Re: OpenBSd 5.9 dup-to

You have it setup in bridge mode? Thanks On Mon, May 8, 2017 at 9:01 PM Edgar Pettijohn wrote: > > > On 05/08/17 17:55, Monah Baki wrote: > > Hi all, > > > > I am running OpenBSD 5.9 on a Net4801 Soekris. It's acting as my gateway > > and all my internal machines on

Re: OpenBSd 5.9 dup-to

On 05/08/17 17:55, Monah Baki wrote: Hi all, I am running OpenBSD 5.9 on a Net4801 Soekris. It's acting as my gateway and all my internal machines on the 10.0.0.x network are able to get to the internet. My ifconfig # ifconfig lo0: flags=8049 mtu 32768

Re: syspatch61-005: Unable to access bsd.sp

On Tue, May 9, 2017 at 2:40 AM, Michael Hendricks wrote: > I installed 6.1 on a new machine. A few days ago, I installed syspatches > 1-4 without trouble. Today while applying patch 5, I got an error because > /bsd.sp was absent. If I "cp /bsd /bsd.sp" the patch applies

syspatch61-005: Unable to access bsd.sp

I installed 6.1 on a new machine. A few days ago, I installed syspatches 1-4 without trouble. Today while applying patch 5, I got an error because /bsd.sp was absent. If I "cp /bsd /bsd.sp" the patch applies fine. Anyway, sometime after applying patch 4, I realized that I'd been running an SP

Re: iked, AES-GCM and certificates

An ip from the range will be assigned to the connecting client. I've had issues in previous releases with multiple clients getting the same ip though. 10.1.2.4 can be in that range, it doesn't need to be though. The ip or whatever you put there should be the CERT_CN. I like to make sure it'll

OpenBSd 5.9 dup-to

Hi all, I am running OpenBSD 5.9 on a Net4801 Soekris. It's acting as my gateway and all my internal machines on the 10.0.0.x network are able to get to the internet. My ifconfig # ifconfig lo0: flags=8049 mtu 32768 priority: 0 groups: lo

Re: OT: Recommendations for a CMS?

erpnext.com is the most featurefull free erp I have found, including cms. may take a little work to port to OpenBSD and unfortunately uses nodejs which may violate the w^x.

Re: /usr/sbin/httpd and chunked transfer encoding

On Mon, May 8, 2017 5:22 pm, r...@tamos.net wrote: > On Mon, 08 May 2017 18:45 +0800, johnw wrote: >> Both tried and not work. > > Yeah, you might be waiting for a while. According to the following, > both projects have this as an open issue but haven't been able to commit > resources to it. In

Re: /usr/sbin/httpd and chunked transfer encoding

On Mon, 08 May 2017 18:45 +0800, johnw wrote: > Both tried and not work. Yeah, you might be waiting for a while. According to the following, both projects have this as an open issue but haven't been able to commit resources to it. In the former case, the issue has been deferred from one release

Re: relayd: incomplete response from a TLS-accelerated apache

Compiling relayd with -DDEBUG=3 and watching the output gave me nothing. No errors what so ever about out of buffers or something else. However, removing 'socket buffer 65536’ solved my problem. Br > 8 maj 2017 kl. 13:27 skrev Maxim Bourmistrov : > > Hey, > I

Re: Openbsd on raspberry pi 1

Alright thnks On May 7, 2017 11:36:19 PM GMT+02:00, Stuart Henderson wrote: >On 2017-05-07, flipchan wrote: >> >> Hey does anyone know about the porting of openbsd on raspberry pi >1/if >> anyone got it working on raspberry pi 1 ? All I can find info

Re: IPsec and certificates

On 2017-05-07 18:04, Paul Suh wrote: Have you tried using the DNS names in your ipsec.conf, and in the filenames in the /etc/isakmpd/certs directory? Generally, certificates are applied against the DNS name for servers, rather than the IP address. Maybe a bug in isakmpd or one of the other hosts

Re: bgp-spamd question

On 05/08/17 15:12, Markus Rosjat wrote: Am 08.05.2017 um 15:02 schrieb Kim Zeitler: Did you allow BGP on your firewall? I was not aware there need to be special rules for bgp I meant your outer-bound firewall, that you pass towards the internet. Depending on your network setup you need

BGPD (OpenBSD 6.1) not recognising new peer

Hi, I have an odd situation ! I am seeking to add a new peer to my config, my process has been as follows : 1) ifconfig the peer 2) Check I can ping the peer (and the peer confirms they can ping me) 3) Add peer to BGPD (and allow them in on PF) bgpctl reload, and the world looks good. Peer

Re: bgp-spamd question

On 05/08/17 14:42, Markus Rosjat wrote: Am 08.05.2017 um 14:37 schrieb Kim Zeitler: Could you check bgpctl s are there any messages received? You can also check bgpctl s neigh | grep state This should give you least 2 connections claiming to be established regards Cheers Kim I

Re: bgp-spamd question

On 05/08/17 14:13, Markus Rosjat wrote: Am 08.05.2017 um 13:58 schrieb Kim Zeitler: On 05/08/17 09:59, Markus Rosjat wrote: match from group "spam-bgp" community $spamASN:666 set pftable "bgp_spamd" Try to remove this line from your /etc/bgpd.conf, it is not in the example on

Re: /usr/sbin/httpd and chunked transfer encoding

Both tried and not work. On 2017年5月8日 GMT+08:00下午4時57分56秒, Francois Stephany wrote: >Hi, > >I don't know the politics behind ownCloud/nextcloud but it seems that >there >are two apps: > >- https://github.com/owncloud/android >- https://github.com/nextcloud/android > >Maybe

Re: bgp-spamd question

On 05/08/17 09:59, Markus Rosjat wrote: match from group "spam-bgp" community $spamASN:666 set pftable "bgp_spamd" Try to remove this line from your /etc/bgpd.conf, it is not in the example on http://bgp-spamd.net Checked it gainst my working setup and it is missing there too. -- Kim Zeitler

Re: list all system users, eg. _x11

and...@msu.edu (STeve Andre'), 2017.05.06 (Sat) 20:37 (CEST): > On 05/06/17 14:27, Luke Small wrote: > > Is there a way to determine all users on a system that the users command > > doesn't seem to show? like _x11 and _ntpd users(1) - list current users I'd try ps(1) and get all active users

relayd: incomplete response from a TLS-accelerated apache

Hey, I investigate a problem were TLS-asselerated machine response is incomplete. I was able to reproduce this on OpenBSD 5.9, 6.0 and 6.1. Test on 5.8 is about to be. Following env I have: relay1: relayd machine web1: apache 2.2.31 serving the request client1: requester relay1 is configured

Re: OT: Recommendations for a CMS?

On Mon, May 08, 2017 at 11:33:52AM +1200, Wiremu Demchick wrote: > > I should mention that Drupal has a not-very-nice security track > record. A particularly good example: > https://www.drupal.org/SA-CORE-2014-005 This is maybe the only big security problem I've seen while working with

Re: bgp-spamd question

On 05/08/17 12:26, Markus Rosjat wrote: Hi, I have something like bgp-spamd:\ :black:\ :msg="Your address %A has sent mail to a spamtrap\n\ within the last 24 hours":\ :method=file:\ :file=/var/mail/spamd.black: in /etc/mail/spamd.conf and a

Re: bgp-spamd question

Hi, I have something like bgp-spamd:\ :black:\ :msg="Your address %A has sent mail to a spamtrap\n\ within the last 24 hours":\ :method=file:\ :file=/var/mail/spamd.black: in /etc/mail/spamd.conf and a cron job /bin/sh

Re: bgp-spamd question

Quoting Markus Rosjat : Hi there, I followed the example on http://bgp-spamd.net/client/bgpd.html an tried to setup bgpd. the daemon started without problem but when I try to fetch IPs it doesnt seem to work for me. $ doas bgpctl show rib community 65066:666 flags: * =

newsyslog: timestamp (date) instead of 0, 1, 2, ... in new log file name

Hi, recently i have discovered the new -Z flag for syslogd. That's great, i always wanted to be able to easily sort the log framents chronologically. What i am asking is a different, but related topic. I'd like to rotate the logs daily, and have a static timestamp (MMDD) in the log filename,

Re: /usr/sbin/httpd and chunked transfer encoding

Hi, I don't know the politics behind ownCloud/nextcloud but it seems that there are two apps: - https://github.com/owncloud/android - https://github.com/nextcloud/android Maybe the nextcloud one fixed the bug? On Mon, May 8, 2017 at 8:10 AM, johnw wrote: > On

bgp-spamd question

Hi there, I followed the example on http://bgp-spamd.net/client/bgpd.html an tried to setup bgpd. the daemon started without problem but when I try to fetch IPs it doesnt seem to work for me. $ doas bgpctl show rib community 65066:666 flags: * = Valid, > = Selected, I = via IBGP, A =

Re: /usr/sbin/httpd and chunked transfer encoding

On 05/08/2017 01:32 PM, Reyk Floeter wrote: > Hi, > > you cannot disable it and this Android client is broken. > > "A recipient MUST be able to parse and decode the chunked > transfer coding." > > https://tools.ietf.org/html/rfc7230#section-4.1 > > Reyk > Agreed, this Android client is broken, but