On Tue, Apr 25, 2017 at 10:07:37AM +, Stuart Henderson wrote:
> On 2017-04-25, Peter J. Philipp wrote:
> > Hi,
> >
> > In the past I've been examining signed binaries in the OpenBSD system.
> > I wrote some kernel code for this, but I'm stuck befor
One quick note. The sources here are against 6.1 not -current, in order to
compile against -current I'M sure it'll have to be put up to speed.
Regards,
-peter
Hi,
With the help of Francisco Gaitan, who set up a remote console to the
Banana Pi R1 I donated to him last year, I have put together the driver for
this device. It is based on Paul Irofti's brswphy(4) in part and on
Wolfgang Solfrank's bswphy.c driver. I just put these drivers together and
th
Hi,
Someone has offered me a deal on a somewhat used Ubiquiti Edgerouter,
https://www.ubnt.com/edgemax/edgerouter/ <-- this one.
Is it supported by OpenBSD/octeon and if not what needs to be done to make it
work? Has anyone experience with this hardware?
Regards,
-peter
On Sat, Jul 22, 2017 at 11:55:17AM -0400, Sean Murphy wrote:
> Hi Peter,
>
> This is a solid machine, if you can get it, do so. OpenBSD 6.1 works
> very well on this hardware, I have used mine variously as a gateway
> router with PF, DHCP server, DNS server with unbound, and local name
> server w
On Mon, Jul 24, 2017 at 07:11:32PM +0200, Doggie wrote:
> W dniu 2017-07-24 o 14:18, Sean Murphy pisze:
> > Whoops, you're right. I did mention that it was an ERL in my original
> > email, but I didn't follow the original link. Sorry for the noise.
>
> All I can say is that I share the same good
On Mon, Jul 24, 2017 at 07:21:36PM +0200, Peter J. Philipp wrote:
> > Now it would be very interesting to see dmesg coming from 8-port ER.
Hi, I got the ER-8. First impression is that it's in good condition, but the
fans are a little noisy, hoping it won't be a pain. cnmac
On Tue, Jul 25, 2017 at 10:58:13AM +0200, Peter J. Philipp wrote:
> Hi, I got the ER-8. First impression is that it's in good condition, but the
> fans are a little noisy, hoping it won't be a pain. cnmac0 starts on eth4
> instead of eth0 but that's no problem as long
Actually I bought the silent fans. So I don't have to write any code,
too bad the foxconn fans are a misdesign. I'll maintenance this router
next week for the new fans. I'm putting it into production at home
tomorrow though.
Cheers,
-peter
On 07/25/17 18:38, Peter J. Philipp
On Wed, Jul 26, 2017 at 12:20:23AM +0200, Doggie wrote:
> W dniu 2017-07-25 o 19:39, Peter J. Philipp pisze:
> > Actually I bought the silent fans. So I don't have to write any code,
> > too bad the foxconn fans are a misdesign. I'll maintenance this router
> > n
-p -u -r1.14 delphinusdnsd.c
--- delphinusdnsd.c 11 Jul 2017 15:57:16 - 1.14
+++ delphinusdnsd.c 7 Aug 2017 16:30:31 -
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2002-2015 Peter J. Philipp
+ * Copyright (c) 2002-2017 Peter J. Philipp
* All rights reserved.
*
* Redistribution and u
gain! Donation sent.
-peter
On 08/08/17 01:36, Jeremie Courreges-Anglas wrote:
> On Mon, Aug 07 2017, "Peter J. Philipp" wrote:
>> Hi,
> Hi,
>
>> I'm writing to misc because I did a change with my programming project and
>> it doesn't work, in fact the
Hi,
I got these messages with the new 6.2 cyrus imapd:
Oct 14 11:03:26 mercury imaps[55561]: client id sessionid=:
"name" "Thunderbird" "version" "52.2.1"
Oct 14 11:03:26 mercury imaps[55561]: Fatal error: Internal error:
assertion failed: imap/message.c: 4286: !message_need(m, M_RECORD)
Oct 14 1
Mon, Oct 16, 2017 at 12:27:59PM +, Peter J. Philipp wrote:
>> Hi,
>>
>> I got these messages with the new 6.2 cyrus imapd:
>>
>> Oct 14 11:03:26 mercury imaps[55561]: client id sessionid=:
>> "name" "Thunderbird" "version" "52.
Hi,
I'm debugging a program that doesn't work around reading /etc/spwd.db. In
a ktrace it gives this:
78130 rbdaemon CALL open(0xeca79d7b000,0)
78130 rbdaemon NAMI "/etc/spwd.db"
78130 rbdaemon RET open -1 errno 1 Operation not permitted
When I take the pledge code out which is:
if (ple
Hi,
It unfortunately is not that simple to me. Because I don't have any
getpw* code really. But when I take getpw out of pledge it aborts the
program upon execution like so:
beta# rbdaemon -s 192.168.35.4
mkdir: File exists
Abort trap (core dumped)
beta# dmesg|tail -1
rbda
Deal, I'll redesign it, with imsg and privsep to do the inet functions.
In the process it'll probably fix what I want from it.
Thanks!
-peter
On 10/23/17 19:25, Theo de Raadt wrote:
> Basically, you want your program to be able to do everything.
>
> pledge isn't a wand you wave over software a
Hi,
I've refactored my code, I added imsg and privsep in chroot. Nothing
has changed. Still ugly code of mine and still unable to cpio
/etc/spwd.db into a cpio file. Only added bonus is that I was able to
tighten the pledge() in my code a wee bit.
Here is my (refactored) code:
http://centroid
On Tue, Oct 24, 2017 at 08:09:14AM -0600, Theo de Raadt wrote:
> > I agree that it could be disappointing. but cpio is pledged, so it
> > couldn't open /etc/spwd.db, because we considered this operation as
> > a privilegied operation.
> >
> > in order to backup this file, you need another tool. so
you think) and it bypasses all pledge checks, which
satisfies me.
When someone comes along and has the same problem all they have is
search engines to find out why this all is. :-) I'm good with it.
Cheers,
-peter
On 10/24/17 20:25, Ingo Schwarze wrote:
> Hi Peter,
>
> Peter J. P
On Tue, Oct 24, 2017 at 01:45:42PM +0200, Daniel Hartmeier wrote:
> So all an attacker has to do is call pledge() again, with LESS
> permissive promises, i.e. giving up getpw?
>
> #include
> #include
>
> int main()
> {
> if (pledge("stdio rpath getpw", NULL) == -1)
> err("pl
Hi,
I have successfully managed to put an iked on an rdomain 2 interface.
Everything is nicely on that domain/rtable.
Now I want to route some parts of that into rdomain 0 and get the return
traffic back on rdomain 2. But I can't for the life of me figure this way
out. I've had error messages
Hi,
The ix(4) manpage mentions there is support:
o Intel X550-T 10GbE Adapter (10GbaseT/1000baseT/100baseTX)
However there is a X550-T1 and a X550-T2 model are both supported or
just the X550-T1?
Please clarify this for me.
Also is there any comparable products that you'd recommend that I m
On Fri, May 18, 2018 at 03:31:51PM +0200, Karel Gardas wrote:
> On Fri, 18 May 2018 02:30:13 -0400
> Joseph Mayer wrote:
>
> > 4-core (5-core?) 1.5Ghz, 8GB DDR4 ECC RAM, two PCIe slots (one one-lane
> > and one two-lane PCIe 2.0?), SATA, gigabit ethernet, microSD, HDMI,
> > UART.
> >
> > https:/
On Tue, Jun 12, 2018 at 03:08:49PM +0200, Holger Glaess wrote:
> hi
hello,
> i bought the edgerouter 6 to play around wird openbsd 6.3 current.
>
> i install and boot current susccessful on a usb stick.
>
> my problem is that he only use one core.
>
> if i boot the boot the bsd.mp kernel by tf
Hi,
This is more a question to the OpenSMTPD community. In OpenBSD 6.4 and already
in -current there is a new config file syntax. I did the work and converted
my config:
http://www.centroid.eu/blog/c?article=1529689653
That is from my blog. I have a question though whether my config is indeed
On Sat, Jun 23, 2018 at 01:33:59PM +0200, Sebastien Marie wrote:
> Hi Peter,
>
> The short response is: no.
>
> The long one is that currently `tls no-verify' applies only for
> smarthost configuration (`relay' with `host url', when tls is implied).
>
> smtpd(8) should complains if you try the s
I was extremely lucky 2 jobs ago to have an employer who requires only
that I be able to SSH, and be able to work remotely across continents.
So I made OpenBSD my workstation. The last job I had to use windows10
and I cried... and eventually quit, I can't work with that, and I wish I
had my o
Hi,
I'm working on a powerpc64 port, I've been at it 2 weeks non-stop. I
don't know if I'll finish. But I gotta say hey! this is a generous offer.
Since I'm focusing on the big endian machine byte order and on PowerPC
970's it would need to be ported again to little endian afaik. If it's
On Tue, Jul 24, 2018 at 09:21:09PM +0200, Peter J. Philipp wrote:
> Hi,
>
> I'm working on a powerpc64 port, I've been at it 2 weeks non-stop.?? I don't
> know if I'll finish.?? But I gotta say hey! this is a generous offer.
>
> Since I'm focusing
On Sun, Sep 09, 2018 at 10:08:39AM +, Stuart Henderson wrote:
> >> own email server, when I have never done it before on any OS, worth it
> >> over some
> >> other solution. And yes I am very open to other suggestions for a
> >> solution, even
> >> if it is something I have to pay for, to avoid
Hi,
I wasn't going to ask, but the book I have (alternative dns servers - jpm) is
somewhat outdated on nsd.
If I'm correct, in order to pull the zones to disk on a slave nsd setup, one
has to manually or crontab "nsd-control write example.com". Is this correct?
Is there an automated way to do t
On Wed, Sep 12, 2018 at 11:01:13PM -0600, Austin Hook wrote:
> Have run my own mail server for maybe 20 years of OpenBSD, and apart from
> getting my ISP to give me a static IP and a correct reverse DNS entry, and
> a couple of run ins with a few filters that dumb ISPs run, it's worked
> fine al
Hi,
I know the announcement hasn't made it out yet afaik. But I want to give
notice that on ftp.eu as well as cdn mirrors the sources don't check out.
For one the key is the old 6.3 key and then it fails to signify.
pub -x SHA256.sig-tgz ports.tar.gz<
Hi,
Hope this will help you:
https://www.openbsd.org/macppc.html
search down to Boot device considerations (ultra0 for example boot
ultra0:,ofwboot /bsd)
Also perhaps this guide will help you in firmware
http://www.firmworks.com/QuickRef.html
(there is the devalias command in open firmware
Hi,
in ofw mode you can type printenv and under boot-command line it says on
my box
"mac-boot". mac-boot (which is a ofw program) allows you to boot into
the mac from openfirmware. This is overriden by a line called
boot-device: where on my mac it says hd:,ofwboot
hd is a device alias th
Hi,
The end of the year is approaching and I'm looking around for new
projects. Currently I have two projects that i'M active on, but willing
to put them on the back burner come new years for a POP3s daemon. The
reason I want a pop3s daemon is because I want something pledged and
unveil'ed
Thanks! I guess there is no DANE for POP3 is there? There was APOP in
some RFC too but that required that passwords be unencrypted on the
server side (and that was with MD5 I think).
The reason my parents like POP3s is that they do not require mail to be
left on the server, and to this I do
Hi,
I recently built a new vmm with 6.4 and noticed this morning that it had
a clock problem too, however all my other vmm's didn't.
kern.timecounter.tick=1
kern.timecounter.timestepwarnings=0
kern.timecounter.hardware=tsc
kern.timecounter.choice=i8254(0) tsc(-1000) dummy(-100)
These are
On Wed, Mar 11, 2020 at 05:28:11PM +, Martin wrote:
> Hello list,
>
> After upgrade from 6.5 to 6.6-current amd64 (all the latest patches
> installed) system stutters. It affects on all visible and background
> activity. For instance, when typing USB keyboard skip symbols, disk write
> oper
On Wed, Mar 11, 2020 at 06:12:44PM +, Martin wrote:
> Peter, can you share which software you started in /etc/rc.conf.local
> by
> pkg_scripts="imapd..."
>
> I'll try to find some correlation.
>
> Martin
pkg_scripts="isc_named cyrus_imapd saslauthd"
along with apmd -A, vmd, sndiod -f rsnd/
Any developer working on a riscv port and willing to share their unofficial
work for possible future collaboration?
Best Regards,
-peter
Hi,
>From the unveil manpage:
The first call to unveil() removes visibility of the entire filesystem
from all other filesystem-related system calls (such as open(2), chmod(2)
and rename(2)), except for the specified path and permissions.
Can the first call also be the last? I hav
On Thu, Apr 23, 2020 at 11:20:45AM +0200, Hiltjo Posthuma wrote:
> > beta$ ps ax | grep unveiltest
> > 40907 pg S+U 0:00.01 ./unveiltest
> > 40013 ph R+/2 0:00.00 grep unveiltest
> Hi,
>
> Below the quoted part it says in the man page:
>
> "After establishing a collection of pa
On Thu, May 07, 2020 at 04:00:15PM +0200, i...@aulix.com wrote:
> Dear OpenBSD fans,
>
> Can you please comment negative appraisal from the following website:
>
> https://isopenbsdsecu.re/quotes/
>
> I did not want to hurt anyone, just looking for a secure OS and OpenBSD
> looked very nice to m
Hi,
Before I wrote this email I searched under marc.info and did a google search,
but I didn't get a definitive answer. I found this under openbsd.org:
https://www.openbsd.org/policy.html
Whoever put that together I thank thee.
In code, I see the (c) and the (C) used interchangibly, I'm wonder
Hi,
I'm wondering how I can write to stdout on aucat? Here is what I have:
beta$ /usr/bin/aucat -r 44100 -h wav -i ewhist2.wav -o - | hexdump -C
stdout: failed to seek back to header
beta$ /usr/bin/aucat -r 44100 -h wav -i ewhist2.wav -o /dev/stdout | hexdump -
/dev/stdout: failed to seek back t
Hi,
My bwfm(4) device does not connect to my parents AVM Fritz!box 7950 all too
great. I recently flashed to the Labor version on this device hoping it would
improve but I didn't see an improvement.
I noticed with tcpdump that packets go through, but it doesn't go out, at
least the fritzbox does
I noticed that /sbin/ping and /sbin/ping6 were not hardlinked, on all my
computers (home and dedicated servers). How likely is it that the
signify keys have been compromised? I'm having a hard time with OpenBSD
these days, part of it is my clumsyness other parts are pointing to a
rootkit on m
On Fri, Jun 12, 2020 at 08:56:26PM -0600, Theo de Raadt wrote:
> I suspect your machine predates the ping/ping6 merge, and as
> a result you have different files, and subsequent upgrades and
> syspatch (basically tar extract) are skipping the 2nd one.
I reinstalled kite and trapezoid from install,
On Sat, Jun 13, 2020 at 04:52:44AM +0200, Peter J. Philipp wrote:
> I'm sick of reinstalling these, please provide a guide on what I should
> do/look at to find reason why ping and ping6 are split in the filesystem???
> Because in base67.tgz they should be hardlinked.
I figured i
Hi,
I realise binding to 0.0.0.0 is akin to binding to INADDR_ANY, but could
you try binding to each interface address that you want seperately?
Such as:
interface: 192.168.1.2
interface: 127.0.0.1
interface: ::1
interface: 2003:XXX::XXX
and then try again. Cross-check that they are bou
Is this possible at all? I have mmap'ed (shared) a process and it has childs.
I would like to unmap this mmap in one child only but I'm not sure if the
other childs that should have this mapping still will lose it or not? Can
someone enlighten me on this?
Thanks!
-peter
On Sat, Jul 11, 2020 at 09:12:55PM -0600, Theo de Raadt wrote:
> Peter J. Philipp wrote:
>
> > Is this possible at all? I have mmap'ed (shared) a process and it has
> > childs.
> > I would like to unmap this mmap in one child only but I'm not sure if the
>
Hi,
I noticed that UDP packets with a checksum of zero (0) make it through the
UDP stack to userland programs. Is there a knob to turn that off?
Offending packet:
08:38:28.035351 45.148.10.91.80 > 5.9.87.75.53: [no udp cksum] 65534+ [1au] ANY
(Class 10531)? .(24) (ttl 241, id 35118, len 52)
Hi,
Aug 5 07:09:55 beta unwind[1703]: startup
Aug 5 07:09:59 beta unwind[62921]: validation failure : no DNSSEC records from 192.168.177.1 for DS internal.centroid.eu. while
building chain of trust
Let me describe my setup. Here is my unwind.conf:
beta# more /etc/unwind.conf
On Wed, Aug 05, 2020 at 07:34:25AM +0200, Florian Obser wrote:
> You could unbreak this in DNS by setting up insecure delegations
> (publishing NS records without DS records) for your internal zones.
> Doesn't mean that the authoritatives need to be reachable from the outside.
> That would unbreak
On Sun, Sep 20, 2020 at 12:43:41AM -0400, Predrag Punosevac wrote:
> Could a kind soul who runs DNS for living point me to the documentation
> which I can use to educate myself.
>
>
> Most Kind Regards,
> Predrag Punosevac
Yes it does need TCP. It's part of the protocol since RFC 1035. For ex
On Mon, Oct 05, 2020 at 03:16:24PM +, Roderick wrote:
>
> The result of time() has type time_t and we know what kind of number
> goes there: seconds since 0 hours, 0 minutes, 0 seconds, January 1,
> 1970, Coordinated Universal Time.
>
> In my FreeBSD running on a 64 bit processor this type is
Hi,
I was wondering if binutils-2.17 will be that version for the next foreseeable
future? Reason being is that there is backports to RISCV's binutils but they
don't go that low to 2.17. Since I'm lazy, I don't really want to port
binutils to 2.17 for any architecture if it's not already done s
On Thu, Oct 22, 2020 at 08:52:48AM -0700, Mike Larkin wrote:
> On Thu, Oct 22, 2020 at 04:26:37PM +0200, Peter J. Philipp wrote:
> > Hi,
> >
> > I was wondering if binutils-2.17 will be that version for the next
> > foreseeable
> > future? Reason being is t
Hi,
Just got this message (seemed like a flood) from tcpdump:
[MBMS Support] [MBMS Support] [MBMS Support] [MBMS Support] [MBMS Support] [M
BMS Support] [MBMS Support] [MBMS Support] [MBMS Support] [MBMS Support] [MBMS S
upport] [MBMS Support] [MBMS Support] [MBMS Support] [MBMS Support] [MB
On Thu, Oct 22, 2020 at 07:49:40PM +0200, Peter J. Philipp wrote:
> Hi,
>
> Just got this message (seemed like a flood) from tcpdump:
>
>
> [MBMS Support] [MBMS Support] [MBMS Support] [MBMS Support] [MBMS Support] [M
> BMS Support] [MBMS Support] [MBMS Support] [MBMS S
Hi,
Here is a dmesg:
https://www.centroid.eu/blog/c?article=1563349296
As usual OpenBSD continues to surprise me when I fitted a PCI-X quad em(4)
card in my G5 PowerMac. It works!
Thank you so much!
-peter
Hi,
I had considered doing some programming in visual studio on windows and I
really miss the easy arc4random*() routines there.
Out of boredom I started looking at /sys/dev/rnd.c and have a question now.
Before twisting the pool, enqueue_randomness() has a component of time if
I'm not misreading
On Tue, Jul 30, 2019 at 06:11:15AM -0600, Theo de Raadt wrote:
> Peter J. Philipp wrote:
>
> > Before twisting the pool, enqueue_randomness() has a component of time if
> > I'm not misreading. Why is this done?
>
> That is a low-grade question.
OK I retract i
Hi,
On the NANOG list there is a thread about something synflooding:
https://mailman.nanog.org/pipermail/nanog/2019-August/102713.html
Most of my hosts are synflooded, and I was wondering why my OpenBSD
hosts don't show any SYN_RECV states in a netstat -nafinet. I had to tcpdump
to see a synfloo
Never mind, I exited airhead mode. pfctl -ss does what I need. However
I approached things from
non-root perspective and pfctl requires root privs. Sometimes I
surprise myself that I have root.
Cheers,
-peter
On 8/20/19 7:36 PM, Peter J. Philipp wrote:
Hi,
On the NANOG list there is a
Hi Joe,
The domain whatsapp.com doesn't guarantee integrity to you (they have dnssec
turned off, at least last I checked). It's possible that someone got in your
middle and inserted a bogus record. This being said I'M ignorant to the fact
that nlnetlabs have changed their internal database, so
On Mon, Sep 16, 2019 at 05:35:49PM +0200, Jan Stary wrote:
> On Sep 14 12:58:39, h...@stare.cz wrote:
> > This is current/macppc on an old macmini - dmesg below.
> > (Putting old hw to work with OpenBSD is a joy;
> > plus this is my only macppc test machine.)
> >
> > At boot(8) time, it stops at t
Hi,
Not sure if the subject is good, or if this is even relevant for OpenBSD, but
I thought I'd put it out there. I recently got a KVM switch with which I can
control 4 PC's on one monitor. The exact label of it is
"4x1 USB HDMI KVM Switch". When I boot a recent -current
kern.version=OpenBSD
On Wed, Sep 18, 2019 at 07:50:15AM +0200, Peter J. Philipp wrote:
> Hi,
>
> Not sure if the subject is good, or if this is even relevant for OpenBSD, but
> I thought I'd put it out there. I recently got a KVM switch with which I can
> control 4 PC's on one monitor.
Hi,
In the past I've bought mugs from OpenBSDStore.com. The site now points
to the main OpenBSD.org website and the DNS SOA indicates it may have been
doing so for 7 days.
Is there a story to this? Where should we get fan items in the future?
Regards,
-peter
Hi,
The mail from Holger Glaess seems to be missing a backtrace. I got one, but
I have very little time today and tomorrow to debug anything, I have put a
temporary replacement for the octeon pppoe router at my premises for the time
being.
Also, I tried poking around in sppp_auth_send() in /s
On Wed, Oct 23, 2019 at 08:21:50AM +0200, Holger Glaess wrote:
> hi
>
>
> here the traceback , i hope ;)
Hi Holger & Tech,
I have made my octeon router work again and I have a patch. But I'm not an
openbsd developer, nor is this patch official in any way. It was a lot of
debugging and refacto
On 2019-10-26 12:03, Frank Beuth wrote:
On Sat, Oct 26, 2019 at 02:53:42PM +0800, Jyri Hovila [Turvamies.fi]
wrote:
Maybe OpenBSD could profile itself as *the* OS with all crypto
related stuff is handled using post-quantum cryptography?
I don't think OpenBSD wants to "profile itself" as anyt
Hi,
I have a Unifi Security Gateway that replaced an ER-8 because the latter
was too loud after all. I have a 100/40 VDSL connection and in tests with
pppoe and routing from cnmac0 to cnmac1 gets me ~90 Mbit/s download. I want
to claim that last 10% somehow and I have hacked the if_pppoe.c drive
Hi,
My DNS program gets a SIGBUS when I execute it. I have ktraced it, upped
limits and searched in the mips64 source for answers, could this be a compiler
problem?
ktrace->
41651 dddctl CALL connect(6,0xfcacb0,16)
41651 dddctl STRU struct sockaddr { AF_INET, 192.168.177.2:10053
s a lot! I'll come back in a few days to report how it went.
Best Regards,
-peter
> Den ons 27 nov. 2019 kl 14:48 skrev Peter J. Philipp :
>
> > Hi,
> >
> > My DNS program gets a SIGBUS when I execute it. I have ktraced it, upped
> > limits and sear
On Wed, Nov 27, 2019 at 09:16:51AM -0500, David Higgs wrote:
> I don't speak ktrace but looks like alignment problems with a stack
> variable. What does gdb report?
>
> --david
Hi David,
I'm going to upgrade to -current and then report back.. it'll take me a few
days to do that (I'm super slow)
On Wed, Nov 27, 2019 at 03:30:23PM +0100, Peter J. Philipp wrote:
> Hi David,
>
> I'm going to upgrade to -current and then report back.. it'll take me a few
> days to do that (I'm super slow).
>
> ...
> I'll see if this sort of issue repeats after
On Thu, Nov 28, 2019 at 11:44:07PM -0700, Theo de Raadt wrote:
> Half the cpu platforms fault on unaligned access.
>
> There are strategies for handling this. Your code must use them.
>
> It is kind of boring, actually.
I took a look at how libasr does it, and I have similar code ie. pack8(),
p
On Sun, Dec 29, 2019 at 01:29:12PM +0100, Henry Jensen wrote:
> Greetings,
>
> for those who didn't watched it, there is an accompanied site at
> https://isopenbsdsecu.re/
>
> Summary: There are a lot of claims. The speaker basically said, that
> some mitigations are "cool", but other, more or le
This morning I was doodling with my Wacom tablet on my Workstation running
OpenBSD-current (a few days older). Gimp 2.10 crashed, and I thought I lost
the image forever but then I was able to restore it next run. While showing
it off I merged it (with bucketfill) with a van gogh (I don't know if
On Fri, Jan 10, 2020 at 02:04:23PM +0100, Peter J. Philipp wrote:
> This morning I was doodling with my Wacom tablet on my Workstation running
> OpenBSD-current (a few days older). Gimp 2.10 crashed, and I thought I lost
> the image forever but then I was able to restore it next ru
Hi,
I did a quick grep of dig's pledge:
>
beta$ grep pledge *
dig.c: if (pledge("stdio rpath dns", NULL) == -1) {
dig.c: perror("pledge");
dig.c: if (pledge("stdio dns", NULL) == -1) {
dig.c: perror("pledge");
<
and noticed that there is no inet pledge. The problem i
(void)setsockopt(sock->fd, IPPROTO_TCP,
TCP_MAXSEG,
beta$ grep TCP_MAXSEG /usr/include/netinet/tcp.h
#define TCP_MAXSEG 0x02 /* set maximum segment size */
<--
I've not come across this setsockopt in my network programming, but I guess
the comment is good
On Thu, Jan 16, 2020 at 08:25:16PM +0100, Peter J. Philipp wrote:
> > dig is supposed to use SOCK_DNS, and then not bother doing additional
> > stuff.
> >
> > 105 is setsockopt. We would investigate if the setsockopt being done
> > is required, or if it can be remov
On Wed, Jan 22, 2020 at 09:49:18AM +0800, Peter Wong wrote:
> Yes, my ISP operate pppoe with vlan. How to configure my fxp0 using vlan id
> 500?
>
>
> Regards,
> --
> Peter Wong
> 016-396 3326
Hi Peter Wong,
My PPPoE router uses VLAN id #7 (IEEE 802.1q protocol), thi
On Thu, Jan 23, 2020 at 05:59:20AM +0800, Peter Wong wrote:
> The hostname.filename should follow vlan or vnetid?
>
> Regards,
> --
> Peter Wong
> 016-396 3326
Hi,
In my router I have 3 vlans configured so far. I seem to have created
the hostname.if arbitrarily after
On Thu, Jan 30, 2020 at 03:43:41PM +0100, livio wrote:
> Dear all,
>
> I am unable to achieve decent throughput with a 1 GigE interface
> (Intel I210) on OpenBSD 6.6. When running iperf3 I get around 145Mbit/s.
>
> The config/setup is: APU2c4, Win10 notebook, no switch, Cat.6a cable,
> MTU 1500,
On Mon, Feb 03, 2020 at 10:08:52AM +, ratatatah wrote:
> I've been told IP hiding inside FreeBSD jails is much easier, and that
> potential intruders would only be able to see local IPs. Is there any truth
> to that, and if so, why is this so hard to achieve on OpenBSD?
>
> Thanks,
> Ratah T
On Mon, Feb 03, 2020 at 11:13:54AM +, ratatatah wrote:
> Hello Peter!
>
> Not sure I understand the whole hierarchy and flatness analogy, I'm very new
> to all of this, but what do I tell those who claim that this leaking of the
> IP poses a security risk and that they therefore should go wi
ks for any hints regarding the playing of the WAV, the program follows, it
gets built with:
cc -g -o numark numark.c -lsndio -lcurses
Regards,
-peter
1 /*
2 * Copyright (c) 2020 Peter J. Philipp
3 * All rights reserved.
4 *
5 * Redistribution and use in so
Hi,
I originally wrote this program around 5 years ago and didn't know it was in
this bad state. So disregard debugging this for now, I'm fixing it up. I
think I'm very close to getting it to work. For the size of the program, I
wasn't thinking at the time, maybe I'll better post just an URL
I have a network that occasionally goes down. I have isolated the fault
between a PC Engines APU router running OpenBSD and an AVM Fritzbox that
does backup LTE and mainly 5 Ghz AP. I drew a map to further illustrate
my network:
to LTE network
[gaia]--
On Wed, Sep 30, 2015 at 10:36:21AM +0200, Benny Lofgren wrote:
> > Thanks for your help,
>
> I assume you are not able to ping the other way around either when the
> network goes down, i e from gamma to fritzbox?
Since everything in that part of the apartment is headless (fritzbox, gamma
and merc
heers,
-peter
On 09/30/15 11:10, Peter J. Philipp wrote:
> On Wed, Sep 30, 2015 at 10:36:21AM +0200, Benny Lofgren wrote:
>>> Thanks for your help,
>> I assume you are not able to ping the other way around either when the
>> network goes down, i e from gamma to fritzbox?
>
I downloaded the jumbo patches from
ftp://ftp.eu.openbsd.org/pub/OpenBSD/patches/5.7.tar.gz which includes
the latest opensmtpd patch, only it doesn't check out against signify.
# signify -Vep /etc/signify/openbsd-57-base.pub -x 017_smtpd.patch.sig \
> -m - | (cd /usr/src && patch -p0)
si
Hi,
There is IPC between the seperated parts though. Which makes me wonder
if someone gets the
protocol right on the compromised part they would be able to pull the
certificates no? What would
need to be done to get the protocol right then?
Regards,
-peter
On 10/29/15 11:34, ludovic coues wrot
1 - 100 of 421 matches
Mail list logo
