ch help looking for
explanations of 421 on the web.
# cat /etc/mail/smtpd.conf
listen on lo0
table aliases db:/etc/mail/aliases.db
accept for local alias deliver to mbox
accept for any relay
# echo 'test' | mail -s TEST scott
send-mail: command failed: 421 Temporary failure
smtp
o help, especially with these "101" type
questions. As usual, thanks in advance.
-Scott
On Fri, May 17, 2013 at 10:41 PM, Eric Faurot wrote:
> On Fri, May 17, 2013 at 07:31:42PM -0700, Scott wrote:
> > The initial debug advice I got was helpful, so I thought I'd take
goofed the URL I think; but I've
checked it a million times (I get a bit neurotic when these simplistic
things don't work and replace strings with identical strings from a manpage
or search result just to make sure I'm not being dyslexic).
What's wrong with my configs?
-Scott
MX question got me
searching, and I found that my secrets file wanted google's
application-specific password (your choice of wording is what triggered the
thought).
Thanks for the help.
-Scott
On May 21, 2013 12:30 AM, "Gilles Chehade" wrote:
>
> Hi,
>
> On Mon, May
I don't remember
the exact verbiage). The versions
looked for were correct, base56.tgz, for example. I tried a few other mirrors,
all with the same result.
I'd appreciate any help :)
-Scott
f /files/resolv.conf /files/hosts.small
So I know it's just something I'm doing wrong with my rc scripts. I read
the readme in /usr/local/shar/docs/pkg-readmes/, but that only covers
interaction with dhclient and resolv.conf.
Any help would be MUCH appreciated.
-Scott
s 127.0.0.1;" >>/etc/dhclient.conf
and change /etc/resolv.conf to contain only:
nameserver 127.0.0.1
Thanks again for your help.
-Scott
On Fri, May 3, 2013 at 3:40 PM, Kenneth R Westerback wrote:
> On Fri, May 03, 2013 at 02:52:06PM -0700, Scott wrote:
> > Good day,
> >
for local alias deliver to mbox
accept for any relay
However, sending a test mail to myself yields two different errors. On my
server:
# echo 'test' | mail -s TEST scott
send-mail: command failed: 553 Sender address syntax error
on my desktop:
# echo 'test' | mail -s
ere's a squawk about permissions on
my .forward file (see below), but:
# ls -l ~/.forward:
-rw-r--r-- 1 scott users 0B May 8 18:36 .forward
My home dir is mounted as an NFS share of my home dir on the server. This
wouldn't mean anything though, would it?
# grep home /etc/fstab:
foo:/home
se let me know if there's anything
more I can provide.
Thank you all.
-Scott
Here is a schematic of my setup:
---internet---|cable
modem|---|nfe0---SERVER---re0|---|switch|---|client1/2/3/etc|
# sysctl net.inet.ip.forwarding
net.inet.ip.forwarding=1
# ifconfig -a
lo0: flags=8049
n't belong on the internet
>> block in on $ext_if from
>
> I wonder if this is causing your problem with a non-routable IP on nfe0.
nfe0 IP=71.xxx.xxx.xxx
Anyway, thanks for pointing out that glaring mistake about the "pass
in". Unfortunately, it doesn't address my problem, but the lesson is
to experiment with a test file instead of a working rule set :)
-Scott
itched to a cable modem I
didn't change things accordingly.
This error is painfully obvious to most of you, so again, sorry for
the noise of this thread, and thanks for not dropping me in an acid
bath.
-Scott
rs are ZERO for the "tagged
" version and otherwise correct and incrementing for "user proxy"
version.
-Original Message-
From: Camiel Dobbelaar <[EMAIL PROTECTED]>
To: S. Scott Sima, CISA, CISM <[EMAIL PROTECTED]>
Cc: misc@openbsd.org
Subject: Re: openbsd 4
el needs
correctly via its anchors. Else-wise if it needs me to do something for
it, then isn't tag/tagged the clean why to effect manual rule entries?
If so, then why no hits. Which brings us back to doh.
/S
-Original Message-
From: Camiel Dobbelaar <[EMAIL PROTECTED]>
To: S
On a lcd screen, short of hi-def video's and gaming, it's hard for the
eye to see meaningful difference between 16 and 24 bit depth. In some
case 15 bit depth works better on lcds.
-Original Message-
From: Rob Lytle <[EMAIL PROTECTED]>
To: misc@openbsd.org
Subject: Re: KDE presents a dist
work as well as the i's nic chip -features
like tcp off-loading, vlan, teaming, etc. were (at the time) weak or
just troublesome. It's my understanding that it's not a silicon thing;
it's a driver thing where the -- oem -- hasn't been open-friend thus
hindering the open de
RE: tunnelblick
you should look at
ssh -w tun0:tun0 ...
option; it's comparatively new and a tad under documented but works
nicely, albeit on tcp.
-Original Message-
From: johan beisser <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED], Sunnz <[EMAIL PROTECTED]>
Cc: misc@openbsd.org
Subject:
1. use # tcpdump -eni pflog0
2. if that's not revealing then post its output AND the whole pf.conf
file.
3. in the mean time, consider rdr PASS on $IF_RR proto udp from
$REMOTE_IP to ($IF_RR) -> $HOST_WII
where PASS is in lower case inside the pf.conf (UCASE here for emphasis
only)
/S
-Or
If small form factor, *LOWEST* power factor (i.e. fanless) and
accelerated crypto are of any importance, consider
http://www.logicsupply.com/
Specifically, the VIA C7 (or older C3) motherboard based boxes. (amd are
worthy too, but at higher power factors and sans crypto acceleration.)
Go http://w
TED]>
To: scott <[EMAIL PROTECTED]>
Cc: Joerg Zinke <[EMAIL PROTECTED]>, misc@openbsd.org
Subject: Re: openbsd router hardware
Date: Mon, 24 Dec 2007 15:45:09 +0200
Mailer: Thunderbird 2.0.0.9 (Macintosh/20071031)
Delivered-To: [EMAIL PROTECTED]
scott wrote:
> If small form factor,
F_RR inet proto udp \
tagged OKGAMING keep state
#
pass out log quick on sis2 proto udp \
tagged OKGAMING keep state
#---
Include one of the foregoing with all due respect to the other rules in
your pf.conf.
Cheers,
/Scott
-Original Message-
From: slug bait <[EMAIL PROTECTED]>
To: sc
Yes, but the third tab on your link clearly shows that 1 through 9 of
the 10 worst (spamhaus definition) spammers (not spam origins) are non
U.S. culprits -- Russian, Ukraine, Hong Kong, Russian, Australia,
Russian, Russian, India, Ukraine and USA.
-Original Message-
From: Girish Venkatach
ing the machine on bare upper household floors
is not bounce (shock) or vibration free. Whether it exceeds tolerances
or not depends on your household.
Then, go heed Chris' points as well and any way.
/Scott
-Original Message-
From: Erik WikstrC6m <[EMAIL PROTECTED]>
To
Referencing:
http://www.cse-cst.gc.ca/services/crypto-services/crypto-algorithms-e.html
It is now 2008 and, per above link, the CSE de-lists certain HASH and
HMAC standards and algorithms, namely sha-1 is bumped to sha-224 (as a
minimum) including its downstream incorporations/reliances.
With reg
Notwithstanding the mentioned 5% issue, in context and for the purposes
of secure wipes, is it not better to use
/dev/arandom (or /dev/srandom) vs. /dev/zero
as in
dd if=/dev/arandom ...
/S
-Original Message-
From: Sunnz <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
To: Eric Furman
If your student driver declares their intent to learn to drive so as to
be able to run someone down and you teach as a means to that end, then,
yes, in most jurisdictions, you share culpability.
/S
-Original Message-
From: Pete Vickers <[EMAIL PROTECTED]>
To: Andreas Maus <[EMAIL PROTECTED
on $ext_if inet proto tcp \
from ! to ($ext_if) port ssh \
flags S/SA keep state \
(max-src-conn-rate 3/30, overload flush global)
The block-pass pair has the advantage of logging the blocks.
The pass variant logs successful passes only.
/Scott
-Original Message-
From: Raimo
re-test and post with in your ruleset
pass in quick on fxp0 inet from any to any keep state
pass out quick on $ext_if inet from any to any keep state
/S
-Original Message-
From: Chris Cohen <[EMAIL PROTECTED]>
To: misc@openbsd.org
Subject: 4.2-current throughput with pf enabled
Date: Fr
[EMAIL PROTECTED]
On Friday 11 January 2008 18:36:54 scott wrote:
> re-test and post with in your ruleset
>
> pass in quick on fxp0 inet from any to any keep state
> pass out quick on $ext_if inet from any to any keep state
>
Did that, didn't change anything. Maybe I should add som
***
Analogy: You're on a highway with a posted speed of 100 km/h. You want
to operate your car and your car only 25 km/h only on the 100 km/h
highway.
***
And for this happy privilege, you want to impose the attendant nuisance
(highway analogy), read overhead (o/s analogy), on all the other cars
your case is an outside-to-inside scenario, then reverse the
directions, i.e. use either an inside-edge nat or a rdr instead.
/Scott
-Original Message-
From: Jeff Santos <[EMAIL PROTECTED]>
To: misc@openbsd.org
Subject: brute force voip QoS
Date: Wed, 23 Jan 2008 09:28:09 -0500
Deli
Two approaches (variation of some already mentioned).
1. GROUND and SHIELD the sources. Home Depot, et cetera, have lead-lined
drywall by the sheet for a small premium over regular (quality) drywall.
Cut to size. You You don't actually need to encase, but rather place it
as barrier between her an
If MHz are the issue ... you can get SUN NETRA T1 machine off ebay from
50-300$ depending on its age and ingredients. These used Netra's range
from 400M-1.2G Hz. These are 1U units. They offer far greater
performance bang then x86's at at like MHz.
For example, a Netra T1 500MHz, 2GB PC-133 RAM
RE: LOUD
I have x86 machine SCSI hard drives. The fast rpm SCSI are LOUD. I
suspect they would be the majority culprit in the netra's case too.
There are likely pci-bus/slot ata or s-ata workarounds if the lower-freq
netra is a suitable starting place. (e.g. I run several
everything-but-X-and-c
sweet idea.
:-)
-Original Message-
From: Darrin Chandler <[EMAIL PROTECTED]>
To: Cache Hit <[EMAIL PROTECTED]>
Cc: misc@openbsd.org
Subject: Re: PF - using overload for port 80 attacks/floods
Date: Thu, 31 Jan 2008 11:11:25 -0700
Mailer: Mutt/1.5.16 (2007-06-09)
Depending on the traffic p
The C3&7 per-watt performance is outstanding; however, their benchmark
performance, exclusive of crypto and/or multimedia acceleration, is not
on par with like MHz intel or amd processors.
The amd turion is the benchmark *AND* per-watt performance king.
Yes, there are desktop turion-compatible mo
You need a triad of rdr-pass in-pass out. tag/tagged is better way to
do it, because rdr does its thing on the packets "to" before the pass in
and out rules are evaluated. tag/tagged means you don't need to "adjust"
the in/out rules.
# ---
rdr on $ext_if inet proto tcp \
from any to any ($ext_if
I have an Intel D815EEA2 motherboard; its spec is supposed to include
the RNG hardware; however, the dmesg output is void of any indication
that obsd discovered or uses it.
Is there something I need to do?
Thanks,
# ---
rebooting...
OpenBSD 4.2 (GENERIC) #2: Sat Feb 2 13:34:39 EST 2008
[EM
1. You must have DNS services somewhere. I am similarly setup abd I use
www.zoneedit.com. Free and competent.
2. Most cable-based broadbands and DSL do have a fixed dns string. Mine
is in the form of -com.
Reverse look-up your own dynamic ip and see what it resolves to. Use
this as input
I think you'd be better served by the following pf.conf
Let pf & state --combination-- affect the queuing.
#-start-
ext_if="fxp0"
int_if="vr0"
lan_net=$int_if:network
icmp_types="echoreq"
table const { 200.184.77.145, 200.184.77.138 }
table const { 192.168.2.33, 192.168.2.100 }
set s
ass in log on $ExtIf inet proto tcp from $WorkSsh to lo0 port $SshPort
$SynState tagged OPENSSH
OpenBSD Pf Firewall "how to" ( pf.conf )
http://calomel.org/pf_config.html
--
Calomel @ http://calomel.org
Open Source Research and Reference
On Fri, Feb 08, 2008 at 08:35:44AM -0500, S
You're saying, "it's hard." Are you also saying, "abandon all hope
because it's hard."
Are any of the parties herein indirectly suggesting or asserting that
the dragonflybsd effort (visa vi api-centric model) is doomed or
ridiculous or wrong minded? Either intrinsically or just because it's
har
or o/s dev.
brewhaahaa from a while back.)
-Original Message-
From: Geoff Steckel <[EMAIL PROTECTED]>
To: scott <[EMAIL PROTECTED]>
Cc: OpenBSD
Subject: Removing One Giant Lock, was, Re: Multi-Threaded SSH/SCP made
by university of Puttsburgh
Date: Thu, 14 Feb 2008 03:18:33 -05
Change to...
ext_if="sis0"
rdr pass on $ext_if inet proto tcp \
from any to a.b.c.d port 8080 -> 192.168.3.105 port 8080
rdr pass on $ext_if inet proto tcp \
from any to x.x.x.x port 8080 -> 192.168.3.106 port 8080
Where a.b.c.d is the non-alias ip and x.x.x.x is the alias ip.
-Original
Briefly tried testing 4.2-current (out of snapshots) for acpi and bwi(4)
support. We booted the target machine w/install42.iso and escaped to
shell. It's a in-production machine so we can't complete the install.
Should the acpi be enabled and verifiable from the install42.iso,
presumably /bsd.rd
Is the $server address that you've sanitized an external interface ip or
an internal interface ip?
-Original Message-
From: pezking <[EMAIL PROTECTED]>
To: misc@openbsd.org
Subject: PF will not allow incoming DNS
Date: Fri, 15 Feb 2008 18:38:11 -0600
Delivered-To: [EMAIL PROTECTED]
Hello
1. Use the log option in the rules; then tcpdump -eni pflog0 will reveal
what's going on.
2. rdr and nat touch the dest and src addresses before the pass/block
rules filters. It's,therefore, easy to write a rule with the wrong
applicable dest/src address. I, therefore, prefer using tag and tagged
Usually they are intel; however, HP's distro blesses them with
a PXE boot option typically enabled by default. In the past,
this option seems to sometimes interfere with BSD's boot.
Recommend hard disabling the network/pxe option it first.
-Original Message-
From: Stuart Henderson
The em's have the advantage that the driver enables and uses hard-level
tcp/udp check-sum offloading. This does help on mid- to heavy loading.
/S
-Original Message-
From: michael enoma aghayere <[EMAIL PROTECTED]>
To: Sunnz <[EMAIL PROTECTED]>
Cc: misc@openbsd.org
Subject: Re: PCI Gigabi
RE: LOCAL HOSTS DON'T...
You can use the "user" or "group" criteria to identify the
facility/service (daemon) and tag their packets accordingly.
#
pass in inet proto tcp from any to any port 80 \
user tag MYTAG \
keep state
...
pass out ... tagged MYTAG
#
You may be able to further refine the
version a... export PS1="\l [EMAIL PROTECTED] #"
version b... export PS1="\l [EMAIL PROTECTED] \\$"
"B" changes the "#" to be either "$" or "#" per user's non-root/root status.
-Original Message-
From: Unix Fan <[EMAIL PROTECTED]>
To: misc@openbsd.org
Subject: Re: changing bash prompt es
quot; is its running userID, to its queue.
/S
-Original Message-
From: Stefan Schulze Frielinghaus <[EMAIL PROTECTED]>
To: scott <[EMAIL PROTECTED]>
Cc: misc@openbsd.org
Subject: Re: pf tag/tagging and packages from localhost
Date: Mon, 25 Feb 2008 12:31:31 +0100
Mailer
it shall be done.
Thanks!!!
/Scott
Investigated further... using the pf.conf frag
# -v-
pass in log quick on em0 inet proto tcp \
from ! to (em0:0) port 443 \
tag VSSHQ flags S/SA keep state \
(max-src-conn-rate 3/120, overload flush global) \
queue(QSSH,QLOWLAT)
#
pass in log quick on tun inet \
from (tun:peer) to a
see ifconfig(4) and the "group group-name" keyword (also applicable to
hostname.if). Substitute the the "group-name" for the interface name in
the applicable pf rule. One group-name based rule covers off all the
member interfaces.
:-)
-Original Message-
From: Fratiman Vladut <[EMAIL PR
openBSD(4.2) and 4.3-beta
/etc/pf.conf fragment
# ---v---
pass in log quick on em0 inet proto tcp \
from ! to (em0:0) port 22 \
tag SSHVPN flags S/SA keep state \
(max-src-conn-rate 3/120, overload flush global) \
label R1
#
pass out log quick on em1 tagged SSHVPN keep state \
label R2
#
blo
Thanks, everyone, for the user- vs kernel-land info. As soon as I read
it, I got it. Disappointed but I got it.
ipsec/isakpmd is, I think, kernel-land and it has some very flexible
(per ipsec rule, not just daemon level, as in user or group filtering)
pf+visible tag capabilities.
As he crosses
RE: Also, "...new chroot functionally off ssh that
is shipping with open 4.3, will help on doing this."
I'll look into this. It's my understanding, flawed asit may be, that
(i) sshd runs as root and (ii) there can be one instance only.
Do you know if the sshd in 4.3 via chroot affords (i) sshd
I too retired a long serving oBSD/Pentium-Pro 200 back in November. As
one door closes ... fyi ... openBSD 4.3 is still small-iron friendly.
I run an stock install42 and 43 (no "skinny" or other customizations),
exclusive of the X and compiler sets, and it installs to and runs from a
256MB CF (com
I have been using www.shrew.net ipsec (gui) client on my road warrior
ubuntu 7.10 (linux) machines very successfully with our openBSD 4.2
vpn/pf gateways. I did have to use an openBSD-side isakmpd.conf method
vs. an ipsec.conf/ipsecctl method as I couldn't author an ipsec.conf
that worked.
shrew.
Given the state of modern flash technologies, I think in certain regards
you're going beyond practical necessity.
If you use the right CF (or usb) flash technology, the practical
lifetimes are easily in the 7 to 10 year ranges.
You're looking for the following -- NAND (not NOR) based, single lev
I believe it was mentioned aways back in the message stream, but perhaps
it's worth reconsidering at this juncture...
Keep the low emi/rfi 386 machine user-proximity but convert it to an X
server with the more capable X client (app server) machine farther away.
-Original Message-
From: D
set is
available at www.keyrequirements.com
If you are interested in one of these requirements, please forward a current
word.doc version of your resume.
Upon receiving your reply, I will contact you for further discussion.
Thank you,
Scott McKearney
(sent from home office domain)
Contact
When you say, "...b.b.b.b represents every server the client wants," do
you mean (i) every server from a known set of servers, or do you mean
(ii) any server --public and private-- on the Internet?
-Original Message-
From: Karel Galuska <[EMAIL PROTECTED]>
To: misc@openbsd.org
Subject: pf
As far as I know, pf = no; an http (or ip) proxy = yes.
But, please explain how you expect www.google.com:p2 to work when client
wants www.google.com:p1 (meaning www.google.com:80)?
-Original Message-
From: Karel Galuska <[EMAIL PROTECTED]>
To: scott <[EMAIL PROTECTED]&
We've found the best gateway box -- pf, sshd for "ssh -w" vpn and ipsec
clients, spamd, etc. -- is non-MP, as follows.
A) Use a box with the fastest memory bandwidth (and latency) your budget
-- cash or time spent scrounging -- can afford/acquire. (e.g. on a
P-III 1 GHz machine, we saw meaningfu
reading this :
pci4 at ppb3 bus 4
em0 at pci4 dev 0 function 0 "Intel PRO/1000MT (82573L)" rev 0x00: irq
14, address 00:10:f3:10:7e:68
ppb4 at pci0 dev 28 function 1 "Intel 82801H PCIE" rev 0x02: irq 10
pci5 at ppb4 bus 5
em1 at pci5
--
I'd deduce em0 (pci4, bus
Applause, applause, applause.
Thanks big time.
-Original Message-
From: Damien Bergamini <[EMAIL PROTECTED]>
To: Didier Wiroth <[EMAIL PROTECTED]>
Cc: misc@openbsd.org
Subject: Re: wpa now in current?!
Date: Wed, 16 Apr 2008 22:22:37 +0200
Mailer: Microsoft Outlook Express 6.00.2900.3138
one of those keywords? If the former is true, then I
don't understand why my setting doesn't seem to work. If it's the
latter, then I know I've omitted something.
Googling for 'MaxSessions' just yielded me a bunch of results that
looked like mine, as a single line entry without a Match construct.
Thank you!
-Scott
Got it. Thank you both for clearing up the definitions for me; and
thanks to Jeremie for pointing me to pf. I'll look at that tonight and
see if suits my intention.
-Scott
On Fri, Nov 11, 2011 at 1:16 PM, Mattias Pehlke wrote:
> * Scott [11.11.2011 20:30]:
>> Hello,
>>
&g
y know this
stuff as second nature, and am always grateful for your replies (even when I
get yelled at).
Thanks!
-Scott
> On Tue, 22 Sep 2009, Gregory Edigarov wrote:
>
>> Hello everybody,
>>
>> I am looking for an advice of which issue tracking system to use for a
>> small team of admins (4 members)?
>> OTRS, RT - are an overhead for our purposes. so we don't need anything
>> fancy, all we need is to make sure all
I must be missing something in my config, and I'd appreciate it if my
blunder could be pointed out to me.
I have two web servers behind a firewall (all machines are running
4.6-stable, generic kernel). The firewall has rdr & pass rules to both
web servers, with one commented out at a time. I c
Marco Pfatschbacher wrote:
Hi,
I actually didn't read your entire mail..
but:
Having 192.168.0.9 on both the physical and the carp interface
cannot really work.
Thanks for trying! Unfortunately, I tried that as well (and double
checked it again after your reply) where the carp IP is not
unison?
On 05/24, Asbel Kiprop wrote:
Yeah, i was using it for some time and i wonder if there is some more text
document based solution.
2017-05-24 20:33 GMT+03:00 Ulises M. Alvarez :
On 24/05/17 12:22, Asbel Kiprop wrote:
Hello, friends. Is there is some solution (in OpenBSD packages, lik
I've got a 27T drive, single partition, about half full. Combination of
big files and lots of small ones. 32G of ECC RAM. Hardware RAID5 ATM
though I've used software RAID5 on the same array and that was good too.
I keep offline backups of everything. I think it takes around an hour to
fsck, b
You might get the error "'\' must be configured" when trying to
autoinstall, if your autodisklabel layout is only minimums, and the
minimums add up to more than the total available disk size. So, you
know, don't do that.
Putting this out there to save someone some troubleshooting time when
th
Please forgive me if this has been noted on misc@, as I've overlooked
it, but, just out of curiosity, can anyone account for the recent
doubling in size of base61.tgz in recent amd64 snapshots of -current?
As recently as 7 June, it was ~58 MB in size, but over the last couple
of days at least,
On 6/14/2017 3:37 PM, Theo de Raadt wrote:
Please forgive me if this has been noted on misc@, as I've overlooked
it, but, just out of curiosity, can anyone account for the recent
doubling in size of base61.tgz in recent amd64 snapshots of -current?
As recently as 7 June, it was ~58 MB in size, b
I am investigating the feasibility of migrating aRESTful webapp
currently hosted on nginx and6.1-currentto use httpd. Naturally, such an
application requires a URL-rewriting facility.
Perusing the httpd.conf(5) and httpd(8) man pages, this list's archive,
and Google, I see nothing that indicat
Hi everybody. I used to host my own email and I have ambitions to give
it another try. I prefer to keep my email on my home server if I can,
but I use Comcast and they block port 25. So, I thought I'd try setting
up an IKEDv2 based VPN between my home network (including my email
server at home)
,
and the qemu-kvm package version is 2.7.1-7.
If there's any information I can provide, please let me know.
-Scott
I'm having difficulty creating a new SSL cert for a virtual host I'm
just standing up for the first time. I get the following error on
successive attempts:
urn:acme:error:unauthorized
Error creating new cert :: authorizations for these names not found or
expired: aeneas.datagenic.com
I've ve
On 5/25/2018 2:20 PM, Fred wrote:
On 05/25/18 21:10, Scott Vanderbilt wrote:
I'm having difficulty creating a new SSL cert for a virtual host I'm
just standing up for the first time. I get the following error on
successive attempts:
urn:acme:error:unauthorized
Error creatin
least that’s my understanding.
Or maybe I misunderstood the error message.
V/r,
Bryan
Thanks for chipping in.
Regrettably, I get the same error with -D flag only (i.e., no -A).
On May 25, 2018, at 4:10 PM, Scott Vanderbilt wrote:
I'm having difficulty creating a new SSL cert for a vi
On 5/26/2018 4:54 AM, Stuart Henderson wrote:
aeneas.datagenic.com doesn't respond on port 80. (And if I can't
fetch it, letsencrypt's checkers are also unlikely to be able to).
Firewall issue?
Oh, FFS.
Yes. A silly pf rule blocking incoming traffic from outside my LAN that
I overlooked whe
Not quite the same as earlier reports. Also not sure if this qualifies
as something reportable to bugs@ or not. The system appears to be
working normally otherwise.
scott #sysctl kern.version
kern.version=OpenBSD 6.3-current (GENERIC.MP) #90: Thu Jun 7 09:08:25
MDT 2018
dera...@amd64
On 06/19/18 03:37, Rupert Gallagher wrote:
I have 1500EUR for a new laptop. What would you buy with it?
On 06/19, Jordan Geoghegan wrote:
Have you considered one of the Librem laptops by Purism? I hear they're
quite nice, and are running coreboot straight from the factory.
They run OpenBS
I was very eager to implement the new rewrite functionality in httpd.
However, I've run into an issue, and I am uncertain whether the new
behavior is CGI-compliant or not.
The app I am attempting to convert to httpd is currently built on nginx,
and the rewrite functionality it offers satisfies
On 6/25/2018 9:37 AM, Elias M. Mariani wrote:
Does anybody knows what is needed to allow php to retrieve files while
under httpd chrooted ?
I recall the need of /etc/resolv.conf on the jail but that didn't work.
See /usr/local/share/doc/pkg-readmes/php-*
On 6/25/2018 9:37 AM, Elias M. Mariani wrote:
Does anybody knows what is needed to allow php to retrieve files while
under httpd chrooted ?
I recall the need of /etc/resolv.conf on the jail but that didn't work.
Also: http://php.net/manual/en/install.unix.openbsd.php
Request as logged in access log:
nomina2.onomasticon.org 162.229.162.103 - scott [30/Jun/2018:10:20:47
-0700] "GET /hello/fred HTTP/1.1" 404 0
The index.php file is in the location specified:
$ ls -al /var/www/htdocs/lpn/src/public/
total 24
drwxr-xr-x 4 root daemon 512 Jun 21 13:13 .
drwx
On 7/2/2018 8:03 AM, John Long wrote:
On Mon, 2018-07-02 at 17:18 +0300, IL Ka wrote:
What's the appropriate way to let the browser
know it should open it in Acrobat
See "Content-Disposition" header.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Dis
position
It tells client
On 7/2/2018 8:05 AM, John Long wrote:
What userid does httpd run under?
I have some kind of permission problem, httpd can't serve some of the
content.
ps aux|grep httpd
In /etc/mail/aliases, there is the following note:
# >>The program "newaliases" must be run after
# >> NOTE >> this file is updated for any changes to
# >>show through to smtpd.
Yet the man page for newaliases(8) says:
Note: this utility is
On 7/16/2018 3:01 AM, Benjamin Baier wrote:
On Sun, 15 Jul 2018 19:54:12 -0700
Joshua Taylor Eppinette wrote:
On Sun, Jul 15, 2018 at 05:59:58PM -0700, Scott Vanderbilt wrote:
In /etc/mail/aliases, there is the following note:
# >>>>>>>>>>The pr
On 7/16/2018 8:32 AM, Todd C. Miller wrote:
On Sun, 15 Jul 2018 17:59:58 -0700, Scott Vanderbilt wrote:
In /etc/mail/aliases, there is the following note:
# >>>>>>>>>>The program "newaliases" must be run after
# >> NO
On 7/16/2018 9:15 AM, Todd C. Miller wrote:
On Mon, 16 Jul 2018 09:11:50 -0700, Scott Vanderbilt wrote:
BTW, newaliases seg faults for me with latest couple of snapshots
(amd64). No message other than "segmentation fault". Just submitted a PR
with sendbug.
Already fixed in -
On 08/05, Jordan Geoghegan wrote:
Hi everyone,
I thought I would share a couple scripts I wrote to block ads and bad
hosts. I have found them to increase web-browsing speed and reduce
battery consumption, especially on mobile devices. They also help
reduce pop ups and fake sites, especially o
processing altogether.
Thanks
Scott
1 - 100 of 542 matches
Mail list logo
