On Thu, Aug 30, 2012 at 12:05 PM, Simon ALFRED wrote:
> Hi everyone,
>
> I have a firewall at work running OpenBSD 5.1-RELEASE
> I need to make a vpn access for outside clients, they use MacOs 10.6 and
> Windows XP/7.
> I can't add thrid software on theses clients. So i need a VPN Server on th
On Aug 30, 2012, at 22:28, "Simon ALFRED" wrote:
>
> Thank you for this first reply.
> So, the only way is to use OpenBSD-current with npppd, and there's no other
way to do it ?
I can't say there's no other way to do it. PPTP is an option, via PoPToP. I
just found that npppd worked better for me
On Tue, Sep 11, 2012 at 9:06 PM, Sean Kamath wrote:
> I ended up buying direct from PC Engines for my alix 2d13's. Even though I'm
> in the US, it was cheaper than netgate (where I bought a bunch of the exact
> same thing for work). I ended up getting the red metal cases because they
> were che
On Thu, Jun 23, 2011 at 11:57 AM, Brett wrote:
>>Sure. Not to mention it came with source code, which you only got from
>
>> AT&T if you had a source license, and those were*expensive*. I was
>> fortunate enough to work for a company that had exactly that source
>> license during the 1980:s, and I
On Jul 4, 2011, at 12:26, Wesley MOUEDINE ASSABY
wrote:
> Hi,
>
> I have a question :
> Is it possible with OpenBSD to bond 2 adsl connections (download=8Mb/s ;
> upload=1Mb/s) with different ISP?
No. Unless you have your own IP space, and both ISPs are willing to advertise
those for you.
> An
On Wed, Jul 13, 2011 at 1:01 PM, Paolo Aglialoro wrote:
> Watch out for using apple desktop boxes as servers: apple has always put
> "style" in front of reliability and, especially for such "big" boxes when
> run 24/7, airflow and heat can become serious issues when you least expect
> it. Not exac
On Tue, Jul 19, 2011 at 9:57 AM, Amit Kulkarni wrote:
>
> http://openports.se/www/rt
> ?
> written in perl.
As someone who uses this for ticket tracking, let me be the first to
say it's terrible.
2011/7/19 Mikael Vsterdahl :
> Terrible? In what way? I use it in my work and I think it works great.
>
> What ticket software do you think is better?
I don't have one. I think they all suck equally.
On Tue, Jul 19, 2011 at 11:38 AM, Amit Kulkarni wrote:
> Can you elaborate? Where they suck?
RT: written in perl, painful to upgrade (painful enough, that we've
not touched ours in over a year). Ugly interface, but that's the least
of its problems. Without a good way to manage users, access, or
On Tue, Jul 19, 2011 at 1:20 PM, Nico Kadel-Garcia wrote:
> On Tue, Jul 19, 2011 at 12:59 PM, Johan Beisser wrote:
> It takes significant, thoughtful re-organizaton and a saner workflow.
Yes. It's non-trivial to make that happen as a default.
> What would be considere
On Thu, Jul 28, 2011 at 2:00 PM, R0me0 *** wrote:
> Hello misc.
>
> I would like to know if is possible do the following:
>
> clients--OpenBSD_FWExternal_mail_server
>
> when clients send or receive an email, OpenBSD catch this mail and send a
> copy of this to anot
find / -type f -perm -0111 -exec ldd {} 2>/dev/null \; -print | awk
'/libc.so/ {print $7}' | sort | uniq
On Fri, Jul 29, 2011 at 8:50 AM, johnw wrote:
> (23:24:04) john@pdc:[~]$ du -sh /usr/lib/libc.so.*
> 704K /usr/lib/libc.so.34.2
> 704K /usr/lib/libc.so.35.0
[snip]
> 2.4M /usr/lib/libc.so.57.0
On Wed, Sep 7, 2011 at 5:24 PM, roberth wrote:
> don't be sorry, just tell me why, i am just curious.
- Following -stable with security patches matches my existing in house
corporate policy for Linux.
- It reduces variations between configurations of a given machine
function (simple transfer of
"block all"
Permit inbound port 80, but do not permit new outbound connections.
Consider each interface a separate firewall, with separate flows
entirely, then use policy enforcement (see tagging:
http://cvs.openbsd.org/faq/pf/tagging.html) to ensure only properly
tagged packets are passed out fro
I pointed out that Dennis Ritchie did something we all should admire:
Got to watch what he created blossom, and change the world.
Remarkably, for the better.
We should all be so lucky.
On Thu, Oct 13, 2011 at 10:38 AM, Stefan Midjich wrote:
> So many lives touched, so many that don't even know
Check dhclient.conf(5) and read about the supersede statement.
jb
Semt frim my ipHnoe.
On Oct 20, 2011, at 8:35, sophia.ort...@googlemail.com wrote:
> Dear Sirs!
>
> I realy do not want that dhclient touch resolv.conf.
>
> The recomendation in
>
> http://www.openbsd.org/faq/faq6.html#DHC
On Thu, Oct 20, 2011 at 11:11 AM, wrote:
> Johan Beisser wrote:
>
>> Check dhclient.conf(5) and read about the supersede statement.
>
> Thank you very much for your kind answer. Of course I read not
> only dhclient.conf (5), but also a lot of man pages, a lot of
> pos
On Sun, Feb 21, 2010 at 10:15 PM, Siju George wrote:
> Hi,
>
> I get a few of this kind of error during a forced manual fsck at boot.
>
> Feb 15 15:43:51 fw2 /bsd: wd0g: uncorrectable data error reading fsbn
> 5392325 (wd0 bn 24734585; cn 1539 tn 167 sn 29)
> Feb 15 15:43:51 fw2 /bsd: wd0g: uncorr
On Fri, Feb 26, 2010 at 4:44 PM, Citra Cool wrote:
> Can I selling openBSD in CD for profit??
The OpenBSD project has a hard enough time making money on the CDs
they're selling to fund the project.
But, give this a read anyway.
http://openbsd.org/policy.html
On Sat, Apr 10, 2010 at 7:55 AM, Jozsi Vadkan wrote:
> Can someone [same subnet, e.g.: with a hub, not switch..] sniff my skype
> password when i'm using Skype? Is it encrypted?
Why are you asking a Skype support question on an OpenBSD mailing list?
The best way to know is to dump the data yours
On Thu, Apr 15, 2010 at 10:34 AM, Thomas Pfaff wrote:
> There's non-free software in the ports tree.
Good thing it's in ports, then. Keeps that shady license where we can
see it, and choose to suffer with it or not.
Build an anchor, have a ruleset loaded to it by cron, and removed at
the specified time later.
On Mon, May 17, 2010 at 7:03 AM, Leonardo Carneiro - Veltrac
wrote:
> There is a way to do time-based rules on pf? Something like "this packet
> will /pass/ from 10h to 13h" or "this packet will /pass/
I have a pair of freshly installed OpenBSD 4.7/amd64-RELEASE systems.
They're running redundant failover pairs with fw1 being the master.
It seems I've got a problem getting pfsync to properly pass a full
bulk update over, so longer term sessions time out when the MASTER
takes over for the BACKUP
On Sun, May 8, 2011 at 3:25 PM, roberth wrote:
> Uhum. Sure that's a way to approach this.
> That's the supported way. With that ammount of "support" required.
> Fine with that.
I usually build the new kernel, major utilities that require the new
kernel as per http://openbsd.org/faq/current.html
On May 28, 2011, at 5:36, Jean-FranC'ois SIMON wrote:
> All
>
> Thanks for your answers, I've set up my question not accurately enought. I
> would like to have a file logging the activity of dmesg after boot as well.
> I'm not sure it is the reight way to set it up.
>
> Here's my problem, I've se
On Wed, Jun 1, 2011 at 6:02 PM, Simranjit Gill wrote:
> Hello,
>
>
>
> I want to use the IPv6 source code in one of the products manufactured by my
> company and need to know if there are any restrictions or limitations
> regarding the use of source code in commercial products. Please let me know
On Jun 21, 2011, at 18:48, Benny Lofgren wrote:
> On 2011-06-22 03.03, vadi...@gmail.com wrote:
>>> Please continue to use Linux.
>>> That's ugly, useless and dangerous.
>>
>> Oops, looks like that was a "holy war" type of question. Sorry I did
>> not want to start that.
It's not.
> Linus didn
On Jun 21, 2011, at 20:20, vadi...@gmail.com wrote:
> Sorry I really did not want to start any flame. I just thought that
> getting answer from the mailing list would be faster than spending my
> time studying source code of the new system.
>
>> What you should do is relearn the proper way. :-)
>
On Mon, Jun 7, 2010 at 4:35 PM, Jacob L. Leifman wrote:
> (yes, I am aware that there are
> specialized applications that do require the use of a monster-sized
> dump truck with an engine to match, but in reality how many places have
> a genuine need of a database that even with fully optimized d
"pass all"
On Wed, Aug 4, 2010 at 3:32 PM, Peter Merritt wrote:
> What would be the most barebones pf.conf for a OpenBSD 4.7 nat firewall
> with 2 nics, that passes everything.
>
> Peter
On Sat, Dec 5, 2009 at 12:44 PM, rhubbell wrote:
> On Sat, 5 Dec 2009 15:28:09 -0500
> STeve Andre' wrote:
>
>> mostly a waste of time, except for the educational aspects of what not
>> to do.
>
> Thanks for the nice story. I get a kick out of how far folks here go out
> of their way not to help
On Sat, Dec 5, 2009 at 12:52 PM, Jussi Peltola wrote:
> At least some developers hang on misc@ and surely know how to disable
> ipv6. The question is: do they care?
In my experience, no.
Feeding the troll, sorry.
On Sat, Dec 5, 2009 at 2:45 PM, rhubbell wrote:
>
> Not sure how care plays into this. A simple question that the folks here
> would rather not answer but instead would rather meander about.
I gave you the file where GENERIC for all kernels is configured.
If you bother
On Sat, Dec 19, 2009 at 4:00 PM, Marco Peereboom wrote:
>
> There is no limit to shit code produced by amateurs and "professionals".
Out of this whole thread this is the only statement I agree with completely.
t; That's for 4.6 and the syntax is completely different from 4.6 to -current
>
>
>
> - Original Message -
> From: Johan Beisser
> To: Wade, Daniel
> Sent: Tue Dec 29 20:02:34 2009
> Subject: Re: Problem with nat-to on -current
>
> On Tue, Dec 29, 20
On Thu, Jan 21, 2010 at 8:42 PM, Song Li wrote:
> For the mount device: what's the device naming convention and the
> rationale behind it? I do not think it's a good idea to search through
> all the device and find out the device name. Linux and FreeBSD use
> slightly different convention but the
On Thu, Jan 21, 2010 at 10:43 PM, Song Li wrote:
> On Fri, Jan 22, 2010 at 6:44 AM, Bret S. Lambert
> wrote:
>> On Fri, Jan 22, 2010 at 05:42:25AM +0100, Song Li wrote:
> "fdisk sd0" is not a problem to me now either after I've seen Aaron's
> comments on fdisk. The problem on mount still exists
On Thu, Jan 21, 2010 at 11:54 PM, Otto Moerbeek wrote:
>> You could makefs on /dev/sd0c instead. Nothing really forces you to
>> create other slices (or partitions) on the device.
>
> Bad advice. disklabel does not record some redundant information for
> the c partitiion. Which may bite you in ca
On Mon, Jan 25, 2010 at 5:45 AM, Alessandro Baggi
wrote:
> Hi list! I'm setting up a vpn between two openbsd firewall:
> This is the scenario:
>
> FW1 FW2
> $ext 192.168.1.33 $ext 192.168.1.2
> $int 10.1.1.1
On Mon, Jan 25, 2010 at 10:05 AM, Alessandro Baggi
wrote:
> Johan Beisser wrote:
> Hi Johan. Thanks for the answer. I've reduced my pf.conf on client and
> server side to:
>
> ext="rl0"
> int="rl1"
>
> nat on $ext from $int:network -> $ext:0
&g
On Wed, Jan 27, 2010 at 4:53 PM, Denis Doroshenko
wrote:
> so the OS needs to do something. what should it do? should it just
> panic? or may be losing one process is better than losing them all?
> then, what are the criteria for choosing processes to be killed?..
>
> wondering if "random" means
On Wed, Feb 17, 2010 at 7:59 PM, Jason Beaudoin wrote:
> From a compliance perspective, I don't have much choice. From the
> costs, infrastructure, and administrative perspectives, I am currently
> evaluating whether or not I should be leaning towards and IDS or IPS
> solution, and of course which
On Fri, Feb 19, 2010 at 8:21 AM, L. V. Lammert wrote:
> No, that isn't going to work. This isn't some elitist club - if we can't
> provide a simple, sane, safe way for a [priviledged] user to push a backup
> image out to a DR server, than *we* have failed as technologists.
Wait.
What the hell i
On Fri, Aug 21, 2009 at 7:34 AM, Uwe Dippel wrote:
> Now I am pretty sure that this is what we see here.
> It also makes sense, since all those users sit on a tightly controlled LAN;
> while that machine is 'further out'. So that restricted services can be
> accessed through some tunneling.
> Now:
On Fri, Sep 4, 2009 at 11:31 AM, Sha'ul wrote:
> Thank you for the info. I was not looking for anything for how to install
> OpenBSD, but only for how to use it as a router and wireless access point
> system for network
The difference between the two installs is almost zero. Understanding
one with
On Mon, Sep 14, 2009 at 5:39 PM, patrick keshishian wrote:
> I didn't want to hijack the other VPN thread for this purpose, so here
> is a new thread. Anyone know much about how Juniper SSL-VPN networks
> work?
It's a java based client that's run on the "client-side" and forwards
specified packet
On Mon, Sep 14, 2009 at 6:53 PM, patrick keshishian wrote:
> ahhh... Do you know if there are any open-source clients that are able
> to connect through their service? I'm unable to google any specifics
> on what "protocol" they use, or rather what their java app does after
> it is launched. Is i
Two words: Filesystem Overhead.
On Tue, Oct 27, 2009 at 11:59 PM, Jennifer Ma wrote:
> hi all, lately, i obtained a seagate 200g(wd1) harddisk from my elder
> brother, after i disklabel, newfs and mount the disk. only 174g is
> shown as available, in windows(through samba), said 9.16g already be
On Sun, Oct 31, 2010 at 3:39 PM, Jamie Paul Griffin wrote:
>> Everytime one of you write to Theo directly,
>> I feel like I'm watching gay porn.
>
> would someone please block this prick. it was funny to start with but now
> it's intensely annoying.
You could just toss his email in to your killf
On Tue, Dec 14, 2010 at 2:06 PM, Tomas Vavrys wrote:
> Is there a light at the end of the tunnel somewhere to make email
> secure even for amateurs who don't know how to use PGP? I'm very
> curious about the future of email, especially now. I would like to
> hear opinions of OpenBSD wizards. The t
On Thu, Dec 23, 2010 at 9:19 AM, Alessandro Baggi
wrote:
>
> Hi list, I've tried to use the groups field for pfsync. I've changed in my
> pf rules, the wan interface ext="xl0" with ext="egress", then when I try to
> get a fault with firewall 1, firewall 2 become master, but all connections
> die.
I prefer to tar(1)...
On 1/7/11, Jeff Ross wrote:
> Hi,
>
> I have 2 servers that get backed up to tape. I was scping the daily
> dump files to the server with the tape attached but now I no longer have
> hard disk room to do that.
>
> So I read the man page for rdump/dump and that led me to rm
On Feb 3, 2011, at 5:17, Martin SchrC6der wrote:
> 2011/2/3 Bret Lambert :
>> Counting my toaster?
>
> Your toaster has an IP?
>
Yours doesn't?
201 - 253 of 253 matches
Mail list logo
