Re: Arch and vmd

On Wed, Apr 26, 2017 at 11:15:57AM -0700, Mike Larkin wrote: > On Wed, Apr 26, 2017 at 06:47:17PM +0200, Karl Pettersson wrote: > > Arch Linux works well as a vmd guest. Some notes about my experiences > > installing the system: > > > > * The Arch installation can be started from the serial conso

Re: tinc on openBSD?

On Thu, Apr 27, 2017 at 07:51:18AM +0200, Harald Dunkel wrote: > Hi folks, > > AFAICS tinc is included in the packages for 6.1, but surely > that doesn't mean its safe to use without looking. > > Are there security concerns against running tinc on an OpenBSD > gateway as an alternative to IPsec a

Re: pledge for sockets

> Am 26.04.2017 um 13:38 schrieb Luke Small : > > Pledge will presumably have per process (including fork()ed process) **path > limitations on rpath rpath and wpath calls, why not limitations on inet and > unix? We usually want to isolate our network speakers from the local system - combining i

Re: DHCP in vmm guest

So you have the VM interface and the host interface on a bridge: dhclient on the host "steals" all DHCP packets via BPF. Try to pkill dhclient on the host and the VM should be able to get DHCP. There is currently no solution for that, it is the way our dhclient works, you can try to run the VM on

Re: DHCP in vmm guest

> On 04.05.2017, at 16:13, Jiri B wrote: > > On Thu, May 04, 2017 at 03:49:27PM +0200, Reyk Floeter wrote: >> So you have the VM interface and the host interface on a bridge: >> dhclient on the host "steals" all DHCP packets via BPF. >> >> Try to pkil

Re: /usr/sbin/httpd and chunked transfer encoding

Hi, you cannot disable it and this Android client is broken. "A recipient MUST be able to parse and decode the chunked transfer coding." https://tools.ietf.org/html/rfc7230#section-4.1 Reyk > Am 08.05.2017 um 03:06 schrieb johnw : > > Hi, After installed owncloud/nextcloud on my openbsd, > >

Re: Can I use OpenBSD in a virtual machine, for example, VirtualBox?

On Mon, Jul 03, 2017 at 02:36:20PM -0400, J Doe wrote: > > >> On 27 Jun 2017 10:45 am, "Stuart Henderson" wrote: > >> > >>> On 2017-06-26, Josh Stephens wrote: > >>> I could be wrong when I say this but the only gotcha that you will run > >> into > >>> with virtual box will be the guest additio

Re: dhcrelay broken after Apr 5

Hi, On Tue, Jul 04, 2017 at 02:41:30PM +0300, Kapetanakis Giannis wrote: > Hi, > > Just upgraded a set of my firewalls that also do dhcrelay to -current. > > The program stopped working ok. Some dhcp requests where being forwarded some > not. > > tcpdump was showing the request on internal int

Re: dhcrelay broken after Apr 5

> On 05.07.2017, at 11:41, Kapetanakis Giannis > wrote: > > On 04/07/17 19:09, Reyk Floeter wrote: >> Could you try again with the attached diff? It doesn't change >> behavior but it adds some chatty logging when a packet is rejected. >> Maybe it helps to fi

Re: dhcrelay broken after Apr 5

> On 05.07.2017, at 11:50, Kapetanakis Giannis > wrote: > > On 05/07/17 12:45, Reyk Floeter wrote: >> >>> On 05.07.2017, at 11:41, Kapetanakis Giannis >>> wrote: >>> >>> On 04/07/17 19:09, Reyk Floeter wrote: >>>> Could you

Re: OpenBSD as Open Networking OS

Yes, I'm very interested in this but there is no "open" hardware. As Mischa mentioned, all of the platforms need vendor drivers and AFAIK all of them are gigantic and non-free *. OpenFlow is an alternative to control switches in a standard way without direct access to the switch chipsets, but it

Re: Please Advise on licencing

Hi, the license is your choice ;-) But we use ISC for new code in OpenBSD and I also use for all other open source code these days. See: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share/misc/license.template?rev=1.3&content-type=text/x-cvsweb-markup http://www.openbsd.org/goals.html And: ht

Re: attach chroot-jail to switchd(8) ?

switchd is already privsep‘ed with a chroot jail. But I don’t quite understand what you mean. > Am 23.05.2018 um 10:35 schrieb Thomas Huber : > > Hi all, > > I´m just tinkering a little bit and try to mimic some "containerization" on > OpenBSD with chroot. Is it somehow possible to attach a chr

Re: sgtty.h

On Mon, Jun 11, 2018 at 05:05:02PM +0200, Pau wrote: > Hello: > > I am trying to compile a very old piece of software, supermongo, on -current. > > The first complain I get from gmake is that > > get1char.c:26:14: fatal error: 'sgtty.h' file not found > #include > ^ > 1

Re: add HISTORY to ldap.1

OK reyk@ (please send diffs to tech@ not misc@) > Am 03.07.2018 um 21:20 schrieb Rob Pierce : > > Ok? > > Index: ldap.1 > === > RCS file: /cvs/src/usr.bin/ldap/ldap.1,v > retrieving revision 1.7 > diff -u -p -r1.7 ldap.1 > --- ldap

Re: Rewards of Up to $500,000 Offered for OpenBSD Zero-Days (and other dist.)

Are you advertising this crap on our list? I hope somebody steps up and donates $500,000 to the OpenBSD foundation instead. > Am 30.06.2018 um 23:11 schrieb Szekeres Dani : > > Just read: > > https://www.bleepingcomputer.com/news/security/rewards-of-up-to-500-000-offered-for-freebsd-openbsd-ne

Re: rying to get meta-data configured for cloud-image VMM instances

https://www.openbsd.org/faq/current.html#r20180613b I can respond in more details when I’m back online later this week. Reyk > Am 16.07.2018 um 20:29 schrieb Ax0n : > > On Mon, Jul 16, 2018 at 4:56 AM, Rickard von Essen < > rickard.von.es...@gmail.com> wrote: > >> It looks like cloud-init in t

new rust-libtls crates

Hi, a bit off-topic, but a Rust-LibreSSL crossover: It seems that many people have written Rust crates for libtls. And most (or all) of them haven't been updated for years. I talked to the owner of libtls and libtls-sys and he assigned ownership of his libtls crates to me. Yesterday I published

Re: OS X 10.11 'El Capitan' IKEv2

On Sun, Aug 16, 2015 at 11:28:24PM +0300, Or Elimelech wrote: > Hello misc, > > Has anyone connected successfully between the new OS X ikev2 impl. To an > OpenBSD box? > > Thanks in advance. > I got the official update and I successfully connected from El Capitan to OSX. I did it without usin

Re: Ntpd(8) in current: server (IP numerical) not used

I tested and verified your fix, thanks! OK reyk@ On Sat, Oct 31, 2015 at 02:00:08PM +0100, Christian Weisgerber wrote: > Gerald Hanuer: > > > Ntpd(8) in current: server ("IP numerical") not being used, FQDN works. > > > > ### Works as expected. > > server time1.google.com > > > > ### This

Re: Iked, ca_getreq: no valid local certificate found

Copy ikeca.cnf from the ipsecctl source tree to /etc/ssl/ and retry. http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.sbin/ikectl/ikeca .cnf The openssl.cnf version broke and we somehow didn't install ikeca.cnf by default. Reyk > On 05.11.2015, at 08:28, Toyam Cox wrote: > > Ho misc

Re: Bridge and blocknonip

On Sat, Nov 21, 2015 at 04:22:51PM +0100, Momtchil Momtchev wrote: > Hello, > > Sorry for what may appear to be a strange question, but shouldn't there > be a check against IFBIF_BLOCKNONIP in bridge_output() in > sys/net/if_bridge.c? > Why? bridge_output() is used for packets that are

Re: TLS intercepting proxy [MitM]

On Tue, Nov 24, 2015 at 01:05:34AM +0100, Stefan Wollny wrote: > Am 11/23/15 um 23:41 schrieb Lampshade: > >Hello, > >I would like to use privoxy to scrub/delete > >some informations in application layer (HTTP) going out from my PC. > >Problem is that a lot of connections are secured with TLS, so p

Re: bridge fails to broadcast ARP from gif tunnel

On Tue, Dec 01, 2015 at 10:07:12AM +0100, Kazuya GODA wrote: > Hi, > > It seems to bridge doesn't forward broadcast/multicast frames from gif. > This pathc will fix this problem, so would you try it? > > Thanks, > > - Goda > that matches the behaviour of -r1.239 before the enqueue changes. OK

Re: OpenBSD 5.8 on VMware 5.5

Hi, On Tue, Dec 01, 2015 at 01:50:57PM -0200, Felipe Gomes wrote: > I've been trying to search for more information on OpenBSD as a VMWare > guest, but I wasn't able to find much... and the information is pretty much > outdated. > > What are the recommendations for OpenBSD 5.8 (amd64) as a guest

Re: OpenBSD on GitHub

On Sun, Aug 05, 2012 at 05:35:47PM -0400, Kenneth R Westerback wrote: > On Sun, Aug 05, 2012 at 03:00:04PM -0400, Ted Unangst wrote: > > On Sun, Aug 05, 2012 at 10:46, Darrin Chandler wrote: > > > On Sat, Aug 04, 2012 at 07:05:38PM +0200, Marc Espie wrote: > > >> Well, git just has a different set

Re: vmm(4) status?

On Wed, Jan 20, 2016 at 05:44:36PM +0100, Christian Weisgerber wrote: > I was wondering about the status of OpenBSD's vmm(4) hypervisor. > Is it ready for some limited use, say, testing a port in an i386 > VM on an amd64 host? > > (TL;DR: nope.) > > There's little information, so I decided to giv

Re: Building AMI for AWS EC2

On Thu, Jan 21, 2016 at 07:36:01AM +0100, Antoine Jacoutot wrote: > > There are a couple public AMIs available, but I'm curious as to how they are > > built. It'd be pretty cool to be able to build a given snapshot into an AMI, > > rather than be dependent on whomever is creating the public ones. >

Re: Building AMI for AWS EC2

On Wed, Jan 20, 2016 at 08:56:25PM -0800, Jonathon Sisson wrote: > On Wed, Jan 20, 2016 at 02:51:21PM -0800, Simon McFarlane wrote: > > Hi all, > > > > Now that the Xen guest stuff is getting some love, I think it would be fun > > to toy around with OpenBSD on EC2 (particularly because of EBS -- o

Re: can't run multiple instances of httpd, flags not visible in processes

On Wed, Jan 27, 2016 at 06:12:22AM -0500, Jiri B wrote: > Hi, > > I can't run multiple instances of httpd via rc.d as I can't distinguish > between httpd instances. ps aux never show flags passed to httpd. > > Could httpd be extended to show flags like sshd does it? > > root 15681 0.0 0.1

Re: can't run multiple instances of httpd, flags not visible in processes

On Wed, Jan 27, 2016 at 01:49:30PM +0100, Antoine Jacoutot wrote: > On Wed, Jan 27, 2016 at 12:30:08PM +0100, Reyk Floeter wrote: > > On Wed, Jan 27, 2016 at 06:12:22AM -0500, Jiri B wrote: > > > Hi, > > > > > > I can't run multiple instances of httpd via

Re: can't run multiple instances of httpd, flags not visible in processes

> On 27.01.2016, at 23:31, Stuart Henderson wrote: > > On 2016-01-27, Antoine Jacoutot wrote: >> On Wed, Jan 27, 2016 at 12:30:08PM +0100, Reyk Floeter wrote: >>> On Wed, Jan 27, 2016 at 06:12:22AM -0500, Jiri B wrote: >>>> Hi, >>>> >>&g

Re: Squid3 in intercept mode

Hi, I think this is a little bit off-topic on this list, or should we start discussing all problems of all ports here? ... Anyway, you should make sure to use "divert-to" instead of "rdr-to" in your pf.conf. "rdr-to" is considered to be obsolete for userland proxies (except for spamd). Reyk On

Re: Using SMTPD to catch spam

On Wed, Sep 04, 2013 at 08:10:53PM +0300, K�?rlis Miķelsons wrote: > listen on lo0 port 9025 > accept from any for any deliver to maildir /var/spamdb > > # /usr/sbin/smtpd > /etc/mail/smtpd.conf:17: syntax error > warn: no rules, nothing to do > try putting the path in quotes: accept from a

Re: Join two overlapping subnets with two way NAT/BINAT

On Sun, Sep 08, 2013 at 12:47:28AM +0100, Simon Slaytor wrote: > On 07/09/2013 23:22, Florian Obser wrote: > >So you have 172.16.10.254 on two interfaces on the same box? I don't > >think that will end well. I would go with two firewalls, one nats NetA, > >the other nats NetB and put a link net in

Re: OpenBSD crypto and NSA/Bruce Schneier

On Wed, Sep 11, 2013 at 02:00:38PM +, John Long wrote: > You want security, run OpenBSD on a Chinese router or SBC or fab your own > chips and build your own hardware. And stay the hell off the net. > Sorry for posting the following link, but this reminds me of an incredibly bad movie: http:/

Re: iked's ikev2 segfaults during connection initiation from strongswan

Hi, On 25.09.2013, at 15:23, LEVAI Daniel wrote: > On sze, szept 25, 2013 at 14:57:13 +0200, Mike Belopuhov wrote: >> On 25 September 2013 14:41, LEVAI Daniel wrote: >>> Hi! >>> >>> I'm trying to setup StrongSwan (oh, the pain...) to iked(8) IPsec. When >>> trying to bring up the connection

Re: iked with rdomain getting an error

On 25.10.2013, at 12:08, Peter J. Philipp wrote: > I've been trying to set up a second gif tunnel that's encrypted with > ipsec (iked for key management), but I'm stuck on an error with iked. > Here is what I see and have: > > # route -T 1 exec iked -f /etc/iked.conf2 > # Oct 25 17:59:44 uranus

Re: using ifstated(8) to monitor wireless connections?

On 28.10.2013, at 01:43, Fred Snurd wrote: > On Monday, October 28, 2013 12:38 AM, Fred Snurd wrote: > > I found the following article on undeadly which uses ifstated(8) to > automatically acquire a DHCP lease upon link state > changes on an Ethernet interface: > > http://undeadly.org/cgi?ac

Re: slashdot rumours

On 01.11.2013, at 09:57, Marko Cupać wrote: > I just read an article on slashdot which says that a piece of > malware made "Open BSD operating system (...) modify its > settings and delete its data without explanation or prompting", and > that malware is spreading over microphone and speakers. >

Re: extend snmp mibs?

Hi, the tool is requesting the UCD-SNMP-MIB which is a non-standard extension of ucd/net-snmp. I'm not convinced to implement any of the non-standard UCD mibs. Most of the useful values can be exported by the standards-based HOST-RESOURCES-MIB and I already started on extending our implementatio

Re: IP aliases: how many in one server with OpenBSD 4.4? Is it possible to change the limit?

On Thu, Mar 12, 2009 at 12:22:42PM +0100, Henning Brauer wrote: > * FRLinux [2009-03-12 10:43]: > > On Thu, Mar 12, 2009 at 1:29 AM, Claudio Jeker > > wrote: > > > Also check the lo(4) link1 flag for mass IP aliases. Note: currently works > > > only with IPv4 (but I have a diff somewhere for the

Re: relayctl host disable doesn't loop through all hosts

On Wed, Apr 01, 2009 at 09:22:44AM +0200, Pierre-Yves Ritschard wrote: > * Pascal Lalonde (plalo...@overnet.qc.ca) wrote: > > Hello, > > > > I've been playing with relayd lately. There is a behavior which seems > > unintuitive and I was wondering if that was a bug or the intended > > behavior. > >

Re: QEMU + snapshots - pvclock0: unstable result on stable clock

Hi, thanks for the report. We’re going to disable pvclock until I found a solution. It seems that old KVMs or KVM on old CPUs report stable support incorrectly. Do you have a dmesg? Reyk > Am 03.12.2018 um 09:26 schrieb Zach Nedwich : > > Hi all, > > I'm running OpenBSD snapshots on QEMU (a

Re: Broken links on http://www.openiked.org/

Thanks, I’m afk this weekend but I’ll take care afterwards. Reyk > Am 05.04.2019 um 19:24 schrieb Alex Naumov : > > Hey, > > it seems openiked.org is not maintained well. > 1. Copyright is just until 2015. > 2. There are some broken links on it: links to "CD's" and "Posters". > 3. Old links-for

Re: Viewing SFP diagnostic data in OpenBSD ?

On Mon, Apr 08, 2019 at 02:25:28PM +1000, David Gwynne wrote: > > > > On 6 Apr 2019, at 01:54, Rachel Roch wrote: > > > > > > > > > > Apr 2, 2019, 11:19 PM by da...@gwynne.id.au: > > > >> > >> > >>> On 3 Apr 2019, at 04:52, Stuart Henderson <>> s...@spacehopper.org > >>>

Re: Viewing SFP diagnostic data in OpenBSD ?

On Wed, Apr 10, 2019 at 12:11:34PM +0100, Stuart Henderson wrote: > On 2019/04/10 12:43, Reyk Floeter wrote: > > I have an em(4) with SFP in my FTTH gateway, a Lanner LEB-6032. I'd > > be happy to test any em(4) diff for it. > > > > I had to get a special SFP

Re: Got hits Job offering in the mail

I’ve got it as well from a different random recruiter and it was addressed to the wrong name. I doubt that Apple is doing such unprofessional recruiting - It looks like some scam. Reyk > Am 02.05.2019 um 16:56 schrieb Dan Shechter : > > Got approached by a head hunter. > > If anyone in the c

Re: relayd without pf?

> Am 14.05.2019 um 23:06 schrieb Adam Thompson : > >> On 2019-05-14 15:42, Adam Thompson wrote: >> OK, I'm pretty sure this is a dumb question, but... >> Does relayd work properly, or at all with pf disabled? (in 6.5-RELEASE) > > > I have partially answered my own question. That last message

Re: OpenBSD on VMware ESXi

On Wed, May 22, 2019 at 01:43:35PM +0200, Janne Johansson wrote: > Den ons 22 maj 2019 kl 12:52 skrev Roderick : > > > Hallo! > > As far as I read in WWW, OpenBSD do run on VMware ESXi out of the box. > > What does run better on amd64 virtual machine? i386 or amd64? > > Are there reasons to preffe

Re: How should vmm hosts access the internet?

> Am 13.10.2016 um 16:18 schrieb Dimitris Papastamos : > >> On Thu, Oct 13, 2016 at 03:43:54PM +0200, Stefan Sperling wrote: >>> On Thu, Oct 13, 2016 at 02:23:20PM +0100, Edd Barrett wrote: >>> Hi, >>> >>> Since vmm is now enabled, I thought I would have a play. >>> >>> So far so good, but I've not

Re: IPv6 Setup not working on Hetzner server

Hi, > On 02.12.2016, at 12:55, Leo Unglaub wrote: > > Hey friends, > i have the exact same problem as Heiko had more than one year ago here > on this mailinglist. See > http://marc.info/?l=openbsd-misc&m=143231965324314&w=2 > > Sadly his temporary solution does not work for me so i have to bring

Re: Setting MAC address of vm in vm.conf with lladdr

Hi, you are second person who repots this since Friday, I will check tomorrow if lladdr in vm.conf got broken. The config looks OK. Reyk > Am 04.12.2016 um 16:55 schrieb Eric Brown : > > Dear List, > > I am using the current snapshot (Dec 3 as of this post), and I am trying > to set the MAC

Re: Setting MAC address of vm in vm.conf with lladdr

On Sun, Dec 04, 2016 at 09:55:32AM -0600, Eric Brown wrote: > Dear List, > > I am using the current snapshot (Dec 3 as of this post), and I am trying > to set the MAC address of a vm host in vm.conf. > > However, the MAC address reported by ifconfig -a seems to change with > each restart. The lla

Re: bgplg httpd "ping: socket: Permission denied"

On Tue, Dec 13, 2016 at 02:03:37PM -0500, Michael W. Lucas wrote: > On Tue, Dec 13, 2016 at 02:21:51AM +0100, Jeremie Courreges-Anglas wrote: > > "Michael W. Lucas" writes: > > > > > Hi, > > > > Hi, > > > > > Running the 12/12 snapshot, amd64. > > > > > > I'm setting up the looking glass CGI in

Re: bgplg httpd "ping: socket: Permission denied"

On Wed, Dec 14, 2016 at 03:14:51PM +0100, Jeremie Courreges-Anglas wrote: > Reyk Floeter writes: > > > On Tue, Dec 13, 2016 at 02:03:37PM -0500, Michael W. Lucas wrote: > >> On Tue, Dec 13, 2016 at 02:21:51AM +0100, Jeremie Courreges-Anglas wrote: > >>

Re: vmm use only one core but 100%

The 100% CPU has been fixed a while ago. You should at least show a dmesg of the host. > > Hi, > > I run VMM end it uses only a single core but 100%. What I do bad? > > > my /etc/vm.conf > #-- > sets="/var/www/htdocs/pub/

Re: vmm use only one core but 100%

> # dmesg > OpenBSD 6.0-stable (DEV.MP) #1: Thu Dec 15 22:11:22 CET 2016 Use -current (a snapshot) or wait until 6.1 - 100% CPU was normal in 6.0's vmm busy loop. Reyk

Re: relayd[66834]: relayd: socketpair: Too many open files

dmesg please > Am 03.01.2017 um 22:16 schrieb Kevin : > > Hey gang, > > So I'm putting a new firewall in place and have run into issues with > getting relayd to start using: > > # /etc/rc.d/relayd start > > When I try starting it like that inevitably I get: > >relayd(failed) > > checking

Re: PC-Engines apu2c4 install reboot loop :(

On Tue, Jan 10, 2017 at 03:26:01PM -0700, Scott Seekamp wrote: > Also, are you setting the serial port of the loader: > > stty pc0 115200 You don't need this line, the tty will be switched to com0. > stty com0 115200 > set tty com0 > I think this will solve the problem. The APU2 doesn't provi

Re: relayd send/expect syntax

On Tue, Feb 07, 2017 at 05:04:18PM -0500, Michael W. Lucas wrote: > host 104.236.197.233, check send expect (9020ms,tcp read timeout), state > unknown -> down, availability 0.00% The send/expect code looses its error because of its async nature - it goes like: 1. "we got data, let's verify it" 2

Re: OpenBSD 6.0, httpd chroot & nfs

Hi, On Tue, Feb 14, 2017 at 07:24:17AM -0700, Steve Williams wrote: > Hi, > > I have a web based application (Gallery 3) on one web server with a > fairly large number of photos. > > I have nfs mounted that folder onto a new APU2 system with OpenBSD 6.0 > on it. > 192.168.123.3:/ext_gallery/ga

Re: http 408 messages in httpd logs

> Am 14.02.2017 um 10:48 schrieb Walter Alejandro Iglesias : > > Starting from Feb 11 my httpd logs are filled with 408 messages: > > roquesor.com 79.xxx.150.xx4 - - [14/Feb/2017:15:48:32 +0100] "GET / HTTP/1.1" 200 2535 > roquesor.com 79.xxx.150.xx4 - - [14/Feb/2017:15:48:32 +0100] "GET /en/styles

Re: http 408 messages in httpd logs

> Am 14.02.2017 um 11:27 schrieb trondd : > >> On Tue, February 14, 2017 1:48 pm, Walter Alejandro Iglesias wrote: >> Starting from Feb 11 my httpd logs are filled with 408 messages: >> >> roquesor.com 79.xxx.150.xx4 - - [14/Feb/2017:15:48:32 +0100] "GET / >> HTTP/1.1" 200 2535 >> roquesor.com 79.x

Re: From SHA1 to SHA256 in dhcpd sync

On Sat, Feb 25, 2017 at 04:15:07PM +0100, Denis Fondras wrote: > Hi, > > A patch to get away from SHA1 in dhcpd > HMAC-SHA1 is not affected by the published collision, but I'm not against switching the sync protocol to SHA2. Performance also doesn't matter that much here as the typical sync rat

Re: From SHA1 to SHA256 in dhcpd sync

> On 27.02.2017, at 16:10, Theo de Raadt wrote: > >>> >>> A patch to get away from SHA1 in dhcpd >>> >> >> HMAC-SHA1 is not affected by the published collision, but I'm not >> against switching the sync protocol to SHA2. Performance also doesn't >> matter that much here as the typical sync rate i

Re: Running OpenBSD on Hypervisor

Hi, what exactly is your question? Nowadays OpenBSD runs by default on: - OpenBSD vmm - Xen (HVM modes) - Hyper-V - VMware - KVM - VirtualBox - bhyve - qemu (also aarch64 and others) - sun4v logical domains - ... We have PV drivers for all of them in GENERIC. Reyk > Am 08.03.2017 um 07:07 sch

Re: Running OpenBSD on Hypervisor

> Am 08.03.2017 um 07:22 schrieb Phil Eaton : > > I have OpenBSD (and FreeBSD) running on Linode VMs (on a KVM host) and it > works well enough. I'm more than hazy on the details, but the issue as far > as I'm aware is that OpenBSD does not yet have full support for virtio. So > I need to use full

Re: UEFI and Hyper-v

Hi, I tried it once with a custom ISO but didn't get any further than the OpenBSD UEFI boot loader. At this point, it couldn't find the disk so I couldn't get to boot OpenBSD. But this was in the early stages of our UEFI support. So we seem to miss some EFI drivers for Hyper-V Gen 2. If you ge

Re: UEFI and Hyper-v

On Mon, Mar 27, 2017 at 10:46:00AM +0200, Reyk Floeter wrote: > btw. Is there any reason or benefit to use Gen 2? AFAIK, it is only > for Windows for secure boot etc. I think Gen 1 is fine for OpenBSD, > you even have the hvn(4) and the hyperv(4) drivers now. Even the > latest machi

Re: OpenBSD httpd and HTTP/2

On Fri, Mar 31, 2017 at 09:14:10AM +0200, Marina Ala wrote: > Hello! > > When will the httpd have HTTP/2 support in OpenBSD? > > Endpoints, webservers and the devices/networs between the two points would > greatly benefit from HTTP/2. > > Faster and less traffic. > > Thanks. > Isn't QUIC

Re: iked/IKEv2 issue with 6.1

On Thu, Apr 20, 2017 at 04:03:38PM -0400, Igor V. Gubenko wrote: > Hello everyone, > > OpenIKED just doesn't seem to like me much. > > I managed to get it working around 5.8 but from upgrade to upgrade I > encountered different issues. > > I have 3 tunnels using IKEv2. 2 are using a PSK, and 1 i

Re: spamd and outlook.com

s://home.nuug.no/~peter/nospamd > I use the attached script to fetch the SPF entries recursively, in a plain text format that can be fed into pfctl. outlook.com gives me 82 networks. Reyk ---snip--- #!/usr/bin/perl # Copyright (c) 2016 Reyk Floeter # # Permission to use, copy, modify, and di

Re: spamd and outlook.com

On Fri, Apr 21, 2017 at 01:52:05PM +0200, Boudewijn Dijkstra wrote: > Op Fri, 21 Apr 2017 12:16:31 +0200 schreef Reyk Floeter : > > On Fri, Apr 21, 2017 at 11:59:20AM +0200, Peter N. M. Hansteen wrote: > > > On Fri, Apr 21, 2017 at 11:25:14AM +0200, Markus Rosjat wrote: > >

Re: httpd

On Tue, Nov 18, 2014 at 02:20:40PM +0200, Gregory Edigarov wrote: > Hi, > > While downloading a big file from httpd it eats somewhere from 77 to 100% or > even 150% cpu. Do you have any more details? OK, you're running -current. But how big is your big file? What is your httpd configuration?

Re: httpd

On Tue, Nov 18, 2014 at 03:22:36PM +0100, Reyk Floeter wrote: > On Tue, Nov 18, 2014 at 02:20:40PM +0200, Gregory Edigarov wrote: > > Hi, > > > > While downloading a big file from httpd it eats somewhere from 77 to 100% or > > even 150% cpu. > > Do you have any

Re: openhttpd

On Sat, Dec 20, 2014 at 08:33:00PM -0600, Edgar Pettijohn wrote: > Is there a mailing list for openhttpd? Also all the links on openhttpd.net > are broken. > > thanks > I don't know what openhttpd.net is, but it is not related to us. The page is not even new. Reyk

Re: OpenBSD projects

On Fri, Dec 26, 2014 at 09:42:18AM -0800, jungle Boogie wrote: > Hello All, > > Here's a list of projects that I'm aware of that openBSD created. Is > that correct? (p) is for portable. What else am I missing? > openssh (p) > opensmtpd (p) > mandoc (p) > openntpd (p) > openbgpd > libressl (p) > op

Re: OpenBSD projects

On Sat, Dec 27, 2014 at 07:32:06PM -0500, Predrag Punosevac wrote: > I was too quick with my earlier message. > > I don't think anybody mentioned OpenBSD implementation of dhcp server > and client. IIRC FreeBSD uses OpenBSD version of the client for its base > installation. Traditionally FreeBSD

Re: httpd(8) - Update index docs to HTML5

Hi, On Thu, Jan 01, 2015 at 01:20:49AM -0600, James Jerkins wrote: > Hello, > > Based on the W3c moving HTML5 to "Recommendation" status on October 28, > 2014, (http://www.w3.org/2014/10/html5-rec.html.en) these two patches update > the built-in index documents in httpd(8) to HTML5. > Thanks f

Re: Best way forward w.r.t. apache/nginx/httpd?

On Mon, Dec 29, 2014 at 10:41:26PM +, Stuart Henderson wrote: > > b) Migrate to nginx > >This seems to be the least interesting option - not only do I have to > >migrate now, but once more in the future, as nginx is also on the way > >out (so, the same "developer attention" caveat a

Re: httpd: multiple addresses for one server

On Thu, Jan 01, 2015 at 11:54:46PM -0500, Geoff Steckel wrote: > Is there any way todo the equivalent of: > > server "an.example.com" > listen on 192.168.2.99 > listen on 2001.fefe.1.1::99 > > ?? > It appears that the code in parse.y explicitly forbids this > and the data structures for a

Re: httpd and ~user directories

On Sat, Jan 03, 2015 at 10:33:52PM +0100, Tor Houghton wrote: > Hello, > > I'm wondering if there is a plan to add support for ~user style URL > expansion to the new httpd. > > I've tried fudging it for 'someuser' by adding the following to the default > server within /etc/httpd.conf, but to no

Re: PRG airport in misc

On Sun, Jan 04, 2015 at 12:08:44PM +0100, Jan Stary wrote: > The PRG airport has been renamed > in honor of Vaclav Havel quite some time ago. > > Jan > Thanks, done. > Index: airport > === > RCS file: /cvs/src/share/misc/airp

Re: 500 httpd error with owncloud

Hi, On Sun, Dec 28, 2014 at 10:41:01AM +0100, Clemens Goessnitzer wrote: > I installed the owncloud server from ports, and tried to get it running with > the new httpd. Unfortunately, I get a "500 Internal Server Error" once I log > in. However, the login page is shown perfectly fine. > > Here is

Re: 500 httpd error with owncloud

On Wed, Jan 07, 2015 at 06:03:23PM +0100, Stefan Sperling wrote: > On Wed, Jan 07, 2015 at 05:53:24PM +0100, Reyk Floeter wrote: > > # First deny access to the specified files > > # (as a workaround, run 'mkdir -p 0 /var/

Hannover BSD meetup

Hi, we figured out that there are more BSD people in the Hannover area, Germany, which seems to be a good reason to meet and get beer. We're not quite a user group, but let's give it a try. We're a few developers and users, mostly from OpenBSD but the other ones are welcome. We don't have a mai

Re: What are the disadvantages of soft updates?

On Thu, Jan 22, 2015 at 09:02:51AM -0500, Steve Shockley wrote: > On 1/21/2015 5:50 AM, frantisek holop wrote: > >but in my experience it is not that hard to get a > >corrupted filesystem with softupdates and i had to stop > >using it. but i seem to attract panics and > >page faults. > > I've per

Re: Hannover BSD meetup

I'm amazed about the feedback on twitter and misc; it will definitively happen. Thanks! And I'm sure that people in Munich can find others to have their own OpenBSD Haxn-und-Mass-Oktoberfest every now and then ;) Reyk On Thu, Jan 22, 2015 at 03:02:30PM +0100, Reyk Floeter w

Re: Hannover BSD meetup

at the bar got concerned when we told them "we don't know how many people - we announced it publically in the Internet" ;) Ok, time to pack my stuff and to leave #s2k15 and Australia... Reyk On Thu, Jan 22, 2015 at 03:02:30PM +0100, Reyk Floeter wrote: > Hi, > > we figu

Re: gzip compression in httpd

On Mon, Feb 16, 2015 at 02:46:27AM +0600, �?�?�?�?�? �?�?�?омин wrote: > On Sun, Feb 15, 2015 at 07:20:53PM +, Florian Obser wrote: > > On Sun, Feb 15, 2015 at 07:11:48PM -, Merci Brault wrote: > > > Does the new httpd support gzip compression? > > > > > > > No. > > Planned? > No.

Re: Last snapshots won't install on VMWare ESXi or getting ether_output panic

Hi, I haven't seen such crashes. Can you provide more information incl. dmesg and .vmx file of the VM? Reyk > On 25.02.2015, at 18:55, Romain FABBRI > wrote: > > On last snapshots I can't complete the install when installing as a guest VM > in VMWare ESXi 5.5. (snap: 20150217->20150223) >

Re: OpenBSD and 40G/100G ethernet cards

Hi, > On 03.03.2015, at 23:09, Theron ZORBAS wrote: > > Hi, > > Is there any plan to support 40G/100G ethernet cards? You may see a vendor's > product in this category at this link: > http://www.mellanox.com/page/ethernet_cards_overview > Thanks > Theron > if there is hardware documentation

Re: iked vs. isakmpd + carp

Hi, On Fri, Oct 19, 2012 at 8:10 PM, Tyler Morgan wrote: > On 10/19/2012 1:16 AM, Jim Miller wrote: >> >> Two part question: >> >> 1. Anyone had any success getting iked and carp working on OpenBSD 5.1 >> (amd64)? We can get it working with isakmpd. The issue seems to be >> that iked wants to

Re: Internet Connection - Load Balancing and Failover

Hi, I've read the other replies and there's no need to install any port. Like mentioned before, just use relayd(8) from base with the "router" option in relayd.conf(5) in combination with multipath routing (sysctl net.inet.ip.multipath=1). You can also use pf with "route-to" or "rtable" as a class

Re: restart relayd with new config

Am Donnerstag, 29. November 2012 schrieb lilit-aibolit : > > Good. I have two configs. And in specified time I need to *reload* to new > config-file, > not reload same config-file. > How 'relayctl reload' help me? > You should read the relayctl(8) manpage first. relayctl load filename Reyk

Re: ifOperStatus of em(4) devices always unknown when link is up

Am Montag, 3. Dezember 2012 schrieb InterNetX - Carsten Schoene : > Hello, > > i've setup a OpenBSD 5.2 (amd64) system using flashrd on a DELL R610 > server, > with an Intel PRO/1000 PF (82571EB) dualport fibre optics adapter. > The system also have four broadcom BCM5709 copper interfaces. > > I t

Re: BSD licensed gnupg replacement question

On Thu, Dec 6, 2012 at 8:36 PM, Dustin Fechner wrote: > On 12/06/2012 08:10 PM, Maximo Pech wrote: >> that there isn't a single production ready, gnupg-like, BSD licensed >> tool out there (I don't have the skills and time to program one >> myself). > > NetBSD has netpgp, which is BSD licensed: >

Re: greyscanner - sender with no MX or A

Am Donnerstag, 27. Dezember 2012 schrieb Peter Hessler : > Not sure where you got "greyscanner" from, but you should probably ask > the authors. > > It's from a guy called Bob. http://www.ualberta.ca/~beck/nycbug06/scripts/greyscanner > > On 2012 Dec 26 (Wed) at 21:31:26 +0100 (+0100), Jan Star

Re: OpenBSD/iwn(4) support for WPA2/PEAP/MSCHAPv2?

On Wed, Jan 23, 2013 at 5:41 PM, Erling Westenvik wrote: > I need to connect my ThinkPad T500 running 5.2 current to the wifi > network here at my university. E.g. the "eduroam" network which is > available at most universities through, at least, Europe. After Googling > around for a while I'm no

  1   2   3   4   >