On 12/12/06, Matt Hamilton <[EMAIL PROTECTED]> wrote:
Hi All,
Something I just noticed on 3.9 with our firewall that I'm hoping
someone can explain, as it looks like a bug to me. Our simplified
config for queueing is:
altq on $ext_if cbq bandwidth 8Mb queue { colo, bmex, deflt }
queue bme
May i ask why?
I'm sure google could tell you quite a few dial-up company's in the
country's you would like
On 12/28/06, Peter Philipp <[EMAIL PROTECTED]> wrote:
Hi misc@,
I know OpenBSD isn't a telco nor an internet service provider, but
perhaps someone out there has a spare POTS
line where
Try defining q_pri with a bandwidth, you might even be able to set it as:
queue q_pri bandwidth 0% priority 7 cbq(borrow)
This way it wouldnt reserve any bandwidth but it shouldnt cause issues
with the bandwidth math either. If you get that working, please let me
know.
On 1/17/07, sonjaya <[E
when using rc.conf.local do you need to add
#!/bin/sh -
at the top of the file, or just start inserting lines?
thanks
--
-Lawrence
-Student ID 1028219
-CCNA
I was looking at the pf.conf(5) page for my altq/hfsc config and had
some trouble understanding the exact workings of hfsc queues, the
pf.conf man page has limited info on there workings. Also when i was
looking at pf(4) it noted altq(9) which didnt seem to exist, is that
an old listing in the pf(
I could be wrong, but the original question said nothing about
"non-profit" the way i read the first question as simply as, why cant
OpenBSD(a for-profit entity) do advertising, via a search page for
google(a for-profit entity, as far as i know), and get paid for it.
Nothing non-profit required, s
Im trying to implement hfsc altq on a firewall i have running, i
currently have the linkshare option working properly with only the
bandwidth assigned to the queue not a full service curve. I would like
to implement upperlimit however i don't quite understand how the delay
works, i understand how
I had an idea but not sure if its possible, section off and chroot
each site into a folder of its own, not sure if thats possible to
chroot each site to a diff dir or not, i think apache only allows you
to chroot the process
Maybe use permissions, diff user on each site, chmod to disallow
writing
qemu is your best bet, its not quite as fast as vmware but it runs on
OpenBSD, and supports several archs, it has a nice pkg and everything
vmware could run on OpenBSD if you have linux compatibility turned on i think
On 1/24/07, John Tate <[EMAIL PROTECTED]> wrote:
Is there any software that
I get a number of spams that make it though the misc list, not many
but at least a few, i use gmail and wasn't sure if its safe to
classify them as spam of if i should just delete them, i was concerned
that in classifying them as spam it could count negative toward the
list server?
thanks
On 1/2
usually its only possible to queue once going out an interface, as far
as i know, is it possible to use a loopback interface to run traffic
through muliple queues?
internet--->em0 (queue)--->lo2 (queue)->em1--->lan
--
-Lawrence
-Student ID 1028219
-CCNA
one queue, and i dont want to have to
set up multiple firewalls, id rather have everything in one nice
pf.conf, im gonna do carp later
On 1/24/07, Stuart Henderson <[EMAIL PROTECTED]> wrote:
On 2007/01/24 06:45, Lawrence Horvath wrote:
> usually its only possible to queue once goi
I tried looking for source but was unable, vmware is a closed source
as far as i can tell(please correct me if im wrong, as i like to get
hold of the source) when i was looking for it online you have to
download the binarys, and you have to email in for a serial number to
use it, they also have hi
work ok, and the loopback queue will still keep anyone from
going over the 10 meg link, and allow certain over all prioritization.
its kinda strange i know, but i think it will work
On 1/24/07, Bill Marquette <[EMAIL PROTECTED]> wrote:
On 1/24/07, Lawrence Horvath <[EMAIL PROTECTE
i believe if you do not specify the realtime in the qd queue it
assumes 100% this creating a math issue, try giving qd a realtime
limit
On 1/22/07, Piotr Lukawski <[EMAIL PROTECTED]> wrote:
Dear misc@openbsd.org,
I wanted to share bandwidth 512Kb between 4 users with guaranted
bandwidth 20Kb
I am trying to get my openbsd 4.0 box to allow remote ssh logins using
an rsa key,
i added the key into my ~/.ssh/authorized_keys file, and set
permissions on ~/.ssh and ~/.ssh/authorized_keys to 0600
i added the rsa of its self, for testing, however i cant seem to get
an ssh session to authenti
On 2/7/07, Darren Spruell <[EMAIL PROTECTED]> wrote:
On 2/7/07, Lawrence Horvath <[EMAIL PROTECTED]> wrote:
> I am trying to get my openbsd 4.0 box to allow remote ssh logins using
> an rsa key,
>
> i added the key into my ~/.ssh/authorized_keys file, and set
> permi
Ahh ok there we go,
It was a permissions issue on ~/ i had read and write set for group,
changed it to 0700, its now working
On 2/7/07, Stuart Henderson <[EMAIL PROTECTED]> wrote:
On 2007/02/07 06:49, Lawrence Horvath wrote:
> and made sure of the file permissions
> ~/.ssh is 0
As far as I know there is no specific altq list, just use the main misc list.
Please make sure to post to the list and not to people privately
thank you
On 2/11/07, Ralf Braga <[EMAIL PROTECTED]> wrote:
Hi Lawrence and Atren,
I'm with one few dificults for configure altq+pf+hfsc,
Need bala
I agree with scorch, how do we find out what hardware is working best
and most used with OpenBSD.
Even we you cant release the dmesg reports, what about a statistics
page, something along the lines of, x amount of x mobos is used with
OpenBSD, and other hardware as well.
would that be possible?
Check out bandwidthd, i dont think its in ports or pkgs, however it
does an excellent job, gives per IP graphs and total bandwidth used.
never tried it on a bridge thou
On 22/02/07, Ross Davis <[EMAIL PROTECTED]> wrote:
I am running OpenBSD 4.0 and have a bridge set up between two
interfaces: f
this is on OpenBSD 4.0 Generic
I have the below rule set in my pf.conf, i am having the following
problem, i need to be able to log into the firewall with ssh from
outside, and nothing should be able to hit the firewall from inside,
not even ping
from outside i can hit the shadow server, ssh, pi
On 20/03/07, Stuart Henderson <[EMAIL PROTECTED]> wrote:
On 2007/03/20 04:41, Lawrence Horvath wrote:
> I have the below rule set in my pf.conf, i am having the following
> problem, i need to be able to log into the firewall with ssh from
> outside, and nothing should be able to h
192.168.25.100 to any
pass in on xl0 inet from any to 192.168.25.201
pass in on xl1 inet from 192.168.25.201 to any
pass in on xl0 inet from any to 192.168.25.252
pass in on xl1 inet from 192.168.25.252 to any
On 20/03/07, Stuart Henderson <[EMAIL PROTECTED]> wrote:
On 2007/03/20 06:18, Lawrence Horvath
On 20/03/07, Stuart Henderson <[EMAIL PROTECTED]> wrote:
On 2007/03/20 09:24, Lawrence Horvath wrote:
> is there a way to tag the packets going to pflog, i can see the
> packets being blocked with tcpdump on /var/log/pflog, but i would like
> to know what rule is blocking them
is there a way to limit pps with PF?
--
-Lawrence
-Student ID 1028219
-CCNA
qlimit and bandwidth knobs.
you're sure you need to control packet rate, not data rate?
CK
On 3/24/07, Lawrence Horvath <[EMAIL PROTECTED]> wrote:
> is there a way to limit pps with PF?
>
>
>
> --
> -Lawrence
> -Student ID 1028219
> -CCNA
>
>
--
GDB has a
Yes, I do believe that you can create a bridge and include the
wireless device in the bridge, and this should work as you need it to.
if anyone knows different please let me know.
On 06/05/07, Paolo Supino <[EMAIL PROTECTED]> wrote:
Hi Maxime
I know that OpenBSD supports IPSEC very well (ha
I am trying to set up authpf. I created all the files however i would
like to be able to login and then start authpf instead of having a
separate user for authpf. when ever i try to start authpf after loging
in with ssh i get the below error
May 14 22:03:31 freemon authpf: wrong shell for user la
I am trying to confine my ftp to a smaller port range by editing
net.inet.ip.porthifirst=49152
net.inet.ip.porthilast=65535
is there anything else that uses these variables other than ftpd?
and would it be possible to force ftpd into using port 20 as its passive port?
this is on 4.0 generic
--
well i figure if active ftp can work many connectsion off one data
port why cant passive ftp
i see no problems with it, after all, all the control connections
terminate on one port why cant the data
On 24/05/07, Darren Spruell <[EMAIL PROTECTED]> wrote:
On 5/24/07, Lawrence Horvath &
I have just changed from 1 harddrive into having a root, and a home harddrive.
its now working but i had several gigs in the old home that i would
like to clear off, how can i clear the old home dir with out
unmounting the new home
--
-Lawrence
Well my old set up was to have just one harddrive, so my old home is
part of the root drive, and since my root drive is in use as root, how
would i mount just that part of it?
On 03/06/07, Darrin Chandler <[EMAIL PROTECTED]> wrote:
On Sun, Jun 03, 2007 at 09:10:34AM -0700, Lawrence H
me
mountpoint.
DS
> On 03/06/07, Darrin Chandler <[EMAIL PROTECTED]> wrote:
> > On Sun, Jun 03, 2007 at 09:10:34AM -0700, Lawrence Horvath wrote:
> > > I have just changed from 1 harddrive into having a root, and a home
> > > harddrive.
> > > its now working but
I am working with a ThinkPad 365X that i am installing obsd on and
would like wireless access on. it supports 2 type II or 1 type III
PCMCIA, I wanted a ral card however those only appear to come at the
lowest as a CB which i dont believe my thinkpad will support.
Any suggestions on a card i coul
It does not have any built in USB ports, so unless i can find a typeII
or III usb card i got no usb
On 04/06/07, Reyk Floeter <[EMAIL PROTECTED]> wrote:
On Sun, Jun 03, 2007 at 09:46:44PM -0700, Lawrence Horvath wrote:
> I am working with a ThinkPad 365X that i am installing obsd
I purchased the orinoco, well see how that goes, thanks for the comment
On 04/06/07, Lawrence Horvath <[EMAIL PROTECTED]> wrote:
It does not have any built in USB ports, so unless i can find a typeII
or III usb card i got no usb
On 04/06/07, Reyk Floeter <[EMAIL PROTECTED]> wro
I am looking for a Data T1 card to put in an OBSD firewall/router
looking for suggestions on a quality card for under 1000 that
OBSD supports reasonably well.
digium offers the Wildcard TE120P for about 600 but i was unsure of support
where could i find out if such a card is supported with out a
looks like im going sangoma, already emailed sales@
thanks for the input, glad to know someone has one up and working
On 10/06/07, Bryan Vyhmeister <[EMAIL PROTECTED]> wrote:
On Jun 10, 2007, at 4:15 PM, Lawrence Horvath wrote:
> I am looking for a Data T1 card to put in an OBSD
Im having some trouble accessing certain sites from my laptop going
through a obsd router doing nat
I have 2 tested configurations
Laptop--->Cisco1721[doing nat]--->internet > msn.com
and
Laptop--->Cisco1721--(gre0)>Openbsd[doing nat]--->internet > msn.com
in the first setup
I resolved this at least for now by setting no-df on my scrub, im
still investigating the mtu
On 26/06/07, Daniel Melameth <[EMAIL PROTECTED]> wrote:
Sounds like a possible MTU issue... Liberal use of tcpdump should
help in diagnosing the problem.
On 6/25/07, Lawrence Horvath &
Is there a way using pf to distinguish between ssh shell logins, and
scp file transfers?
--
-Lawrence
If power is a suspect why not get a UPS, it sounds like even a small
one would do, and it would probly work out better than buying a new
server?
On 07/09/2007, K K <[EMAIL PROTECTED]> wrote:
> I am looking for recommendations for a new rackmount server with a
> watchdog(4) device fully supported
3.9 GENERIC#617 i386
Wanted to know what are the possible ways to rate limit an ethernet
interface, if queues in pf will do this, or is any other way, i have a
2meg colo connection and dont wnat to go over it or ill get charged,
and the ISP wont cap it, so i have to cap myself.
Thanks
--
-Lawren
On 6/15/06, John R. Shannon <[EMAIL PROTECTED]> wrote:
Lawrence Horvath wrote:
> 3.9 GENERIC#617 i386
>
> Wanted to know what are the possible ways to rate limit an ethernet
> interface, if queues in pf will do this, or is any other way, i have a
> 2meg colo connection and
On 6/15/06, John R. Shannon <[EMAIL PROTECTED]> wrote:
Lawrence Horvath wrote:
> On 6/15/06, John R. Shannon <[EMAIL PROTECTED]> wrote:
>> Lawrence Horvath wrote:
>> > 3.9 GENERIC#617 i386
>> >
>> > Wanted to know what are the possible ways to rat
Im having alittle trouble with my queues in PF i have the following in
my pf.conf
altq on tl0 cbq bandwidth 100Kb queue {all}
queue all bandwidth 100% {default}
pass out on tl0 from any to any queue all
pass in on tl0 from any to any
however i get the following:
$ sudo pfctl -e
pfctl: pf alre
On 6/19/06, Alexander Hall <[EMAIL PROTECTED]> wrote:
Lawrence Horvath wrote:
> Im having alittle trouble with my queues in PF i have the following in
> my pf.conf
>
>
> altq on tl0 cbq bandwidth 100Kb queue {all}
> queue all bandwidth 100% {default}
> pass out on tl
You can use SNMP to monitor the wan interface on almost all routers,
(I know personally about the cisco), so you might set something up
that monitors taht, or you could using a dynamic routing protcocal,
even rip would do, just something interactive between OBSD firewall
and the router, the router
On 6/22/06, L. V. Lammert <[EMAIL PROTECTED]> wrote:
At 11:13 PM 6/21/2006 -0700, Lawrence Horvath wrote:
>You can use SNMP to monitor the wan interface on almost all routers,
>(I know personally about the cisco), so you might set something up
>that monitors taht, or you could
Is it possible to mix queue types with pf, for instance all http
traffic is sent to a hfsc queue while all ssh traffic is sent to a
priq queue, or could you have a master priq queue and child cbq queues
under it?
thanks
--
-Lawrence
Is there any way at all to bind ftpd to a single ip, i would like to
keep ftpd running on one ip of my server while i setup and play with
proftpd on another ip, the man page for ftpd says nothing about being
able to bind but is there any other way, Jerry Rig it if you will.
Thanks
--
-Lawrence
I have been getting the following error, and wasnt sure if i have to
totally install X or can i just install a minimal lib set to get the
error to stop, at this time I do not have any parts of X installed.
# make
===> qemu-0.8.0p3 uses X11, but /usr/X11R6 not found.
Thanks
--
-Lawrence
client, then you'll need to install the requisite libs.
You'll save yourself a lot of time and headache if you just install the X set.
On 7/4/06, Lawrence Horvath <[EMAIL PROTECTED]> wrote:
> I have been getting the following error, and wasnt sure if i have to
> totally insta
so how do you install that, i was thinking it would just be
# pkg_add /home/music/xbase39.tgz
Can't resolve /home/music/xbase39.tgz
but that didnt work, how do you install that package?
On 7/5/06, Joachim Schipper <[EMAIL PROTECTED]> wrote:
On Wed, Jul 05, 2006 at 12:03:35AM -070
Im using a OpenBSD 3.9 server and a FreeBSD 6.1 server on either end
of a firewall to test throughput and max open connections of the
firewall, i tested throughput with netstrain(d) but im unsure how to
test the max open connections, anyone recommend a program? or script?
to test the max number of
As long as the permissions are correct you can just redirect, you just
need to know what tty your piping to, i used who to check, and you
have to be an equal or higher user, my example was done as the same
user on both sides, like so:
ttyp1:
$ echo hello world > /dev/ttyp0
$
ttyp0
$ hello world
ere an equivelant here or do
> > I need to make my own?
On 7/25/06, Lawrence Horvath <[EMAIL PROTECTED]> wrote:
> As long as the permissions are correct you can just redirect, you just
> need to know what tty your piping to, i used who to check, and you
> have to be an equal or hi
Is there a way to monitor how much traffic is passing through a queue in bps?
Im using 'pfctl -s queue -v' but it seems to only show a running total
of packets and bits that have passed through it, and i want to be able
to see it in bps anyone know of a way to do this?
# uname -a
OpenBSD localhos
I have the following config for my pf.conf and i noticed that nothing
shows in the queues for incomming:
##BEGIN_QUEUES##
altq on tl0 cbq bandwidth 3000Kb qlimit 200 queue { traffic_out, traffic_in }
queue traffic_out bandwidth 1500Kb qlimit 200 cbq { \
other_out, ssh_out, ftp_data_out,
Yes it says its only "useful" for outbound, that doesnt mean that it
shoudnt still try to queue inbound, which it does sorta do as per my
pfctl -vvs queue, however it skips on parent queue for some reason
On 8/23/06, Jason Dixon <[EMAIL PROTECTED]> wrote:
On Aug 23, 2006, at 6
$ sysctl hw
hw.machine=i386
hw.model=Intel Pentium III ("GenuineIntel" 686-class, 512KB L2 cache)
hw.ncpu=2
hw.byteorder=1234
hw.physmem=268001280
hw.usermem=267599872
hw.pagesize=4096
hw.disknames=sd0,sd1,sd2,cd0,fd0
hw.diskcount=5
hw.cpuspeed=449
On 10/12/06, Falk Husemann <[EMAIL PROTECTED]>
On 10/28/06, Leonardo Rodrigues <[EMAIL PROTECTED]> wrote:
Hello everyone,
So, I'm trying to set up a samba server, and looking into the
smb.conf, there's this command "deluser" that I can't find a "similar"
one on OpenBSD to replace it. I need a tool that is able to delete a
user from a group,
63 matches
Mail list logo
