On Tue, Jun 14, 2005 at 08:52:53AM -0500, James Harless wrote:
> I know that several firewall vendors use various flavors of Linux as
> the basis for their devices. Are there any that use OpenBSD
> similarly? If so, which? Any comments on the devices? Links would
> be appreciated.
It depends on
It would seem that openbox as installed from the package in 3.7 doesn't
have rc.xml or menu.xml files. Is this on purpose or is it a bug or,
very likely, am I missing something obvious? I'm going to try importing
the ones I have on my Debian box to see if that solves it.
Also coming from Debian I
On Tue, Jun 14, 2005 at 09:35:22PM +0300, jussi jaakonaho wrote:
> >> If it is the latter there is strong evidence that IPSO
> >>(The OS on Nokia and Checkpoint based firewalls) is
> >> derived from OpenBSD.
>
> -nope, it is having different roots.
> http://www.phoneboy.com/bin/view.pl/FAQs/WhatIsI
On Wed, Jun 15, 2005 at 04:40:36PM +0100, Simon Slaytor wrote:
> Ray Percival wrote:
>
> >If it is the latter there is strong evidence that IPSO (The OS on Nokia
> >and Checkpoint based firewalls) is derived from OpenBSD.
> >
> Nokia say that IPSO is based on FreeBSD
I
On Wed, Jun 15, 2005 at 04:20:50PM -0400, Mathieu Sauve-Frankel wrote:
> On Tue, Jun 14, 2005 at 10:36:00AM -0700, Ray Percival wrote:
> > It would seem that openbox as installed from the package in 3.7 doesn't
> > have rc.xml or menu.xml files. Is this on purpose or is i
re a "littlebit" problematic.
>
>Did I missed something in the manpage of newfs or is there realy no way to
>handle longer filenames correctly?
>
>Kind regards,
>Sebastian
>
>p.s.
>Is somebody out there who formated a USB-Stick with FFS?
>Would that be possib
gpg
stop yelling at me about insecure memory. But it still is. So have I missed
something or is there something else I should be reading.
Thanks.
Ray
--
BOFH excuse #443:
Zombie processes detected, machine is haunted.
[demime 1.01d removed an attachment of type application/pgp-signature]
On Mon, Jun 20, 2005 at 09:17:55PM +0200, Rogier Krieger wrote:
> On 6/20/05, Ray Percival <[EMAIL PROTECTED]> wrote:
> > Setting up GPG and I thought I enabled encrypted swap with sysctl -w
> > vm.swapencrypt.enable=1
>
> You're already there; only GPG doesn&
I have a nforce mobo with built in sound. Dmesg shows
auich0 at pci0 dev 6 function 0 "Nvidia nForce AC-97 Audio" rev 0xc2: irq 5,
nForce AC97
audio0 at auich0
So I'm pretty sure the drivers are loaded and the card is supported.
I think the problem is that /dev/sound is
lrwx-- 1 root wheel
On Tue, Jun 21, 2005 at 01:38:15PM -0700, Winston Williams wrote:
> I am just setting up an OpenBSD machine that I am hosting remotely in a
> data center. I was configuring qmail on two ssh sessions, when both
> sessions suddenly died.
>
> ssh will no longer respond
>
> apache and bind are still r
Trying to track -stable according to the FAQ I'm doing the following.
setenv [EMAIL PROTECTED]:/cvs #Which seems to take and
the following cvs commands work and the fingerprints match.
Then
cvs up -rOPENBSD_3_7 -Pd
? archivers/w-cabextract-1.1
? archivers/w-unzip-5.51
? archivers/w-faad-2.0p1
?
On Wed, Jun 22, 2005 at 06:43:36AM -0400, Nick Holland wrote:
> Ray Percival wrote:
> > Trying to track -stable according to the FAQ I'm doing the following.
> >
> > setenv [EMAIL PROTECTED]:/cvs #Which seems to take
and
> > the following cvs commands work and the
On Fri, Jul 01, 2005 at 11:55:31AM +0200, Dominik Epple wrote:
> On Thu, Jun 30, 2005 at 03:46:32PM -0500, Chandler May wrote:
> > I recently posted to this list inquiring how to successfully
> > initialize the Xorg server on a Mac Mini (With an LCD monitor through
> > DVI) running OpenBSD 3.7. Now
On Sun, Jul 03, 2005 at 01:23:16PM -0400, Ted Unangst wrote:
> On Sun, 3 Jul 2005, Aric Gregson wrote:
>
> > Hope this is the appropriate list for this. Have tried to upgrade to
> > 3.7 from 3.6 for a while a now. Tried booting from binary 3.7 -release
> > on a CD (which I burned), but repeatedly r
On Wed, Mar 23, 2005 at 12:28:17PM -0500, Paul Lussier wrote:
> Hi all,
>
> I'm need of a little help setting up a VPN tunnel between my OpenBSD
> box and a Cisco VPN concentrator. I have successfully set up a tunnel
> with another OpenBSD box, but in trying to change the isakmpd.conf to
> then co
it was before was dead easy compared to Debian and the performance improvement
is nothing short of dramatic.
Kudos and thanks to Theo and all the rest. I'm SO glad that I decided to learn
OpenBSD.
Ray
--
BOFH excuse #264:
Your modem doesn't speak English.
On Fri, Jul 15, 2005 at 01:53:43PM +0200, Dexter Fillmore wrote:
> Is there any way to mirroring data over network with failover in
> OpenBSD? I mean something like a raid-1 over network. Maybe with CARP
> in some way like it can handle pf with no data lost? Im looking for a
> solution that can han
On Mon, Jul 18, 2005 at 01:35:37PM -0700, edgar mortiz wrote:
> I have a 1gb USB Flash Drive and i formatted it on Windows XP so i can
> move files from windows to openbsd and vice versa. i plugged the usb
> on my bsd box and dmesg shows up as:
>
> ** dmesg: **
> umass0 at uhub0 port 2 configurati
sion strings, or
> even a manual session without a lot of process overhead or connection
> negotiation.
nc(1) is better.
-Ray-
On Sun, Jul 24, 2005 at 03:24:06PM -0700, Miles Keaton wrote:
> Somewhat-OT, but I figure the PF-friendly OBSD gang would have more
> experience with this than anyone:
>
> Working on a webmin-style admin/control-panel service for our
> webhosting clients.
>
> Thinking of running it on high ports
On Wed, Aug 03, 2005 at 11:03:34AM +1000, Rod.. Whitworth wrote:
> Somebody sent me a query asking for a justification for my proposal to
> supply a firewall/router using OpenBSD when there was thsi device:
> http://www.dlink.com/products/?pid=327 , with all its claimed bells and
> whistles.
>
> A
On Fri, Aug 05, 2005 at 09:37:52AM +0200, Artur Grabowski wrote:
> Lars Hansson <[EMAIL PROTECTED]> writes:
>
> Don't change settings and options unless you really have to. Because
> when you get used to the changes and for some reason need to change
> environment you'll get surprised and will m
I have the following pf.conf and authpf.rules. When I try to load the rules
into the anchor I get
authpfbob# pfctl -a authpf -f /etc/authpf/authpf.rules
/etc/authpf/authpf.rules:3: macro 'user_ip' not defined
/etc/authpf/authpf.rules:3: syntax error
pfctl: Syntax error in config file: pf rules n
On Mon, Aug 08, 2005 at 01:14:52PM -0600, Bob Beck wrote:
> * Ray Percival <[EMAIL PROTECTED]> [2005-08-08 12:17]:
> > I have the following pf.conf and authpf.rules. When I try to load the
rules into the anchor I get
> >
> > authpfbob# pfctl -a authpf -f /etc/authpf/a
do some deep magic.
Thanks.
Ray
--
BOFH excuse #1:
clock speed
On Sun, Aug 14, 2005 at 09:04:04AM -0500, Joe Szedula wrote:
> I've installed the amd64 -current (13 August) on my ASUS K8S-MX system.
> The dmesg shows these "unknown" items:
>
> ppb1 at pci0 dev 6 function 0 vendor "SIS", unknown product 0x000a rev
> 0x00
> ppb2 at pci0 dev 7 function 0 vend
On Sun, Aug 14, 2005 at 01:51:02PM -0500, Dave Feustel wrote:
> I'm running release 3.7 and I've put the release src and ports
> trees in /usr. I've updated both trees using cvs.
>
> I remade unzip as per the instructions in ports.html.
> When I attempted to make install, I got an error message
>
e bittorrent (clients other than 192.168.0.3)?
> >Thanks.
>
> Sorry, no can do. The other clients would have to use a BT-client where
> they can specify the port(s) to use and forward those to the right one.
Or round-robin redirect to each client and pray. With so many
connections, it might not even be noticable.
-Ray-
On Tue, Aug 23, 2005 at 06:57:43PM -0400, Will H. Backman wrote:
> > -Original Message-
> > From: Theo de Raadt [mailto:[EMAIL PROTECTED]
> > Sent: Tuesday, August 23, 2005 6:53 PM
> > To: Jason Crawford
> > Cc: Will H. Backman; j knight; Misc OpenBSD
> > Subject: Re: /usr/share/pf/ suggest
On Wed, Aug 24, 2005 at 01:03:04AM -0500, Gerardo Santana Gsmez Garrido wrote:
> 2005/8/24, Gerardo Santana Gsmez Garrido <[EMAIL PROTECTED]>:
> > This has been discussed before. I think many people here agree this
> > would be very useful. Some has even volunteered to do it, but I
> > haven't foun
On Wed, Aug 24, 2005 at 09:15:48AM -0400, Timothy Donahue wrote:
> On Tuesday 23 August 2005 11:58 pm, eric wrote:
> > On Tue, 2005-08-23 at 16:53:25 -0600, Theo de Raadt proclaimed...
> >
> > > It is plain simple bad advice. And totally ridiculous.
> >
> > And plus, with ipv6, it's imperative tha
On Wed, Aug 24, 2005 at 08:56:32PM +0200, Erik Wikstrvm wrote:
> On 2005-08-24 20:21, John Kintaro Tate wrote:
> >Hrm, I was installing the mono port and I ran into an error. The error
> >was simple and we all know what it means.
> >
> >Trying 62.243.72.50...
> >Unimplemented command.
> > 61% |
On Thu, Aug 25, 2005 at 11:13:52AM -0300, Joco Salvatti wrote:
> HI all,
>
> I'd like to know where I could find informations about how to configure bind
> to
> work under OpenBSD 3.7. I've already made a search in the net, but the
> available documents are vacant. I've already looked at FAQ files
On Sat, Aug 27, 2005 at 03:44:14PM +0200, Rickard Dahlstrand wrote:
> Right now the last line just logs the key to syslog instead of sending
> it to a phone. Also not that the otp-key password is hardcoded in the
> script. Not really a good idea, but I have no choice. (The file is not
> world rea
On Tue, Mar 07, 2006 at 09:48:14PM -0600, Jim wrote:
> >>don't forget to flush/kill states if you want existing connections to
> be torn down.
>
> How do I do that?
pfctl -k
-Ray-
nat -f /etc/pf.
> pfctl -k 192.168.100.130
Loading pf.conf will automatically flush NAT and the rules.
-Ray-
no alternative windows systems that are
> functional or secure?
Use a -current Zaurus. And I think you mean functional AND secure.
=)
-Ray-
all knobs on the laptop (rf switch, varios bios settings, bios
> > versions etc) to
> > no avail. Its on my todo list though.
>
> Huh.
>
> ath0 at pci4 dev 2 function 0 "Atheros AR5212 (IBM MiniPCI)" rev 0x01: irq 11
What's in your /etc/hostname.ath0? You can XXX out the IPs if you
want, I'm mainly interested in what parameters you pass ifconfig.
Thanks!
-Ray-
ng from /var/empty/dev/log? spamd chroots
to /var/empty.
-Ray-
> I use this in /etc/rc.conf.local:
>
> spamd_flags="-v -p 8024 -G 25:4:864"
> spamd_grey=YES
> spamlogd_flags=""
>
> and the correct parameters are being picked up by spamd:
>
> [EM
e to OpenBSD. Somebody
should organize a fund raiser. Let's sign up for an online petition!"?
You may think your ideas are easy to set up and that you are being
helpful by submitting more and more ideas (despite being repeatedly
told otherwise), but all these things take time to do, and every
idea without an action just wastes time.
-Ray-
t; May some of the openbsd friends suggest one?
>
> Thanks a lot for your time and cooperation.
man tree(3)
-Ray-
g functions, and
additional regression tests are all welcome.
I look forward to your code.
-Ray-
> >weeks.
> that these changes *only* went into -current, and did *not* go into
> -stable?
Yes.
-Ray-
sizeof(short));
> + printf("sizeof(short) = %zd\n", sizeof(short));
Use %zu for sizeof(), since it returns size_t, an unsigned type.
-Ray-
l out the card,
> OpenBSD freezes. I guiltily admit that this may be due to me using an
> instable window manager (fvwm 2.5). I supposed I could try killing the
> window manager next time.
Try doing that in console mode instead of X, you'll probably get a
kernel panic. Follow the instructions.
-Ray-
gt; anyone have anything they can point me at with a reasonable introduction,
> such as certain manpages etc.
No network?
-Ray-
On Tue, May 02, 2006 at 11:26:37PM +, Tan Dang wrote:
> Any reason why www.openbsd.org displays Japanese by default now?
April Fools!
-Ray-
ll 2\*(Gt&1 \*(Ba cat -n
> .Ss Arithmetic expressions
> Integer arithmetic expressions can be used with the
> .Ic let
Did you read the text above the example?
-Ray-
gt; use ftp-proxy for...
It's been imported as the new ftp-proxy:
http://marc.theaimsgroup.com/?m=111708277030478
-Ray-
On Mon, Aug 29, 2005 at 05:22:13PM -0400, Peter Landry wrote:
> Hi,
>
> We're going to be doing some network restructuring, splitting our
> internal network into 2 separate IP networks (192.168.1.0 and
> 192.168.2.0). We currently have a Microsoft ISA firewall for our whole
> network (since it's j
On Sat, Sep 03, 2005 at 04:10:02PM -0700, mojo fms wrote:
> I need to get an OpenBSD server to do Authentication on a MS Windows 2k3
> network, trying to replace the DNS servers on them and im trying to secure
> the network a lot more. Im trying to also learn how about how to make
> OpenBSD and Fre
On Sat, Sep 10, 2005 at 09:52:02AM +0100, ed wrote:
> On Fri, 09 Sep 2005 22:12:03 +0200
> Alexander Hall <[EMAIL PROTECTED]> wrote:
>
> > What about http://www.openbsd.org/cgi-bin/cvsweb/www/ ? :-)
>
> I was taking a look at that, and it seems I am either getting behind
> with OpenBSD versions o
On Mon, Sep 12, 2005 at 01:56:16AM +0200, Martin Schrvder wrote:
> On 2005-09-08 08:57:29 +0530, Siju George wrote:
> > One of my friends sent me this new OpenBSD website design he created.
> > Please have a look at it :-D
> >
> > http://mayuresh.freeshell.org/openbsd/
>
> Nice, but wrong:
> http
00 broadcast 192.168.2.255
inet6 fe80::211:95ff:feeb:50a%ural0 prefixlen 64 scopeid 0x9
Anybody else have this problem?
-Ray-
dmesg:
OpenBSD 3.8-current (GENERIC) #0: Sat Sep 10 15:34:26 EDT 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Pentium(R) M process
On Wed, Sep 14, 2005 at 04:15:13PM -0400, Adam wrote:
> "Matthias Herlitzius" <[EMAIL PROTECTED]> wrote:
>
> > IMHO a redesign should use XHTML/CSS. Otherwise it would be hard to
> > realize proper accessibility for lynx :-)
I just opened it up in lynx and myabe I just have low standards but I'm
nsmeta CPUs are slow. I'm not sure
if it's to the extent that I've suffered, or if Fujitsus are
exceptionally slow. I would be wary of Transmeta CPUs in general
and definitely try them out before buying one.
Sorry, I definitely do not recommend getting any Fujitsu Lifebook
+ Transmeta CPU laptops.
-Ray-
On Sun, Sep 18, 2005 at 04:05:43PM -0500, Jeffrey Roach wrote:
> Thanks. I'll check that. Any suggestions for another free e-mail account?
I have several friends who use and like http://www.airpost.net.
>
> On 9/16/2005 at 05:47:29 Jeffrey Roach wrote:
>
> >Can anyone tell me why I don't recei
K_REG_WRITE(AR4K_AR5212_GPIOCR,
(AR5K_REG_READ(AR5K_AR5212_GPIOCR) &~ AR5K_AR5212_GPIOCR_ALL(gpio))
| AR5K_AR5212_GPIOCR_NONE(gpio));
...
I hope I didn't copy anything wrong. I still have the exact CVS
checkout that I built this kernel with, if it can be of any use.
-Ray-
On Fri, Sep 23, 2005 at 08:24:15PM -0700, Bryan Irvine wrote:
> > Some intelligent scripts look at tcp responses to port scans, ssh
> > responds with SSH-2.0, which isn't too hard to identify. I don't know if
> > changing the greeting would break the protocol, but I suspect it might
> > break certa
On Sun, Sep 25, 2005 at 11:27:05PM +0200, Remy Heiden wrote:
> OR:
>
> root cron job:
>
> 11pm: pfctl -f /etc/pf.conf-night
> 6am: pfctl -f pf.conf-day
Until the kid learns, "Hey, I can reboot daddy's firewall and have
internet access again!" (Assuming /etc/pf.conf allows it.)
-Ray-
On Tue, Sep 27, 2005 at 09:22:51PM -0400, stan wrote:
> I find myself in the position sometimes when away from home having access
> to only M$ machines with a base OS load only.
Things I've learned from travel.
1. Carry a copy of putty on every form of media you can think of. I have one my
came
etected, doesn't
actually work.
How are you supposed to turn on the LED, anyway? Fn-wireless?
-Ray-
: irq 5 address
00:11:95:24:6a:0c
rlphy1 at rl1 phy 0: RTL internal phy
vendor "Marvell", unknown product 0x1faa (class network subclass ethernet, rev
0x03) at pci1 dev 2 function 0 not configured
Thought you all might like to know. Thrice cursed vendors. Lucky for me it was
an
, it's 150 MB! Just for webmail? It does look good, though.
-Ray-
> >>-Original Message-
> >>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
>
> >>Of Chris
> >>Sent: Saturday, October 01, 2005 5:35 PM
> >>To: misc@openbsd.or
t all, how does one go about implementing it?
-Ray-
On Thu, Oct 27, 2005 at 11:32:25AM -0500, L. V. Lammert wrote:
> We are getting ready to recommend an appliance to one of our clients, .. I
> know we could build a box (a la Soekris), but I have also heard that
> vendors like Lok Technologies are selling pre-built OBSD solutions.
>
> 1) Any reco
etc.
> # dd if=/dev/rwd0c | nc 10.20.30.40 1234
>
> 3. Restore a 'disk image' from above...
> # nc -l 1234 | dd of=/dev/rwd0c
Why not just use ftp?
-Ray-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Nov 27, 2005, at 4:20 PM, frantisek holop wrote:
You're not contributing anything.
if you are sent away right at the beginning, what's the point?
expressing an opinion is still a contribution. without that,
openbsd would be much poorer.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Nov 27, 2005, at 7:52 PM, Jeremy David wrote:
On 11/27/05, Simon Morgan <[EMAIL PROTECTED]> wrote:
Hackers like interesting problems. Pretty HTML and a nice website
layout is not an interesting problem. Stop wasting peoples time
with it. The w
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Nov 28, 2005, at 10:45 PM, Zachery Hostens wrote:
according to a few people they have already sent diff's and nick
has never said whether he recieved them or not.
lets not speak for other mailboxes shall we ?
On Tue, 29 Nov 2005 12:57:32 +08
Chuck McCollum wrote:
> I don't know if this is an issue or not, but the latest 3.8-current
> doesn't let my bge0 card perform properly. (Yes, I know it's broadcom...)
>
> I'm not complaining, nor am I requesting anything; I just thought that
> I'd let somebody know.
Same results here, with sa
On Dec 11, 2005, at 11:48 AM, Michael Steinfeld wrote:
None the less, as a
result I had spent countless hours skimming
That would be your mistake. And no the excuse you tried to float
isn't an excuse. Force yourself to do it. Read *and* grok the docs
primarily the man pages. That's the who
Ever since the GNU diffutils were removed from OpenBSD there hasn't
been an sdiff. So I wrote one and placed it into the public domain.
It can be found at <http://cyth.net/~ray/sdiff/>.
This sdiff supports all of GNU sdiff's options and is compatible
with OpenBSD's diff. Al
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Dec 24, 2005, at 3:50 PM, Edd Barrett wrote:
On 24/12/05, Dave Feustel <[EMAIL PROTECTED]> wrote:
I hate to send this Christmas present to misc,
but there is definitely a security hole in Xwindows
One wonders how software that doesn't exist c
On Dec 24, 2005, at 3:16 PM, Michael Steinfeld wrote:
Currently, I do not run X on my openbsd box and really would rather
not. I am thinking of a way to have multiple ttys available for
monitoring without switching back and forth between them. It might
seem silly to some, when you have a dual he
7;m having trouble making snprintf return -1. I've tried stuff like:
len = snprintf(str, 0, "%.-Z\n", 9);
printf("%d", len);
but that just prints `2'. Does snprintf ever return -1?
-Ray-
type; /* file type, see below */
u_int8_td_namlen; /* length of string in d_name */
#define MAXNAMLEN 255
chard_name[MAXNAMLEN + 1]; /* maximum name length */
};
Can someone clarify? Thank you.
-Ray-
On Sat, Jan 07, 2006 at 12:11:32AM +0100, Otto Moerbeek wrote:
>
> On Fri, 6 Jan 2006, Ray Lai wrote:
>
> > What are the proper uses of MAXNAMLEN, NAME_MAX, and FILENAME_MAX?
> > Do they represent filenames with or without paths? Do they include
> > the terminati
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Jan 8, 2006, at 9:17 AM, Andris Delfino wrote:
Hi, because of the recent release of patches for 3.8, I'm moving to
-stable. I could build and boot the new kernel following the
instructions at http://www.openbsd.org/stable.html, but I have a
prob
ut I guess it's worth a shot.
Good luck.
As this is not a tech@ topic I've moved it back to [EMAIL PROTECTED]
-Ray-
On Thu, Jan 12, 2006 at 11:24:41PM -0500, [EMAIL PROTECTED] wrote:
> I apologize for the cross-post, but since this has gone unanswered on
> misc@ for 3+ days, I figur
I meant PHY:
http://www.monkey.org/openbsd/archive2/misc/200507/msg00564.html
-Ray-
On Mon, Jan 16, 2006 at 05:29:02PM +0100, Maik Kuendig wrote:
> can someone recommend a CF WiFi card for a Zaurus C3100?
>
> My dealer has the following cards available:
> - D-Link DCF-660W
> - Linksys WCF12-EU
I use a Linksys WCF12 (no ``-EU'', bought in the US). Works great.
-Ray-
FC 3041.
> http://www.ietf.org/rfc/rfc3041.txt
>
> The solution is to use random data to generate ipv6 stateless addresses.
>
> Trying to be productive and not an asshole,
Is there a question?
If you wish to generate random ipv6 stateless addresses,
``jot -rs: -w%.2x 6 0 255'' and ifconfig(8) work.
-Ray-
s
> > and you put a ral in it, it will not post.
>
> Oh. And how does one know if the system can handle 3V PCI 2.2+
> cards? Any hint in the dmesg or do i need to dig up the mobo
> manual?
Depending on jsg's definition of ``post'' (Power On Self Test or
post in dmesg?) your system will either refuse to boot or won't
show up in the dmesg. That is, if you have a ral card.
-Ray-
that the above
1. I think the original was clearer (though I prefer to CCYY).
What should I type for , 1984, 84, or Nineteen Eighty-Four?
2. The angle brackets around the e-mail address are lost.
3. ``Copyright (c) CCYY YOUR NAME HERE <[EMAIL PROTECTED]>'' is
obvious enough and does not need an explanatory note.
-Ray-
oup.com/?l=openbsd-misc&m=105358689405500
-Ray-
do ``set skip on lo'' to skip all loopback interfaces
(not that most people have more than one).
-Ray-
use OpenBGPD. I plan to use a PIII 1GHz or better with 1 GB of RAM; should
be enough for full routing tables and enough room for routing table
expansion as the Internet grows.
Thanks in advance
Edward Ray
CISSP, GCIA, GCIH, MCSE:Security, PE
Netsec Design, Inc.
http://www.netsecdesign.com
UsedAvail Capacity Priority
> swap_device10483200 1048320 0%0
You also need enough space in /var/crash to store the core dump.
See crash(8).
-Ray-
describe this behavior:
Any arguments specified on the command line are given to the utility
upon
each invocation, followed by some number of the arguments read from
stan-
dard input. The utility is repeatedly executed one or more times until
standard input is exhausted.
-Ray-
try it out at the moment..Any help is
> > appreciated - thanks!
>
> I don't know if this works with regular rules, but there is a recent
> post from Ray Lai where he points out that it's possible to use just
> interface instead of interface[0-n] [1].
Wow, I'm ref
On Mon, Feb 13, 2006 at 11:13:17PM -0500, Ray Lai wrote:
> On Tue, Feb 14, 2006 at 04:26:29AM +0100, Tobias Ulmer wrote:
> > On Mon, Feb 13, 2006 at 09:28:12PM -0500, kyle wrote:
> > > Im having trouble finding out if(I'm sure it does) the pf.conf supports
> >
it.
> >
> > One may check this at a directory with space-containing filenames.
> > Without the "-I {}" and "{}" parts you get funny output.
> >
>
> Well, -print0 in find and xargs -0 are designed to deal with that.
> Sadly these are not in POS
ell under OpenBSD with
> "iwi" driver.
>
> Thank you very much in advance.
I usually use the kismet package, but I think you can do ``ifconfig -M''
as well.
-Ray-
till
growing that file, so you have to close it. Try fstat(1).
-Ray-
> block their access altogether so that the infected PC's cannot attempt
> other damage. How can this be accomplished?
Do ``block in log on port 25'' and listen to pflog0 to add bad
hosts. Basically the opposite of spamlogd(8).
-Ray-
g else
> to port 25 with log into a table. You also use that table to block all
> outgoing connections.
Can you really log into a table? I don't see anything in pf.conf(5)
for that.
-Ray-
On Wed, Feb 22, 2006 at 04:17:35PM -0500, Daniel Ouellet wrote:
> Ray Lai wrote:
> >On Wed, Feb 22, 2006 at 03:31:41PM -0500, Daniel Ouellet wrote:
> >>Chris Smith wrote:
> >>>In addition to preventing infected PC's from using their own SMTP engine
> >&g
On Wed, Feb 22, 2006 at 04:48:19PM -0500, Daniel Ouellet wrote:
> Ray Lai wrote:
> >I thought you meant you could do something like:
> >
> > block in log-table to port 25
> >
> >where is updated automatically.
>
> If you read on the PF and look at wh
>
> I'm stymied; dig localhost works. :-(
>
> Any clues?
Apache is chrooted so it has no access to /etc/hosts and /etc/resolv.conf.
Try changing all ``localhost'' references to ``127.0.0.1'' in the CGI.
-Ray-
101 - 200 of 209 matches
Mail list logo
