On 07 Nov 2013, at 06:09, Predrag Punosevac wrote:
> I am soliciting opinions and some guidance on few very general sys admin
> questions.
>
> 1. What do people in general use to parse large amount of log files
> received in the form of e-mails? security/logsurfer and similar. I have
> seen so
should be 10.1.8.1 (vlan3 interface on box2),
and so forth.
-mj
Best solution is ECMP combined with ifstated - you get double bandwidth until
one link goes down, in which case it is automatically removed from the routing
table until it comes up again. This is a pretty common setup in e.g. Top Of
Rack (ToR) switching setups.
I just wrote a blog post mentioning
Which app are you running that is generating millions of tiny files in a single
directory? Regardless, in this case OpenBSD is not the right tool for the job.
You need either FreeBSD or a Solaris variant to handle this problem because you
need ZFS.
What limits does ZFS have?
-
IGRP is a 28 year old routing protocol from the stone ages, no wonder it was
retired. EIGRP is a bit more modern ;-)
Cisco won't be discontinuing EIGRP anytime soon; it's the preferred routing
protocol for building DMVPNs and Cisco DMVPN is a very widely used technology.
Cisco definitely pushes
Hi,
Sometimes, maybe once ever 100 commands or so, I get the following type of
error:
[root@black socklog]# dmesg | less
-bash: $'\302\240less': command not found
It is not reproducible, at least I don't know how to reproduce it. Hitting up
arrow will reproduce it, but typing the command agai
On Mar 19, 2013, at 11:17 PM, jca+o...@wxcvbn.org (Jérémie Courrèges-Anglas)
wrote:
> MJ writes:
>
>> Hi,
>>
>> Sometimes, maybe once ever 100 commands or so, I get the following type of
>> error:
>>
>> [root@black socklog]# dmesg | less
&g
Hi,
On two occasions (had to test it to see if it was repeatable), ospfd has
crashed on my 5.2 release i386 machine while I was running a ruby script that
consumed too much memory (which also crashed). No other daemons on the machine
crashed except ospfd. Needless to say, my network also went
On Mar 21, 2013, at 10:46 PM, Ted Unangst wrote:
>
> There is no OOM killer. Your bug report also lacks crucial details
> like what it means to crash. Do you mean it logged a message like
> "fatal: out of memory"? That's not a crash, that's a message informing
> you about an error condition. You
Why reinvent the wheel?
[root@black ~]# getent passwd 1
daemon:*:1:1:The devil himself:/root:/sbin/nologin
[root@black ~]#
-mike
On May 7, 2013, at 4:06 AM, Friedrich Locke wrote:
> Dear list members,
>
> I am in need to write a simple program to return the passwd entry for a
> given uid nu
This works with Windows 8, OSX, Android and iOS:
ike passive esp transport \
proto udp from $public_ip to any port 1701 \
main auth "hmac-sha1" enc "aes" group modp1024 \
quick auth "hmac-sha1" enc "aes" \
psk $psk
On 03 Dec 2013, at 00:28, Frans Haarman wrot
On 11 Jan 2014, at 13.36, Craig R. Skinner wrote:
>
> Hosts in hinet have been relentlessly attacking my mail & web servers
> for over 8 years. I feed them rubbish to play with,
A good technique is to run a geospatially-enabled DNS server that maps AS
numbers to locations and then simply serve
On 15 Jan 2014, at 16.35, Gilles LAMIRAL wrote:
> Dear Theo,
>
>> Don't we do enough?
>
> You already do too much.
I have long held the opinion that Theo is probably the best coder on this
planet. That’s not any sort of ass-kissing, either, it’s my objective, unbiased
opinion. And I know Hen
Hello,
I would like to inquire as to which OpenBSD RELEASE will offer the possibility
to avoid NIST crypto for everything in Base (isakmpd, openssh, openssl, https,
nginx being the key items in mind)?
BTW, looks like things are heading in the right direction
(http://www.slideshare.net/yandex/rubs
On 16 Jan 2014, at 18.23, Chris Cappuccio wrote:
> For instance, you may have noticed that OpenSSH is moving towards an
> openssl-free mode by importing NaCl components directly?
>
> One problem with abandoning OpenSSL is that you lose SSL, TLS, (oh, and
> everything has to be rewritten to use N
On 16 Jan 2014, at 18.23, Chris Cappuccio wrote:
>
> For instance, you may have noticed that OpenSSH is moving towards an
> openssl-free mode by importing NaCl components directly?
>
> One problem with abandoning OpenSSL is that you lose SSL, TLS, (oh, and
> everything has to be rewritten to use
On 16 Jan 2014, at 19.45, Jack Woehr wrote:
>
> I think Theo has answered this previously. His point was that he doesn't want
> to spend his time year after year
> running campaigns. Being neither a politician nor a diplomat nor a
> grantmaster, he wants a sustainable model.
There’s a person w
On 16 Jan 2014, at 19.17, Chris Cappuccio wrote:
> OpenBSD has already began incorporating NaCl by bypassing OpenSSL entirely.
Good news - perhaps my philosophy is “why lay a lot of small bricks here and
there when you can lay a cornerstone and be done with it?”. But perhaps I am
not taking all
On 16 Jan 2014, at 20.24, Chris Cappuccio wrote:
>
> Block traffic with specific ciphers from traversing the network? That's sci.fi
>
You’re right again - this stuff is futuristic but could potentially be
accomplished via inspection of unencrypted packet headers, etc (i.e. via
packet-pattern/
On 16 Jan 2014, at 20.49, Nicolai wrote:
>
> Things are moving in the right direction! The last six months have seen
> MAJOR improvements in crypto. If you want to be a part of it, pick up
> DNSCrypt or DNSCurve. Get a recent Chromium and play with QUIC. Read
> about MinimaLT. Strong, fast en
On 16 Jan 2014, at 23.55, Chris Cappuccio wrote:
>
> All until we learn from the newest Snowden slide that Dan Bernstein is
> actually on the NSA payroll :)
>
All your DJBs belong to us!
On 17 Jan 2014, at 00.54, Christian Weisgerber wrote:
> MJ wrote:
>
>> I would like to inquire as to which OpenBSD RELEASE will offer the
>> possibility
>> to avoid NIST crypto for everything in Base (isakmpd, openssh, openssl,
>> https,
>> nginx being
On 17 Jan 2014, at 17.30, Christian Weisgerber wrote:
>
> As guenther@ has pointed out, refusing all crypto covered by that
> definition is silly. But even if you limit yourself to the
> specification part, you should be very disappointed about the newly
> added Curve25519 key exchange and Ed255
On 18 Jan 2014, at 04.33, Theo de Raadt wrote:
>
> Why is there this effort to convince us to do less?
>
I do not propagate such a train of thought; only said that if you want
corporate funding then be prepared to detail your costs and justify each and
every one of them as well as satisfying
On 18 Jan 2014, at 01.13, Christopher Ahrens wrote:
>
> In reality, I don't give a shit about any else who doesn't
> pay me, make my life easier or make my life more enjoyable.
Its a rare moment when I feel the need to publicly bitch-slap someone, but
you triggered it.
That statement alone, an
On 17 Jan 2014, at 06.05, Philip Guenther wrote:
> Ah, so if NIST looked at work done by someone completely unrelated to
> NIST and said "looks good, we'll standardize exactly what you did",
> you think that it's now contaminated by NISTs talking about it? For
> example, AES, which was designed b
On 18 Jan 2014, at 22.25, Chris Cappuccio wrote:
> Mike, maybe you can stop your rambling, and just do the same. Because
> otherwise, I don't understand why you feel justified to be on this mailing
> list. You were henning's roommate, so that means that you know all about
> OpenBSD, programming,
On 18 Jan 2014, at 20.15, Jan Stary wrote:
> On Jan 18 16:29:46, m...@sci.fi wrote:
>> On 18 Jan 2014, at 04.33, Theo de Raadt wrote:
>> And I hope it?s the thought that counts more than the amount.
>
> LOL, yes, especially when it comes to bills being paid.
>
You, too, sir, can also take an
On 19 Jan 2014, at 01.36, Jan Stary wrote:
>
> So, the 1 is the thought, and the 0 is the amount?
>
> Sorry, but your comments were so ridiculous I couldn't help it.
> Saying it's the thougth that counts to people who have
> repeated explicitly they need MONEY.
There you go again with your simple
On 18 Jan 2014, at 20.01, Desktop User OpenBSD
wrote:
> Hello,
>
> I would love to subscribe to the monthly donation on:
>
> http://openbsdfoundation.org/donations.html
>
> but I need to ask, say a few things before:
>
> 1) The
> https://openbsdfoundation.org/donations.html
> is redirecting
Hi,
I have a carp master and backup on a pair of one-armed Rapsberry Pi 4B
devices (router1 and router2) and when I ssh to the backup using the
carp IP as my gateway, it repeatedly throws me out after a few seconds
with the message:
My laptop's network config:
---
31 matches
Mail list logo
