Op 25-6-2011 16:26, Martijn P. Rijkeboer schreef:
Hi,
Is www.openbsd.org down or is it just me having problems?
Regards,
Martijn Rijkeboer
I do not see problems.
Grtz,
Erik
Op 3-7-2011 6:32, John Tate schreef:
Well is it possible I give away /4's? Not much in one but I can broker an
unusually fast tunnel for some.
On Sun, Jul 3, 2011 at 4:32 AM, Randal L. Schwartzwrote:
heh! only off by 58 bits. :)
--
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +
Op 24-7-2011 23:35, Tomas Vavrys schreef:
This looks also promising... http://www.genesi-usa.com/products
Are there any plans to support this architecture?
Don't think so: http://www.openbsd.org/pegasos.html says it all.
Erik
Op 3-5-2011 16:51, Dave Anderson schreef:
On Tue, 3 May 2011, Joachim Gwoke wrote:
Ever visit the people at http://www.woodmann.com? They might offer
some more answers.
Alternately you might have a look at the coroners toolkit and its
successors, such as sleuthkit or Autopsy. Maybe these p
Op 6-5-2011 10:23, igor denisov schreef:
Hello there,
I have a question regarding additional RAM "TRUMP D1SC0816D DDR
!GB-333Mhz SO.DIMM" the native RAM is 256MB, when additional RAM
inserted I have lot of panicks and all the time they are different and
occur at different times when PC is ran
Op 8-5-2011 21:16, roberth schreef:
On Sun, 8 May 2011 14:54:21 -0400
Chris Smith wrote:
Is there a good way to avoid this? Is it safe to skip rebooting
between the kernel build and userland build? Or would it work to
manually build and install pfctl before the reboot after the kernel
build? O
rvers, host-name;
supersede domain-name "bla.local domain.local";
prepend domain-name-servers 127.0.0.1;
The use of the prepend command is shown here as well, I am sure you can
figure out why it is there. ;)
BTW your version of OpenBSD is outdated and unsupported.
HTH, erik
Op 16-5-2011 23:18, RLW schreef:
While i was writing email i looked closely at the states table, it
looks like one server which is located in our server room but its
admin is from abroad got hacked. I blocked all traffic - don't worry.
Answer to question number 3 is still important to me, be
/story/09/08/13/0827231/Worlds-First-Formally-Proven-OS-Kernel
Erik
> Now, everyone is telling me I should run Docker and a completely different
> setup.
"devops" are web developers with root, they need stuff like Docker or they
end up breaking everything.
"sysadmin" knows how to handle the bare metal!
> What the fuck?! Why in the world would anyone setup Debia
Hi,
Is a DNS over HTTPS recognizable somehow so that it can be fingerprinted
and redirected or blocked using pf?
I am thinking about the ability of PF to detect when requests are coming from
a windows machine for example.
Kind regards,
Erik
Hello,
According to <http://www.openbsd.org/events.html>, Open Source Day 2015
is in the future but according to the assosciated date it's in the past.
Regards,
Erik Nordstrøm
I'm running into a graphics problem and looking for work-around options.
I understand others have run into this as well.
I'm getting a black screen as inteldrm switches display modes after
upgrading from 6.1 (where this all worked fine) to 6.2. I blew away the
install and rebuilt from scratch with
Okay, that was the problem.
>> I've tried 'config -e' and
>> disabling drm and inteldrm lines but quit and save doesn't seem to
>> have the effect I expected.
> In case it didn't work, if config -ef or config -c (usb keyboard
> didn't work for me with config -c though) at boot time is affective th
With a default block, both in and out, I was wondering what is the best
approach to
whitelist services. To do:
pass in on $internal inet proto tcp to any port $tcp_services
Or:
pass out inet $external proto tcp to any port $tcp_services
I know that with the pass out on the $external then t
Is it recommended to run some kind of intrusion detection on an OpenBSD
router/firewall?
I suspect that any kind of system like Snort or Suricata will give a lot of
false positives?
Kind regards,
Erik
Hi,
I'm slowly beginning to look at IPv6 in preparations for my ISP to roll
out IPv6.
Currently I'm running an IPv4 LAN with physically segmented networks.
I'm using dhcpd with fixed IP addresses based upon MAC, and have these
setup in Unbound as well, as I have many clients and don't want to
rem
Hi,
We're looking into getting GPIO and LEDs working on the "new" PC Engine
APU1. We found FreeBSD drivers[1] and Linux drivers[2], documentation is
indicating it's driven by the AMD A50M FCH south bridge chipset[3]. If
anyone would be interested in hacking on this, we're able to provide
complemen
Nodejitsu recently raised $256k with their Scalenpm campaign. I would
imagine there are enough people out there who care about OpenBSD too
whereby a significant amount of money could be raised.
-Erik
--
Erik K. Mitchell
erik.mitch...@gmail.com
or the
wireless network and was wondering what people would recommend. I'm
hoping to be able to connect the computer in the garage so one with good
signal strength but not a directed one would be the best.
--
Erik WikstrC6m
orse
what the included text discusses. If that was so we would have to assume
that anyone writing a book about the holocaust also approves. Telling a
person about something is not the same thing as telling someone to do it.
--
Erik WikstrC6m
or it is proprietary, in this case it was the former:
"This software may be copied and distributed for educational, research,
and not for profit purposes provided that this copyright and statement
are included in all such copies."
--
Erik WikstrC6m
are both speed and memory considerations.
Having said that you should be aware that most of the tougher security
issues are language independent, even code written in C# and similar
languages can have security issues.
--
Erik WikstrC6m
job, but also about choosing
how to use the tool, just because a hammer is the right tool does not
mean that hammering away is the right way to do things.
--
Erik WikstrC6m
something similar. If this is possible,
will it buy me any additional protection against dataloss, or is it more
likely that my disk crashes all together?
--
Erik WikstrC6m
843 mtu 1500
lladdr 00:1d:7e:00:2a:8f
groups: if_ext egress
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet6 fe80::21d:7eff:fe00:2a8f%axe0 prefixlen 64 scopeid 0x5
inet 90.229.163.177 netmask 0xff00 broadcast 90.229.163.255
bridge0: flags=41 mtu 1500
groups: bridge
pflog0: flags=141 mtu 33208
groups: pflog
--
Erik WikstrC6m
with no success. Obviously I did something wrong, so I'd hope that
someone might be able to explain to me how to set up the network.
I've put copies of all files I thought might be of relevance on the web
at http://www.chalmers.it/~eriwik/obsd/
Thanks for your time
--
Erik Wikstrvm
On 2006-12-14 21:22, Erik Wikstrvm wrote:
I've get an box laying in my basement running OpenBSD 3.7 (probably
should upgrade that some time but I've never taken the time) acting as
gateway for both wired and wireless networks. Everything has been
working flawlessly except one thing;
rt, other than driving my lazy self
100 miles to the data center and yanking 4GB out of it?
Any help, thoughts, and criticism that doesn't involve suicide booths
is appreciated.
-Erik
Ted Unangst wrote:
On Fri, Oct 17, 2008 at 2:21 PM, Erik Carlseen <[EMAIL PROTECTED]> wrote:
Does anyone know if this issue has been resolved? I'm trying to boot and
OpenBSD 4.4 AMD64 CD on an HP BL465c-G1 (dual Opteron 2216HE CPUs, 8GB RAM)
and getting the following during the b
Erik Carlseen wrote:
Ted Unangst wrote:
On Fri, Oct 17, 2008 at 2:21 PM, Erik Carlseen <[EMAIL PROTECTED]>
wrote:
Does anyone know if this issue has been resolved? I'm trying to boot
and
OpenBSD 4.4 AMD64 CD on an HP BL465c-G1 (dual Opteron 2216HE CPUs,
8GB RAM)
and getting th
Erik Carlseen wrote:
Erik Carlseen wrote:
Ted Unangst wrote:
On Fri, Oct 17, 2008 at 2:21 PM, Erik Carlseen <[EMAIL PROTECTED]>
wrote:
Does anyone know if this issue has been resolved? I'm trying to
boot and
OpenBSD 4.4 AMD64 CD on an HP BL465c-G1 (dual Opteron 2216HE CPUs,
8G
either.
So I'm wondering what's the best approach that keeps the rules
fairly generic?
--
Erik Wikstrvm
Gah, should have read more carfully, using (if_ext:network)
works just fine.
--
Erik Wikstrvm
pass out on if_ext proto tcp all modulate state flags S/SA
pass out on if_ext proto { udp, icmp } all keep state
All seems fine, running pfctl -n on it produces nothing, but when
trying to load the rules I get DIOSETSTATUSIF, and no rules are
loaded. What am I doing wrong?
--
Erik Wikstrvm
ugh to the internet, or rather, I
suspect that they could send out their requests but the router didn't
manage to send any data back. Strange though that the echo-replys got
through.
--
Erik Wikstrvm
ch of your internal IPs
the traffic should go.
rdr on $ext_if proto {tcp, udp} from any to $ext_ip port 6881 ->
($int_if:network) port 6881
This, I think, will lead to a kind of loadbalancing.
--
Erik Wikstrvm
port 22 open, unless you are
running on some other port.
--
Erik Wikstrvm
27;s just as good as more
checksums.
--
Erik Wikstrvm
On 2005-07-25 12:16, Erik Wikstrvm wrote:
On 2005-07-25 08:41, [EMAIL PROTECTED] wrote:
And yes: Adding another Checksum wouldn't prevent an Attacker to recrete
these files and replace them. But the chance isn't very high that an
attackler could own 3 or 4 different Servers in
the queues? See the "Assigning
Traffic to a Queue" section in the FAQ.
--
Erik Wikstrvm
l work ?
If your mobo supports booting from the controller that would probably be
the easies way, just create the array and install onto it just as if it
had been a normal drive. Check so that GENERIC supports the card though.
--
Erik Wikstrvm
igh-quality answers to all your questions and
faster than D-Link can give you.
--
Erik Wikstrvm
working using static IP-addresses? When you
have that working switch to DHCP and try to get that working.
--
Erik Wikstrvm
and forward those to the right one.
--
Erik Wikstrvm
Shouldn't that be
pass in on $int_if from any to $int_if:network keep state
pass out on $int_if from $int_if:network to any keep state
--
Erik Wikstrvm
On 2005-08-14 21:41, stan wrote:
On Sun, Aug 14, 2005 at 09:13:07PM +0200, Erik Wikstr?m wrote:
On 2005-08-14 19:17, stan wrote:
>On Sun, Aug 14, 2005 at 12:24:43PM -0400, stan wrote:
>>I've got 2 rules like this:
>>
>>pass out on $int_if from any to any keep state
>
.85.106.133 on port 161. However since you have
the address 71.85.113.111 with netmask 255.255.255.128 on int_if the
package is dropped since it's not on the same subnet as int_if. Simply
put the rules works, but perhaps you have the wrong netmask?
--
Erik Wikstrvm
works just fine without bridging, but this driver
is a lot older.
I've got ath(4) up and running in hostap and DHCP without bridging,
though I'm running 3.7, don't know if anything has happened to the
net80211 subsystem that would change that in 3.8.
--
Erik Wikstrvm
might be dead wrong here but I think that some space is reserved for
root or some such.
--
Erik Wikstrvm
normal or not
any help would be appreciated, thanks
erik
On Thursday 01 September 2005 01:57 pm, you wrote:
> Erik Sabowski wrote:
> >I am trying to use ccdconfig on 2 identical disks to make one big
> > partition. for some reason, the resulting partition is equal in size to
> > one of the disks, instead of being the size of bo
rounced.
>
i thought that leaving 63 sectors free at the start of each disk would be
enough room, but apparently not. when i bumped it up to an offset of 3120
sectors, it worked perfectly.
thanks for all the help guys
erik
nd case it will be harder to create good patches since the
systems the bugs are found in will be very different to the ones the
patches have to be made for.
--
Erik Wikstrvm
rt smtp keep state
My understanding is that this will first block all traffic to the DMZ-
net, and then allow traffic coming from the LAN or Internet to pass to
the server 1.2.3.4 (which should be on the DMZ). Since we use keep state
the traffic will not be blocked by rule 1. Or is it me who
missunderstood things?
--
Erik Wikstrvm
Hello,
I was recently asked to setup a VPN tunnel, where I was told to use a
Local-ID other than my internal net, as that was already in use at the peer.
I saw some discussions on the list regarding this, where a solution was
given along the lines of "set up isakmpd with the requested net, the
that would obviously be
incorrect (your're using port 4500). Side note - this behavior breaks
FreeS/WAN / OpenS/WAN. It's been implied by entries I've seen on various
mailing lists that OpenBSD handles this OK. My reading (well scanning)
of the source gives me the impression that
I'd also be very interested in hearing your results; I have a similar
project in my queue.
Esben Norby wrote:
On Tuesday 03 May 2005 23:47, Stephen Marley wrote:
Can anyone forsee any problems doing this with the current state of ospf
within openbsd? Or gif instead of gre perhaps?
One of the thi
information is in my original message. The problem was
worked around by specifying a key life based on traffic quantity only.
I'd be happy to work with the isakmpd maintainers to help track this down.
Regards,
Erik Carlseen
Log info:
190206.962764 SA 95 sa_validate_xf_attrs: phase 2 mode 0 type
LA8494MT) for around US$479. A very cool
thing about this card is that it works in any 3.3 volt 32- or 64-bit
PCI-X 1.0 or PCI 2.2 bus - generally speaking, if it physically plugs
in, it will autonegotiate the PCI bus and work just fine (of course,
faster bus == more possible throughput).
Somewhat O/T, but the old HP Proliant servers had pretty good Serial
consoles (obsoleted now by iLo / RILO). iLo and RILO simply rock.
Diana Eichert wrote:
On Wed, 11 May 2005, Mark Uemura wrote:
Any other recommendations?
Here's another alternative that you may want to look into.
http://www.com
Here are my $.02, YMMV.
1) Security should always be layered (belt & suspenders / whatever).
2) If the site is large enough to warrant the expense, I don't run
anything on the firewall other than NAT, packet filtering, and IPSec.
3) HTTP Proxies (both ways), smtp proxies, web servers, etc., all go
his is not officially supported), zOS, OS/400, AIX, and
Solaris. Supports POP, IMAP, and Web mail. If you use their client
software, it has automatic and user-transparent failover.
That being said, it'd be fascinated in hearing about any successes you
have with clustered F/OSS solutions.
I was recently sent an AT&T USBConnect Lightning which is an AT&T
branded Sierra Wireless AirCard USB 305 3G wireless modem. I
live in a rural area and this is my primary connection to the
Internet via ppp.
According to the website, the device seems to be using an ICERA
Livanto ICE8040 chipset.
The following patch against -current enables the Samsung Galaxy S
Android device (Samsung Captivate with AT&T) to be be used for USB
tethering.
With or without this patch, the device can still act as a modem and
can be used with PPP. With this patch, the device can be used as an IP
router over US
On Sat, Apr 30, 2011 at 04:08:35PM -0600, Erik Mugele wrote:
> The following patch against -current enables the Samsung Galaxy S
> Android device (Samsung Captivate with AT&T) to be be used for USB
> tethering.
[snip]
> In
On Wed, May 04, 2011 at 01:05:20AM +, Stuart Henderson wrote:
> On 2011-05-03, Markus Bergkvist wrote:
> > On 05/03/11 22:13, Stuart Henderson wrote:
> >> vovka gmail.com> writes:
> >>> On Sat, Apr 30, 2011 at 18:08, Erik Mugele teuton.org> wrote
rt 443 rdr-to
$misp port 443
vlan1 is an inside network, and misp is an internal machine (was
reachable from the outside and needed to be reachable on the inside as
well).
Am I correct?
Regards,
Erik
-BEGIN PGP SIGNATURE-
Version: GnuPG v2
iQIcBAEBCAAGBQJZ
this vulnerability mitigated?
>
> Thanks.
>
Sure. A tunnel over WIFI is the preferred option anyway. WIFI cannot be
assumed to be safe.
Erik
ng it :(
>
> It was an implementation bug.
>
Ah, good to know. But did every manufacturer make the same mistake then?
Erik
Op 19-10-2017 om 14:51 schreef x9p:
> I believe it already got a bit off-topic, sorry if its the case, but will
> try to answer.
>
>>> Could not find DMCA-related info on the pages of company. Being Germany,
>>> I
>>> expect the worst in torrent-related matters.
>> Wouldn´t it be strange to find in
Op 19-10-2017 om 17:28 schreef Michael Hekeler:
>> Not at all. Some hosting companies specific mention it.
> Interesting.
> I didn´t knew..
>
>
>> The company I mention above is also part of EU, I believe.
> Germany (Hetzner) is
> Iceland (1984) is not
>
>
>> quoting myself, the answer is in t
Op 19-10-2017 om 20:27 schreef x9p:
>> But they WILL terminate your contract. Do not host in The Netherlands,
>> but in Switzerland or Iceland. Illegal torrents are forbidden in The
>> Netherlands, and actively chased nowadays.
>>
>>
> This is the tricky part for Netherlands. They will only termina
Op 20-10-2017 om 12:29 schreef Niels Kobschaetzki:
>
> On 17/10/20 08:09, x9p wrote:
>>> Depending on the country the ISP will see then the police coming to
>>> their
>>> datacenter and start to pull servers. And then they can close shop
>>> because
>>> a single customer was an asshole and did ille
cklists from emergingthreats.net. Is already in a format
that Works wonderfully.
http://rules.emergingthreats.net/fwrules/emerging-PF-ALL.rules
Just fetch them through a cron job, include them in pf.conf and reload
pf.conf. And yes, you would have to trust...
Good luck.
Erik
he inside
(always access) to the outside, and when connecting from the outside it
will be over IPv6. The list is IPv4.
Erik
o
> what’s happening?
>
> Thanks,
>
> Oliver.
>
I might be mistaken, but doesn't queueing only work on OUTgoing traffic
since one cannot control the rate at which traffic is delivered to you,
but one can control the rate of traffic going out of an interface?
Erik
Aren't you missing the vlan definition in hostname.vlan211 like:
# cat /etc/hostname.vlan211
inet 172.16.211.3 255.255.255.0 172.16.211.255*vlan 211* vlandev em0
or, like in 6.2:
inet 172.16.211.3 255.255.255.0 172.16.211.255 vnetid 211 parent em0
?
Erik
Op 6-11-2017 om 17:47 schreef
Try ftp.nluug.nl, they seem to have everything starting with 2.0.
Regards,
Erik
On 30-03-2021 08:28, cclai wrote:
Hello,
I'm Hachi,
Our company’s server uses the 3.6 and 3.9 version of the system,
Used for more than ten years,
and there is a need to reinstall at present.
I have trie
they might have something.
Erik
If I pass options to a script or to something similar like this:
some_sql_stuff.sh $username $password $database
The content of the variables can be viewed with top or ps while the
script is running.
If I don't remember completely wrong from the bad old days the text that
was displayed was act
I spent some time trying to toggle the pins in the serial port in
various ways.
The easiest way for me was to install pyserial and to control the pins
in python takes only two or three lines of code.
This is neat if you just want to do some basic stuff.
Jan Klemkow wrote:
Hello,
I want to ge
mountd and and imaps occupies the same port 993.
Are the any good ways of telling openbsd that mountd should not use
that port.
The quick n'dirty solution is to kill mountd in rc.local and start it up
again after the imap mailserver has occupied the port and then start up
mountd again.
An o
I am running 4.3 and the problem arised after upgrading from a previous
version.
Well spotted :-)
Thanks a lot!
Philip Guenther wrote:
On Thu, Jul 2, 2009 at 1:18 AM, Per-Erik Persson wrote:
mountd and and imaps occupies the same port 993.
Are the any good ways of telling openbsd that
I recently got accused by my ISP for disturbing traffic in our residential
network. Obviously my port in the house switch was generating massive
amounts of multicast traffic or atleast replying to incoming traffic.
My firewall was running OpenBSD 4.1 and had the net.inet.ip.mforwarding
set, had tr
On Thu, Jul 9, 2009 at 9:59 PM, Olivier Regnier wrote:
> Hello,
>
> I installed OpenBSD 4.5 on my Samsung NC10. I want to clear the console
> each
> time a user logs out. I modified /etc/gettytab file but i have no result.
> Can
> you give me some information on this topic ?
>
> Thank you in advan
On Sat, Jul 11, 2009 at 2:41 AM, Andres Salazar wrote:
> Hello community,
>
> I have two boxes:
>
> Quad Core Processor with 4GB RAM
> Dual Xeon 3.0 Ghz with 2GB of RAM
>
>
> I have heard contradicting information as far as I can use both the MP and
> the REGULAR kernel (i386 or amd64) and that b
I am a long time user of OpenBSD and about to reinstall my firewall.
In a foreseeable future, I may start using 3G as my Internet connection
(affordable unlimited 3G data in Finland, 384kbps for 9,90e/month).
Now I am wondering, how well does OpenBSD support connection over Bluetooth?
Will any no
On Thu, Jul 16, 2009 at 8:56 AM, Siju George wrote:
> On Wed, Jul 15, 2009 at 8:41 PM, Greg Oster wrote:
> > You cannot rebuild parity in this case because one of your disks has
> > failed (parity re-writing can only happen if all the disks are 'good').
> > If you wish to attempt to rebuild that
I might be flamed for this statement but not being able to run inside a
virtualized environment is not an option in the future.
Most servers you can buy today are to powerful for only taking care of
one task.
It is really handy to be able to "shuffle" around the cpu:s to the
virtual machine that
Hello all,
I am trying to untangle a strange segmentation fault
created by gcc using AMD-K6-2, but not with Pentium-II.
In particular, any hints on particular information bits
needed to pinpoint the error will be appreciated.
First, I have OpenBSD 4.2 running on this machine using
AMD-K6-2/350 on
The solution has been found! The mainboard with the AMD-K6-2
had got into an undocumented multiplier which meant slightly
overclocking the processor. When keeping the 66 MHz clock setting
and producing 333 MHz processor speed instead of 400 MHz, and
where the processor was marked for 350, I ran mem
Hello,
having spent most of the evening to understand why
my kernel build suddenly aborted compilation with
a pointer to a missing call "rt_mpath_next", I found
that the "option SMALL_KERNEL" clashes with
"pseudo-device pf 1", and that this was the sole
cause for my failure. My original reason fo
Hello,
three weeks I set up a Subversion/Apache2 on my private
OpenBSD 4.2 to be publicly available. It was not migrated
from an earlier system. Doing this I hade cause to restart
Apache 1.3 and Apache 2.2 repeatedly until my access control
worked correctly. This disclosed a shortcoming in Apache
I don't have any webpages to throw at you but converters from rs232 to
rs485 exists.
Also plugins cards to soekris that I would assume to be working.
I have a lot of stuff I plan too hook up to OpenBSD, but have not found
a good way to get the data out without writing to much code.
It feels like
This rings a bell to me.
I don't know if it still is true but "a while ago" tftpd was binding to
the networkcard it found first.
Try to run it on a machine that only has one networkcard and see if it
works better.
If you look at older postings you will probably find the exact problem.
Howerver
When the nfs server gets disconnected the filesystem dissapears, I can
live with that. After all networks go down now and then.
But unfortunatley the location where the directory was mounted will be
impossible to list, even after the server is up again.
Trying to unmount ot mount the directory
A while ago I purchased an alix board.
The plan is to hook up some external i2c sensors to it.
I see the i2c-header on the board, but while reviewing the dmesg I
cannot find anything related to i2c.
Has the header no real function or is the driver for the i2c bus not
written yet or do I need t
Earlier on the list there have been discussions on setting up failover
solutions with carp. I think most people agree that carp does a
wonderful job.
However there seems to be problems with nfs servers that needs a little
bit more work.
I can find information about nfsv4 and syncing files with r
A long time ago I used the following setting in syslog.conf
*.crit |mail -s "blablabla" [EMAIL PROTECTED]
But it doesn't seem to work nowdays.
I suspect the chrooting of syslogd might have something to do with it.
Is there some other very obvious way that I have missed to get a hin
1 - 100 of 117 matches
Mail list logo
