I would like to change the source IP that applications use when making
connections for my backup.
I have 2 firewalls, one at home, one in colo, each with a LAN segment
behind it, the LANs are connected via IPSec.conf vpns between the
firewalls.
The home public IP is dynamic so I was not able to ma
2009/6/14 Jason Dixon :
> On Sun, Jun 14, 2009 at 08:03:54PM -0700, Lord Sporkton wrote:
>> I would like to change the source IP that applications use when making
>> connections for my backup.
>> I have 2 firewalls, one at home, one in colo, each with a LAN segment
>&
OpenBSD 4.2 on i386:
does ftpd have the capability to follow sym links? or is there a work
around that would allow it to?
if not, will that support be added any time soon?
--
-Lawrence
-Student ID 1028219
ahh, yes, they are, i have it chrooting to the user home, however the
symlink in the user home is linked to something in /mnt
hadnt thought of that, any way around that then?
On 02/11/2007, Clint Pachl <[EMAIL PROTECTED]> wrote:
> Lord Sporkton wrote:
> > OpenBSD 4.2 on i386:
&g
Is it possible to nest a neighbor group inside another neighbor group
in bgpd.conf?
It gives me an errors on the nested group statement when i try to
start bgpd. is there a way around this or am i missing something i
need to nest?
on:
OpenBSD 4.2 GENERIC.MP#304 i386
--
-Lawrence
May i ask why you are using a bridge between ISP and OpenBSD firewall?
why not just implement QoS on the firewall if its OpenBSD anyway?
Have you verified ports for your voip? it looks like you are expecting
your outbound voip connection to be connection control=5060 and
media=1-2, i usual
I have ospf running between OpenBSD 4.2 GENERIC.MP#304 i386 and a 1721
Cisco running c1700-k9o3sy7-mz.123-23.bin. "ospfctl show fib ospf"
shows 2 networks, the loopbacks and the gre link however "ospfctl show
database area 0.0.0.0" shows only the loopbacks, why doesn't the
database show the gre lin
is it possible to do a sysctl.conf.local, to the same effect as
rc.conf.local, i added the below to the end of my sysctl.conf, but
this didnt work, net.inet.ip.forwarding was still set to 0 after a
reboot.
local_sysctlconf="/etc/sysctl.conf.local"
[ -f ${local_sysctlconf} ] && . ${local_sysctlcon
On 23/12/2007, scott <[EMAIL PROTECTED]> wrote:
> 1. use # tcpdump -eni pflog0
>
> 2. if that's not revealing then post its output AND the whole pf.conf
> file.
>
> 3. in the mean time, consider rdr PASS on $IF_RR proto udp from
> $REMOTE_IP to ($IF_RR) -> $HOST_WII
>
> where PASS is in lower case
<[EMAIL PROTECTED]> wrote:
> johan beisser wrote:
> > On Dec 24, 2007, at 12:34 AM, Lord Sporkton wrote:
> >>
> >> i could be wrong but here is my 2 cents:
> >>
> >> ive seen something like this related to upnp, i would venture to guess
> >> yo
I waslooking at a commercial firewall recently and i noticed it has a
built a wan port, a dmz port and then a built in switch which it
considers the lan port, i was wondering if there is a "switch card" or
a pci card with multiple ethernet ports that could be iused as a
switch,much the same way tha
Im about to buy a small server, mostly for personal use
looking for a 1u
was hoping to find some vendors that are openbsd friendly
if they offer more than just i386 that is a plus as im investigating
other archs as a possiblilty, any suggestions welcome
this server will be doing mostly webhosting
awesome, 64 it is, thankyou
On 27/01/2008, NetOne - Doichin Dokov <[EMAIL PROTECTED]> wrote:
> Lord Sporkton ??:
> > Perhaps i was wrong but i thought openbsd was only 32 bit for now?
> Yup, you're wrong. There's amd64 port, which runs fine on all x86 64-bit
> C
Perhaps i was wrong but i thought openbsd was only 32 bit for now?
On 27/01/2008, NetOne - Doichin Dokov <[EMAIL PROTECTED]> wrote:
> Lord Sporkton ??:
> > Im about to buy a small server, mostly for personal use
> > looking for a 1u
> >
> > was hoping to f
check out hostmysite.com
On 27/01/2008, Chris <[EMAIL PROTECTED]> wrote:
> On Jan 28, 2008 8:40 AM, Salim Shaw <[EMAIL PROTECTED]> wrote:
> > try http://eracks.com/
>
> I been looking to host mail (sendmail) but couldn't find anything
> cheaper. I don't need any rack mount server - just the cheape
I am setting up a duel core server, the server will be doing 2 things,
firewall/routing and user-services
since my needs are pretty small for this server and its a duel 2.0
64bit i was hoping to sort of partition the cpus such that
firewalling/kernel processes get one processor and user services l
what keywords should be be searching for?
i have no idea what this would be called?
On 28/01/2008, johan beisser <[EMAIL PROTECTED]> wrote:
>
> On Jan 27, 2008, at 9:24 PM, Lord Sporkton wrote:
>
> > I am setting up a duel core server, the server will be doing 2 things,
>
On 28/01/2008, Geoff Steckel <[EMAIL PROTECTED]> wrote:
> Lord Sporkton wrote:
> > what keywords should be be searching for?
> > i have no idea what this would be called?
> >
> > On 28/01/2008, johan beisser <[EMAIL PROTECTED]> wrote:
> >>
I fail to see why you are moving the applications off the Athlon? why
not just use your apps on the Athlon and ssh to it? it is multi-user
after all
On 30/01/2008, Douglas A. Tutty <[EMAIL PROTECTED]> wrote:
> Hello,
>
> I have an unusual situation and problem at which I've been chipping
> away.
very soon i am getting some static ips for my cable home connections,
currently i have 1 dynamic ip.
Im using pf to block ssh brute force attempts and its working
splendedly. however now i have this pf table full of ips and nice logs
indicating hack attempts via ssh not to mention other services t
would see logs indicating such, so now i have an ip
and logs, what can i do with them, who can i report them to other than
the provider?
On 31/01/2008, Richard Daemon <[EMAIL PROTECTED]> wrote:
>
>
> On Jan 31, 2008 4:30 PM, Lord Sporkton <[EMAIL PROTECTED]> wrote:
> &g
All i can say is that i have a 1850R and a 5000, both of which run
wonderfully so far with OpenBSD, the 1850 is duel pII 450 and the 5000
is quad pII 400, havent had a single problem so far.
however that price tag is way out of range, i bought both of mine for 90.
On 08/02/2008, Douglas A. Tutty
Im having a bit of trouble understanding how the new ipsec should
work, im not sure if isakmpd is no longer needed or if just its config
has been moved to ipsec.conf
so do i need ipsec.conf and isakmpd
or do i just need ipsec.conf
--
-Lawrence
-Student ID 1028219
nvm, archives, found my answer
On 05/03/2008, Lord Sporkton <[EMAIL PROTECTED]> wrote:
> Im having a bit of trouble understanding how the new ipsec should
> work, im not sure if isakmpd is no longer needed or if just its config
> has been moved to ipsec.conf
>
> so do
I am running OpenBSD on OpenBSD with qemu(from pkg) all 4.2
I am using the host OS for network services, ntp, dns, and router,
I am using the guest OS's for client services, www, ftp, sql, etc.
My goal is to have all the guests on internal addresses and use the
host to nat them to publics as nee
I believe squid is what you are looking for
On 11/03/2008, Rami Sik <[EMAIL PROTECTED]> wrote:
> Hi All,
>
>
>
> I currently have PF in place with CARP, and quite happy with them. I
> need to implement application level firewalling in front of my apache
> servers as PCI requirement by the end
On 17/03/2008, Joachim Schipper <[EMAIL PROTECTED]> wrote:
> On Tue, Mar 11, 2008 at 09:33:10AM -0700, Lord Sporkton wrote:
> > I am running OpenBSD on OpenBSD with qemu(from pkg) all 4.2
> >
> > I am using the host OS for network services, ntp, dns, and router,
>
On 19/03/2008, Stuart Henderson <[EMAIL PROTECTED]> wrote:
> On 2008-03-19, Lord Sporkton <[EMAIL PROTECTED]> wrote:
> > I misunderstood how qemu handle networking, i was under the impression
> > that it piggy backed on a real interface, much the way that vmware or
&
I have this rule in my PF
and its not working
everything just gets thrown into the high queue and nothing touches
the low queue
(this is from the output of pfctl -s rules)
pass in on em0 inet proto tcp from any to 208.70.72.13 port = ssh
flags S/SA modulate state (source-track rule, max-src-conn-
mel @ http://calomel.org/
> Open Source Research and Reference
>
>
>
> On Wed, Mar 26, 2008 at 04:41:01PM -0700, Lord Sporkton wrote:
> >I have this rule in my PF
> >and its not working
> >
> >everything just gets thrown into the high queue and nothing t
i am looking into an exchange replacement, im looking to have use of
calender appointments, tasks and mail all through a central server,
also i have multiple windows based mobile devices syncing with this
server, i wasnt able to find anything that looked like a exchange
replacement in ports or pkgs
Is your issue sexchange or LookOut?
>
>
>
> On 10/2/07, knitti <[EMAIL PROTECTED]> wrote:
> > On 10/2/07, Karsten McMinn <[EMAIL PROTECTED]> wrote:
> > > On 10/2/07, Lord Sporkton <[EMAIL PROTECTED]> wrote:
> > > > i am looking into an exch
I have set up an aggressive mode VPN between a cisco 877 and OpenBSD server.
The SA seems to have set up correctly however the connection only
appears to pass traffic from the cisco to the server.
The private IPs on the cisco have a nat exemption to keep it from
natting when going through the tunne
I am running Qemu with 2 virtual machines. I have put the tap devices
into a bridge with a trunk interface, the trunk acts as a gateway,
allowing a virtual network inside the host server which can nat to
public IPs and be firewalled. For some reason the 2 vmhosts cannot
communicate. they will arp e
On 10/04/2008, Chris Smith <[EMAIL PROTECTED]> wrote:
> I block and log rfc 1918 connection attempts and am seeing the following
> in pflog continuously ad nauseum:
>
> Apr 10 15:10:21.414289 rule 9/(match) block in on fxp1:
> 172.21.153.70.6293 > 68.61.77.3.50716: [|tcp] (DF) [tos 0x20]
> Apr
On 25/03/2008, Fridiric Pli <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I have an openbsd router with two ebgp peers.
>
> I have serveral prefixes to announce but I would like to know how I could
> influence outcoming traffic from each of my prefix.
>
> I did not understand how to use weight, localpre
I have an NTFS drive attached via USB that was previously attached to
an XP home system
I am trying to now attach this drive to my OpenBSD server
I get the following error however im unsure what im doing wrong
also, why does it show as a scsi device, its a pata drive in a usb enclosure?
I created
support to my kernel
On 24/04/2008, jmc <[EMAIL PROTECTED]> wrote:
> --- Lord Sporkton [Thu, Apr 24, 2008 at 02:32:37PM -0700]: ---7
>
> > I have an NTFS drive attached via USB that was previously attached to
> > an XP home system
>
>
> [ ... ]
>
>
>
2008/4/25 Siju George <[EMAIL PROTECTED]>:
> On Fri, Apr 25, 2008 at 3:47 AM, Lord Sporkton <[EMAIL PROTECTED]> wrote:
> > My appologies, i am indeed using GENERIC,
> > I did think that perhaps it did not support ntfs, but then i also
> > thought it woul
I am trying to set up a ipsec link between my home network(private ip
network behind dynamic public ip)
and my colo server(single public static ip). I was a bit unclear on
how to set up a tunnel between a static
and dynamic ip
interesting traffic:
208.70.72.13 -> 10.0.0.0/16
My sad seems to set
2008/5/13 Jonathan <[EMAIL PROTECTED]>:
> On Tue, May 13, 2008 at 5:41 PM, Lord Sporkton <[EMAIL PROTECTED]> wrote:
>> I am trying to set up a ipsec link between my home network(private ip
>> network behind dynamic public ip)
>> and my colo server(single public s
2008/5/14 scott learmonth <[EMAIL PROTECTED]>:
>> On Tue, May 13, 2008 at 5:41 PM, Lord Sporkton <[EMAIL PROTECTED]>
>> wrote:
>>> I am trying to set up a ipsec link between my home network(private ip
>>> network behind dynamic public ip)
>>> a
2008/5/14 Lord Sporkton <[EMAIL PROTECTED]>:
> 2008/5/14 scott learmonth <[EMAIL PROTECTED]>:
>>> On Tue, May 13, 2008 at 5:41 PM, Lord Sporkton <[EMAIL PROTECTED]>
>>> wrote:
>>>> I am trying to set up a ipsec link between my home networ
2008/5/15 Claer <[EMAIL PROTECTED]>:
> On Thu, May 15 2008 at 09:09, Lord Sporkton wrote:
>
>> 2008/5/14 Lord Sporkton <[EMAIL PROTECTED]>:
>> > 2008/5/14 scott learmonth <[EMAIL PROTECTED]>:
>> >>> On Tue, May 13, 2008 at 5:41 PM, Lord S
.0/24"
>
> ike esp from $fire to $angie local egress \
> srcid "fire.sporkton.com" dstid "angie.sporkton.com"
>
>
>
> ipsec.conf on angie:
> angie = "208.70.72.13"
> fire = "10.0.0.0/24"
>
> ike passive esp from $angie to
2008/5/17 Dark Nebula <[EMAIL PROTECTED]>:
> Hi all,
>
> Is possible perform a DNS query, that gives me all A records from one ip,
> (without using the reverse DNS) ?
>
> Thanks a lot
>
>
Are you asking to find all the forward A records for a given IP?
If so, there is no way to do that, not even w
2008/5/17 Jesus Sanchez <[EMAIL PROTECTED]>:
> Hi, I'm using OpenBSD 4.2
>
> Here my network to explain later:
>
> [Joe PC] --- $int_if [MY_OPENBSD] $ext_if --- [INTERNET]
>
> I have a little problem when trying to setup a altq bandwidth shape with
> pf. My intention is to give Joe only 100Kbs (bit
2008/5/17 Jesus Sanchez <[EMAIL PROTECTED]>:
> Lord Sporkton escribis:
>>
>> 2008/5/17 Jesus Sanchez <[EMAIL PROTECTED]>:
>>
>>>
>>> Hi, I'm using OpenBSD 4.2
>>>
>>> Here my network to explain later:
>>>
>>&
2008/5/19 Kendall Shaw <[EMAIL PROTECTED]>:
> I'm an openbsd novice. I replaced cards on computers in my home network
> with gigabit ethernet and got a a gigabit switch. Can I determine what
> speed or maybe what media my re0 interface is using?
>
>
You can use ifconfig, it should have a "media:"
I just figured out the slow usb speed im seeing is because
my router/lan server only has usb1.0(optiplex GX100)
so im looking for a recommendation of a small form computer
to use as my home router/server, im going to ebay it until i
can fund myself a soekris
requirements are simple:
usb 2.0
at le
ironically enough, that optiplex just died. and now a pix is in
its place until i get a new one
2008/5/19 Lord Sporkton <[EMAIL PROTECTED]>:
> I just figured out the slow usb speed im seeing is because
> my router/lan server only has usb1.0(optiplex GX100)
> so im looking for a
2008/5/20 Mark Rolen <[EMAIL PROTECTED]>:
> Tobias Walkowiak wrote:
>>
>> On Mon, May 19, 2008 at 11:51:04PM -0500, Andrew Konkol wrote:
>>
>>>
>>> If you're looking for a single board computer using compact
>>> flash...I've had good luck with my ALIX 2c3
>>> http://pcengines.ch/alix2c3.htm
>>>
>>
2008/5/25 Jesus Sanchez <[EMAIL PROTECTED]>:
> Hi all, I'm using OpenBSD 4.2.
>
> I would like to make my OpenBSD box to download torrents and to add new
> torrents by ssh so I installed rtorrent.
>
> I experienced a really huge memory use of the program to hash (check I
> think) the actual downloa
2008/5/25 Romar Morales <[EMAIL PROTECTED]>:
> Bump
>
>
> -- Forwarded message --
> From: Romar Morales <[EMAIL PROTECTED]>
> Date: Sun, May 18, 2008 at 3:46 AM
> Subject: Problems trunk-ing tun interfaces
> To: misc@openbsd.org
>
>
> I need help trunking tun interfaces.
>
> Actual
on OpenBSD fire.sporkton.com 4.3 GENERIC#698 i386
I have this pf.conf config, it does not work for vnc
ext_if="xl0"
lawrence="10.0.0.17"
rdr on $ext_if proto tcp from any to $ext_if port vncweb -> $lawrence
port vncweb
rdr on $ext_if proto tcp from any to $ext_if port vnc -> $lawrence port vnc
2008/6/10 Saulo Bozzi <[EMAIL PROTECTED]>:
> my question is to the system administrator.
> that know about vsftpd.
>
> thnkz.
>
> regardsbye.
>
>
I only find 2.0.5 in packages, since you are asking about a system
that is not included in base and a version thats not in our packages
system, as s
Currently i am trying to limit the bandwidth of one computer .113,
however there is almost nothing matching and going into the queue.
.113 is currently running BT, chat messengers, and a multiple of web
browsing instances
right now my rules are not as pretty as they might otherwise be, i am
trying
57 matches
Mail list logo
