Hi again,
I follow with my own fight with PF. ( sorry to send other mail, but i can't
really fix this ).
If I reduce pf.conf to the following rules:
block in all
pass in on $int_if proto {tcp,udp] from any to any port 22 keep state
I can connect to ssh, but it takes at least on minute to ask me
On Fri, May 04, 2007 at 01:26:58PM +0900, LinuxUser wrote:
Hi ,all .my name is tuyosi , a japanese .
there are little infomation about spamd .
so i barely run spamd in my own fashion .
but i donot see whethe my way is good or not , so i make quetions.
my doing is next ,
1)in
On Thu, May 03, 2007 at 09:00:56PM -0500, Default User wrote:
According to http://openbsd.org/i386.html#hardware the Netgear WG511v2
Wireless PC card should work, using the malo driver:
Marvell Libertas IEEE 802.11b/g CardBus adapters (malo), including: (G)
Netgear WG511v2
But on a laptop
Hi all,
I have a very strange problem. I am using an OpenBSD 4.1 with isakmpd config
(isakmpd.conf and isakmpd.policy) to establish vpn connections for my
roadwarriors clients.
When two roadwarriors clients that use the same public ip, only one client can
connect, the other no.
Hi,
I got a weird behavior with my net4801 and vpn1411 card when using
OpenBSD. Tried this with 4.0, 4.0-current and now 4.1-stable.
With the GENERIC kernel I get Corrupted MAC on input after a short
time during an SSH connection.
Since I had to modify the kernel options slighty to get my APC
On Fri, May 04, 2007 at 08:00:06AM +0200, Tang Tse wrote:
Hi again,
I follow with my own fight with PF. ( sorry to send other mail, but i can't
really fix this ).
If I reduce pf.conf to the following rules:
block in all
pass in on $int_if proto {tcp,udp] from any to any port 22 keep
AFAIK ugen0 denotes a USB device for which no driver exists. Therefore
it is possible that your USV is not configured at all?
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of
Michael
Sent: 04 May 2007 09:48 AM
snip
Since a custom kernel is not needed
I'm curious if the flag bits, shown for each interface with ifconfig(8),
can be decoded in order to reveal the characteristics of NICs, such as
hardware RX/TX checksums and VLAN.
So far I have searched:
netintro(4)
ifmedia(4)
inet(4)
sys/net/if.c
sys/dev/pci/if_em.c
But haven't found
hi,
Seems that no one is man enough here: Running in a MS Virtual PC 2004 :)
OpenBSD 4.1 (GENERIC) #1435: Sat Mar 10 19:07:45 MST 2007
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Mobile Intel(R) Pentium(R) 4 - M CPU 2.50GHz (GenuineIntel
686-class) 1.26 GHz
cpu0:
On 2007/05/04 12:00, [EMAIL PROTECTED] wrote:
AFAIK ugen0 denotes a USB device for which no driver exists.
correct, and that's what you want here; apcupsd and NUT talk
to USB devices using libusb, so you don't want a kernel driver
to attach to them.
On Thu, 03 May 2007 23:18:38 -0700, Clint Pachl [EMAIL PROTECTED] wrote:
Axton wrote:
On 5/2/07, Matiss Miglans [EMAIL PROTECTED] wrote:
Hi
Scenario 1 will be right.
Don't mix there normal ethernet with vlan's.
Jonathan Whiteman wrote:
Lets say I'm setting up vlan devices so that 4
On Fri, May 04, 2007 at 03:27:53AM -0700, Clint Pachl wrote:
I'm curious if the flag bits, shown for each interface with ifconfig(8),
can be decoded in order to reveal the characteristics of NICs, such as
hardware RX/TX checksums and VLAN.
they are already decoded in the string, nothing is
I see.
Thanks
-Original Message-
From: Stuart Henderson [mailto:[EMAIL PROTECTED]
Sent: 04 May 2007 12:46 PM
To: Marius Van Deventer - Umzimkulu
Cc: misc@openbsd.org
Subject: Re: Soekris + vpn1411: Corrupted MAC on input
On 2007/05/04 12:00, [EMAIL PROTECTED] wrote:
AFAIK ugen0
Hi,
Stuart Henderson schrieb:
On 2007/05/04 12:00, [EMAIL PROTECTED] wrote:
AFAIK ugen0 denotes a USB device for which no driver exists.
correct, and that's what you want here; apcupsd and NUT talk
to USB devices using libusb, so you don't want a kernel driver
to attach to them.
I think
Tang Tse wrote:
Thanks all of you.
I have an internal DNS server ( a vmware machine on my desktop computer
) so name resolution shoudn't be a problem, isn't it?
When you say allow dns lookups, you mean to open dns port?
Thanks!!
Tang
2007/5/4, Fred Crowson [EMAIL PROTECTED] mailto:[EMAIL
quick question: My newly build 4.1-stable on i386 says in dmesg:
OpenBSD 4.1 (GENERIC) #0: Thu May 3 14:29:53 CEST 2007
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
I was expected to see a 4.1-stable (just because I've seen it before
with 3.x and 4.0). I double checked building
On Fri, May 04, 2007 at 01:15:20PM +0200, Stephan A. Rickauer wrote:
quick question: My newly build 4.1-stable on i386 says in dmesg:
OpenBSD 4.1 (GENERIC) #0: Thu May 3 14:29:53 CEST 2007
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
I was expected to see a 4.1-stable
Stephan A. Rickauer wrote:
quick question: My newly build 4.1-stable on i386 says in dmesg:
OpenBSD 4.1 (GENERIC) #0: Thu May 3 14:29:53 CEST 2007
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
The fix was recently committed,
Changes by: [EMAIL PROTECTED] 2007/05/03
On Fri, 4 May 2007 13:30:06 +0200
Reyk Floeter [EMAIL PROTECTED] wrote:
On Fri, May 04, 2007 at 01:15:20PM +0200, Stephan A. Rickauer wrote:
quick question: My newly build 4.1-stable on i386 says in dmesg:
OpenBSD 4.1 (GENERIC) #0: Thu May 3 14:29:53 CEST 2007
[EMAIL
On Fri, May 04, 2007 at 01:15:20PM +0200, Stephan A. Rickauer wrote:
| quick question: My newly build 4.1-stable on i386 says in dmesg:
|
| OpenBSD 4.1 (GENERIC) #0: Thu May 3 14:29:53 CEST 2007
| [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
|
| I was expected to see a 4.1-stable
Hi there,
On 5/3/07, djgoku [EMAIL PROTECTED] wrote:
http://www.openbsd.org/4.1_packages/
Gets a 404 error.
I Agree - Noticed this the oyther day.
--
Best Regards
Edd
Jason Dixon wrote:
On Thu, 03 May 2007 23:18:38 -0700, Clint Pachl [EMAIL PROTECTED] wrote:
Axton wrote:
On 5/2/07, Matiss Miglans [EMAIL PROTECTED] wrote:
Hi
Scenario 1 will be right.
Don't mix there normal ethernet with vlan's.
Jonathan Whiteman wrote:
Lets say I'm
* Chad M Stewart [EMAIL PROTECTED] [2007-04-25 19:31]:
On Apr 25, 2007, at 11:05 AM, Allen Theobald wrote:
pass in inet proto icmp all icmp-type $icmp_types keep state
This can be used as a covert communication channel. Allowing
internal IPs to send/receive ping is bad.
that is the
Tang Tse wrote:
Thanks for the answear,
Is it secure to open DNS ports to outside world? Or you mean to open open
outgoing DNS conections? If i want to redirect incomming ssh connections
from internet to some inside server, should i open DNS incoming?
Thanks!!
Not necessarily - but how
On Fri, 04 May 2007 06:10:46 -0700, Clint Pachl [EMAIL PROTECTED] wrote:
Jason Dixon wrote:
On Thu, 03 May 2007 23:18:38 -0700, Clint Pachl [EMAIL PROTECTED]
wrote:
Axton wrote:
On 5/2/07, Matiss Miglans [EMAIL PROTECTED] wrote:
Hi
Scenario 1 will be right.
Don't mix there normal
On 5/4/07, Henning Brauer [EMAIL PROTECTED] wrote:
* Chad M Stewart [EMAIL PROTECTED] [2007-04-25 19:31]:
On Apr 25, 2007, at 11:05 AM, Allen Theobald wrote:
pass in inet proto icmp all icmp-type $icmp_types keep state
This can be used as a covert communication channel. Allowing
internal
At 12:38 PM 5/2/07, bubka20 wrote:
no, sorry, I'm meant base40.tgz, etc40tgz, etc. My problem though is with
step#6. I'm probably not creating the cd properly ( my cd contains files:
base40, bsd, bsd.mp, bsd.rp, comp40, etc40, game40, man40, misc40, xbase40,
xetc40, xfont40, xserve40,
I have never tried that actually. Whenever I get to it I'll let you
know.
On Thu, May 03, 2007 at 06:47:30AM -0400, Daniel Ouellet wrote:
Marco Peereboom wrote:
I am running an X4100 with -current and I see no issues at all.
If I may ask, how the Sun Integrated Lights Out Manager (ILOM) on
* Open Phugu [EMAIL PROTECTED] [2007-05-04 15:36]:
On 5/4/07, Henning Brauer [EMAIL PROTECTED] wrote:
* Chad M Stewart [EMAIL PROTECTED] [2007-04-25 19:31]:
On Apr 25, 2007, at 11:05 AM, Allen Theobald wrote:
pass in inet proto icmp all icmp-type $icmp_types keep state
This can be used
On Fri, 2007-05-04 at 07:26 -0600, Open Phugu wrote:
if you deny icmp, you shall burn in hell
You may burn in hell, but ICMP can be used to infiltrate and exfiltrate data:
http://www.cs.uit.no/~daniels/PingTunnel/
This looks like it's pretty trivially defeated; bzero()'ing the data
On Friday 04 May 2007 15:42:58 Henning Brauer wrote:
so can underwear, so let us require everybody to work naked
Actually, depending who you work with, this can be a good thing...
--
Antoine
On Fri, May 04, 2007 at 07:26:32AM -0600, Open Phugu wrote:
On 5/4/07, Henning Brauer [EMAIL PROTECTED] wrote:
* Chad M Stewart [EMAIL PROTECTED] [2007-04-25 19:31]:
On Apr 25, 2007, at 11:05 AM, Allen Theobald wrote:
pass in inet proto icmp all icmp-type $icmp_types keep state
This can
Michael [EMAIL PROTECTED] wrote:
With the GENERIC 4.0 / 4.1 kernel I get the message Corrupted MAC on
input during a SSH connection and the connection closes. This is with
the Soekris net4801 which got a vpn1411 card.
This is a known problem frequently reported on the soekris-technical
Did some hours of debugging and found something really weird. On my host and virtual machines this uuid.bios will cause error
when fetching a large file from the network:
uuid.bios = 56 4d 02 e3 a3 f3 69 22-f8 8e 8d 41 78 07 b9 ae
ethernet0.generatedAddress = 00:0c:29:07:b9:ae
and this
Speaking of this, when will the OpenBSD project begin to post SHA256
hashes
to the ftp sites. MD5 is dead: these two files are different and yet
have the same
MD5 hash.
http://www.cits.rub.de/imperia/md/content/magnus/letter_of_rec.ps
I've lost the CHS for an IBM Thinkpad 390i, 4.1 GB.
Could anyone, please, post or send privately the
corresponding numbers?
Harddrive detection = auto doesn't work anymore,
and a boot floppy doesn't find the harddrive/ primary
partition (FAT16, 2 GB) anymore.
Thanks in advance.
Alf.
On Fri, May 04, 2007 at 10:34:33AM -0400, John Fiore wrote:
| Speaking of this, when will the OpenBSD project begin to post SHA256
| hashes
| to the ftp sites. MD5 is dead: these two files are different and yet
| have the same
| MD5 hash.
|
err. Maybe it's me but to answer his original question - it's more
than likely a DNS lookup issue.
Have a look in /etc/ssh/sshd_config and add in:
UseDNS no
restart the sshd daemon with a kill -HUP command and you should have
no problems.
Alternatively, you could fix your dns lookup
On 2007/05/04 17:03, Paul de Weerd wrote:
Dont forget that they should also be valid gzip'ed tar archives
that makes things *significantly* easier:
valid gzip + random crap = valid gzip
Bret Lambert([EMAIL PROTECTED]) on 2007.05.04 09:47:43 +:
This looks like it's pretty trivially defeated; bzero()'ing the data
portion of the ICMP echo request/response removes the piggybacked data
channel.
Then I'll encode my data with the morse over ping protocol.
If a user can send any
I have the OpenBSD 4.0 ping and it wrote this:
64 bytes from 192.168.2.215: icmp_seq=3029 ttl=64 time=6.057 ms
64 bytes from 192.168.2.215: icmp_seq=3035 ttl=64 time=44.108 ms
64 bytes from 192.168.2.215: icmp_seq=3036 ttl=64 time=-994831.-515 ms
Hi folks,
Old P-II 350 box
IWill motherboard support - ATA-33 HD
Hot Rod ABit ATA-66 PCI Controller
Maxtor HD - ATA-100 10G connected to above Controller
OpenBSD 4.1 CD installer - burned with CD41.iso
During installation it prompted No disks found.
Previously on Windows I did this trick,
carlopmart wrote:
Hi all,
I have a very strange problem. I am using an OpenBSD 4.1 with isakmpd
config (isakmpd.conf and isakmpd.policy) to establish vpn connections
for my roadwarriors clients.
When two roadwarriors clients that use the same public ip, only one
client can connect, the
On Tue, May 01, 2007 at 08:44:45AM +0200, Markus Hennecke wrote:
On Tue, 1 May 2007, Bob wrote:
I tried to look this up with google, but didn't find any sensible answers.
I.e. I'm building a gigabit network at home, and I now have an 100Base-TX
network here. I would like to add a gigabit
On Fri, 2007-05-04 at 09:47 -0400, Bret Lambert wrote:
On Fri, 2007-05-04 at 07:26 -0600, Open Phugu wrote:
if you deny icmp, you shall burn in hell
You may burn in hell, but ICMP can be used to infiltrate and exfiltrate
data:
http://www.cs.uit.no/~daniels/PingTunnel/
This looks like
I received the congratulations message that openbsd was installed. Upon
rebooting I see openbsd/i386 (puffy) (tty0) and I am prompted for login: and
password: How do I find out my login and password? ... thanks
--
View this message in context:
Matthias Bertschy wrote:
carlopmart wrote:
Hi all,
I have a very strange problem. I am using an OpenBSD 4.1 with isakmpd
config (isakmpd.conf and isakmpd.policy) to establish vpn connections
for my roadwarriors clients.
When two roadwarriors clients that use the same public ip, only one
At 09:49 AM 5/4/2007 -0700, bubka20 wrote:
I received the congratulations message that openbsd was installed. Upon
rebooting I see openbsd/i386 (puffy) (tty0) and I am prompted for login: and
password: How do I find out my login and password? ... thanks
What root password did you enter
Hello.
You should definitively read the official documentation, specially the
FAQ. And learn a little bit how does work a Unix system.
On http://www.openbsd.org/faq/faq4.html#Network the last paragraph says
that right after the network configuration a password is needed for the
root account. In
On Fri, 4 May 2007, Karel Kulhavy wrote:
I have the OpenBSD 4.0 ping and it wrote this:
64 bytes from 192.168.2.215: icmp_seq=3029 ttl=64 time=6.057 ms
64 bytes from 192.168.2.215: icmp_seq=3035 ttl=64 time=44.108 ms
64 bytes from 192.168.2.215: icmp_seq=3036 ttl=64 time=-994831.-515 ms
Hello
I connected a 10Mbps free space optics link to a 10Mbps hub to which OpenBSD
4.0 machine (Dell Inspiron 510m) was connected. The link had probably bad
signal because on the Dell directly (i. e. in the NIC) I could receive the RTP
that was transmitted through the link, but another device
Does this indicate I have a bad drive? Or, does it
just need fsck run on it? I just installed openbsd 4.0
on this box a few days ago. It rebuilt the file systems
from scratch. Do I need to redo everything?
Or, do I need to start looking at hardware problems with
the drive or the
On Fri, 04 May 2007 12:11:09 -0500, L. V. Lammert wrote:
At 09:49 AM 5/4/2007 -0700, bubka20 wrote:
I received the congratulations message that openbsd was installed. Upon
rebooting I see openbsd/i386 (puffy) (tty0) and I am prompted for login: and
password: How do I find out my login
During audit of upgrade from 4.0 to 4.1, I notice that a couple of files
that were in etc40.tgz have been removed from etc41.tgz
/.profile
/.cshrc
Does this mean we should all delete these files from our systems? If yes,
should this be mentioned in upgrade41.html?
On 5/4/07, Karel Kulhavy [EMAIL PROTECTED] wrote:
Hello
I connected a 10Mbps free space optics link to a 10Mbps hub to which OpenBSD
4.0 machine (Dell Inspiron 510m) was connected. The link had probably bad
signal because on the Dell directly (i. e. in the NIC) I could receive the RTP
that was
On 5/4/07, John Fiore [EMAIL PROTECTED] wrote:
Speaking of this, when will the OpenBSD project begin to post SHA256
hashes
to the ftp sites. MD5 is dead: these two files are different and yet
have the same
MD5 hash.
http://www.cits.rub.de/imperia/md/content/magnus/letter_of_rec.ps
On Fri, 4 May 2007, Karel Kulhavy wrote:
I have the OpenBSD 4.0 ping and it wrote this:
64 bytes from 192.168.2.215: icmp_seq=3029 ttl=64 time=6.057 ms
64 bytes from 192.168.2.215: icmp_seq=3035 ttl=64 time=44.108 ms
64 bytes from 192.168.2.215: icmp_seq=3036 ttl=64 time=-994831.-515 ms
By the way guys, this is the diagram that I want to implement:
PF/Firewall/NAT
|-|
isp1|xl0|
| rl0
You'll learn more, better and faster reading very good on-line documentation,
get look at www.openbsd.org.
Something tells me that you are trying to install and use openbsd without learn
first how to do it, it's like to try to build a small jet and then try to fly
without gasoline,
that's no so
Marco Peereboom wrote:
I have never tried that actually. Whenever I get to it I'll let you
know.
That would be great if possible. The sale on these baby from Sun end on
May 7 and I got use to love the LOM so much that I try to only get Sun
because of it. Moving bsd.rd from the new release
Great. Could you please show me the link to files that have the same
length
and MD5 as those in the 4.1 release?
That means nothing. If the OpenBSD project used a CRC16 to verify
integrity,
your argument would still hold.
I wasn't aware that I made an argument. I simply asked a
On Friday 04 May 2007 13:46:12 Open Phugu wrote:
On 5/4/07, John Fiore [EMAIL PROTECTED] wrote:
Speaking of this, when will the OpenBSD project begin to post SHA256
hashes
to the ftp sites. MD5 is dead: these two files are different and yet
have the same
MD5 hash.
thanks for the help everyone ...
bubka20 wrote:
I received the congratulations message that openbsd was installed. Upon
rebooting I see openbsd/i386 (puffy) (tty0) and I am prompted for login:
and password: How do I find out my login and password? ... thanks
--
View this
Index: usr.bin/calendar/calendars/calendar.music
===
RCS file: /cvs/src/usr.bin/calendar/calendars/calendar.music,v
retrieving revision 1.20
diff -u -r1.20 calendar.music
--- usr.bin/calendar/calendars/calendar.music 27 Jun 2006
Hello list,
I'm subscribed to the digest, so I don't reply unless I see a posting
in the next day. I would reply to privmsgs though.
I'm trying to setup a OpenBSD box to provide user logins domain
membership with samba 3.0.24-main (via packages). I configure it like
I have configured samba in
kintaro oe wrote:
By the way guys, this is the diagram that I want to implement:
PF/Firewall/NAT
|-|
isp1|xl0|
|
At 02:09 PM 5/4/07, Matthias Kilian wrote:
On Fri, May 04, 2007 at 12:57:14PM -0400, Frank Bax wrote:
During audit of upgrade from 4.0 to 4.1, I notice that a couple of files
that were in etc40.tgz have been removed from etc41.tgz
/.profile
/.cshrc
huh?
$ tar tfz etc41.tgz|sed
I have a soekris 4801 that I am trying to reinstall. It boots an older
-current just fine, but I need to replace the drive as well. When I
pxeboot 4.1-release, or the latest snapshot, I get the same error.
Dmesg (via script) included.
POST: 0123456789bcefghipajklnoq,,,tvwxy
comBIOS ver.
On 5/4/07, John Fiore [EMAIL PROTECTED] wrote:
Your point is taken, however, can you illustrate the threat against which
the stronger hash is to protect? If the threat is that someone will
redirect you to a fake openbsd.org (through DNS cache poisoning, etc.), the
stronger hash offers no
Hi,
I have googled with no success, read all the relevant man pages I could
also with no success.
I have an OpenBSD 4.1 box configured as a bridge. It is working 100%.
I have a few monitoring programs (pmacct) feeding to some analysis
tools ( flox, pnrg ). It's also running symon,
Hi All,
I'm setting up a firewall/PF/NAT box for a company. we subscribe 2 E1's for our
internet for redundancy. So basically what I want is to do load balance this 2
E1 internet and will be also become redundancy if one isp will go down. I read
up in google and I see a syntax about
Hello,
In order to have my laptop (Dell Inspiron 4100) not powerdown
immediately on pressing the power button, I recompiled the kernel with
ACPI_ENABLE. However, it does not shutdown the box, but rather makes the
button inactive (although it seems to locate it, according to the
dmesg).
Since
Hi,
I saw this part on the Interview on onlamp.com:
http://www.onlamp.com/pub/a/bsd/2007/05/03/openbsd-41-puffy-strikes-again.html
Do you plan to port OpenBSD to UltraSPARC T1 too?
Mark Kettenis: Eventually, yes. However since these machines have
multi-core CPUs we cannot fully support
Djgoku he say:
http://www.openbsd.org/4.1_packages/
Gets a 404 error.
http://www.openbsd.org/4.0_packages/
Works fine.
This appears to be normal procedure when a new release comes out. Give it a
few days, and it'll be fine. (He says, confidently.)
Steve
http://www.fivetrees.com
Ok, so I'm hoping the answer to this question will complete my basic
understanding of vlan setups. I have a system with the following
network device configurations:
-
hostname.dc0: up
hostname.vlan0: inet 172.17.1.1
Jonathan Whiteman wrote:
Ok, so I'm hoping the answer to this question will complete my basic
understanding of vlan setups. I have a system with the following
network device configurations:
-
hostname.dc0: up
hostname.vlan0:
On Thu, 2007-05-03 at 23:52 -0400, Jean Raby wrote:
On 5/3/07, Default User [EMAIL PROTECTED] wrote:
According to http://openbsd.org/i386.html#hardware the Netgear WG511v2
Wireless PC card should work, using the malo driver:
Marvell Libertas IEEE 802.11b/g CardBus adapters (malo),
Raimo Niskanen wrote:
Sorry, I can't make it work. For a DL140 G3 (or rather now a DL145 G3).
I remember seing something like that on a DL380, though.
telnet machine gives a weird prompt /./ that has no help and only
responds with command errors. There is also a HTTP server running
at the
On 5/4/07, Steve Williams [EMAIL PROTECTED] wrote:
I now would like to throw squid into the mix acting as a transparent
proxy. I have the squid-transparent port installed. If I change the
...
I have tried everything I can think of to get this to work in bridge
mode to no avail.
I have
Mark Pecaut wrote:
On 5/4/07, Steve Williams [EMAIL PROTECTED] wrote:
I now would like to throw squid into the mix acting as a transparent
proxy. I have the squid-transparent port installed. If I change the
...
I have tried everything I can think of to get this to work in bridge
mode to no
satimis wrote:
Hi folks,
Old P-II 350 box
IWill motherboard support - ATA-33 HD
Hot Rod ABit ATA-66 PCI Controller
Maxtor HD - ATA-100 10G connected to above Controller
OpenBSD 4.1 CD installer - burned with CD41.iso
with a dmesg, we would have known all that.
AND, we might have
81 matches
Mail list logo