On Sat, Nov 21, 2009 at 11:32 PM, AG wrote:
> Felipe Alfaro Solana wrote:
> > On Sat, Nov 21, 2009 at 8:29 PM, Doug Milam
> wrote:
> >
> >
> >> Will OpenBSD be the next to be 'helped'?
> >>
> >>
> http://www.npr.org/blogs/thetwo-wa
On Sat, Nov 21, 2009 at 8:29 PM, Doug Milam wrote:
> Will OpenBSD be the next to be 'helped'?
>
> http://www.npr.org/blogs/thetwo-way/2009/11/nsa_microsoft_windows_7.html
>
> NSA also helped Linux with SElinux. As long as OpenBSD remains open source,
I don't see the problem.
On Sat, Nov 21, 2009 at 12:06 AM, Mauro Rezzonico wrote:
> Darrin Chandler wrote:
>
>> If you're doing RAID for redundancy/safety then there are some things to
>> consider:
>>
>
> No. I am considering Raid, RAID1, in this case, mainly for *UPTIME*...
>
> * with RAID, you should still do backups
On Fri, Nov 20, 2009 at 9:19 AM, patrick keshishian wrote:
> On Thu, Nov 19, 2009 at 11:40 PM, Felipe Alfaro Solana
> wrote:
> > On Fri, Nov 20, 2009 at 12:43 AM, Obiozor Okeke >wrote:
> >
> >> From Network World:
> >>
> >> NSA helped with
On Fri, Nov 20, 2009 at 12:43 AM, Obiozor Okeke wrote:
> From Network World:
>
> NSA helped with Windows 7 development
> Privacy expert voices 'backdoor' concerns, security researchers dismiss
> idea
> By Gregg Keizer , Computerworld , 11/18/2009
>
Why would NSA need backdoors when they have a fr
On Mon, Nov 16, 2009 at 12:50 AM, phil wrote:
> Hi All
>
> I know that is a stupid question but where can I find a doc about pf and
> 4.6 ?
>
http://www.openbsd.org/faq/pf/index.html ?
(I got that just by Googling)
On Fri, May 22, 2009 at 6:37 AM, Joel Wiramu Pauling
wrote:
> Just use USB to RS323 convert cables and have as many heads as you like off
> of dumb terminals. Or old laptops.
RS323? Is that a new "standard"? Or do you mean RS232? :)
On Mon, May 18, 2009 at 9:31 AM, ropers wrote:
> 2009/5/18 (private) HKS :
> >
> > intellectual property
>
> Hello oxymoron.
Another one: military intelligence :)
--
http://www.felipe-alfaro.org/blog/disclaimer/
On Sun, May 17, 2009 at 4:13 PM, Claudio Jeker wrote:
> On Sun, May 17, 2009 at 11:39:43AM +0200, Felipe Alfaro Solana wrote:
> > On Sun, May 17, 2009 at 9:57 AM, Claudio Jeker >wrote:
> >
> > > On Sun, May 17, 2009 at 01:13:29AM +0200, Felipe Alfaro Solana wrote:
>
On Sun, May 17, 2009 at 3:52 PM, Claudio Jeker wrote:
> On Sun, May 17, 2009 at 01:38:07PM +, Stuart Henderson wrote:
> > On 2009-05-17, Felipe Alfaro Solana wrote:
> > >
> > > The problem with incorrectly-sourced IP datagrams seems to be NAT:
> > >
>
On Sun, May 17, 2009 at 3:38 PM, Stuart Henderson wrote:
> On 2009-05-17, Felipe Alfaro Solana wrote:
> >
> > The problem with incorrectly-sourced IP datagrams seems to be NAT:
> >
> > nat on vr2 inet from 172.16.0.1/24 to any -> (vr2) round-robin
> >
> &g
On Sun, May 17, 2009 at 11:39 AM, Felipe Alfaro Solana <
felipe.alf...@gmail.com> wrote:
> On Sun, May 17, 2009 at 9:57 AM, Claudio Jeker
> wrote:
>
>> On Sun, May 17, 2009 at 01:13:29AM +0200, Felipe Alfaro Solana wrote:
>> > Hi misc,
>> > route add all
On Sun, May 17, 2009 at 9:57 AM, Claudio Jeker wrote:
> On Sun, May 17, 2009 at 01:13:29AM +0200, Felipe Alfaro Solana wrote:
> > Hi misc,
> > route add allows one to specify a directly-connected route reachable over
> an
> > interface, using the -interface switch. However
Hi misc,
route add allows one to specify a directly-connected route reachable over an
interface, using the -interface switch. However, I can't seem to figure out
if it's possible to specify just the interface name to the -interface
switch. According to the manual page, only an IP address is allowed
On Tue, May 12, 2009 at 9:31 PM, L. V. Lammert wrote:
> At 09:16 PM 5/12/2009 +0200, Felipe Alfaro Solana wrote:
>>
>> > If you want simple, install Webmin. Runs fine with sendmail, default
>> > install!
>>
>> I'm not that crazy to combine something th
On Tue, May 12, 2009 at 8:07 PM, L. V. Lammert wrote:
> On Tue, 12 May 2009, Felipe Alfaro Solana wrote:
>
>> On Tue, May 12, 2009 at 7:26 PM, bofh wrote:
>> I'm also looking for a very simple MTA that I can use at home and have
>> it configured to relay e-ma
On Tue, May 12, 2009 at 7:26 PM, bofh wrote:
> On Tue, May 12, 2009 at 5:35 AM, Henning Brauer
wrote:
>> * Dan [2009-05-11 22:24]:
>>> Henning Brauer(lists-open...@bsws.de)@2009.05.11 19:45:57 +0200:
>>> > but there is some rumor in usr.sbin/smtpd/ ...
>>>
>>> This new smtpd better be at least a
On Mon, May 11, 2009 at 7:45 PM, Henning Brauer wrote:
> * Felipe Alfaro Solana [2009-05-10 13:58]:
>> Hi misc,
>>
>> May I ask what's the reason behind having sendmail be the default MTA
>> in OpenBSD? Why not switching to something that is easier to configure
&
On Sun, May 10, 2009 at 2:02 PM, Jasper Valentijn
wrote:
> 2009/5/10 Felipe Alfaro Solana :
>> Hi misc,
>>
>> May I ask what's the reason behind having sendmail be the default MTA
>> in OpenBSD? Why not switching to something that is easier to configure
>&
Hi misc,
May I ask what's the reason behind having sendmail be the default MTA
in OpenBSD? Why not switching to something that is easier to configure
like Postfix or EXIM?
--
http://www.felipe-alfaro.org/blog/disclaimer/
On Fri, May 8, 2009 at 2:48 PM, Ian Turner wrote:
> On Fri, May 8, 2009 at 8:17 AM, Felipe Alfaro Solana
> wrote:
>> We could debate why OpenBSD is inherently more secure than Windows (in
>> fact we could debate why almost any operating system is inherently
>> more s
On Fri, May 8, 2009 at 12:34 PM, Chris Harries wrote:
> This is more of a grammar/wording question, but it does go on to the
> security of OS's in general.
>
>
>
> Was having a read of this;
>
> http://www.cbc.ca/technology/story/2009/04/15/ibotnet-trojan.html
>
>
>
> And the last comment made me
On Fri, May 8, 2009 at 12:00 AM, Felipe Alfaro Solana
wrote:
> On Thu, May 7, 2009 at 10:20 AM, Vadim Zhukov wrote:
>> On Thursday 07 May 2009 11:57:57 Felipe Alfaro Solana wrote:
>>> Hi misc,
>>>
>>> I've been reading dhclient(8) but still it is not clea
On Thu, May 7, 2009 at 10:20 AM, Vadim Zhukov wrote:
> On Thursday 07 May 2009 11:57:57 Felipe Alfaro Solana wrote:
>> Hi misc,
>>
>> I've been reading dhclient(8) but still it is not clear to me if
>> dhclient(8) is supposed to stay in the background to autom
On Thu, May 7, 2009 at 10:09 AM, Owain Ainsworth
wrote:
> On Thu, May 07, 2009 at 09:57:57AM +0200, Felipe Alfaro Solana wrote:
>> Hi misc,
>>
>> I've been reading dhclient(8) but still it is not clear to me if
>> dhclient(8) is supposed to stay in the background
Hi misc,
I've been reading dhclient(8) but still it is not clear to me if
dhclient(8) is supposed to stay in the background to automatically
renew leases. In the manual page it says:
-d Forces dhclient to always run as a foreground process. By de-
fault, dhclient runs in
On Wed, Apr 29, 2009 at 9:44 AM, Daniel Gracia Garallar
wrote:
> Nice!
>
> I must confess I have a strong bias towards english language when talking
> about programming, but as a spanish OpenBSD user I'll try to support the
> group as far as possible.
>
> !Mucha suerte en la singladura! ;)
QuizC!
On Tue, Apr 28, 2009 at 8:35 AM, Claudio Jeker wrote:
> Did you ever check the security record of snort? It is at least as bad as
> wireshark's but it is sitting in the middle of your network passing
> packets. I couldn't sleep with such a system in my core.
> It is also a lot easier to bypass un
On Tue, Apr 28, 2009 at 1:29 AM, Fred Crowson
wrote:
> On 4/27/09, Felipe Alfaro Solana wrote:
> > On Mon, Apr 27, 2009 at 8:11 PM, Ted Unangst
> wrote:
> >
> >> On Mon, Apr 27, 2009 at 10:25 AM, Felipe Alfaro Solana
> >> wrote:
> >> > Again, n
On Tue, Apr 28, 2009 at 1:16 AM, Robert wrote:
> On Mon, 27 Apr 2009 23:20:07 +0200
> Felipe Alfaro Solana wrote:
>
> > And again, I think you mean that running a bridge under OpenBSD is
> > perhaps not the fastest or brightest solution. And I trust you, But
> >
On Mon, Apr 27, 2009 at 8:11 PM, Ted Unangst wrote:
> On Mon, Apr 27, 2009 at 10:25 AM, Felipe Alfaro Solana
> wrote:
> > Again, not a single or valid technical argument on why a bridging
> firewall
> > is a bad idea. Just a moot and offensive responsive, and a very
>
On Mon, Apr 27, 2009 at 2:52 PM, Marcello Cruz wrote:
> Hey guys,
>
> There are some articles that may bring some light to the discussion:
> * http://en.wikipedia.org/wiki/Network_bridge (best bet)
> * http://en.wikipedia.org/wiki/Bridging_(networking)
> * http://en.wikipedia.org/wiki/Transparent_
On Mon, Apr 27, 2009 at 1:00 PM, Henning Brauer wrote:
> * Felipe Alfaro Solana [2009-04-27 11:56]:
> > For a two-interface router/firewall, most of the traffic that reaches is
> > will probably have to traverse it anyways, so I don't see how a
> > two-interface bridge
On Mon, Apr 27, 2009 at 5:10 AM, Daniel Ouellet wrote:
> patrick keshishian wrote:
>
>> On Sun, Apr 26, 2009 at 4:10 PM, bofh wrote:
>>
>>> It's called going off on a related tangent - whenever I hear people
>>> talking about using something because someone has published a paper
>>> and here's a
openbsd developers
> in this thread - not me, I'm in management now, no brain cells left)
> they're wrong because you have all these great URLs - if you want to
> listen to those people, then you should be using the OS they use too.
Still no arguments on why idiots use transparent firew
DMZ and NAT has to do with what we're discussing here.
Instead of calling people idiots you could provide a valid reasoning
supported by arguments.
>
>
> On 4/26/09, Felipe Alfaro Solana wrote:
> > On Sat, Apr 25, 2009 at 3:57 PM, Henning Brauer
> > wrote:
> >
>
On Sat, Apr 25, 2009 at 3:57 PM, Henning Brauer wrote:
> * openbsder [2009-04-24 12:19]:
> > Recently, it has been suggested that a transparent firewall
> implementation
> > is ideal where possible. But as far as I understand, transparency is only
> > available when the firewall acts as a bridge
On Fri, Apr 24, 2009 at 12:12 PM, openbsder wrote:
> I am currently interested in setting up a three-legged network topology,
> using OBSD+PF as the firewall appliance. Originally, I was going to simply
> have the firewall equipped with three network cards: one for DMZ, one for
> LAN, the other f
On Thu, Apr 23, 2009 at 12:05 PM, Imre Oolberg wrote:
> Hallo!
>
> I would like to confirm my understanding of how carp works and if the
> following holds generally true.
>
> After having on all participating nodes set to
>
> # sysctl -w net.inet.carp.preempt=0
AFAIK CARP preempt has meaning o
On Mon, Mar 9, 2009 at 4:56 PM, Henning Brauer wrote:
> * Guillermo Bernaldo de Quiros Maraver [2009-02-13
> 21:06]:
> > if you have a shared network between WINDOWS and OpenBSD i recommend
> > Samba if not, NFS
> >
> > NFS => Insecure
> > SAMBA => Have a problems, but, it's more secure
On Mon, Mar 9, 2009 at 1:11 PM, irix wrote:
> Hello Misc,
>
> How to protect your server from such attacks without the use of static arp
> entries?
> By freebsd 5.0 patch was written arp_antidote (
> http://freecap.ru/if_ether.c.patch),
> somebody could port it on openbsd?
>
> Also, in freebsd
On Mon, Mar 9, 2009 at 3:36 PM, irix wrote:
> Hello Misc,
>
> In www.openbsd.org wrote "Only two remote holes in the default
> install, in more than 10 years!", this not true. I using OpenBSD
> like customer, not like administrator. And my OpenBSD were attacked,
> by simple MiTM att
ut the web server, httpd, is chrooted ... so why would there be a
> problem here ?
There are ways to evade chroots, although I'm not sure how feasible they are
for OpenBSD.
> Le samedi 28 fC)vrier 2009 C 17:49 +0100, Felipe Alfaro Solana a C)crit :
> > On Sat, Feb
On Sat, Feb 28, 2009 at 1:51 PM, Ingo Schwarze wrote:
> Hi Felipe,
>
> Felipe Alfaro Solana wrote on Sat, Feb 28, 2009 at 10:53:50AM +0100:
> > On Thu, Feb 26, 2009 at 11:13 PM, Ingo Schwarze
> wrote:
> >> Jean-Francois wrote on Wed, Feb 25, 2009 at 10:08:22PM +010
On Thu, Feb 26, 2009 at 11:13 PM, Ingo Schwarze wrote:
> Hi Jean-Francois,
>
> Jean-Francois wrote on Wed, Feb 25, 2009 at 10:08:22PM +0100:
>
> > I actually built the following system :
> > - OpenBSD running on a standard AMD platform
> > - This box is actually used as firewall
> > - This box is
On Wed, Feb 25, 2009 at 10:08 PM, Jean-Francois wrote:
> Hi All,
>
> I actually built the following system :
>
> - OpenBSD running on a standard AMD platform
> - This box is actually used as firewall
> - This box is also used as webserver
> - This box is finally used as local shared drives via NFS
On Tue, Jan 6, 2009 at 3:51 PM, ropers wrote:
> > * ropers [2008-12-12 15:01]:
> >>
> >> Maybe --possibly-- my own understanding is sorely lacking. Let me try
> >> to explain. The following requires a non-proportional font:
> >>
>
> (...)
>
> >> OTOH, if you have a dedicated link, maybe your set
37E7 D3EB 74D0 8D66 A68D B866 0326 204E 3F42 004A
> http://todd.fries.net/pgp.txt
>
> Penned by Felipe Alfaro Solana on 20090102 20:29.56, we have:
> | On Fri, Jan 2, 2009 at 7:52 PM, Todd T. Fries wrote:
> |
> | > The other answer is, ESP provides AH, therefore A
software solutions." \ 250797 (FWD)
> | \
> \\
>
> 37E7 D3EB 74D0 8D66 A68D B866 0326 204E 3F42 004A
> http://todd.fries.net/pgp.txt
>
> Penned by Felipe Alfaro Solana on 20
On Tue, Dec 30, 2008 at 9:29 PM, wrote:
> I'm trying to use both AH and ESP to setup IPsec using Transport mode
> between two IPv6 OpenBSD 4.4 hosts.
>
> So far it worked for AH Transport mode or ESP Transport mode but I don't
> quite know how to do both AH and ESP. Any ideas?
>
> Here's a snippe
On Thu, Dec 25, 2008 at 10:50 PM, Marco Peereboom wrote:
> > RedHat has been shipping a version of glibc that does randomized library
> > addresses for, at least, a year. Libraries have to be compiled with
> -fPIC,
> > however, but that's the case for most. Not sure about other distros.
>
> Right,
On Wed, Dec 24, 2008 at 11:13 AM, Henning Brauer wrote:
> * Felipe Alfaro Solana [2008-12-24 06:17]:
> > > easy - OpenBSD. Linux doesn't have propolice, randomized malloc/mmap,
> > > randomized library addresses etc yadda yadda yadda.
> > RedHat has been shipp
On Tue, Dec 23, 2008 at 12:34 PM, Henning Brauer wrote:
> * Douglas A. Tutty [2008-12-23 05:45]:
> > On Tue, Dec 23, 2008 at 02:41:08AM +0100, Henning Brauer wrote:
> > > * Jussi Peltola [2008-12-11 20:52]:
> > > > On Thu, Dec 11, 2008 at 10:30:50AM -0800, Jeff_1981 wrote:
> >
> > > > That said,
On Mon, Dec 15, 2008 at 9:14 AM, Jussi Peltola wrote:
> On Mon, Dec 15, 2008 at 03:43:43AM +0100, Felipe Alfaro Solana wrote:
> > If the two machines that are part of the same CARP group are connected to
> > the same switch, and you are experiencing packet loss, then something
&
On Sat, Dec 13, 2008 at 6:56 AM, Stephan A. Rickauer <
stephan.ricka...@ini.phys.ethz.ch> wrote:
> On Fri, 2008-12-12 at 17:32 +0100, Felipe Alfaro Solana wrote:
>
> >
> > What's the point on using CARP to send advertisements over a dedicated
> > link? The dedic
On Fri, Dec 12, 2008 at 3:12 PM, Stephan A. Rickauer <
stephan.ricka...@ini.phys.ethz.ch> wrote:
> On Fri, 2008-12-12 at 14:57 +0100, ropers wrote:
> > Maybe --possibly-- my own understanding is sorely lacking. Let me try
> > to explain. The following requires a non-proportional font:
> >
> > Is t
On Thu, Dec 11, 2008 at 7:30 PM, Jeff_1981 wrote:
> Dear All,
>
> Please can you indicate me how to run Windows or Linux under OpenBSD ?
> Under Linux for example there is possibility to virtualize another OS.
> If the other OS is hacked from the web does it compromizes the security of
> OpenBSD
On Wed, Dec 10, 2008 at 4:06 AM, Sunnz <[EMAIL PROTECTED]> wrote:
> 2008/12/10 Adriaan <[EMAIL PROTECTED]>:
> >> Oh my god. Let me migrate everything to this new secure OS immediately!
> >>
> >
> > Yea, you should run this new secure OS under Xen or Vmware for even
> > more security ;)
> >
> > =
On Tue, Dec 9, 2008 at 4:14 PM, Sunnz <[EMAIL PROTECTED]> wrote:
> The secure operating system standard will never be the same now that a
> National Security Agency-certified OS has gone commercial, but few
> mainstream enterprises today need an airtight OS tuned to run on
> fighter jets. And many
On Fri, Dec 5, 2008 at 12:11 PM, Paul de Weerd <[EMAIL PROTECTED]> wrote:
> Hey Felipe,
>
> On Fri, Dec 05, 2008 at 11:51:05AM +0100, Felipe Alfaro Solana wrote:
> | Hi misc,
> |
> | I've been thinking about this for a while but can't seem to figure out
> |
Hi misc,
I've been thinking about this for a while but can't seem to figure out
a proper solution. Perhaps you have seen an scenario like this before
and have ideas on how to tackle it.
I have two OpenBSD 4.4 boxes configured in active/backup CARP,
connected to an ADSL router. I want to reconfig
On Wed, Dec 3, 2008 at 4:45 AM, Dongsheng Song <[EMAIL PROTECTED]> wrote:
> Yes, I running OpenBSD amd64 in Debian 5.0(lenny) kvm box for OpenBSD
> Translation
> Status[1] at lease one month, it's fine!
For me, OpenBSD 4.4 on KVM/HVM in 32-bit mode is painful: I keep
getting a watchdog message fro
On Fri, Nov 14, 2008 at 12:58 AM, Felipe Alfaro Solana
<[EMAIL PROTECTED]> wrote:
> On Fri, Nov 14, 2008 at 12:00 AM, Felipe Alfaro Solana
> <[EMAIL PROTECTED]> wrote:
>> Hi misc,
>>
>> Are any of you using AICCU on OpenBSD 4.4 patched to 005? Have you
>&g
On Fri, Nov 14, 2008 at 12:58 AM, Felipe Alfaro Solana
<[EMAIL PROTECTED]> wrote:
> On Fri, Nov 14, 2008 at 12:00 AM, Felipe Alfaro Solana
> <[EMAIL PROTECTED]> wrote:
>> Hi misc,
>>
>> Are any of you using AICCU on OpenBSD 4.4 patched to 005? Have you
>&g
On Fri, Nov 14, 2008 at 12:00 AM, Felipe Alfaro Solana
<[EMAIL PROTECTED]> wrote:
> Hi misc,
>
> Are any of you using AICCU on OpenBSD 4.4 patched to 005? Have you
> experienced panics? Since I upgraded to OpenBSD 4.4, whenever I take
> AICCU down, then up, after a while the
Hi misc,
Are any of you using AICCU on OpenBSD 4.4 patched to 005? Have you
experienced panics? Since I upgraded to OpenBSD 4.4, whenever I take
AICCU down, then up, after a while the system panics. I can reproduce
this reliably, although the timing is not always the same: sometimes
the system pan
On Wed, Nov 12, 2008 at 12:53 AM, Vivek Ayer <[EMAIL PROTECTED]> wrote:
> Here's my current configuration for my entire network. Two routers
> working as one using IP balancing and two web servers on the inside
> working as one using IP balancing. I'm still getting issues as to
> reaching the web s
Hi misc,
Do you have experience running quagga's ospf6d in OpenBSD? I've been
using it for a while in combination with AICCU (AYIYA tunnel to tunnel
IPv6 over IPv4 using a tun0 tunnel) but ospf6d crashes whenever the
tun0 tunnel interface goes up and down. Have seen this before?
Thanks.
--
http
On Mon, Nov 10, 2008 at 2:30 PM, Stuart Henderson <[EMAIL PROTECTED]> wrote:
> On 2008/11/10 14:13, Felipe Alfaro Solana wrote:
>> I fixed it already. I had the two listed patches for, but some reason,
>> the ports package failed to get rebuilt so I was installing 0.99.
On Mon, Nov 10, 2008 at 1:21 PM, Stuart Henderson <[EMAIL PROTECTED]> wrote:
> ** Please honour reply-to: ports@ **
>
> On 2008-11-10, Gregory Edigarov <[EMAIL PROTECTED]> wrote:
>> Felipe Alfaro Solana wrote:
>>> Are there any plans on bumping net/quagga t
On Mon, Nov 10, 2008 at 1:21 PM, Stuart Henderson <[EMAIL PROTECTED]> wrote:
> ** Please honour reply-to: ports@ **
>
> On 2008-11-10, Gregory Edigarov <[EMAIL PROTECTED]> wrote:
>> Felipe Alfaro Solana wrote:
>>> Are there any plans on bumping net/quagga t
On Mon, Nov 10, 2008 at 11:09 AM, Gregory Edigarov
<[EMAIL PROTECTED]> wrote:
> Felipe Alfaro Solana wrote:
>>
>> Are there any plans on bumping net/quagga to 0.99.11? I tried to
>> compile it myself, from the vanilla sources while applying the
>> following two
Hi misc,
Are there any plans on bumping net/quagga to 0.99.11? I tried to
compile it myself, from the vanilla sources while applying the
following two patches:
patch-configure
patch-zebra_kernel_socket_c
But the resulting zebra daemon always fails with an "Abort trap"
message. I've seen people r
On Fri, Nov 7, 2008 at 10:22 PM, marrandy <[EMAIL PROTECTED]> wrote:
> Hello.
>
> Been a bit out IT the last year or so.
>
> My last firewall projects used LE-564 embedded.
>
> http://www.commell.com.tw/product/sbc/le-564.htm
>
> What are people using now ?
I'm using PC Engines GmbH PC ALIX boxes
On Thu, Nov 6, 2008 at 9:39 AM, Louis Opter <[EMAIL PROTECTED]> wrote:
> Hello,
>
> I am trying to set up an ipsec vpn between two networks. But, I can't
> figure out why it doesn't work.
>
> I get some errors like (here on the "malenfant gate", see network map
> below) :
> Plcy 30 keynote_cert_ob
Hi misc,
How does the OpenBSD source address selection algorithm works? Is
there a way to override the source address? I have two interfaces on
my box: tun0 and vr0. tun0 uses A::2/64 as its IPv6 address. vr0 uses
B::2/48 as its IPv6 address. The default route ::/0 is on the tun0
interface. Hence,
Hi there,
After upgrading to OpenBSD 4.4, rtadvd now fails to come up:
# rtadvd -d -s carp0
RA timer on carp0 is set to 16:0
fatal in rtadvd: getpwnam
# cat /etc/rtadvd.conf
carp0:\
:addr="2001::::":prefixlen#64:nolladdr:
Any ideas?
Thanks!
--
http://www.felipe-alfaro.org/blog/d
On Sat, Nov 1, 2008 at 11:31 AM, Lars NoodC)n <[EMAIL PROTECTED]> wrote:
> A very heartfelt thankyou, to you and the rest of the developers.
> Congratulations, again.
Yes! I love OpenBSD and I'm sure OpenBSD 4.4 will be an awesome release.
Hi misc,
I'm experiencing interaction problems between PF and the enc0
interface. I've been reading several OpenBSD manual pages about how
IPSec traffic filtering is supposed to work, but so far I'm unable to
get IPSec filtering working for me.
I have created an IPSec/IPv6-based VPN between two s
On Wed, Oct 29, 2008 at 9:14 PM, Douglas A. Tutty <[EMAIL PROTECTED]> wrote:
> I'll be setting up a new box for the house and I want to use OpenBSD for
> it, both for its security and since it will be an older box it will run
> better than with Debian.
>
> Roles:
>
> main firewall for dialup intern
Hi misc,
Does OpenBSD's default ospdf daemon support IPv6? I'm confused as the
manual page implies that only IPv4 is supported, but /etc/passwd has a
user named ospf6d. Is the manual page incorrect? Is it Zebra/Quagga
the only option?
Thanks!
--
http://www.felipe-alfaro.org/blog/disclaimer/
On Fri, Oct 24, 2008 at 3:32 AM, Brian <[EMAIL PROTECTED]> wrote:
> --- On Thu, 10/23/08, mak maxie <[EMAIL PROTECTED]> wrote:
>
>> From: mak maxie <[EMAIL PROTECTED]>
>> Subject: Modern operating systems are flawed by design, including OpenBSD.
>> To: misc@openbsd.org
>> Date: Thursday, October 23
On Thu, Oct 23, 2008 at 6:24 AM, <[EMAIL PROTECTED]> wrote:
> Greetings list.
>
> I have a set of four load-balanced carp servers. Here are there
> hostname.carp files:
>
> box1: inet 10.104.72.0 255.255.224.0 NONE carpdev em0 balancing ip-stealth
> carpnodes 1:0,2:100,3:100,4:100
>
> box2: inet 1
Hi openbsd-misc,
Is there a way to have two entries in the routing table for the
default gateway, one with a low metric (typically 0) and another one
with a higher metric? Usually, the route with the lowest metric should
be used unless marked invalid or removed.
I'm currently using AICCU in a act
84 matches
Mail list logo
