carp and squid

2016-12-21 Thread Frank White
Hi, does 2 nodes clustered openbsd firewall work with squid ? is there any specific configuration ?

Re: carp and squid

2016-12-21 Thread Jiri B
On Wed, Dec 21, 2016 at 12:41:43PM +0100, Frank White wrote: > Hi, does 2 nodes clustered openbsd firewall work with squid ? > is there any specific configuration ? If squid on each node would have its own cache dir, ie. not sharing data, then pointing your clients to squid hostname linked to CARP

Re: spamd and network whitelisting

2016-12-21 Thread Boudewijn Dijkstra
Op Tue, 20 Dec 2016 12:51:19 +0100 schreef Clint Pachl : Devin Reade wrote on 12/19/16 12:59: With respect to dealing with SPF, the simple solution (permitting an IP if it is on the sending domain's SPF list) doesn't work too well in the general case since it appears many spammers publish SPF r

wsmoused conflicts with xorg on 6.0 Supermicro PDSMI+ fresh install

2016-12-21 Thread Paolo Aglialoro
Hello, on this Supermicro PDSMI+ board (latest bios) it looks like that activating wsmoused (both plain and with -2 flag) disables pointer control under Xorg i.e. mouse works correctly in CLI but not in X. Running "wsmoused -f -d" reports no output, both when moving/clicking in CLI and X. Any cl

Re: Hardware recommendations for compact 1U firewall

2016-12-21 Thread Predrag Punosevac
Hrvoje Popovski wrote: > > On 15.12.2016. 12:30, Stuart Henderson wrote: > > If you want to cut down on weight+noise at the expense of more cost > > and a less powerful cpu, maybe APU2 in a 1U case or something like > > supermicro SYS-5018A-FTN4. > > has anyone dmesg from SYS-5018A-FTN4 box? i'm

Re: Hardware recommendations for compact 1U firewall

2016-12-21 Thread Lyndon Nerenberg
As promissed in one of my earlier e-mails. OpenBSD 6.0 dmesg for SYS-5018A-FTN4 FWIW, we have six of these doing firewall duty (currently running 5.9) and they perform flawlessly. We run them in CARPed pairs, and LACP across redundant switches. --lyndon

Re: Hardware recommendations for compact 1U firewall

2016-12-21 Thread Aaron Mason
Thanks for all of your suggestions, though some may have missed the bit where I said "on a limited budget" :) Torn between a Barracuda web filter or a Portwell CAR 3000. The latter is more expensive but supports 10Gbit, whereas the Barracuda may only have 10/100. Both Core2Duo based, could probab

Announcing learned iBGP route to eBGP peer

2016-12-21 Thread Mattias Lindgren
I have an iBGP learned route that I’m trying to advertise to an eBGP peer in OpenBGPD. I set up announce all, but my neighbor does not see the route. If I do an explicit network statement my peer obviously sees the route, but I want it to advertise the learned route instead. Here is my bgpd.co