Felipe Mesquita wrote:
Hi List,
I4m using OpenBBSD 3.7 as a (basicly) web, mail and gateway
server. I have 2 network devices, one for DSL connection and other to
my localnet. Ok.. When i turn my server on, it get all up and
running automaticly, including the ADSL connection. It connects
Matt Garman wrote:
I took the smarts of your script, and also wrote a simple logging
tool. It's just a wrapper for the syslog(3) function call (that
allows you to log to syslog via the shell).
In root's crontab, I have this entry:
* * * * *
Huzeyfe Onal wrote:
i bought a 50Mbit/s metro ethernet internet connection and test it
with two operating system.
first windows XP SP2 with gigabit ethernet. I see 5MB/s
download speed .
second is an OpenBSD 3.7 with fxp0: Intel 82559 Pro/100 Ethernet and
saw 2.2MB/s download speed.
Do
So, with 3.8 around the corner, any recommendations on a solid 200mW
Cardbus card that can do 802.11g with hostap? I noticed a few
high-power cards at
http://www.senao.com/english/product/product_wireless01_outdoor.asp?pgtl
=Wirelesstp1id=02tp2id=07, even though it appears power output drops
at
pedro la peu wrote:
200mW Cardbus card that can do 802.11g with hostap?
Why do you need 200mW?
I don't know that I need it, but it generally provides for greater
range without the need for an external antenna...
Chris Smith wrote:
On Tuesday 04 October 2005 03:38 pm, Peter Hessler wrote:
True, this is a limitation of the PPTP spec. Go slap the IT Staff,
and tell them to revert back to IPSec.
While I agree on what should be done to their IT staff, and that IPSec
(from what little I know) is
edgar mortiz wrote:
im planning to build a AP using Openbsd i currently have a Linksys
WMP11 Card, i was able to manage setting it up but i get a lot of the
following message, that eventually kills wifi connection and so does
the rest of the wired network. (please see below)
wi0: oversized
Dave Harrison wrote:
I have two links, a rather costly one, and a cheap high bandwidth one.
I prefer to use the cheap one whenever possible, but if it goes down I
want to fail over onto the expensive one.
This rule (from the PF FAQ) will let me round-robin my outgoing
connections :
pass
Sean Dogar wrote:
I've installed OpenBSD 3.8 on an IBM HS20 blade (model 8678).
Everything generally works OK (even multiprocessor support!), except
for some weirdness with the network interface, which is the onboard
Broadcom BCM57xx (bge) interface. The kernel does correctly
enumerate and
Sean Dogar wrote:
How about an ifconfig -a from both systems, clearing the arp cache
of both hosts and capturing tcpdumps on both ends during an entire
connection attempt?
OK.
Here's the ifconfig -a from the OpenBSD box (IP address 172.16.1.22)
lo0:
Arnaud Bergeron wrote:
I have been playing around with netstat and found lots of strange
(read uknown ports) udp connections. I wanted to know what processes
where doing these connections. After reading the netstat man page I
concluded that it can't do it. Google provided no useful
Just moved from cable to DSL connectivity at home and decided to give
3.7's new kernelized pppoe as shot.
My DSL connection trains at 7Mb/s down and 896Kb/s up and testing with
Internet speed tests, I generally get 5.5Mb/s down and 715Kb/s up.
These tests were done with the DSL router provided by
Mick wrote:
On Tue, 2005-05-31 at 08:33 -0400, Melameth, Daniel D. wrote:
Mick wrote:
I seem to be seeing somewhat odd behaviour with regards to the
userpace PPPoE program and my high speed ADSL link. By high
speed I mean 8Mbps down and 1Mbps up. Initially, I was on a
512/128 plan
://208.139.201.8/openbsd.tcpdump and
http://208.139.201.8/windows.tcpdump.
I'm kind of at my wits end here and am not certain how to troubleshoot
further--any and all help/comments appreciated.
Thanks,
Danny
Melameth, Daniel D. wrote:
Just moved from cable to DSL connectivity at home and decided to give
Can Erkin Acar wrote:
Melameth, Daniel D. wrote:
I've looked into this further and still cannot determine where the
issue lies. Based on some advice, I unplugged the OpenBSD machine
and setup a Windows XP machine instead. The Windows native PPPoE
client was able to download at 5.5Mb/s
Rod.. Whitworth wrote:
On Tue, 7 Jun 2005 12:50:40 -0500, Kevin wrote:
On 5/26/05, Rod.. Whitworth [EMAIL PROTECTED] wrote:
When you have a modem that will do all the connection stuff I am
amazed that anyone feels the need to do PPPoE.
I prefer to have control over (and visibility
Kevin wrote:
On 6/7/05, Can Erkin Acar [EMAIL PROTECTED] wrote:
Melameth, Daniel D. wrote:
Prior to migrating to DSL, this same card was used for a cable
connection and doing more than 1.5Mb/s.
This really does not mean much. It could be a negotiation problem.
Was your old cable
Serban Giuroiu wrote:
I have an OpenBSD 3.7 box set up as a router and
server for my home network. It connects to the
Internet through the kernel PPPoE driver. Naturally, I
use pf on that box. Everything runs smoothly, but
there are certain websites that do not load properly
from machines
Clint Pachl wrote:
(I know I should start a new thread with this, but here we go) Can't
an OpenBSD box handle a PPPoE/PPPoA connection directly? I recently
setup a VPN between two networks with DSL connections where the modems
make a PPPoA connection. An OpenBSD box resides behind each modem.
]
1119059987.190145 200.144.121.33.123 216.x.x.x.2853: v4 server strat
2 poll 0 prec
I don't get it. I'm not sure what else to try or look at.
Regards,
D
Melameth, Daniel D. wrote:
Kevin wrote:
On 6/7/05, Can Erkin Acar [EMAIL PROTECTED] wrote:
Melameth, Daniel D. wrote:
Prior to migrating
on this DSL
connection, but, in this case, it clearly does.
Another day, another lesson learned and another one for the archives...
Danny
Melameth, Daniel D. wrote:
I think I'm going to leave this as an unresolved case--shame though.
I also performed the following:
* Replaced my ActionTec gt701
During high utilization, the number of output errors on the pppoe
interface rises rapidly (several per second). I put the interface in
debug mode and examined /var/logs/messages, but could not find anything
of apparent interest. The following is relevant output of netstat -in:
NameMtu
I played with BitTorrent for the first time a few weeks ago and I
imagine you'll need to redirect these inbound requests to the specific
host that is running the software. While I modify the base rule set
with anchors when this is in use, the premise is the same regardless.
meth is the host
Anyone else experiencing issues when scanning a host on the Internet and
using pppoe? It's as if nmap never sees the packets, but tcpdump
clearly shows packets being received. I'm running 3.7 -release and nmap
works fine when scanning on all the other interfaces. This issue is
reproducible with
I never received any responses on this so I thought I'd rephrase the
question before I spend more time on this...
Does nmap work for anyone when scanning hosts on the Internet using
3.7's kernel pppoe?
Thanks,
Danny
Melameth, Daniel D. wrote:
Anyone else experiencing issues when scanning
Rod.. Whitworth wrote:
Somebody sent me a query asking for a justification for my proposal to
supply a firewall/router using OpenBSD when there was thsi device:
http://www.dlink.com/products/?pid=327 , with all its claimed bells
and whistles.
Anybody know what, if anything, it does that an
I don't have any similar issue, but how about trying keep state on the
incoming traffic (which is faster than traversing the whole rule set
every time)?
Joe Barnett wrote:
To be more specific, with blocking on and selective allowing of
packets the http/s performance is slowed on the machine in
Rickard Dahlstrand wrote:
Stuart Henderson wrote:
On 2006/01/06 17:36, Rickard Dahlstrand wrote:
When I install using the floppy38.fs image I get le1 as my
ethernet-interface and install using ftp. Then I reboot using the
standard bsd-kernel I get pcn0 as my ethernet-interface. Dmesg
James Mackinnon wrote:
As part of my rollout today to Openbsd in my datacenter, I had a
little problem, well not entirely little
Here is the layout
8 TS boxes
ip config
192.168.0.20
192.168.0.21
192.168.0.22
192.168.0.23
192.168.0.24
192.168.0.25
192.168.0.26
192.168.0.27
James Mackinnon wrote:
This is a second issue that I had today with my final BSD firewall
rollout in my main center.
This issue was with exchange
All branches have VPN tunnels back to central location and the
firewall rules have a pass quick over the VPN tunnels
On the main location I
Steven S wrote:
I'm using a pair of 3.8-stable (1/5/06) servers as the firewall and
default gw (10.10.0.1/16) for a LAN . VPN users (10.4.0.0/16) come
into the LAN from a PIX (10.10.0.254/16) (changing soon to OpenVPN),
and when the VPN users hit a server return packets are sent to the
Jonas Lindskog wrote:
We are running Open BSD 3.8 as a firewall router. The router has two
internal networks to handle; a DMZ with real
ip adresses and a NAT network to which our workstations are connected.
The problem I have is that its not possible to
connect to the server on the DMZ (ip
The bottom of your dmesg appears to indicate your HD is dying--act fast.
Simon Morgan wrote:
This morning my server started rebooting itself constantly for about
15
minutes. Although the last log seems to indicate that at least 1 crash
occured, no core dumps are to be found in /var/crash and
Jasper Lievisse Adriaanse wrote:
On Thu, 02 Feb 2006 16:07:51 -0500
Will H. Backman [EMAIL PROTECTED] wrote:
If you are trying not to spend a lot of money, you could find an
almost free laptop (200 - 300 mhz) and use that. Cost will go up if
you don't already have some PCMCIA or USB
I don't get it--it appears nmap is broken. Perhaps I'm overlooking
something obvious, but any thoughts appreciated...
An nmap scan gives me this:
$ sudo nmap 208.139.x.x
Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2006-02-03 19:45
MST
Note: Host seems down. If it is really up, but
Nick Guenther wrote:
On 2/3/06, Melameth, Daniel D. [EMAIL PROTECTED] wrote:
I don't get it--it appears nmap is broken. Perhaps I'm overlooking
something obvious, but any thoughts appreciated...
An nmap scan gives me this:
$ sudo nmap 208.139.x.x
Starting nmap 3.81 ( http
Sorry if I wasn't clear--I agree. The issue here is not the behavior of
nmap, but the fact that nmap does not see the icmp and http responses
from the target and assumes the host is offline.
Tobias Ulmer wrote:
On Fri, Feb 03, 2006 at 10:02:32PM -0500, Melameth, Daniel D. wrote:
I don't get
man pf.conf
xl1 represents all the IPs on x1 so either use the IP specifically or
use xl1:0
David Newman wrote:
Looking for guidance on pf and aliases. I have an OBSD 3.8 box running
pf in front of two SMTP servers.
Here's my setup:
Net - 1.2.3.4- pf box - box1 9.8.7.6
Joachim Schipper wrote:
On Fri, Feb 03, 2006 at 10:02:32PM -0500, Melameth, Daniel D. wrote:
I don't get it--it appears nmap is broken. Perhaps I'm overlooking
something obvious, but any thoughts appreciated...
An nmap scan gives me this:
$ sudo nmap 208.139.x.x
Starting
Okan Demirmen wrote:
On Mon 2006.02.06 at 20:31 +0100, Joachim Schipper wrote:
On Sun, Feb 05, 2006 at 10:03:57PM -0500, Melameth, Daniel D. wrote:
Joachim Schipper wrote:
On Fri, Feb 03, 2006 at 10:02:32PM -0500, Melameth, Daniel D.
wrote:
An nmap scan gives me
FWIW, it appears the issue only happens in relation to the pppoe
interface--meaning, nmap scans over wi and fxp work as expected.
Melameth, Daniel D. wrote:
Okan Demirmen wrote:
On Mon 2006.02.06 at 20:31 +0100, Joachim Schipper wrote:
On Sun, Feb 05, 2006 at 10:03:57PM -0500, Melameth
Bachman Kharazmi wrote:
I'm running obsd 3.8 release on my gateway. Two xl nics are installed.
The GW does NAT which works very well,
All downloads from internet=hosts behind the gw with local IPs goes
really fast.
But from internet to the GW's harddisk is ~20% of what the LAN hosts
speed
earlier bandwidth limitation.
/bkw
On 18/02/06, Bachman Kharazmi [EMAIL PROTECTED] wrote:
bw_test_512MB:ETA: 1:08 101.21/512.00 MB
6.03 MB/s
I increased the value to 10
thanks
/bkw
On 18/02/06, Melameth, Daniel D. [EMAIL PROTECTED] wrote:
Bachman
Is ANYONE doing hostap with 802.11g? If so, is it working well? And
doing WEP? If not, any thoughts on doing this with -current?
Thoughts appreciated--I'd love a make, model and relevant dmesg of
anyone doing hostap with 802.11g.
Thanks,
Danny
Harry Putnam wrote:
I want to use pf.conf in what may be an unusual place.
Not the usual sheild between private net and internet.
It would be more as a logging service but will need some config to
allow two private net machines to access it.
A network picture:
Harry Putnam wrote:
Melameth, Daniel D. [EMAIL PROTECTED] writes:
There is a facility on the NETGEAR to send all traffic to an
inside machine for whatever reason. Its called a DMZ Server
although I don't think that is the normal usage of DMZ, but not
experienced enough to know
Harry Putnam wrote:
Melameth, Daniel D. [EMAIL PROTECTED] writes:
Thanks for the nifty summary. I want to pester you just a little more
then I'll get to work on this and see if I get really stuck
somewhere.
Sounds good ;-) .
# Address translation for machines on your LAN
nat on $ext_if
Paolo Supino wrote:
I need to setup an IPSEC VPN between 2 locations. 1 location runs
Cisco gear (out of my control) and the other runs OpenBSD (my
decision). I've never setup a VPN between Cisco and OpenBSD before (I
did between Cisco to Cisco and OpenBSD to OpenBSD) and I was
wondering if
Jim Razmus wrote:
* Steve Shockley [EMAIL PROTECTED] [060322 21:35]:
I've currently got a server running syslog-ng (1.6.9) with
PostgreSQL (8.1.1) on a 3.9 snapshot from March 1. The setup has
been working well for a while, but I've recently been told to have
it accept syslog for a
Stuart Henderson wrote:
There's always the polo shirt, or since you're in Europe, some of the
gear on https://kd85.com/notforsale.html perhaps.
I've got the polo (I'm in the US)--as it's the only OpenBSD attire I can
get away with in the office. Though I, and I'm certain MANY others,
You're using keep state in other places. Why is it missing from pass
in on $ext_if proto tcp from any to any port 3389?
Leonardo Rodrigues wrote:
I'm having a bit of trouble trying to access a Windows 2003 server
that is behind an OpenBSD 3.9 -current firewall.
From the LAN, I can remote
Congratulations to the team...
'Bob Parsons, GoDaddy.com Founder and CEO commented, ''OpenSSH and the
work of the OpenBSD project volunteers are integral to online security.
Go Daddy is pleased to be able to help them continue their great
contributions to the Internet community. At Go Daddy, we
Nick Guenther wrote:
On 4/19/06, Melameth, Daniel D. [EMAIL PROTECTED] wrote:
Congratulations to the team...
http://www.thehostingnews.com/article2217.html
Hmm? Hopefully it seems that Mozilla's donation has kicked off a
scrambling of companies to buy bragging rights about donating
Jonathan Thornburg wrote:
The firewall/router/nat box is (will be when I get this setup)
an old 486 laptop with 2 pcmcia ethernet cards, running 3.9-stable.
(Yes, I've ordered a CD; until it arrives I'm using 3.8-stable.)
I already have the (external) DSL modem, and from talking to other
Thought I'd have I little fun with my 3.9 CD set before I have some fun
with my 3.9 CD set...
http://208.139.201.73/39cdpolo.jpg
And for all you pansies that find it necessary to publicly whine about
broken tabs, mine are fine ;) .
Thought I'd have I little fun with my 3.9 CD set
before I have some fun with my 3.9 CD set...
http://208.139.201.73/39cdpolo.jpg
And for all you pansies that find it necessary to
publicly whine about broken tabs, mine are fine
Anton Karpov wrote:
I'm trying to boot OpenBSD 3.9 on my sony vaio, in order to play with
it onto my laptop (which is currently powered by freebsd).
Everything seems to be fine, except wireless card:
wi0 at pci2 dev 2 function 0 Intersil PRISM2.5 rev
0x01pci_intr_map: no mapping for pin A
Johan wrote:
Hansen Cahyono skrev:
Johan johan at linner.biz writes:
Ok, I have narrowed the problem down.
If I don't use a wep key (ifconfig ral0 -nwkey) then dhcpd works
and the client gets the ip. So it seems like some kind of problem
with hostap/ral/nwkey together with dhcpd...
Melameth, Daniel D. wrote:
Is ANYONE doing hostap with 802.11g? If so, is it working well? And
doing WEP? If not, any thoughts on doing this with -current?
Thoughts appreciated--I'd love a make, model and relevant dmesg of
anyone doing hostap with 802.11g.
Replying to my own post from
I recently upgraded (via clean install) a machine that was previously
running 3.8 and wi in hostap, without incident for the last six months
or so, to 3.9 running ral in hostap. While all other hardware on the
system has remained unchanged, the box has locked up five times in the
last five days
Damian Gerow wrote:
Thus spake Jeff Quast ([EMAIL PROTECTED]) [11/05/06 09:22]:
On 5/11/06, Damian Gerow [EMAIL PROTECTED] wrote:
I'm not interested in bandwidth limitations, so it looks like
priq is likely my best bet.
Then I create a queue with a bandwidth limit of 700Kbps.
Damian Gerow wrote:
Thus spake Melameth, Daniel D. ([EMAIL PROTECTED]) [13/05/06
20:06]:
It would seem altq wants a bandwidth declaration. However, from
man 5 pf.conf:
If bandwidth is not specified, the interface bandwidth is used.
And OpenBSD complains bitterly when
Tor Houghton wrote:
I have two IP addresses assigned to the external interface. I also
have two internal interfaces. Is it possible to NAT each internal
interface to a specific external IP address (without specifying the
external address, but the interface description)?
I am using 3.8; and
Jason Murray wrote:
Hello. I've been having a problem for the last year or so. This
problem has occurred in 3.6 - 3.9.
Let me try to explain it.
I have a server with a wireless (802.11b) card in it and I have a
laptop that is using that server as its gateway. Whenever the traffic
over
Melameth, Daniel D. wrote:
Jason Murray wrote:
Hello. I've been having a problem for the last year or so. This
problem has occurred in 3.6 - 3.9.
Let me try to explain it.
I have a server with a wireless (802.11b) card in it and I have a
laptop that is using that server as its
Jason Murray wrote:
$ cat /var/run/dmesg.boot | grep wi0
wi0 at pci0 dev 20 function 0 Intersil PRISM2.5 rev 0x01: irq 11
wi0: PRISM2.5 ISL3874A(Mini-PCI) (0x8013), Firmware 1.0.7 (primary),
1.3.6 (station), address 00:09:5b:11:cc:4e
I'm going to try a firmware upgrade ASAP. I found some
Rod.. Whitworth wrote:
On Sat, 10 Jun 2006 13:03:40 +0100, Stuart Henderson wrote:
Dragging things back slightly more on-topic, wi(4) has proved
very reliable; there has been some recent mention on soekris-tech
(http://marc.theaimsgroup.com/?l=soekris-techm=114982978006733)
about ral(4)
Theo de Raadt wrote:
This is due to a problem in the ral driver. I have mailed damien, and
hopefully a fix will be written soon. (the same mistake is in some of
the other drivers drivers he has written too)
Please post/have someone post a follow-up when this is done. I have,
what I believe,
D. E. Evans wrote:
On a Toshiba Satellite a35-s1593, without a PC-card currently plugged
in, I get a mapping error for the CardBus (cbb). I intend to purchase
a wireless PC-Card (I haven't decided on model yet), and wish to
ensure it will work with the cardbus before doing so.
Try changing
Heinrich Rebehn wrote:
I want to build a WLAN router using a WRAP board running OpenBSD.
I am still unsure which wlan interface to use. I considered the CM9
(ath(4)).
My question: are there still problems with the 802.11g (54 Mbit) mode?
If your web server is serving up pages, it's likely the pass in rule
that's being hit first and creating state--and since you're not
assigning a queue to that rule, it's being dumped to bulk.
Chris Zakelj wrote:
Trying to figure out what's going wrong here, and at this point, I'm
stumped. I'm
J Moore wrote:
Lyndon is right... and in recognition of that I understand that the
project lead is negotiating with Microsoft (through Warren Buffet) to
port Outlook to OpenBSD. Theo will provide more details...
(Can't... help... it... Must... reply...)
That's great news! I look forward to
Titan wrote:
I have quite a predicament. I have been tasked with setting up an
FTP server for the research group I'm involved with. The problem is
once I'm gone someone with no *NIX experience will be maintaining the
server. I've been considering using OpenBSD because it looks like it
can
Melameth, Daniel D. wrote:
Theo de Raadt wrote:
This is due to a problem in the ral driver. I have mailed damien,
and hopefully a fix will be written soon. (the same mistake is in
some of the other drivers drivers he has written too)
Please post/have someone post a follow-up when
Sven Ingebrigt Ulland wrote:
We are about to deploy some fairly critical VPN functionality in our
network, and for that purpose we're considering using OpenBSD with
isakmp/ipsec. We've had a test setup running for some time now with
no problems, but I'm interested in hearing about your
Harpalus a Como wrote:
I just purchased an Acer 3624WXCi laptop, and I discovered that
OpenBSD does not recognize the built-in wireless adapter. I want to
purchase a well-supported, quality wireless card, but I have been
unable to find enough information on this. Does anybody have any
Richard P. Koett wrote:
I guess it was a stupid autonegotiation problem after all. I didn't
know that could affect traffic in only 1 direction. Live and learn :)
FWIW, if you're not autonegotiating, you should make certain both sides
(NIC and switch) are hard coded/not set to negotiate.
Oct 18 OpenBSD born, Wednesday 08:37:01 GMT, 1995
OpenBSD turns not older with years, but newer every day. -Derived from
an Emily Dickenson quote
RCF wrote:
The server had been in testing for almost a month with rdate
configured to run every 6 hours before I rebooted. So I don't really
think the clock was off.
I don't have this issue, but if you're running rdate every six hours,
you might want to 'man ntpd' instead.
Nick Guenther wrote:
Just came across this article:
http://geodsoft.com/howto/harden/OpenBSD/services.htm
This list has made me skeptical of claims about hardening, especially
when done independantly. In particular, the article says
The most interesting configuration choice in the default
not configured
mpu at yds0 not configured
Melameth, Daniel D. wrote:
I recently upgraded (via clean install) a machine that was previously
running 3.8 and wi in hostap, without incident for the last six months
or so, to 3.9 running ral in hostap. While all other hardware on the
system has remained
Maybe a TcpWindowSize issue on Windows XP? By default, this is higher
for a 100Mb/s interface than the wireless interface. FWIW, I get the
full speed of my Internet connection over a ral AP, 6Mb/s, and, when
using it normally, with WEP I still can get about ~20Mb/s. Have you
tried shutting off
STeve Andre' wrote:
On Monday 06 November 2006 22:10, Melameth, Daniel D. wrote:
I'm having the same issue with 4.0 -stable--well, a bastardized copy
of -stable that also contains ral, cardbus and related changes from
-current. I've used more than one fxp card as well as more than one
STeve Andre' wrote:
On Tuesday 07 November 2006 22:20, Melameth, Daniel D. wrote:
STeve Andre' wrote:
On Monday 06 November 2006 22:10, Melameth, Daniel D. wrote:
I'm having the same issue with 4.0 -stable--well, a bastardized
copy of -stable that also contains ral, cardbus
Steve wrote:
I am having problems with Windows PPTP client over PF NAT. The
windows error generally indicates a GRE problem.
There are mixed reports on google as to whether this should work.
Does anyone have this working ? If so are there any tricks ?
So long as no more than one
[EMAIL PROTECTED] wrote:
My laptop bit the dust so am looking at replacements.
The one I'm thinking of getting has an unsupported
broadcom wireless device. It appears that I am able
to add a mini-pci card to replace what is already in
the laptop (correct me if i'm wrong its been a while
Do the last few lines of /etc/rc.conf look like the following?
local_rcconf=/etc/rc.conf.local
[ -f ${local_rcconf} ] . ${local_rcconf} # Do not edit this line
Robert C Wittig wrote:
I am running OBSD 3.9, and I finally got around to setting up PF.
Following the instructions at:
Robert C Wittig wrote:
verify that your /etc/rc.conf contains:
local_rcconf=/etc/rc.conf.local
[ -f ${local_rcconf} ] . ${local_rcconf} # Do not edit this line
Yes, I checked and these lines were in rc.conf, and I also noticed
that rc.conf had a line:
pf=NO
...so I changed that
88 matches
Mail list logo