Re: ddclient failure to start

> On Jul 14, 2016, at 1:53 PM, Brian McCafferty <br...@mccafferty.ca> wrote: > > On 07/14/16 19:32, Joe S wrote: >>> On Jul 8, 2016, at 7:44 PM, Ed Ahlsen-Girard <eagir...@cox.net> wrote: >>> >>> ddclient won't start from rc.d with this configur

Re: ddclient failure to start

> On Jul 8, 2016, at 7:44 PM, Ed Ahlsen-Girard wrote: > > ddclient won't start from rc.d with this configuration: > > rc.conf.local: > > ntpd_flags= > xdm_flags= > httpd_flags= > doas_flags= > ddclient_flags=-file /etc/ddclient/ddclient.conf > pkg_scripts=ddclient > >

Re: make release error on 5.8

> On Oct 20, 2015, at 12:54 AM, Philip Guenther <guent...@gmail.com> wrote: > > On Mon, Oct 19, 2015 at 3:47 PM, Joe S <js.li...@gmail.com> wrote: >> I've just upgraded from 5.7 to 5.8 on amd64 and applied all of the errata >> found at . >> >> I down

Re: make release error on 5.8

> On Oct 20, 2015, at 9:26 AM, trondd <tro...@kagu-tsuchi.com> wrote: > > On Tue, October 20, 2015 11:02 am, Joe S wrote: >> >> since the FAQ didnâ**t mention the need to do this separately. >> > > > Sure it does. 5.3.5 describes building userland and 5.4

make release error on 5.8

I've just upgraded from 5.7 to 5.8 on amd64 and applied all of the errata found at . I downloaded src.tar.gz and sys.tar.gz from ftp5.usa.openbsd.org/pub/OpenBSD/5.8 and then applied all of the errata (2015-10-18) from http://www.openbsd.org/errata58.html. I want to make a release, to deploy on

Re: Ubiquiti EdgeRouter Lite

On Sun, Aug 16, 2015 at 1:47 PM, Ted Unangst t...@tedunangst.com wrote: Predrag Punosevac wrote: Dear All, I am contemplating buying a new machine which will act as a router/DNS caching server for my home network. Is anybody currently running OpenBSD on the Ubiquiti Networks EdgeRouter

Re: Question about /etc/mail post 5.6 upgrade

On Mon, Nov 10, 2014 at 8:30 AM, Scott Vanderbilt li...@datagenic.com wrote: These changes came after 5.6 was RTM, and are reflected in -current as of 15 September or so. See http://www.openbsd.org/faq/current.html. Removing sendmail as outlined above will make things like 'make release'

cpu choice for firewall

I'm looking to build a new mini-itx firewall based on OpenBSD and would like to get some advice on CPU selection. I've seen multiple statements on this list that indicate CPU cache and CPU speed are the most important factors. Sorry if this is a silly question, but which cache is most useful for

anything similar to auditd for openbsd

I have auditd configured on a number of linux servers and I'm trying to find something similar for OpenBSD. Any recommendations? Some of the things I'm looking to log: exec, system-wide read,write,move,delete,etc on selected files read,write,move,delete,etc of /etc Thanks.

Re: NIDS on OpenBSD

On Tue, Oct 18, 2011 at 10:31 PM, Wesley M. open...@e-solutions.re wrote: Hi, I use OpenBSD 4.9, i'm looking for a good nids. It depends on what you are trying to accomplish. In general OSSEC and Snort are great intrusion detection tools to get started. OSSEC can monitor your logs and can

Re: Performance problems with OpenBSD 4.9 under ESXi 5

On Wed, Oct 19, 2011 at 11:55 AM, Gene gh5...@gmail.com wrote: I'm trying to run OpenBSD 4.9 (amd64) under VMware vSphere 5 (ESXi 5). I set up four virtual machines with one core, 256 MB of RAM, and 4 GB of disk They perform terribly. The load average hovers around 1.5 on all of these What

Question about apmd power savings

This isn't a problem and I'm not complaining, I'm just a bit curious as apmd didn't save me as much power as I hoped for. I noticed that apmd couldn't throttle my cpu in 4.9-RELEASE (amd64). However, since March 2011, -CURRENT recognizes the K10 cpus, so I wanted to try it out apmd on my HP

Re: Question about apmd power savings

On Tue, Oct 18, 2011 at 12:22 PM, Geoff Steckel g...@oat.com wrote: Were you running a CPU-intensive workload on the CPU(s)? Changing the clock speed of an idle chip won't change the power usage very much in absolute terms. If the CPU has multiple cores, exercising them all at once may

Re: Question about apmd power savings

On Tue, Oct 18, 2011 at 2:22 PM, Brynet bry...@gmail.com wrote: Sorry Joe, I'm not subscribed to misc@, marc.info is ro, I didn't see your message. I worked on K10 freq scaling for my laptop, indeed, it doesn't help much in terms of measurable power savings.. not as much as I had hoped it

Re: Quad-Gigabit 1U mini-itx board recommendations?

On Tue, Aug 30, 2011 at 12:00 AM, Joakim Aronius joa...@aronius.se wrote: I have used Soekris for a few years and are very happy with them. They have a new board that will start shipping soon: http://soekris.com/net6501.htm Curious if anyone has tried these boards out. I'm looking for

Re: OpenBSD-capable, fanless, diskful computer with ECC RAM

On Fri, Oct 29, 2010 at 5:14 PM, Damien Miller d...@mindrot.org wrote: Hi, Can anyone recommend a small, fanless computer that will accept a HD (perhaps a 2.5 drive) that uses ECC RAM? Needless to say, it must run OpenBSD. Being 64 bit, having accellerated crypto and/or supporting multiple

Re: MPLS status questions.

On Wed, Apr 29, 2009 at 12:48 PM, Michele Marchetto myde...@openbeer.it wrote: Il giorno mar, 28/04/2009 alle 20.18 -0400, Daniel Ouellet ha scritto: So, I am not sure where this is and I am curious as to what stage it might be? We are moving things forward. The current stack have really

Re: Where is Secure by default ?

On Mon, Mar 9, 2009 at 7:36 AM, irix i...@ukr.net wrote: Hello Misc, In www.openbsd.org wrote Only two remote holes in the default install, in more than 10 years!, this not true. I using OpenBSD like customer, not like administrator. And my OpenBSD were attacked, by simple MiTM

Re: Article about network monitoring system developed on OpenBSD

On Mon, Feb 2, 2009 at 8:12 AM, Jason Dixon ja...@dixongroup.net wrote: On Mon, Feb 02, 2009 at 10:53:45AM -0500, Christopher Linn wrote: On Mon, Feb 02, 2009 at 03:29:19PM +, Mikolaj Kucharski wrote: Hi, Few months back (maybe years) there was article posted (I don't think that was

Re: Port ZFS to OpenBSD

On Sun, Jan 18, 2009 at 9:24 AM, Antoine Jacoutot ajacou...@bsdfrog.org wrote: On Sun, 2009-01-18 at 14:28 +0100, Matthias Kilian wrote: On Sun, Jan 18, 2009 at 04:29:37AM -0800, Mike Swanson wrote: As marco already stated, it could be a kernel module. But it won't. Why? Because nobody

PF blocking outbound packets that don't have S/SA flags

OS: OpenBSD 4.4 RELEASE i386 PF is blocking traffic that I want it to pass. I notice this when I run nmap 4.76 (compiled from source). It appears that my packets are being dropped because they don't match the pass out quick rule in my pf.conf. I noticed this rule is modified due to the default

Re: PF blocking outbound packets that don't have S/SA flags

On Fri, Nov 21, 2008 at 2:11 AM, Stuart Henderson [EMAIL PROTECTED] wrote: On 2008-11-21, Joe S [EMAIL PROTECTED] wrote: How do I create a rule to ignore the flags S/SA Read pf.conf(5) about flags. Thanks. I read everything but that man page. I added flags any to my pass out rule and my

Re: PF blocking outbound packets that don't have S/SA flags

On Fri, Nov 21, 2008 at 2:13 PM, Daniel Melameth [EMAIL PROTECTED] wrote: Perhaps you're hitting pf's default state limit? If you're going to be nmapping, I highly recommend doing it from a host that's not firewalled. Could be. I will look into that. I'm starting to wonder if the error

Re: PF blocking outbound packets that don't have S/SA flags

On Fri, Nov 21, 2008 at 2:29 PM, Joe S [EMAIL PROTECTED] wrote: On Fri, Nov 21, 2008 at 2:13 PM, Daniel Melameth [EMAIL PROTECTED] wrote: Perhaps you're hitting pf's default state limit? If you're going to be nmapping, I highly recommend doing it from a host that's not firewalled. Could

ascii bandwidth report

Now that my ISP is imposing bandwidth caps, I need to start measuring my usage. Graphs are nice, but I've found that graphs are not really that useful to me. I need something to report what my cummalative usage is in a 30 day period. I'd like the data in some sort of ascii format, but html is ok

Re: ascii bandwidth report

test it) Regards -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de Joe S Envoyi : mercredi 17 septembre 2008 17:20 @ : misc@openbsd.org Objet : ascii bandwidth report Now that my ISP is imposing bandwidth caps, I need to start measuring my usage

Use a USB flash drive to install a snapshot

Has anyone been able to configure a usb flash drive to boot a snapshot install? I don't like to burn so many cd's. I tried to install via PXE, but the laptop I use (Thinkpad X24) doesn't support PXE. I've been able to install 4.3 from usb flash drive thanks to these instructions:

Re: Use a USB flash drive to install a snapshot

On Wed, Sep 17, 2008 at 10:44 AM, Joe S [EMAIL PROTECTED] wrote: Has anyone been able to configure a usb flash drive to boot a snapshot install? I don't like to burn so many cd's. I tried to install via PXE, but the laptop I use (Thinkpad X24) doesn't support PXE. I've been able to install 4.3

Re: GPL version 4

On Wed, Jul 16, 2008 at 11:06 AM, Morton Harrow [EMAIL PROTECTED] wrote: Our planned release date of GPLv4 is 15th September 2008. That's scary. I'm staying indoors, shutting down any linux/windows pc's and not leaving the house that day.

Sendmail won't use port 587 instead of 25

I can't get sendmail to use port 587 and not port 25, which my ISP Comcast blocks. I've added these lines to my sendmail.mc file, which is a copy of openbsd-proto.mc I've tried this with the openbsd-localhost.mc file also, but no success. ~ define(`SMART_HOST', `smtp.comcast.net')dnl

Re: Identifying Bandwidth Hogs

Check out argus (http://qosient.com/argus/). I've tried ntop, and it's unusable when the network gets busy. On Tue, Jul 8, 2008 at 10:51 PM, David Schulz [EMAIL PROTECTED] wrote: Hello, can someone recommend me a good way to quickly determine who on the network is using up most the

Re: vsftpd [more secure]

no version of ftp software is secure Try man sftp On Tue, Jun 10, 2008 at 6:45 AM, Saulo Bozzi [EMAIL PROTECTED] wrote: *Name* *Version* vsftpd http://vsftpd.beasts.org/ 1.1.3 vsftpd http://vsftpd.beasts.org/ 1.2.2 vsftpd http://vsftpd.beasts.org/ 1.2.2 vsftpd

Re: Unbound: a validating, recursive, and caching DNS resolver

On Wed, May 21, 2008 at 10:09 AM, Andris [EMAIL PROTECTED] wrote: I just read about this project, might be of interest: http://unbound.net/ It's developed by Kirei, NLnet Labs, Nominet, and VeriSign; and released under a permissive free software license: http://unbound.net/svn/trunk/LICENSE

Running -current

I'm running -current on a test host for the first time. I've read FAQ 5, following current, and I watch source-changes. So far so good. Then I noticed a whole lot of recent changes to src. 1. Are there any rules of thumb or guidelines to follow as far as how often I should keep -current,

Re: Poor OpenBGPD performances on soekris net5501 ?

On Wed, Apr 30, 2008 at 10:29 AM, Paolo Di Francesco [EMAIL PROTECTED] wrote: 10601 packets received by filter 9632 packets dropped by kernel This looks like something tcpdump would say. Given the load of device and low cpu power, tcpdump is very likely to drop packets when trying to print

Re: Linus about C++

On Dec 28, 2007 7:16 AM, Gary Baluha [EMAIL PROTECTED] wrote: On Dec 28, 2007 7:51 AM, Erik Wikstrvm [EMAIL PROTECTED] wrote: On 2007-12-28 07:33, Brian Hansen wrote: [snip] Is he right? Yes and no. First of all you should realise that Linus and most other other kernel hackers

Question about 4.2 Package availability

I just wanted to confirm the following: If I've installed OpenBSD 4.2 and I need a specific package (in this case, net-smpd) which is not available on the CD, I must wait until 4.2 is officially released. Then I can get the packages I need from the ftp site.

4.1 upgrade problem - im apps logout

After I upgraded to 4.1, I have noticed a new problem. Instant messaging applications will get randomly disconnected for no apparent reason. It seems as though the sessions are timing out somewhere between 30-60 minutes of non-use. Has anyone else ran into this? OpenBSD 4.1-stable (GENERIC)

Re: Locations of stable ports vs current ports

PROTECTED] wrote: On Wed, Jun 20, 2007 at 10:05:25AM -0700, Joe S wrote: I'm running openbsd 4.1-stable. I'm also using cvsup to get/update ports-stable [snip] This site has a nice interface to ports: http://ports.openbsd.nu/ But they ports it says are in OpenBSD are not in my tree

Re: dmesg - MacBook Pro

Michael Steinfeld wrote: If anyone cares here's the dmesg from my MacBook Pro. -- OpenBSD 3.8 (GENERIC) #138: Sat Sep 10 15:41:37 MDT 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Genuine Intel(R) CPU T2500 @ 2.00GHz (GenuineIntel 686-class) 2 GHz cpu0:

Re: Sun Ultra 1

Gustavo Rios wrote: Hey folks, i have just installed 3.8 in my sun desktop. It installed ok, 100% perfect. Know, i would like to strip the kernel to the bare minimum and get X It sounds like you come from Linux, where kernels are bloated. OpenBSD is not like Linux. The OpenBSD kernel is not

Re: PF or BPF

Dave Feustel wrote: What can BPF do that PF can not? Thanks, Dave Feustel One is a packet sniffer, one is a firewall. However, you are not qualified to operate such tools. Please disconnect your keyboard from your PC.

Re: QUESTION ABOUT PPP.LINKUP AND PF

Brian Shackelford wrote: We have /etc/ppp/ppp.linkup and in that is a section like this: ! sh -c pfctl -e -f /etc/pf.conf My ppp.linkup has this: ! sh -c /sbin/pfctl -ef /etc/pf.conf and it works.

Re: sysctl hw.sensors question

Denny White wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Today Stuart Henderson spake forth boldly: On 2006/02/04 20:43, Denny White wrote: hw.sensors.11=lm0, Temp3, temp, 127.50 degC / 261.50 degF hw.sensors.0=nsclpcsio0, TSENS1, temp, 127.00 degC / 260.60 degF

Re: The Apache Question

RedShift wrote: Hi everyone I've noticed OpenBSD still uses Apache httpd 1.3. While it is good that on the OpenBSD side of things, it is maintained and there's an additional focus on security for httpd. However, sooner or later, httpd 1.3 *will be deprecated* in favor of newer versions (2.0,

Re: OpenBSD hardware router

Tim Donahue wrote: On Thursday 02 February 2006 15:54, Darrin Chandler wrote: Kenny Mann wrote: I'm looking for something that which I can slap OpenBSD 3.8 on and use it as a router. This will be used for a house (~ 4 people) and I'm looking for You could look at www.soekris.com. They're

learning to code - suggestions needed

Hello list members. I'd like to direct this post to those that develop code for OpenBSD. I'd like a start developing software, and in turn, contribute to projects like OpenBSD and others. Right now, I'm working as a sysadmin/infosec person. I can write some simple perl and shell scripts, but

Re: Nokia IP330 OpenBSD 3.8 Information and Installation Assistance

NetNeanderthal wrote: Hi misc@, Background I am yet another Nokia IP330 owner seeking help to put a real OS/Firewall onto one of these devices. I have a handful of these at my disposal, all with AMD K6-2 400MHz CPUs, 1 SDRAM bank with 256MB of CAS2 PC100 ECC SDRAM (the other is empty), 2xdc

PPPoE and static IP block

I have new static IP ADSL service from SBC. SBC assigns a /29 netblock once authenticated via PPPoE. The ISP routes all traffic for the IP block down the same PPP session, and the last usable IP is the gateway. I plan to assign the static IPs to some of my servers. I'm not sure how to setup

Re: OpenBSD Desktop Document

Roy Morris wrote: I have been working on a document for newbies that helps them put together a basic/functional desktop under OpenBSD. If anyone has time, I'd like feed back. www.openalternatives.com/OpenBSD/OpenBSD-Desktop.pdf Thanks Roy 1. I'd get rid of the rdate cron job and just turn on

Re: Make a backup

Abel Talaversn Estevez wrote: Hi all, I'm using OpenBSD in a firewall which runs 3.6 and I want to upgrade it from 3.6 to 3.7. This does not answer your question, but I'd recommend going to 3.8 if you can.

Interrupts on quad nics

Since some quad nics share 1 interrupt, what kind of performance impact would I be dealing with versus using 4 indiviual nics? Debating wehter to use a Phobox P430TX quad dc nic or individual fxp0 nics.

Re: Sun Ultra 5 as a firewall?

Jason Dixon wrote: Unless you've got a DS-3 or better, why does it matter? 1 interface is for the ADSL connection. I'm not worried about that. 2 interfaces are local networks. It's the throughput between those 2 that I noticed a bit of a bottleneck. It's not *that* bad. It's more suprising

Re: Sun Ultra 5 as a firewall?

Joe S wrote: questions on the list. Why not just setup a test network and run iperf against it? After doing my own tests, I found that the Ultra 5 was too slow to perform near wire-speed throughput. TEST 1 - Sun Ultra 5 360MHz dc0 and dc1 are Phobos 430TX quad nic, PCI card [ 4] 0.0

Sun Ultra 5 as a firewall?

Is anyone on the list running an Ultra 5 as firewall? I would like to move my firewall from an overpowered P4-3GHz box to a Sun Ultra 5 360MHz. My main concern is wondering if the Ultra 5 is slow enough to become a bottleneck from one interface to another interface. However, I know some of

Re: Sun Ultra 5 as a firewall?

There's no way for anyone to know without describing your throughput. My apologies. I forgot to include that information. This is stricly a home network. I am not concerned about the throughtput between my network and the internet, but rather between local networks. I'll post my iperf

Re: squid mime-type blocking

Florian wrote: Hi When I try to allow only a few mime-types, I only get an access denied Is there a way ? Are you telling squid to re-read it's configuration? # squid -k reconfigure -joe

Re: IDE disk problems

[EMAIL PROTECTED] wrote: On Tue, Oct 04, 2005 at 07:46:01AM -0600, Steve Harding wrote: The thing that has been bothering me is that I replaced a drive 2 months ago because of similar errors, and wd3, which is now showing errors, is a brand new drive. Then perhaps something else, like the

squid-2.5.STABLE11.tgz

I'm running OpenBSD 3.7-STABLE. I'm trying to find an updated package: squid-2.5.STABLE11-transparent.tgz I checked /pub/OpenBSD/3.7/packages/i386 of a few FTP servers and only found squid-2.5.STABLE11.tgz. I noticed that squid-2.5.STABLE11-transparent.tgz is available for 3.6, but not 3.7.

Re: The value of this list

Gaby vanhegan wrote: Hi, I'd just like to say how useful this list is. Even though I don't contribute to it much, my lurking for the last few years has enabled me to solve many, many problems, based on the useful snippets that are passed around on this list. For example, Zope was

Egress filtering on PF

Is it better to apply egress filtering rules on the internal interface of the firewall or the external interface? A snippet of my rules look like this right now: (I'm filtering on both interfaces) pass in quick on $int_if inet proto tcp from $int_if:network to any port $tcp_ports modulate

Re: is there a way to block sshd trolling?

John Marten wrote: There's got to be a better way, and I'm open to suggestions. Use public key authentication to start with. It's very easy to setup and much more secure than password authentication. With public key authentication, passwords will never work. You might also want to make it