Hi,
i have a proxy server (4.4 amd64 + squid) with foreign ip addresses in
routing table.
example:
# uname -a
OpenBSD proxy.cs.intra 4.4 GENERIC#1021 i386
# netstat -nr -f inet
Routing tables
Internet:
DestinationGatewayFlags Refs Use Mtu Prio Iface
default
2009/2/25 Claudio Jeker :
> man netstat(1) and look what the flags mean.
> UGHD, up, gateway, host, dynamic. This route got created because of an
> ICMP control packet or TCP PMTU and is normaly only valid for a certain
> time.
Thanks, Claudio.
I knew it was "DYNAMIC", i didn't know how it was cr
On Fri, Aug 15, 2014 at 5:53 PM, Josh Grosse wrote:
> On 2014-08-15 10:39, Scott Bonds wrote:
>
>> ...I'm running owncloud and a bunch of other (no doubt less secure)
>> software
>
>
> On June 29, there was a 5.5-stable update to www/owncloud to release 6.0.4
> to fix a security issue.
Chang
On Wed, Mar 26, 2014 at 4:28 AM, Wong Peter wrote:
Hi
> *Routing Table* (route show | more)
> Destination Gateway Flags Interface
> default 175.13.8.127.254 UGS tun0
> 175.130.127.254 175.135.116.213 (PPPOE IP address) UH tun0
should'n be your default gateway your external modem, 192.168.1.254?
On Wed, Mar 26, 2014 at 12:10 PM, Zé Loff wrote:
> Are you forwarding packets between interfaces?
> $ sysctl net.inet.ip.forwarding
modem is responding (to internal LAN, I suppose), so it must enabled,
--
Cris, member of G.U.F.I
Italian FreeBSD User Group
http://www.gufi.org/
Scenario:
int_if with two ip addresses in two differents lans (192.168.20.254,
192.168.21.254).
more aliases in the external interfaces
nat rules: every 10 internals ip use an external address for the nat.
everything works fine, except for the second internal ip address. ip
from 192.168.21.0/24
Scenario:
int_if with two ip addresses in two differents lans (192.168.20.254,
192.168.21.254).
more aliases in the external interfaces
nat rules: every 10 internals ip use an external address for the nat.
everything works fine, except for the second internal ip address. ip
from 192.168.21.0/2
Hi,
i think this is a pf's bug:
short description:
internal interface with two different ip's in two different lans:
192.168.20.254/24
192.168.21.254/24
They're used as gateway from the two lans.
nat rules: every 10 ip's use a different public ip.
everithing works fine for the first lan, with
rted: uid 0 pid 12206 State Creations: 2249 ]
Second LAN:
@26 nat on bnx0 inet from 192.168.21.11 - 192.168.21.20 to any ->
xxx.yyy.zzz.27
[ Evaluations: 20Packets: 0 Bytes: 0
States: 0 ]
[ Inserted: uid 0 pid 12206 State Creations: 0 ]
--
Cristiano Deana - FreeCRI
, 192.168.21.2 and with a table.
Nothing change in nat rules.
--
Cristiano Deana - FreeCRIS
"Ho iniziato a usare FreeBSD perche' m$ usava me. ed e' spiacevole"
On Mon, Jun 29, 2009 at 9:23 AM, M. Feenstra wrote:
Does something like this exist? Or maybe, is there a better way of
dealing with this?
http://ossec.net/
it's EXACTLY what you want.
--
Cris, member of G.U.F.I
Italian FreeBSD User Group
http://www.gufi.org/
On 6/29/09 9:58 AM, Rod Whitworth wrote:
http://ossec.net/
it's EXACTLY what you want.
They don't say they do pf on their webpage.
Yes, it does.
A default installation use a standard "firewall_up" on server side, in
while in the client it use pf, or iptable or whatever O.S. is supporting.
On Nov 15, 2007 7:06 PM, Piet Slaghekke <[EMAIL PROTECTED]> wrote:
> while: Expression Syntax.
are you using ksh shell?
if not:
# ksh
# while read uid; do userdel $uid; done < userlist.txt
--
Cris, member of G.U.F.I
Italian FreeBSD User Group
http://www.gufi.org/
On Nov 21, 2007 10:48 AM, Kafriki <[EMAIL PROTECTED]> wrote:
> ok here is a user with full details: (this is in plain text, hope it's more
> readable)
>
> cat.cat:$2a$07$aYgatzjxAULHQmmZkjmvteGEaO8Ie8geMoUfhl7AAzKi.WeRhuoA6:10006:20::0:0:Pussy
> Cat:/smbhome/student_homedirs/cat.cat:/bin/ksh
Don'
2006/12/19, C. L. Martinez <[EMAIL PROTECTED]>:
> pfctl -vvsr
> verbose, verbose, show, rules. Refer to pfctl(8).
saruman:~# pfctl -wsr
NOT wsr but vvsr (v v s r)
Refer to pfctl(8).
--
Cris, member of G.U.F.I
Italian FreeBSD User Group
http://www.gufi.org/
Hi all,
i can't find any reference about max memory in openbsd, only some
questions about it (from me and others).
i tried with 4.0 i386 and amd64 and it seems i have no luck to see all
my memory (4G).
i also tried the patch who someone post the link but it doesn't work.
so, just two question:
2006/12/23, Clint Pachl <[EMAIL PROTECTED]>:
> i tried with 4.0 i386 and amd64 and it seems i have no luck to see all
> my memory (4G).
From http://www.openbsd.org/plus40.html
"Implemented separate pmap for PAE i386 machines, allows for support for
machines with more than 4G RAM. Not enab
2007/1/30, John Brahy <[EMAIL PROTECTED]>:
I have net.ip.forwarding=1 and my pf.conf is completely empty right
now. From the 10.1.1.100 client, I can't ping the internet from
10.1.11.100, but I can from my firewall. Is there anything special I
have to do to route private networks? Here's the ipv
Hi,
i have a openbsd 4 box with squid-transparent.
it seems like it have poors performance. investigating with `top' i
saw squid using only 90M of ram, why?
How can i use better my box resource? (Xeon CPU with 4GB of ram)
top:
PID USERNAME PRI NICE SIZE RES STATEWAIT TIMECPU COM
2007/4/2, carlopmart <[EMAIL PROTECTED]>:
Somebody have test it this Dell server under OpenBSD 4.0? this server use SAS
or SATA disk with PERC 5/i controller, are they supported under OpenBSD 4.0?
yes. supported with mfi(4) driver, manageable by bioctl(8) utility
--
Cris, member of G.U.F.I
2007/7/2, Alden Pierre <[EMAIL PROTECTED]>:
>> > You probably didn't export PKG_PATH into your environment:
Here is all of my exported variables from my .profile. env | grep
PKG_PATH comes back with the ftp site I have set
in my .profile.
PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin:
2007/7/2, Steve B <[EMAIL PROTECTED]>:
> I'm the one who started this thread. If I can block them for an hour without
> a table that would be even better.. I was using the file to store the IP's
> as they were identified by the rule and had been planning to use the
> expiretable package to start c
2007/10/16, Bibby <[EMAIL PROTECTED]>:
> Where/How can i set the max client number of OpenSSH?
I don't know, but you can do it using pf.
--
Cris, member of G.U.F.I
Italian FreeBSD User Group
http://www.gufi.org/
2006/6/21, Joco Salvatti <[EMAIL PROTECTED]>:
Let's suppose an attacker entered the room where an OpenBSD server is
located in, and by mistake the system administrator has forgotten to
logout the root login session.
http://www.darkwing.com/idled/
So the attacker could enter in single
user mo
2006/7/25, S t i n g r a y <[EMAIL PROTECTED]>:
now my question how does pf inderstand what smtp or www protocole is ?
less /etc/services
how can i include custom protocoles ? like yahoo messenger, 5001 or msn
messenger 1863 ?
using 5001 and 1863
--
Cris, member of G.U.F.I
Italian FreeBSD
2006/8/15, Jacob Yocom-Piatt <[EMAIL PROTECTED]>:
does anyone on list have a nagios plugin that will check the status of isakmpd
on an openbsd machine?
Hi,
I used ike-scan (http://www.nta-monitor.com/tools/ike-scan/) to check
if a vpn is up.
Then a shell script exiting with 0,1 or 2 status if
On Mon, Nov 3, 2008 at 9:26 AM, Siju George <[EMAIL PROTECTED]> wrote:
> I plan to upgrade from 4.3 to 4.4 using bsd.rd.
> I read the upgrade FAQ and came across this variable
> ${RELEASEPATH}
> What does this mean?
It's well commented in the faq:
export RELEASEPATH=/usr/rel # where you put t
From http://www.openbsd.org/faq/faq15.html#PkgFind following URLs:
In the package lists on the OpenBSD website:
http://www.openbsd.org/4.0_packages/";>Packages for OpenBSD 4.0
but: http://www.openbsd.org/4.0_packages/
Not Found
The requested URL /4.0_packages/ was not found on this server.
-
Hi,
i have a system (Dell 1950) with 4.0 release.
At boot time (during starting network) i randomly (maybe once every 3
boot) i got:
bnx1: /usr/src/sys/dev/pci/if_bnx.c(2271): Firmware synchronization
timeout! msg_data = 0x01030007
kernel: type 1061382 trap, code=6871
and system stop.
In attach
2006/11/23, Conrad Winchester <[EMAIL PROTECTED]>:
I do have one question though and I apologize if people always ask this: At
the end of the install I asked whether I want to run sshd and ntpd by
default - very nice BUT why am I not given the option to turn off Sendmail
at this point? I NEVER u
Hi,
i have a system (dell 1950) with 4GB ram. OpenBSD (amd64) only detects:
real mem = 3488907264 (3407136K)
avail mem = 2990874624 (2920776K)
bios detects all 4 GB's.
kernel is GENERIC.MP.
Is it possible to use all available memory?
tnx in advance, Cris.
--
Cris, member of G.U.F.I
Italian Fr
Hi,
i'm new on OpenBSD. I just installed 3.9 (one week ago sources) and i got this:
$ uname -rs
OpenBSD 3.9
$ su
Password:
you are not in group wheel
Sorry
$ whoami
cris
$ id cris
uid=1000(cris) gid=0(wheel) groups=0(wheel)
$ grep cris /etc/passwd
cris:*:1000:0:Cristiano Deana:/home/cris
2006/5/2, [EMAIL PROTECTED] <[EMAIL PROTECTED]>:
> $ id cris
> uid=1000(cris) gid=0(wheel) groups=0(wheel)
Probably would have essentially identical behavior on any BSD/Linux.
No, in FreeBSD if your group is '0' then you (obviously) are in the
'wheel' group
--
Cris, member of G.U.F.I
Itali
2006/5/2, Otto Moerbeek <[EMAIL PROTECTED]>:
See su(1):
It is not sufficient to change a user's /etc/passwd entry to add them
to the ``wheel'' group; they must explicitly be listed in /etc/group.
Yes, i have seen. The 'strange' thing, IMHO is:
# grep ^%wheel /etc/sudoers
%wheel ALL=(ALL)
2006/5/12, S t i n g r a y <[EMAIL PROTECTED]>:
how can i find whats wrong ?
check your dns configuration and try:
UseDNS=no in your sshd_config
arp -na
if it's fast means your dns have some problems
--
Cris, member of G.U.F.I
Italian FreeBSD User Group
http://www.gufi.org/
port ftp
man ftp-proxy
--
Cristiano Deana - FreeCRIS
"Ho iniziato a usare FreeBSD perche' m$ usava me. ed e' spiacevole"
On Mon, Oct 19, 2009 at 6:21 PM, Philippe NICOLAS
wrote:
> Anyway is it possible for smtpd to log the IP of the remote server in the
> maillog as sendmail did it ?
I was asking for the same thing.
It's not useful, it's fundamental for any mail server admin. to know:
who got our mail, when and wi
2010/12/20 lilit-aibolit :
> I have a little problem with "route show" command.
netstat -nr
> after I type this command and press Enter on first machine - all is done:
> But if I do it on second machine, output in console and terminal is
> very-very slow,
try `netstat -nr', could be a dns prob
38 matches
Mail list logo
