Votre valeur ajoutée dès l'entrée
nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;Le tapis logo pour mon entreacute;e ? nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp;nbsp; c'est une bonne ideacute;e pour moi ! nbsp; Bonjour, Parce que l'on a rarement l'occasion de faire une deuxiegrave;me bonne impression, adoptez degrave;s agrave; preacute;sent un tapis d'entreacute;e personnaliseacute; avec une belle reproduction. Deacute;couvrez sans tarder l'ensemble de nos offres Tapis logo sur actimat.com Profitez de notre offre exceptionnelle valable jusqu'au 15/11/2011 : 50 % sur le deuxiegrave;me tapis*. Code promo T502. -- N'heacute;sitez pas une seconde ! Faites immeacute;diatement bonne impression Adoptez un tapis d'entreacute;e personnaliseacute; avec une belle reproduction ! Deacute;couvrez sans tarder l'ensemble de nos offres Tapis logo sur actimat.com Profitez de notre offre exceptionnelle valable jusqu'au 30/12/2011 : Maquette gratuite, soit 20 euros agrave; deacute;duire de votre projet. nbsp; nbsp; nbsp;nbsp;Cordialement, nbsp;nbsp;L'eacute;quipe commerciale Actimat.
Automatic fsck -y at Boot
Hello, it is possible, like in FreeBSD, to do an automatic fsck -y at boot time when the system hangs and need user intervention? In FreeBSD we have the possibility to edit the rc.conf and adding just these lines: ... background_fsck=NO fsck_y_enable=YES fsck_y_flags= ... Is there in OpenBSD such a similar thing? Thank you in advance SC)bastien Maerker
Re: system crashed recently: uvm_fault ( 0xe33d7ea0,0x0,0,3) -e
On Thu, 15 Dec 2011 11:31:40 +0800, co...@tetrachina.com co...@tetrachina.com wrote: Hi, OpenBSD 4.1 as firewall crashed sometimes recently everyday ,and the debug messages are like that: uvm_fault ( 0xe33d7ea0,0x0,0,3) - e kernel:page fault trap,code=0 stopped at pipe_create+ 0x16: Mov1 $0,0x10(%ebx) ddb anyone could tell me how to solve it .thanks in advance. You need to read this: http://www.openbsd.org/report.html That said, not many will help you debug an OpenBSD install from 5 years ago. That said, I smell memory or power issues. /Alexander
Re: system crashed recently: uvm_fault ( 0xe33d7ea0,0x0,0,3) -e
On Thu Dec 15 2011 11:31, co...@tetrachina.com wrote: Hi, OpenBSD 4.1 as firewall crashed sometimes recently everyday ,and the debug messages are like that: uvm_fault ( 0xe33d7ea0,0x0,0,3) - e kernel:page fault trap,code=0 stopped at pipe_create+ 0x16: Mov1 $0,0x10(%ebx) ddb anyone could tell me how to solve it .thanks in advance. Looks like faulty memory hardware. You can validate this assumption by installing memtest86+, reboot and execute it at the boot prompt: boot /stand/memtest If it throws errors to you, your memory hardware is most probably defective. Yours, Norman
Re: OpenVPN issues on 5.0
On 15/12/11 03:54, Erling Westenvik wrote: PROBLEM: Clients successfully connect to VPN server, receive proper dhcp addresses for both wlan and tunnel interfaces (and can reach the wlan subnet) but fail to reach the wired lan or internet. /var/log/messages indicates everything is up and running. Sometimes the problem is on the client side and not the server side. For instance, in Windows Vista and Windows 7 openvpn must be started as administrator (right click) otherwise the program does not have access to add the routing rules in the routing table. Clients looks like it was successfully connected but after a while disconnects cause nothing is passed through the tunnel. Giannis
Re: OpenVPN issues on 5.0
On Thu, Dec 15, 2011 at 03:59:29AM +0100, Erling Westenvik wrote: On Wed, Dec 14, 2011 at 06:28:55PM -0800, Johan Beisser wrote: On Wed, Dec 14, 2011 at 5:54 PM, Erling Westenvik erling.westen...@gmail.com wrote: After upgrading (re-installing from scratch) my firewall from 4.6 (or 4.7) to 5.0, I have not been able to get OpenVPN back working. Please forgive me for asking here at misc but I have spent two days Googling, reading tons of HOWTO's and trying out different solutions, but without being able to solve the issue. What are your current pf.conf rules? Did you check that the syntax is right? Have you checked it for errors? Have you looked at the output for pflog? What's your current routing table? Does that look correct? pf.conf should be ok. It is the same as it was under the previously working setup. Given the significant changed to pf and pf.conf syntax in recent years this is not a safe assumption. Not knowing exactly where you started from it's hard to say exactly. Ken
Re: Automatic fsck -y at Boot
On Thu, Dec 15, 2011 at 09:55:47AM +0100, Sebastien Maerker, Continum wrote: Hello, it is possible, like in FreeBSD, to do an automatic fsck -y at boot time when the system hangs and need user intervention? In FreeBSD we have the possibility to edit the rc.conf and adding just these lines: ... background_fsck=NO fsck_y_enable=YES fsck_y_flags= ... Is there in OpenBSD such a similar thing? Thank you in advance SC)bastien Maerker You can change the 'fsck -p' in /etc/rc to whatever varient you wish. There is, to my knowledge, no knob. Ken
Authenticating with public keys stored in LDAP
I would like SSH daemons to authenticate to public SSH keys stored in LDAP. I believe there is a patch for this but what is the official OpenSSH stance on doing this right now? Is it being implemented in some other way? If it will be implemented, what is the timeframe? -- /jm
OpenBSD in a dual stack anycast DNS resolving setup
Greetings to all, we are running a project to anycast our DNS resolver infrastructure. The case is a big commercial country-wide IP network. The company uses Linux extensively in the infrastructure but no BSDs. I keep an eye on OpenBSD developments (mostly high level) and use the system personally, but I have no personal experience in larger setups and production services. I find the project a good match for OpenBSD, because of the system's strong networking features and routing support. I will definitely include OpenBSD in our tests and hopefully make a case for it, to introduce it in our infrastructure. The main contenders as you realise are Linux-based setups with either Quagga or BIRD. As for DNS software we will stick with BIND for now and perhaps consider UNBOUND in the future (when the future involves DNSSEC). From what I have seen so far in various sources, people mention Quagga's scalability problems and maybe old architecture while good words are said about BIRD. We are after a solid OSPF implementation both v2 and v3 (IPv6). I have seen OpenBSD's routing software architecture and I like it a lot and I also have a high regard for the system's quality. Of course personal taste is not enough as you understand to support a case of introduction of a new platform in a production, commercial environment with A LOT of contraints mostly non-technical. The questions therefore are: - has anyone done anything similar using OpenBSD that would like to share? - how would you compare with facts and not flamewars OpenOSPFd against Quagga or BIRD implementations? - what is your opinion about using a latest version of BIND from ISC instead of the BIND distribution coming with OpenBSD? - is there any option of commercial support? - would you consider Java support on OpenBSD production quality? Seems irrelevant but we might utilize some Java tools for measurement/statistics Thanks for the very good and hard work on the system. I would be interested to hear any thoughts even off-list. Regards, Kostas -- Kostas Zorbadelos twitter:@kzorbadelos http://gr.linkedin.com/in/kzorba () www.asciiribbon.org - against HTML e-mail proprietary attachments /\
Organic SEO Services
Hello, Greetings for the day! I am Rahul and I am contacting you after looking at your website- . We are a Leading Indian Based SEO Web Development Company and one of the very few company which offer organic SEO services with a full range of supporting services such as one way themed text links, blog submissions, directory submissions, article writing and postings, etc. We are a team of 50+ professionals which includes 18 full time SEO experts. We are proud to inform you that our team handled 100+ SEO projects and obtained 4+ manually built links in the past 1 year. We will be glad to assist you with offering our services. Please let me know your interest. Thanks Rahul Online Marketing Consultant Note: - Though this is not an automated email, we keep on sending out these emails to all those people whom we find eligible of using our services. To unsubscribe from future mails (i.e., to ensure that we do not contact you again for this matter), please send a blank mail webdesignin...@gmail.com email with NO as Subject.
Re: Where to buy Lemote FuLoong MIPS boxes?
I say again: The prices at the official European shop in the Netherlands are sky high.
Re: OpenBSD in a dual stack anycast DNS resolving setup
On 12/15/11 6:15 AM, Kostas Zorbadelos wrote: Greetings to all, we are running a project to anycast our DNS resolver infrastructure. The case is a big commercial country-wide IP network. The company uses Linux extensively in the infrastructure but no BSDs. I keep an eye on OpenBSD developments (mostly high level) and use the system personally, but I have no personal experience in larger setups and production services. I find the project a good match for OpenBSD, because of the system's strong networking features and routing support. I will definitely include OpenBSD in our tests and hopefully make a case for it, to introduce it in our infrastructure. The main contenders as you realise are Linux-based setups with either Quagga or BIRD. As for DNS software we will stick with BIND for now and perhaps consider UNBOUND in the future (when the future involves DNSSEC). From what I have seen so far in various sources, people mention Quagga's scalability problems and maybe old architecture while good words are said about BIRD. We are after a solid OSPF implementation both v2 and v3 (IPv6). I have seen OpenBSD's routing software architecture and I like it a lot and I also have a high regard for the system's quality. Of course personal taste is not enough as you understand to support a case of introduction of a new platform in a production, commercial environment with A LOT of contraints mostly non-technical. The questions therefore are: - has anyone done anything similar using OpenBSD that would like to share? I can't speak for anycast DNS deployments, but I use OSPF heavily in large production environments and have had a great experiences with it. - how would you compare with facts and not flamewars OpenOSPFd against Quagga or BIRD implementations? I haven't used BIRD, but Quagga worked well when I used it. On that note, the OpenBSD network stack seems a lot better tuned for production routing services than an out of the box Linux install from any vendor. You also get to run on a code base that was carefully designed and audited rather than hacked together by a bunch of third parties with varying skills and interests when running OpenBSD. - what is your opinion about using a latest version of BIND from ISC instead of the BIND distribution coming with OpenBSD? The BIND distribution included in the base install is fine. - is there any option of commercial support? There are lots of great third party support providers. http://www.openbsd.org/support.html - would you consider Java support on OpenBSD production quality? Seems irrelevant but we might utilize some Java tools for measurement/statistics I've never used it, but I wouldn't even bother because there are no native Java builds available for OpenBSD, and thus it's going to be untested and completely unsupported. From the sounds of it, you need to rethink your monitoring strategy and consider using SNMP and a central statistics server running the software of your choice. Thanks for the very good and hard work on the system. I would be interested to hear any thoughts even off-list. Regards, Kostas -- James Shupe
Re: OpenBSD in a dual stack anycast DNS resolving setup
On Thu, Dec 15, 2011 at 3:49 PM, James Shupe jsh...@osre.org wrote: I've never used it, but I wouldn't even bother because there are no native Java builds available for OpenBSD, and thus it's going to be untested and completely unsupported. Uh?!? # pkg_add -v jdk-1.7.0.00v0.tgz ciao, David
Re: Automatic fsck -y at Boot
On Thu, 15 Dec 2011 08:29:40 -0500 Kenneth R Westerback wrote: You can change the 'fsck -p' in /etc/rc to whatever varient you wish. There is, to my knowledge, no knob. You probably realise but be aware you can lose data with fsck -y but only on writable filesystems?
Re: OpenBSD in a dual stack anycast DNS resolving setup
On 12/15/11 9:40 AM, David Coppa wrote: On Thu, Dec 15, 2011 at 3:49 PM, James Shupe jsh...@osre.org wrote: I've never used it, but I wouldn't even bother because there are no native Java builds available for OpenBSD, and thus it's going to be untested and completely unsupported. Uh?!? # pkg_add -v jdk-1.7.0.00v0.tgz There is a difference between it being in ports, and being a supported platform. Also, that's OpenJDK, which is itself unsupported by a quite a few Java projects (ie, Jira). ciao, David -- James Shupe
Re: OpenBSD in a dual stack anycast DNS resolving setup
Uh?!? # pkg_add -v jdk-1.7.0.00v0.tgz By the way, I got this jdk-1.7.0.00v0.tgz installed on my system, but I don't see a JAVA plugin for the Firefox. :( I need JAVA for a couple of minutes to check out several remove Windows machines through a remote JAVA applet. Anybody can advise something? Thank you. ciao, David
Re: OpenBSD in a dual stack anycast DNS resolving setup
On Thu, 15 Dec 2011, Vitali wrote: From: Vitali coonar...@gmail.com To: misc@openbsd.org Date: Thu, 15 Dec 2011 15:57:24 Subject: Re: OpenBSD in a dual stack anycast DNS resolving setup X-Spam-Score: 0.0 (/) Uh?!? # pkg_add -v jdk-1.7.0.00v0.tgz By the way, I got this jdk-1.7.0.00v0.tgz installed on my system, but I don't see a JAVA plugin for the Firefox. :( I need JAVA for a couple of minutes to check out several remove Windows machines through a remote JAVA applet. Anybody can advise something? From: http://www.openbsd.org/faq/faq8.html#Programming Due to Sun's restrictive SCSL license, OpenBSD cannot ship binary packages for the JDK 1.7. Starting from 1.7 OpenBSD has a fully GPLv2 licensed port, that can be installed as a package. Users looking for the browser plugin will still need to build 1.5 or 1.6 from ports until Sun releases the plugin code. Note that you will need plenty of RAM for this build to succeed. -- Dennis Davis, BUCS, University of Bath, Bath, BA2 7AY, UK d.h.da...@bath.ac.uk Phone: +44 1225 386101
Re: OpenBSD in a dual stack anycast DNS resolving setup
On 2011-12-15, Kostas Zorbadelos kzo...@otenet.gr wrote: Greetings to all, we are running a project to anycast our DNS resolver infrastructure. The case is a big commercial country-wide IP network. The company uses Linux extensively in the infrastructure but no BSDs. I keep an eye on OpenBSD developments (mostly high level) and use the system personally, but I have no personal experience in larger setups and production services. I find the project a good match for OpenBSD, because of the system's strong networking features and routing support. I will definitely include OpenBSD in our tests and hopefully make a case for it, to introduce it in our infrastructure. The main contenders as you realise are Linux-based setups with either Quagga or BIRD. As for DNS software we will stick with BIND for now and perhaps consider UNBOUND in the future (when the future involves DNSSEC). From what I have seen so far in various sources, people mention Quagga's scalability problems and maybe old architecture while good words are said about BIRD. We are after a solid OSPF implementation both v2 and v3 (IPv6). I have seen OpenBSD's routing software architecture and I like it a lot and I also have a high regard for the system's quality. Of course personal taste is not enough as you understand to support a case of introduction of a new platform in a production, commercial environment with A LOT of contraints mostly non-technical. The questions therefore are: - has anyone done anything similar using OpenBSD that would like to share? - how would you compare with facts and not flamewars OpenOSPFd against Quagga or BIRD implementations? Quagga doesn't seem to care much about OpenBSD, the current version doesn't even build here. (I did port the last round of ospf crash fixes to the previous version which does build, these are in the ports tree). Development is very fragmented, a lot of tweaks exist in 3rd party repos but there seems to be no central group trying to hold them together (at one point it looked like the google fork might do this but it appears to have stagnated). OpenBSD is not a primary target for BIRD, it runs here but misses some things. I'd probably favour it over Quagga if for some reason you couldn't use the native tools. I certainly wouldn't have a problem running something like this using ospfd. I haven't used ospf6d at all yet myself so couldn't comment on it. - what is your opinion about using a latest version of BIND from ISC instead of the BIND distribution coming with OpenBSD? I haven't used either much recently, so I can't really say. (I'm running Unbound myself). - is there any option of commercial support? There are some on www.openbsd.org/support.html who can help, but if you need something particular you might do better to outline what you need on misc@ and ask for people to reply off-list ... - would you consider Java support on OpenBSD production quality? Seems irrelevant but we might utilize some Java tools for measurement/statistics I've only used it for non-critical things myself but it seems to work fairly well. Thanks for the very good and hard work on the system. I would be interested to hear any thoughts even off-list. Regards, Kostas
troubleshooting shrew vpn client with ipsec.conf
I am converting over to ipsec.conf from isakmpd.conf|policy. I have a default vpn configuration to allow people from their home pc to access. Under isakmpd.conf it works perfectly well. I can use any number of settings, including the desired aes-256 for both phase 1 and phase 2. My isakmpd.conf sections: [Phase 1] Default=ISAKMP-peer-default 61.62.63.64= ISAKMP-peer-default Passive-Connections=IPsec-default [ISAKMP-peer-default] Phase= 1 Transport= udp Local-address= 61.62.63.64 Configuration= AES-main-mode Authentication= redacted [IPsec-default] Phase= 2 ISAKMP-peer=ISAKMP-peer-default Configuration= Default-quick-mode Local-ID= Net-corp [Net-corp] ID-type=IPV4_ADDR_SUBNET Network=10.10.10.0 Netmask=255.255.255.0 [AES-main-mode] DOI=IPSEC EXCHANGE_TYPE= ID_PROT Transforms= AES-SHA [Default-quick-mode] DOI=IPSEC EXCHANGE_TYPE= QUICK_MODE Suites= QM-ESP-AES-SHA-PFS-SUITE I put the following into my ipsec.conf: ike dynamic from any to 10.10.10.0/24 \ main auth hmac-sha1 enc aes group modp1024 \ quick auth hmac-sha1 enc aes \ psk redacted I've tried changing the settings to hmac-sha2-256 and aes-256, I've tried changing the client settings to everything from auto through 128, 192 256. Nothing seems to work. The debug when I try to connect does show phase 1 done, but later says it's been told to delete the session. See below. It does not seem to matter what settings I change in the vpn client config, I cannot get it to maintain this connection. What is the difference between the ipsec.conf and isakmpd.conf tunnels? What is telling isakmpd to delete this SA? 040442.728781 Exch 10 exchange_finalize: phase 1 done: initiator id 192.168.1.9, responder id fw.example.com, src: 61.62.63.64 dst: 43.100.100.77 040442.728808 Timr 10 timer_add_event: event sa_soft_expire(0x8b057000) added last, expiration in 74131s 040442.728819 SA 80 sa_reference: SA 0x8b057000 now has 5 references 040442.728838 Timr 10 timer_add_event: event sa_hard_expire(0x8b057000) added last, expiration in 86400s 040442.728849 SA 80 sa_reference: SA 0x8b057000 now has 6 references 040442.728861 SA 80 sa_release: SA 0x8b057000 had 6 references 040442.770769 Trpt 70 transport_setup: added 0x87a3c0c0 to transport list 040442.770808 Trpt 70 transport_setup: added 0x87a3c1c0 to transport list 040442.770821 Trpt 50 virtual_clone: old 0x89f49e40 new 0x87a3c2c0 (main is 0x87a3c0c0) 040442.770832 Trpt 70 transport_setup: virtual transport 0x87a3c2c0 040442.770846 Mesg 90 message_alloc: allocated 0x86887100 040442.770858 Mesg 70 message_recv: message 0x86887100 040442.770871 Mesg 70 ICOOKIE: 864ee9d5f19da22f 040442.770885 Mesg 70 RCOOKIE: db55da1a362c3ba3 040442.770896 Mesg 70 NEXT_PAYLOAD: HASH 040442.770909 Mesg 70 VERSION: 16 040442.770920 Mesg 70 EXCH_TYPE: INFO 040442.770931 Mesg 70 FLAGS: [ ENC ] 040442.770943 Mesg 70 MESSAGE_ID: f09ac655 040442.770954 Mesg 70 LENGTH: 92 040442.770978 Mesg 70 message_recv: 864ee9d5 f19da22f db55da1a 362c3ba3 08100501 f09ac655 005c 2cf32098 040442.771002 Mesg 70 message_recv: df99aee4 72eb2103 30579627 a79aac92 3029017f 53433540 0af8aaea 2e464200 040442.771024 Mesg 70 message_recv: fa2d9ad3 1b156485 b4bcf4f2 4befc80a 68c3a13d 07a57a34 cbbfe575 040442.771036 SA 80 sa_reference: SA 0x8b057000 now has 6 references 040442.771053 Cryp 60 hash_get: requested algorithm 1 040442.771063 Cryp 80 ipsec_get_keystate: final phase 1 IV: 040442.771079 Cryp 80 e1859bae f2a4943b 98d51085 c2d0d538 040442.771089 Cryp 80 ipsec_get_keystate: message ID: 040442.771100 Cryp 80 f09ac655 040442.771117 Cryp 50 crypto_init_iv: initialized IV: 040442.771134 Cryp 50 1019151c c500b0c4 eedeef0b 890f3dfd 040442.771144 Cryp 80 ipsec_get_keystate: phase 2 IV: 040442.771161 Cryp 80 1019151c c500b0c4 eedeef0b 890f3dfd 040442.771171 Cryp 70 crypto_decrypt: before decryption: 040442.771194 Cryp 70 2cf32098 df99aee4 72eb2103 30579627 a79aac92 3029017f 53433540 0af8aaea 040442.771217 Cryp 70 2e464200 fa2d9ad3 1b156485 b4bcf4f2 4befc80a 68c3a13d 07a57a34 cbbfe575 040442.771231 Cryp 70 crypto_decrypt: after decryption: 040442.771255 Cryp 70 0c18 9d93aa16 924a5147 05435224 1f50245c 6bb1cfe2 001c 0001 040442.771279 Cryp 70 0111 864ee9d5 f19da22f db55da1a 362c3ba3 040442.771291 Mesg 50 message_parse_payloads: offset 28 payload HASH 040442.771303 Mesg 50 message_parse_payloads: offset 52 payload DELETE 040442.771316 Mesg 60 message_validate_payloads: payload HASH at 0x8688779c of message 0x86887100 040442.771326 Mesg 70 DATA: 040442.771337 Cryp 60 hash_get: requested algorithm 1 040442.771347 Misc 90 message_validate_hash: SKEYID_a: 040442.771365 Misc 90 540cb39d 7776c123 4049eda1
Re: using ssh to forward the install console
On 12/14/2011 02:43 AM, Stuart Henderson wrote: On 2011-12-14, Sean Kamathkam...@moultingpenguin.com wrote: On Dec 11, 2011, at 9:19 AM, Chris Bennett wrote: this is the setup I use to upgrade and install on my remote server. It works great. This would probably be a good purchase since you could use it again in the future on other, later systems. Chris Bennett I use something similar: http://us.adder.com/products/adderlink-ipeps The run RealVNC on 'em, and cost a touch more, around $400. You can have multiple sessions, so up to 4 people can see the console at any given time. I find they work well. While these can be useful for remote installs, the bitmap display from vnc isn't really useful with a screen reader (which is what this thread was asking about). Oh. I was under the impression that he was going to get assistance for the initial install. But do screen readers require data to be sent over serial? I would thing that current ones would be able to deal with GUIs (using some sort of OCR, maybe), though I admit don't know the least bit about them. --C
Re: using ssh to forward the install console
On 12/10/2011 11:26 PM, Eric Oyen wrote: oh yeah. forgot about those. I had one on an old firewall box. unfortunately, it was the old ISA bus and all my current machines are pci-e. thanks for the reminder. -eric On Dec 10, 2011, at 10:15 PM, Corey wrote: On 12/07/2011 01:47 PM, Eric Oyen wrote: hello group. I have an interesting (and fairly technical) question. the question is: how can I forward the install screen via ssh to another machine on my network? I ask this because I didn't see any specific instructions that applied. my issue right now is that I need a sighted assistant to read me the screen and help with installing the base system (and setting up ssh). I would like to run the install like from a serial port output (like the old spark pizza boxes) but none of my current machines have a serial port to do this on. comments? suggestions? -eric If you don't require the serial console, maybe you can use an IP KVM appliance? They still cost some money, but the cheapest one I've found is on sale for $200 US right now: http://www.lantronix.com/it-management/kvm-over-ip/securelinx-spiderduo.html It's basically an embedded OS (Linux, probably) running on an ARM or something with a frame grabber for the video and USB and legacy keyboard and mouse ports. Gives you BIOS-level access to the box over what looks like a custom VNC implementation, and it can be tunneled over SSH. Most can also access a serial port, but that may be moot in this case if you have the video output. They're not perfect, but probably enough to get an install done. Corey Bus doesn't matter. These are external devices that plug into the VGA and USB or legacy keyboard and mouse ports on the back of the machine to be remotely controlled. However, someone else on the list later informed me that you were wanting to use a screen reader for this. The devices I mentioned use VNC or a VNC-like interface as a client, which is essentially a bitmapped display (X or fullscreen). Not knowing exactly how screen readers work, I don't know if they would work with a screen reader on the client end. --C
Re: Where to buy Lemote FuLoong MIPS boxes?
The fulong is selling for 1800 RMB, which is the same price as tekmote.nl is charging. Thanks for the data point, Rob. I'll wait until prices come down.
Re: Where to buy Lemote FuLoong MIPS boxes?
I just got a quote from alibaba.com to import an 8089-B from Lemote for $190 + $48 (I think that's 182E (where's that darn Euro key?)) Thanks but that is still too damn high. I'll wait until the Chinese decide to dump these on the market in some trade war and buy ten when they hit 50 bucks a piece. For what it is the price is unrealistic. Not that I like Intel so much but I can get a better than half decent netbook for $240.
FLiP - Porque o novo Acordo Ortográfico não é pêra doce.
http://www.flip.pt/Produtos/FLiP-8/Descricao.aspx A adaptagco `s novas regras de ortografia pode ser difmcil. Sco centenas de palavras que passam a ser escritas de outra maneira, com alteragues tco subtis quanto confusas. O FLiP i o software indicado para uma adopgco suave das novas regras de ortografia. A nova versco deste pacote de ferramentas de revisco e auxmlio ` escrita contim um corrector ortografico, um corrector sintactico, varios dicionarios, um conversor e auxiliares de tradugco. Para que a escrita segundo o novo Acordo Ortografico seja uma pera doce. SAIBA MAIS http://www.flip.pt/Produtos/FLiP-8/Descricao.aspx Compre ja https://www.priberam.pt/store/ https://www.facebook.com/priberamTorne-se fc da Priberam no Facebook https://www.facebook.com/priberam . Logstipo da Priberam http://www.priberam.pt/ Em qualquer altura pode deixar de receber estas mensagens enviando um email para lists...@priberam.pt com o contezdo UNSUBSCRIBE NOVIDADES. Copyright 2011 Priberam Informatica, S.A. Todos os direitos reservados. FLiP i uma marca registada da Priberam Informatica, S.A.
Re: troubleshooting shrew vpn client with ipsec.conf
On 2011-12-15, nuffnough nuffno...@gmail.com wrote: ike dynamic from any to 10.10.10.0/24 \ try: ike passive esp from 10.10.10.0/24 to any
Re: troubleshooting shrew vpn client with ipsec.conf
ps. ipsecctl -nvf /etc/ipsec.conf
Re: OpenVPN issues on 5.0
I'm running OpenBSD on eight machines here, from version 4.6 on one of
them and version 4.9 and 5.0 on the rest, so I am quite used to
different PF syntax. That being said: I have really only limited
understanding of routing tables and other heavy technical stuff, but
I'm stubborn and usually get along without having to bother people with
too many stupid questions. But this time I'm lost...
Below is my (somewhat simplified) pf.conf:
1 ext = url0
2 int = bge0
3 wap = acx0 (wireless access point)
4 vpn = tun0
5 match out on $ext inet from !($ext) to any nat-to ($ext:0)
6 block log all
7 pass out on $ext
8 passon $wap proto icmp all icmp-type 8 keep state
9 pass log on $wap proto udp from any to any port 1194 keep state
10 pass log quick on {lo,$int,$vpn}
11 antispoof quick for {lo,$int,$wap,$vpn}
My guess is that the problem has got something to do with routing. Here
is route show from the server:
DestinationGatewayFlags Refs Use Mtu Prio Iface
defaultc01A05AC1.dhcp.blu UGS323562 - 8 url0
loopback localhost UGRS 00 33196 8 lo0
localhost localhost UH 2 86 33196 4 lo0
192.168.2/24 link#5 UC 10 - 4 acx0
192.168.2.200 00:16:ea:b3:65:d0 UHLc 1 976 - 4 acx0
192.168.3/24 link#2 UC 30 - 4 bge0
192.168.3.100:14:c2:e1:ad:6f UHLc 0 16 - 4 lo0
192.168.3.101 fe:e1:ba:d0:d3:63 UHLc 0 147 - 4 bge0
192.168.3.106 00:1e:4f:95:19:1d UHLc 245224 - 4 bge0
c00A05AC1.dhcp.blu link#6 UC 20 - 4 url0
c01A05AC1.dhcp.blu 00:90:1a:42:6d:81 UHLc 2 133 - 4 url0
c96A45AC1.dhcp.blu localhost UGHS 00 33196 8 lo0
c5FAC5AC1.dhcp.blu 00:90:1a:42:6d:81 UHLc 04 - 4 url0
BASE-ADDRESS.MCAST localhost URS00 33196 8 lo0
But I also guess that I'm neither describing my problem very good, nor
asking the right questions. Links to foolproof HOWTO's will be much
appreciated!
Regards,
Erling
On Thu, Dec 15, 2011 at 08:27:13AM -0500, Kenneth R Westerback wrote:
On Thu, Dec 15, 2011 at 03:59:29AM +0100, Erling Westenvik wrote:
On Wed, Dec 14, 2011 at 06:28:55PM -0800, Johan Beisser wrote:
On Wed, Dec 14, 2011 at 5:54 PM, Erling Westenvik
erling.westen...@gmail.com wrote:
After upgrading (re-installing from scratch) my firewall from 4.6 (or
4.7) to 5.0, I have not been able to get OpenVPN back working. Please
forgive me for asking here at misc but I have spent two days Googling,
reading tons of HOWTO's and trying out different solutions, but without
being able to solve the issue.
What are your current pf.conf rules? Did you check that the syntax is
right? Have you checked it for errors? Have you looked at the output
for pflog?
What's your current routing table? Does that look correct?
pf.conf should be ok. It is the same as it was under the previously
working setup.
Given the significant changed to pf and pf.conf syntax in recent years
this is not a safe assumption. Not knowing exactly where you started
from it's hard to say exactly.
Ken
--
Regards,
Erling
-- In terra pax hommnibus bonae voluntatis
Re: Automatic fsck -y at Boot
On Thu, Dec 15, 2011 at 03:42:19PM +, Kevin Chadwick wrote: On Thu, 15 Dec 2011 08:29:40 -0500 Kenneth R Westerback wrote: You can change the 'fsck -p' in /etc/rc to whatever varient you wish. There is, to my knowledge, no knob. You probably realise but be aware you can lose data with fsck -y but only on writable filesystems? I sell rope in my spare time. :-) Ken
Re: Where to buy Lemote FuLoong MIPS boxes?
Fritz Wuehler wrote: diana Hey diana, how about a fucking blowjob? You're not good for anything else so let's see how you are at that. Am I missing something here? fucking(blowjob(*p)) ?
Re: Where to buy Lemote FuLoong MIPS boxes?
On Thu, Dec 15, 2011, Richard Thornton wrote: Fritz Wuehler wrote: Am I missing something here? fucking(blowjob(*p)) ? not really, fritz's past constributions haven't been particularly worthwhile either.
Re: OpenBSD in a dual stack anycast DNS resolving setup
- how would you compare with facts and not flamewars OpenOSPFd against Quagga or BIRD implementations? This is not technical but...the openbsd ospfd tools does not pretend to be Cisco and does not mimic the god-awful IOS cli and config format. Personally that is something I really, really like. OpenBSD's ospf v3 may not be up to your requirements but I havent followed that so it might be usable now. - what is your opinion about using a latest version of BIND from ISC instead of the BIND distribution coming with OpenBSD? I use the OpenBSD nsd from base along with unbound so I can't say. - would you consider Java support on OpenBSD production quality? Seems irrelevant but we might utilize some Java tools for measurement/statistics Not using Java for this purpose, or any purpose, so I can't say. We use SNMP and collectd to get performance metrics. Cheers, Lars
Re: roundcubemail on openbsd 5.0
Hi,
I tried to blank tables in roundcubemail database, done.
But it still doesn't work. I can't login with user@domain
I can only with : username
And mails are sent with @localhost
I let you my main.inc.php file attached
And the file /var/www/roundcubemail/virtusertable contain :
user@domain user
userx@domainx userx
Thank you for your replies and your help.
Wesley M.
PS : OpenBSD 5.0 / rouncubemail package 0.5.3p1
Original Message
Subject: Re: roundcubemail on openbsd 5.0
Date: Wed, 14 Dec 2011 21:35:49 +
From: Stuart Henderson s...@spacehopper.org
To: Wesley M. open...@e-solutions.re
Cc: misc@openbsd.org, mwlu...@blackhelicopters.org, po...@openbsd.org
Reply-To: po...@openbsd.org
I have just tested this method with roundcube 0.7 on OpenBSD with
a blank database and it works fine there, logging in with the full
email address as specified in the left-hand column of the
virtusertable file uses the username on the right-hand-side as
the imap login name, and in prefs/identities it shows up the
full list of sender addresses with a matching entry.
Have you tried it with a blank database?
Reply-to set to ports@, though you might do better with a roundcube
forum instead if you still have problems..
On 2011/12/14 10:33, Wesley M. wrote:
Hi,
I use sendmail 8.14.15 with virtusertable and procmail for multiple
domains and
dovecot 2.0; and Apache (chrooted in /var/www)
MAILDIR : /var/mailserver/%u/
IMAP/POP3/IMAPS/POP3S works.
I just want :
At the Roundcube login page, type user1@domain1 and
send emails from this email :user1@domain1 without @localhost
Actually i can only log in with user1 and when i send email, i have
user1@localhost
I tried this :
add these 2 lines
in main.inc.php and cp /etc/mail/virtusertable in
/var/www/roundcubemail/
$rcmail_config['plugins'] = array('virtuser_file');
$rcmail_config['virtuser_file'] = '/roundcubemail/virtusertable';
add a new user, try to connect with
user_new@domain1 : no success
try to connect with user_new : OK but always
send emails with @localhost
I read man pages, a lot of documents in
Internet, it doesn't work for me.
Any idea ?
Thank you very much for your
replies, your helps.
Wesley.
www.mouedine.net
On Tue, 13 Dec 2011 20:48:16 +, Stuart Henderson
s...@spacehopper.org
wrote:
On 2011/12/13 15:28, Michael W. Lucas wrote:
I have Roundcube elsewhere. It basically runs like any other
IMAP/pop3 client, e.g., communicates over port 110/995/whatever. My
roundcube install isn't actually on my mail server.
This leads me to think that copying system files into the chroot
isn't
going to help.
It has some special support for looking up usernames from a file
in virtusertable format. Can't say I've used it myself though..
Using a mail client other than roundcube, can you authenticate to the
server using user@domain, and send mail from user@domain?
Had Wesley followed the advice in my email about where to look
in the config file etc. he would probably have it working by now.
See the config file, where it says This domain will be used to
form e-mail addresses of new users. Note that it says *new*;
existing users will need to be changed in the database.
[demime 1.01d removed an attachment of type application/octet-stream which had
a name of main.inc.php]
