RTFM:
man trunk
On 6/17/06, S t i n g r a y <[EMAIL PROTECTED]> wrote:
Is it possible to combine 2 external interface into
one in openBsD ?
actually its cheaper for me to buy two smaller
internet connection then a big one.
so i was thinking ...
*:$., 88,.$:*(((*$ Stingray *:$., 88,.$:*((*$
Tir
And here's another for you:
http://www.openbsd.org/faq/pf/pools.html#outgoing
On 6/17/06, S t i n g r a y <[EMAIL PROTECTED]> wrote:
Is it possible to combine 2 external interface into
one in openBsD ?
actually its cheaper for me to buy two smaller
internet connection then a big one.
so i was t
Obvious, but ensure that /var/www/cgi-bin/nagios is a valid directory
from the perspective of your chroot'd server.
Another caveat is to ensure that the named pipe is accessable to both
the nagios executable, and to the chroot'd cgi's (once they start
working that is). Nagios references the pipe
On 6/23/06, Spruell, Darren-Perot <[EMAIL PROTECTED]> wrote:
Incidentally, if you haven't used the package(s) for Nagios, do. I had no
problems and I went with a package install. No mysteries.
At work we run Nagios across Linux, OpenBSD & FreeBSD machines.
Compiling it from source is the only w
]> wrote:
On Saturday 24 June 2006 18:13, Peter Blair wrote:
> At work we run Nagios across Linux, OpenBSD & FreeBSD machines.
> Compiling it from source is the only way to ensure config file
> compatibility.
Say what? How does the compilation affect the config file? The config fi
Paste the entire contents of /etc/pf.conf
On 6/26/06, Matt Singerman <[EMAIL PROTECTED]> wrote:
I'm sorry if I didn't give enough info - what else would you have to know?
And your root password. Please e-mail that to the list.
On 6/26/06, Bryan Irvine <[EMAIL PROTECTED]> wrote:
On 6/26/06, Matt Singerman <[EMAIL PROTECTED]> wrote:
> I'm sorry if I didn't give enough info - what else would you have to know?
At the bare minimum, your pf.conf.
Also desirable are t
That sorta makes sense if your firewall was working as a bridge, but I
don't think that you mentioned anything about a bridgename.bridge0.
Was/Is your machine acting as a nat-style firewall? If so, then
you'll have to assign it some IPs.
How long was it running since its last reboot? Were the
s, and contains:
add dc0 add dc1 up
It was running for a good 300 days or so. It was set up and
configured by my predecessor, and I am not completely sure on all of
its configurations.
On 6/26/06, Peter Blair <[EMAIL PROTECTED]> wrote:
> That sorta makes sense if your firewall was work
SSL certificates for a hostname requires a unique IP address. Are you
trying to do virtual name hosting with https?
On 6/27/06, FTP <[EMAIL PROTECTED]> wrote:
On Mon, Jun 26, 2006 at 08:30:29AM -0700, Scott Francis wrote:
> On 6/26/06, FTP <[EMAIL PROTECTED]> wrote:
> >Hi there,
> >
> >I was tr
I haven't tried under OpenBSD, but mounting /tmp as a ramdisk could
prove viable.
On 7/4/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Some days ago I read a question related to encrypting a partition.
I just know that swap gets encrypted automaticly.
Wouldn`t it be possible to encrypt also /
Has anyone tried recently to connect to ftp.hifn.com ? I haven't been
able to connect from multiple locations.
-Pete
On 6/29/06, J.C. Roberts <[EMAIL PROTECTED]> wrote:
Howdy misc@
Though I stayed out of the last public fiasco regarding HiFn here on the
misc@ list, I privately contacted the p
If you have no parts of X installed, then how do you expect to link
against it? If you plan to use your OpenBSD machine as a headless X
client, then you'll need to install the requisite libs.
You'll save yourself a lot of time and headache if you just install the X set.
On 7/4/06, Lawrence Horv
<[EMAIL PROTECTED]> wrote:
On Tue, 4 Jul 2006 18:48:28 +0200, Joachim Schipper
<[EMAIL PROTECTED]> wrote:
>On Tue, Jul 04, 2006 at 12:16:45PM -0400, Nick Guenther wrote:
>> On 7/4/06, Peter Blair <[EMAIL PROTECTED]> wrote:
>> >On 6/29/06, J.C. Roberts <[EMAIL
Hello lists! (sorry if cross-list posting is frowned upon)
I'm setting up a BSD/pf machine that will be working as a binat
firewall for a number of hosts on two /28 subnets belonging to the
same co-location provider.
The BSD machine is already live, working hard for one subnet, and I
don't have
Something like:
pass in quick on $ext_if from { $friendly_networks } to any port ssh keep state
block in on $ext_if from any to any port ssh
should work. You can place "$friendly_networks" into a table that
gets loaded from a file if the list is large. And/or update it via
pftcl on the fly.
O
my have a \26 network, but their IP
is part of a \16 network that has been privately subnetted. So it's
difficult to say "ok, jerk.com has xxx.yyy.zzz.xyz IP, and that
belongs to xxx.yyy\16 network, so I'll block out all 65 thousand
addresses."
On 7/6/06, Peter Blair <[E
Perhaps this is an old issue?
http://lists.debian.org/debian-sparc/1997/06/msg0.html
Then again, perhaps not.
On 7/6/06, Peter Philipp <[EMAIL PROTECTED]> wrote:
I just tested running hexdump -x on two different systems. One system is a
macppc and the other and amd64. On the same file th
First, *don't* download source from the cvsweb website. That source
is handy for browsing, but you should be getting your code from a cvs
repository.
Look at the instructions for a given patch for guidance:
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/001_sendmail.patch
"And then rebui
for recompiling dhcpd code i require sendmail
patch.
Can u Plz explain me that.
Warm regards
Rahul
On 7/7/06, Peter Blair <[EMAIL PROTECTED]> wrote:
> First, *don't* download source from the cvsweb website. That source
> is handy for browsing, but you should be getting
On 7/20/06, Rahul Sharma <[EMAIL PROTECTED]> wrote:
Hi Peter Phillips,
It is not Mr. Eric Pancer but me (rahulthehacker) who is asking for help on
dhcpd lease.
Wrong:
http://www.sigmasoft.com/~openbsd/archives/html/openbsd-misc/2006-06/msg01371.html
On 7/20/06, Rob Baldassano <[EMAIL PROTECTED]> wrote:
Please forgive me if I am wrong but...
This thread should die.
Question is:
Why would you WANT your clients to constantly get new IPs?
it disrupts SSL communication traffic, especially when you are dealing with
external ly available
man pf.conf
Secondly, it's been discussed numerous times on the list that bridges
have their place (I use them in production environments at our data
centre) but you'll find filtering a bridge much more difficult than
filtering a NAT.
On 7/29/06, elaconta.com Webmaster <[EMAIL PROTECTED]> wrote:
That's not an easy scenario.
Perhaps the simplest solution would work for you.
You could implement a generic account on the firewall called say
"wifi-user". SSH into the filewall (not using Kerberos or anything)
and log in using the shared password for "wifi-user".
The login shell could point
Database backups here at work are enormous. A TB is nothing these days.
On 9/9/06, Peter Fraser <[EMAIL PROTECTED]> wrote:
Multi system backups to disk
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of pedro la peu
Sent: Friday, September 08, 2006 8:50
Perhaps: http://www.benzedrine.cx/pfstat.html would interest you.
On Thu, Apr 27, 2006 at 07:50:22AM +0700, riwanlky wrote:
> > I just installed a pf on my openBSD box as a firewall. However I need
> > to install MRTG and SNMP so that I can get the network utilization.
> >
> > Any documentation i
As an aside: I recently read "The Design and Implementation of 4.2 BSD
Operating System", which focused on the VAX architecture, and was
published sometime in the early 80s. In spite of its age, I found the
concepts clearly stated and on a high level, I believe that reading
the book forwarded my g
ftp://ftp.openbsd.org/pub/OpenBSD/3.7/ports.tar.gz
On 4/28/06, S t i n g r a y <[EMAIL PROTECTED]> wrote:
Well i just installed my First OpenBSD BOX :) feels
good !!! but to install packages i cannot find ports
collection in /usr how can i get them ? i am using 3.7
version.
regards
*:$., 88,.
But perhaps you're confusing ports & packages:
http://www.openbsd.org/faq/faq15.html#PkgMgmt
Packages are pre-compiled. Ports creates packages from source. You
don't need the ports tree to install packages.
-Pete
On 4/28/06, Peter Blair <[EMAIL PROTECTED]> wrote:
ftp:/
ALTQ Should do the trick:
http://www.openbsd.org/faq/pf/queueing.html
On 5/1/06, Chris Bullock <[EMAIL PROTECTED]> wrote:
Can queues be used to queue overall bandwidth? We have a project where we
will be sharing an Internet connection with another company, we will have an
IP and they will have
I forgot to mention in my previous e-mail, that if you were to
implement the scenerio outlined in your e-mail, then the other company
would have to 'trust' that you're setting up your firewall to not
exceed your 100k of bandwidth.
Just setup a single queue that caps at 100k.
On 5/1/06, Chris Bul
http://undeadly.org/cgi?action=article&sid=20060222180512
On 5/5/06, carlopmart <[EMAIL PROTECTED]> wrote:
Hi all,
Somebody knows when ipsec faq will be published on openbsd website?? i
need to deploy two openbsd 3.9 HA firewalls with vpn, dhcp and x509
certificates included? Somebody have so
Perhaps I'm confused, but it doesn't look (from your diagram) that
your pf machine is acting as a firewall for anything but itself.
If you want to filter traffic to your public machines, then you'll
have to either:
1) Use the pf-machine as a bridge between the "internet" ethernet
segment, and th
man getsomeoneelsetodoit
On 5/8/06, Nick Guenther <[EMAIL PROTECTED]> wrote:
On 5/8/06, S t i n g r a y <[EMAIL PROTECTED]> wrote:
> i have a network script that i want to execute before
> any host on the network connects to my computer.
>
> thanks
man rc
man netstart
arpwatch
http://ee.lbl.gov/
And lock down the permitted mac addresses on your switch.
On 5/9/06, S t i n g r a y <[EMAIL PROTECTED]> wrote:
Ok i know PF dont filter using MAC address but can you
point me to package that has the feature of Anti MAC
Spoofing ?
regards
*:$., 88,.$:*(((*$ Stin
Does the section of the book talk about frame relay? More context would help.
On 5/15/06, S t i n g r a y <[EMAIL PROTECTED]> wrote:
Well i am learning OpenBSD PF from a book & in the
book when creating sample rules the author refers to
CIR's when defining Macros but in the form of
prv_ad = "p
Perhaps this is what it's talking about.
http://www.ralphb.net/IPSubnet/cidr.html
On 5/15/06, S t i n g r a y <[EMAIL PROTECTED]> wrote:
No this book is only about openbsd PF no types of
networks
What's your timezone?
On 5/18/06, Didier Wiroth <[EMAIL PROTECTED]> wrote:
Hello,
(openbsd novice)
I'm experimenting with cvs.
I'm running:
a) cvs repository on openbsd 3.9-stable:
repo:~ $ ls -la /etc/localtime && date
lrwxr-xr-x 1 root wheel 37 May 12 17:34 /etc/localtime ->
/usr/share/z
woops -- replied before reading entire message. *ducks*
On 5/18/06, Peter Blair <[EMAIL PROTECTED]> wrote:
What's your timezone?
On 5/18/06, Didier Wiroth <[EMAIL PROTECTED]> wrote:
> Hello,
> (openbsd novice)
>
> I'm experimenting with cvs.
>
> I'
Since CEST is +2hours from GMT, then the cvs timestamp looks fine.
On 5/18/06, Darrin Chandler <[EMAIL PROTECTED]> wrote:
On Thu, May 18, 2006 at 04:42:47PM +0200, Didier Wiroth wrote:
> I put a $Id$ in a file and do a commit
> cvs -q -d $MYCVS ci -m "test" index.html
>
> The index.html file $ID
I haven't personally tested this, but give it a look:
http://www.whoopis.com/howtos/web-bandwidth-limit.html
Unfortunately it doesn't have the same kind of benefits that altq/pf
provide, but as stated in the previous messages, you'd have to place
your webmail and iso services on different IPs.
Another alternative is to use
http://httpd.apache.org/docs/1.3/mod/mod_proxy.html#proxypass to proxy
your iso directory to another httpd instance running on a private IP,
eg:
setup your webserver with the regular public IP address(es), and
additionally setup a number of private IP addresses.
Sta
Don't use iostream.h, as it's old, and only there for backwards
compatibility. If possible, use instead.
On 5/25/06, Toni Mueller <[EMAIL PROTECTED]> wrote:
Hello,
I'd like to compile a small C++ program (part of building the HylaFAX
port). This is the program:
-
#in
Be careful -- if you have an application "say /usr/local/whatever/foo"
that is linked from "/usr/local/bin/bar" then when you call
"/usr/local/bin/bar" it will populate "bar" as the argv[0] element.
This may be what you want, but then again, perhaps you want to know
that "foo" is the application b
That project (if/once completed) would be very useful. I just cringe
at the thought of running a guestOS of openbsd under linux or Solaris
;)
On 5/30/06, Dries Schellekens <[EMAIL PROTECTED]> wrote:
Anil Madhavapeddy wrote:
> We've put up some Xen-related projects for the Google Summer of
> Co
Gak! The "should" was hedged with quotes because I couldn't verify
how it behaved. Apparently it's just a quick way to access argv[0].
Thanks!
On 30 May 2006 16:29:31 +0200, Artur Grabowski <[EMAIL PROTECTED]> wrote:
"Peter Blair" <[EMAIL PROTECTED]&g
Are you saying that OpenBSD is targetted as a Dom0 OS? I couldn't
tell from the above mentioned links.
On 5/30/06, Dries Schellekens <[EMAIL PROTECTED]> wrote:
Peter Blair wrote:
> That project (if/once completed) would be very useful. I just cringe
> at the thought of run
Here's a quick perl script to extract the html:
#!/usr/bin/perl
#
# cvs_dates.pl
while()
{
my($line) = $_;
chomp($line);
if( $line =~ /(\d{4}-\d{2}-\d{2}).{28}(\d{10,20})/ )
{
my($d) = $1;
my($id) = $2;
print $d, " ", $id,
48 matches
Mail list logo
