Ottawa this June.
>
> The session will however not be the Nth rerun of the old one, we're
> starting from scratch
On Sat, 1 Apr 2017 10:52:20 +0200
"Peter N. M. Hansteen" wrote:
> Hi,
>
> I thought I'd like to give you a heads up that there will be a "PF and
> networking" tutorial at BSDCan 2017 in Ottawa this June.
>
> The session will however not be the Nth rerun of the old one, we're
> starting from scrat
On Sat, Apr 01, 2017 at 10:52:20AM +0200, Peter N. M. Hansteen wrote:
> Hi,
>
> I thought I'd like to give you a heads up that there will be a "PF and
> networking" tutorial at BSDCan 2017 in Ottawa this June.
>
> The session will however not be the Nth rerun of the old one, we're
> starting from
Anycast with ospf and ipv6 could be a fun tutorial...
/S
On 2 Apr 2017 22:27, "Luke Small" wrote:
> It might be a fun idea to share what a really locked down desktop system
> pf.conf would look like like if you are running a chain of DNS services (or
> something that would be good to tightly co
It might be a fun idea to share what a really locked down desktop system
pf.conf would look like like if you are running a chain of DNS services (or
something that would be good to tightly control) like local ntpd, unbound,
and dnscrypt_proxy where you have local traffic locked down as well so that
Hi,
I thought I'd like to give you a heads up that there will be a "PF and
networking" tutorial at BSDCan 2017 in Ottawa this June.
The session will however not be the Nth rerun of the old one, we're
starting from scratch this time, and were looking for input on what to
include.
Do you have ques
33 matches
Mail list logo
