a) you're wrong
b) you don't know what problem he is trying to solve.
On Tue, May 14, 2013 at 5:28 AM, Salim Shaw wrote:
> OpenBSD is a server/router/network service OS, it's not designed for
> desktops. OpenBSD is the pre-eminent platform for Firewalling, IPsec, IPv6.
> Trying to shove OpenBSD
option mitel.l2p06;
option mitel.dscp 46;
The Mitel phones complain that option 128 is missing (I take this to
mean that it have the wrong format or type since it's obviously there)
and goes no further.
I'm hoping it's just a matter of figuring out how to use the options
and format them correctly.
Cheers,
Lars Hansson
In-tree dhcp most certainly support options because I am using them:
option autoproxy-script "http://1.2.3.4/wpad.dat";;
Cheers,
Lars
On Mon, Dec 31, 2012 at 11:19 PM, Chris Smith wrote:
> Maybe it's a problem due to Unbound being a package and not part of
> the core system, but a normal config
Oh, you mean the space thing. Well, it probably doesn't but I Have never
needed that.
---
Lars
On Wed, Jan 2, 2013 at 6:50 PM, Lars Hansson wrote:
> In-tree dhcp most certainly support options because I am using them:
> option autoproxy-script "http://1.2.3.4/wpad.dat"
ntpd and sshd are only running if you enabled them when installing. For the
rest, just turn off inetd.
Why are they enabled by default? Search the mailing lists, it has been
asked and answered before.
Lars
On Sat, Feb 16, 2013 at 10:41 AM, Fil DiNoto wrote:
> with something vaguely familiar to what they would encounter in the
> other equipment like cisco or juniper they would be far less likely to
> make a mistake that would result in an outage or security problem. So
> as superficial as this might
On Thu, Mar 14, 2013 at 10:22 PM, Jiri B wrote:
> I'm aware of both. So what is this renaming of ifaces good
> for?
On Windows it has it's advantages because by default you get stupid and
unhelpful names like "Local Area Connection X".
It's pretty nice to be able to rename it to something usefu
I run a number of 4.9 i386 boxes that functions as routers and are
logging to memory buffers.
Today I noticed that if I sighup the syslogd process the memory
buffers are no longer being logged to.
Below is the output from "syslogd -d" and I'm guessing the problem has
something to do with the "Membu
Uhm...ok, never mind. I'm an idiot. it does work. Sorry for that unneeded noise.
Cheers,
Lars
> - how would you compare with facts and not flamewars OpenOSPFd against
> Quagga or BIRD implementations?
This is not technical but...the openbsd ospfd tools does not pretend
to be Cisco and does not mimic the god-awful IOS cli and config
format.
Personally that is something I really, really lik
> I notice you spend much more time scolding people than actually saying>
> anything worthwhile. You should work on yourself and find out why that> is.
> Perhaps you could benefit from some anger management training?
I notice that Henning is contributing much more code to OpenBSD than
you ever ha
On Sun, Jan 22, 2012 at 3:35 AM, Anonymous wrote:
> I asked this before but I guess you didn't see it. So if you contribute
> "much more code to OpenBSD" than someone else do you automatically get
> license to insult people and post 100% noise as some kind of reward?
Since you're such an incredib
On Wed, Feb 29, 2012 at 10:44 AM, Nathan Stiles wrote:
> Also I've noticed that HTTPS isn't implemented on openbsd.org.
Why would it be? There is no user login or accout information
exchanged with openbsd.org.
Are you worrying that someone would, almost magically, insert
malicious code in the ISO
On Fri, Mar 9, 2012 at 3:28 PM, Fredrik Staxeng wrote:
> Do you want users at all? Or was Linus right?
Yes.
I dunno, I usually ignore his fire-brand rants.
---
Lars
On Fri, Mar 9, 2012 at 8:33 PM, Dmitrij D. Czarkoff wrote:
> So you state that the fact that "if one chooses to use the whole disk,
> the whole disk is used" needs further documentation?
Well, since this is the one of the few (only?) destructive actions the
installer takes
I can certainly see why
On Mon, Mar 19, 2012 at 5:50 AM, Stuart Henderson wrote:
> No idea how well OpenBSD does in xen.
Last time I tried OpenBSd in Xen ~2 years it worked like crap.
Couldn't get networking
to work at all and it was slow as a dog.
Cheers,
Lars
Disable mpbios.
Cheers,
Lars
On Thu, Apr 26, 2012 at 8:43 PM, Mihai Popescu wrote:
> This is interesting too (first paragraph), from the Ion author:
> http://tuomov.iki.fi/software
Guess why Ion3 isn't in ports anymore.
---
Lars
On Thu, Apr 26, 2012 at 8:50 PM, Lars Hansson wrote:
> On Thu, Apr 26, 2012 at 8:43 PM, Mihai Popescu wrote:
>> This is interesting too (first paragraph), from the Ion author:
>> http://tuomov.iki.fi/software
>
> Guess why Ion3 isn't in ports anymore.
Or more correct
ny queue adsl_client2_up
> pass in on $client_if from any to $adsl_client2_net queue adsl_client2_dn
Since you keep state (the default) you want to assign on the external
interface too, otherwise connections initiated from the "outside"
won't be assigned the correct queue.
---
Lars Hansson
ox.
Or perhaps future (bette) virtualizations won't require special OS
support. Xen is not a be-all-end-all.
---
Lars Hansson
other.
> Nobpdy has to write any code to understand that - the secuity benefits
> are ovbious to everyone from the PHBs to the admins.
Actually they aren't. What are the "obvious" security benefits? I'm
not saying there aren't benefits, just that I can't see any obvious
security benefits.
---
Lars Hansson
On 10/25/07, Edd Barrett <[EMAIL PROTECTED]> wrote:
> The workaround is to do something like this, with a shorter filename
or make sure you have a long filename in the root directory of the
partition or mount with -l.
---
Lars Hansson
27;s. It does'nt even apply
to non-VM situations since it solves a problem that only exists in
virtualization.
> As pointed out previously, the discussion was originally about the benefits
> of separate application domains within an enterprise.
I'm sure there are benefits for certain situations.
---
Lars Hansson
it would also be useful to allow users to mount
> directories not owned by them. As it stands if you want to allow a
> user to mount a cdrom drive, they each need thier own mount directory.
Right, so just mount them somewhere under your home directory. I dont
hink this is a problem in most cases.
---
Lars Hansson
just installed without any problems.
Yes.
---
Lars Hansson
On Nov 17, 2007 8:35 AM, David Higgs <[EMAIL PROTECTED]> wrote:
> I combined authpf with OpenVPN, using some big hints from some easily
> google-able places. Even though WEP and WPA aren't supported by
> OpenBSD,
OpenBSD supports WEP.
---
Lars Hansson
On Nov 19, 2007 1:51 PM, Clint Pachl <[EMAIL PROTECTED]> wrote:
> Does it even matter?
If you want to connect to networks that are using WEP, yes.
---
Lars Hansson
is (a license). I think he just might accept us
> to licence it.
Yes, the discussion is in the archives and no he didnt. qmail had a
weird license.
---
Lars Hansson
No. OpenBSD doesn't sign code.
---
Lars Hansson
's problem that some companies implement pointless
"security" policies.
---
Lars Hansson
Can we please stop this thread now because it is
really not interesting at all.
---
Lars Hansson
hard has offered you the oportunity to aquire his endorsement.
Are we supposed to feel special?
> If that does not matter then shut this thread down, because it is
> pointless.
It was pointless from the start.
---
Lars Hansson
On 12/17/07, David H. Lynch Jr. <[EMAIL PROTECTED]> wrote:
> Yet you are seeking to deny the same freedom to Richard and everyone
> else that disagrees.
No-one is trying to deny RMS the freedom to say and think whatever the
hell he wants, no matter how wacky.
---
Lars Hansson
On Jan 3, 2008 6:33 PM, Michael Dexter <[EMAIL PROTECTED]> wrote:
> Can someone tell me what marketing speak to look for to determine if a
> motherboard supports > hw.setperf and "apmd -C/A" CPU speed regulation?
IIRC for Intel it's SpeedStep and for AMD PowerNow/Cool' n'Quiet.
---
Lars Hansson
ake you ethical?
Most OSS, for example, can be, and is, used by governments to oppress
the people. Does that make working on OSS unethical?
---
Lars Hansson
Windows
> workstations (It may not be the very same words, but the intent is the
> same).
Luckily for Linux RMS doesn't have a say in who works on the kernel. If he
had I guess Linux would now have been what GNU HURD is: unknown and
irrelevant.
---
Lars Hansson
On Jan 5, 2008 1:54 PM, Richard Stallman <[EMAIL PROTECTED]> wrote:
> The "wget" he uses is worse.
> You can download any non-free software with it and it does not warn
> the user at all!!!
>
> I don't object to general-purpose tools just for being general.
OpenBSD is a general-purpose
WAY past
the point where that mattered.
For everyones sanity just leave it alone.
---
Lars Hansson
On Feb 6, 2008 4:45 PM, Lars Noodin <[EMAIL PROTECTED]> wrote:
> You've provided that data point yourself: MS Windows.
Since when is misc@ a Linux-esque anti-MS list?
---
Lars Hansson
ight? Right... :)
I guess he's just too busy actually writing code. You know,
contributing to the project in a constructive and meaningful way.
---
Lars Hansson
the PC, gets the RAM, reads ya SSH key and turns the PC on again
> (just in case you might used it before this brave student..)...
>
> You could do this in like 10minutes (max!).
10 minutes is a lot longer than "seconds or even minutes".
---
Lars Hansson
On Saturday 16 December 2006 06:47, Craig Skinner wrote:
> Don't do that. DJB junk is not in ports for good reasons.
And the reason has nothing to do with the quality of DJB's stuff.
---
Lars Hansson
...??
Depends on what you mean by disable. There's no option to prevent Ipv6 from
being active but it's trivial to block all ipv6 traffic with pf.
---
Lars Hansson
On Monday 18 December 2006 07:28, Dag Richards wrote:
> What about this is cluelez? I ask in a tone not of belligerence, but a
> desire to be informed by my betters.
Blocking icmp is a) totally pointless, and b) makes troubleshooting much more
difficult.
---
Lars Hansson
I'm just going to mention rdist, since it's in base. While certainly not as
complex and feature rich as as cfengine it does get the job done just fine
for most tasks.
---
Lars Hansson
On Wednesday 20 December 2006 21:34, Sebastian Rother wrote:
> Could that be a "Bug"?
No. "ls" cant take an infinite number of arguments.
Just use grep to get the Backdoor entries.
Lars Hansson
On Friday 22 December 2006 13:03, [EMAIL PROTECTED] wrote:
> What of the built-in VPN client for the Windows OS?
While it works it suffers mainly from two things; being confusing to configure
and lacking strong ciphers (you only get DES and 3DES).
---
Lars Hansson
se?
>
> Yes.
Is this going to be a relational or object database? or perhaps a hash
database?
What if an application needs an hash database but your filesystem is a
relational database?
Lars Hansson
On Friday 12 January 2007 13:04, noob lenoobie wrote:
> My problem is the following : I'm unable to send mail from php.
the php mail() function will not work in chroot (unless you install the chroot
flavour of the mini-sendmail package).
----
Lars Hansson
On Friday 12 January 2007 23:59, Ste Jones wrote:
> Just out of interest does femail need a sh in the chroot like
> mini_sendmail?
mini_sendmail doesn't need it, it's PHP that does.
---
Lars Hansson
On Wednesday 17 January 2007 05:44, Vim Visual wrote:
> btw are you using X?
X isn't GPL.
> and if so, which wm?
Irrelevant.
> most of them are under the
> gpl, right?
No, some are.
> this must hurt if you're such a bsd license defender...
Keep your flamebai
On Wednesday 17 January 2007 11:42, Mark Bucciarelli wrote:
> If this won't work, is it possible to PXE boot from a machine
> that hosts bsd.rd but does not run OpenBSD?
Yes, look at pxeboot manpage".
---
Lars Hansson
way to use the serial port is to disable the console
redirection in BIOS.
>
> What I'm looking for is a "set tty none" or similar in /etc/boot.conf.
If the WRAP is using console redirection this wont help.
---
Lars Hansson
wa thinking of the messages that the BIOS itself usuallt outputs and that
those would interfere with whatever device is connected.
setting tty to com1 apparently doesn't work either.
---
Lars Hansson
der is even running.
---
Lars Hansson
orks in IT but ask any
company if they'd hire an accountant who doesn't really know accounting
but can click on buttons in Quickbooks (or whatever), fill in some
numbers and make the numbers kinda sorta add up.
---
Lars Hansson
Jonas Thambert wrote:
> 12:35PM up 46 days, 6:15, 1 user, load averages: 7.11, 5.46, 3.09
>
>
> Any ideas?
What's the actual problem? high load average in itself is not
necessarily a problem.
---
Lars Hansson
Cool, but...
Alexey Suslikov wrote:
>> Non-standard of BGP functionality (modeled after PF).
What does that even mean? What is non-standard?
---
Lars Hansson
Claudio Jeker wrote:
> We don't do the Cisco CLI and route-map thing -- which is in my opinion a
> very good thing.
Ah. I wasnt aware that those are in the standard though ;)
---
Lars
h the default chroot as long as you dont allow your
users to run any cgi's. Just make each vhosts docroot be owned by the
user and readable by the www group and you're set.
If you're hosting PHP sites you also need to remember to set (and
enforce) open_basedir for the vhosts.
---
Lars Hansson
Travers Buda wrote:
> They're basically the same thing.
No they're not. One run on the vendors hardware, the other run on your
OS. Two entirely different things.
---
Lars Hansson
n't friendly on the same
> box, and I've found quite a few articles that strongly suggest removing
> sendmail if you've chosen to use postfix.
You don't need to remove sendmail on OpenBSD.
---
Lars Hansson
Nigel Roberts wrote:
Is it possible to configure an area in ospfd.conf to be a stub area?
Yes, use the "passive" option. It's in the ospfd.conf man page.
---
Lars Hansson
n any other mailinglists in the world.
---
Lars Hansson
had the time or
interest yet.
---
Lars Hansson
?
The only problem is that we don't support zaptel. It is an incredible ugly
interface that only works with the digium cards that are not supported.
Also, the OP asked for a SIP client, not a about running a SIP server.
AFAIk there are no SIP clients in the ports tree.
---
Lars Hansson
with zaptel and both Asterisk and SER are in the
ports tree. zaptel is only required if you want to use digium cards to
interface with a PBX or similar.
---
Lars Hansson
erfectly functioning VOIP PBX on OpenBSD
as long as you don't need the OpenBSD box to interface directly with a
traditional PBX or telephone.
FYI, I do not used softphones and I prefer hardphones.
It's of no relevance, both works with Asterisk (and SER) on OpenBSD.
---
Lars Hansson
[EMAIL PROTECTED] wrote:
Whereas, if you want to interface you machine to an existing old
pabx or if you want your openbsd machine to work with pstn at your location
then you need to get
zaptel+libpri working on your machine.
Not at all, you only need zaptel and libpri if you want to interface
Rogier Krieger wrote:
End user connections are what the submission port (589) is for.
Small correction: it's 587, not 589.
---
Lars Hansson
Does using NIS on OpenBSD also have such a limitation?
No.
----
Lars Hansson
Ross Davis wrote:
I am currently experimenting with bwm-ng and ntop, but was wondering if
anyone had a super magic awesome tool that they could recommend.
netflow using pfflowd does the trick but it might be a bit daunting to
set up.
---
Lars Hansson
Inside the site,
there are many other parts that often don't load.
I can't reproduce this problem. I'm on 4.1-current behind a 3.9-stable
firewall. Using Firefox (and privoxy) that page load without problem
every time.
Lars Hansson
[EMAIL PROTECTED] wrote:
guys what file should i need to edit so that if i'm going to press ctrl
alt del my box will just reboot?
man sysctl
man sysctl.conf
---
Lars Hansson
Toni Mueller wrote:
OTOH, in my own network, I want fully automatic unattended installs.
Have you looked at siteXYtools?
http://mongers.org/openbsd/siteXYtools/
---
Lars Hansson
Peter wrote:
Are you serious? I thought that was only for straight packages. It actually
fetches code from third party repositories?
What 3rd party repositories? What are "straight" packages?
---
Lars Hansson
r that
it (whatever it is) could also be expressed as a percentage?
$ ifconfig ural0
..
ieee80211: nwid unet chan 6 bssid 00:0f:3d:0d:eb:ac 20dB nwkey
0x8353c823e7 100dBm
---
Lars Hansson
Reyk Floeter wrote:
On Mon, Mar 12, 2007 at 12:05:20PM +0800, Lars Hansson wrote:
it is the received single strength indicator.
Ah, that's what i suspected it was. Thanks.
I'm trying to get a small gui wifi monitor working so can i safely
assume that 20dB is maximum? When does it
the
OpenBSD project isn't exactly overflowing with personell. But maybe
Karl and Martin are volunteering to maintain security-announce.
--
Lars Hansson <[EMAIL PROTECTED]>
whenever you have them and feel like giving
me some.
--
Lars Hansson <[EMAIL PROTECTED]>
On Fri, 16 Mar 2007 10:08:02 +0100
Karel Kulhavy <[EMAIL PROTECTED]> wrote:
> http://www.heise.de/security/news/meldung/86730
And for the majority of the worlds population that doesn't speak German
this says exactly what?
--
Lars Hansson <[EMAIL PROTECTED]>
On Fri, 16 Mar 2007 11:23:59 +0100
Frank Tegtmeyer <[EMAIL PROTECTED]> wrote:
> The article claims that the OpenBSD developers tried to deny that the
> ICMPv6 bug is a remotely exploitable security hole.
Aha. Slow newsday in Germany, eh?
--
Lars Hansson <[EMAIL PROTECTED]>
t; OBSD's strength is in being open, be open.
Yeah, it's so closed the source patch was available 10 days ago...
> Move on and end this.
That's good advice though.
--
Lars Hansson <[EMAIL PROTECTED]>
Rafael Almeida wrote:
OpenBSD site says there is one in Hong Kong:
http://www.openbsd.org/orders.html#asia
http://www.genesis.com.hk/
Uh, doesn't look like they're selling OpenBSD reallly...
---
Lars Hansson
e
person should be running in 2007.
---
Lars Hansson
Pawel Jakub Dawidek wrote:
So isn't it rather hypocritical to claim GPL license is bad and BSD
license is good and ship operating system with GPLed code?
No.
How do you feel about having pro-GPL operating system?
I don't know, I run OpenBSD.
---
Lars Hansson
Wim Vandeputte wrote:
Did you contact http://www.genesis.com.hk/ in Hong Kong?
Or should we remove them from the list of resellers?
Probably, I don't think they've been alive for a good many years. I seem
to recall this being the case even back in 3.x days.
---
Lars Hansson
patch for stable so you should try
3.9-stable or better yet, 4.0.
---
Lars Hansson
nsion/plugin (or
whatever the heck net-snmp call it).
---
Lars Hansson
d doesn't?
Sure, it's not much but it does keep the average joe out. If you are
aware of WEP's weaknesses there's nothing wrong with using it.
---
Lars Hansson
port 10023 too?
While comparing Apples and Oranges is fun it's not accurate.
---
Lars Hansson
Maxime DERCHE wrote:
IMHO you should think to configure your AP to provide a WAP-based
encryption...
WAP-based encryption? Do you mean WPA?
---
Lars Hansson
those WEP and WPA
are the only ways to secure your all your wireless traffic.
---
Lars Hansson
Jeremy Huiskamp wrote:
I'd like to hear an actual developer position on that statement.
Check the archives for Reyk's comments on WPA. It will be in OpenBSD one
day because, secure or not, it is gaining traction and is/will be
required by many AP's (especially "enterpris
Joachim Schipper wrote:
All in all, I might choose OpenVPN if it involved end users (lots of
NAT, Windows, and other crappy stuff),
OpenVPN isn't exactly awesome on Windows.
---
Lars Hansson
mail-lists wrote:
This would be great. However, I've yet to find an IPsec client that's
'easy' to set up.. ie. an end user can do it. Perhaps you know of a good
way to solve this issue? I'd love to hear it!
TheGreenbow.
---
Lars Hansson
ke a right, doesn't it?
Don't bother responding, I'm gone. Have fun with your Broadcom chips
No thanks, I don't buy from moronic companies.
---
Lars Hansson
Tobias Weisserth wrote:
Who the hell do you think you are that you can impose a definition of
free on me?
I dunno, who does RMS think he is imposing his definition of free on me?
---
Lars Hansson
chefren wrote:
Clearly not to death and people here are seriously interested in pro and
contra arguments.
People are interested in discussing a lot things but that doesn't mean
those discussions belong on [EMAIL PROTECTED]
---
Lars Hansson
1 - 100 of 360 matches
Mail list logo
