Re: OpenBSD Project
I have used OpenBSD, for years, in my computer security classes. I find it best suited for these classes. The governance has never been an issue. If you know what you are doing the OpenBSD community is a good one.Stephen KolarsSent via the Samsung Galaxy Note® 4, an AT 4G LTE smartphone Original message From: Ingo Schwarze Date: 7/20/19 21:44 (GMT-06:00) To: freen...@gmail.com Cc: misc@openbsd.org Subject: Re: OpenBSD Project Hi,Avstin Kim wrote:> My question is, how is the OpenBSD Project governance structured;There is no formal structure and no "governance".In day to day business, code owners in parts of the system decidewhat is done (for example, espie@ in pkg_add(1), myself in mandoc(1),claudio@ in OpenBGPD, gilles@ in OpenSMTPd, jsing@ and beck@ inLibreSSL, tj@ redgarding the website, and so on; in some areas,more than one person owns the code, sometimes up to a handful).In general, the people deciding ask themselves which is the besttechnical solution, and if there is consensus among developers, itis done.In the rare cases of serious disagreement that cannot be resolvedconsensually, or cannot be resolved without excessive delay ordiscussion, deraadt@ reserves the right to make a final decision,but that does not happen often.There is no core team and certainly, there are never any elections.There are no written rules whatsoever, and no introduction of anywritten rules is planned for the future. The OpenBSD foundationhas absolutely no say about any aspect of the OpenBSD project.None of all this is documented anywhere because it doesn't matterfor users of the system.If your choice of operating system depends on any kind of formalitiesrather than on technical quality, OpenBSD is not the project youare looking for.Yours, Ingo
Re: OpenBSD Project
Hi, Avstin Kim wrote: > My question is, how is the OpenBSD Project governance structured; There is no formal structure and no "governance". In day to day business, code owners in parts of the system decide what is done (for example, espie@ in pkg_add(1), myself in mandoc(1), claudio@ in OpenBGPD, gilles@ in OpenSMTPd, jsing@ and beck@ in LibreSSL, tj@ redgarding the website, and so on; in some areas, more than one person owns the code, sometimes up to a handful). In general, the people deciding ask themselves which is the best technical solution, and if there is consensus among developers, it is done. In the rare cases of serious disagreement that cannot be resolved consensually, or cannot be resolved without excessive delay or discussion, deraadt@ reserves the right to make a final decision, but that does not happen often. There is no core team and certainly, there are never any elections. There are no written rules whatsoever, and no introduction of any written rules is planned for the future. The OpenBSD foundation has absolutely no say about any aspect of the OpenBSD project. None of all this is documented anywhere because it doesn't matter for users of the system. If your choice of operating system depends on any kind of formalities rather than on technical quality, OpenBSD is not the project you are looking for. Yours, Ingo
OpenBSD Project
Hi, I’m trying to choose a simply and permissively licensed operating system to use for a class group project but due to the project timelines don’t have time to try out every BSD-licensed OS out there and am trying to narrow down possibilities. As far as I can tell OpenBSD, NetBSD, and FreeBSD seem comparable in terms of capabilities but Project leadership/governance is also an important consideration for me on principle. My question is, how is the OpenBSD Project governance structured; is the OpenBSD Core Team “democratically” elected as in the FreeBSD Project, or is OpenBSD Core personally appointed only by the currently serving, existing members of the OpenBSD Core Team as in the NetBSD Project? (I mean this question sincerely and was not able to find the answer in any of the online OpenBSD documentation.) Thanks so much in advance! Austin “If you want to change the future, start living as if you’re already there.” —Lynn Conway
perl privilege drop
Is there a standard OpenBSD approved method for dropping privileges in a perl server? Currently looking into Privileges::Drop, but since it isn't in base makes me curious if there is a better way. Thanks, Edgar
Re: Am I blacklisted on @openbsd.org?
Stefan Hagen wrote: So I think I got blacklisted. I don't know why and I don't know how to fix this. It is working now. After 1 day and 13 hours my mails got accepted. If someone did something: Thank you. Best Regards, Stefan
Re: vmd eating lots of memory
On Sat, Jul 20, 2019 at 04:23:27PM +0200, Paul de Weerd wrote:
> Hi all,
>
> I'm running two vmd(8) VMs:
>
> [weerd@despair] $ cat /etc/vm.conf
> vm "undeadly" {
> owner root
> memory 2G
> disk /home/vmm/undeadly.dsk
> disk /storage/vmm/undeadly.dsk
> interface switch "vmmswitch" lladdr "fe:e1:bb:02:6b:bf"
> }
>
> vm "testvm" {
> owner root
> memory 2G
> disk /home/vmm/testvm.dsk
> interface switch "vmmswitch" lladdr "fe:e1:bb:02:6b:be"
> }
>
> switch "vmmswitch" {
> enable
> interface bridge0
> }
>
> Both machines have been up since boot of the host machine:
>
> [weerd@despair] $ vmctl status
>ID PID VCPUS MAXMEM CURMEM TTYOWNERSTATE NAME
> 2 23133 12.0G1.1G ttyp1 root running testvm
> 1 42094 12.0G1.5G ttyp0 root running undeadly
> [weerd@despair] $ uptime
> 4:11PM up 43 days, 57 mins, 12 users, load averages: 0.02, 0.07, 0.07
> [weerd@despair] $ ssh undeadly uptime
> 4:11PM up 43 days, 57 mins, 2 users, load averages: 0.28, 0.12, 0.10
> [weerd@despair] $ ssh testvm uptime
> 4:11PM up 43 days, 57 mins, 0 users, load averages: 0.00, 0.00, 0.00
>
> However, the undeadly VM consumes signficantly more memory that the
> other VM:
>
> [weerd@despair] $ ps wwwaux | grep -e vm[d] -e [P]ID
> USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
> _vmd 42094 3.7 57.9 28769236 19398792 ?? Ip 7Jun19 4741:37.66 vmd:
> undeadly (vmd)
> _vmd 4567 0.0 0.0 1384 1384 ?? Isp7Jun190:00.01 vmd: vmm
> (vmd)
> root 84392 0.0 0.0 1564 1436 ?? Isp7Jun190:00.02
> /usr/sbin/vmd
> _vmd 55269 0.0 0.0 1304 1468 ?? Isp7Jun190:00.01 vmd:
> control (vmd)
> root 51181 0.0 0.0 1236 928 ?? Is 7Jun190:00.01 vmd: priv
> (vmd)
> _vmd 23133 0.0 0.2 2100100 70272 ?? Ip 7Jun19 1886:16.18 vmd:
> testvm (vmd)
>
> All systems run snaps from around the same time:
>
> [weerd@despair] $ sysctl kern.version
> kern.version=OpenBSD 6.5-current (GENERIC.MP) #6: Tue Jun 4 15:05:10 MDT 2019
> dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
>
> [weerd@despair] $ ssh undeadly sysctl kern.version
> kern.version=OpenBSD 6.5-current (GENERIC) #7: Fri Jun 7 00:45:34 MDT 2019
> dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
>
> [weerd@despair] $ ssh testvm sysctl kern.version
> kern.version=OpenBSD 6.5-current (GENERIC) #6: Tue Jun 4 14:57:43 MDT 2019
> dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
>
> So it looks like there's a memory leak, either only for busy VMs or it
> shows more for busier VMs. Has anyone seen anything similar on their
> vmm VMs?
>
> I'll reboot the undeadly VM for now, as other processes are getting
> killed for out of memory reasons (bgpd, in my case; see end of below
> dmesg of host machine 'despair').
>
> Paul
>
Did this just start happening? Nothing relevant has changed in vmd(8) recently
that would cause this, from what I remember.
-ml
> --- despair dmesg
> OpenBSD 6.5-current (GENERIC.MP) #6: Tue Jun 4 15:05:10 MDT 2019
> dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
> real mem = 34332733440 (32742MB)
> avail mem = 33282105344 (31740MB)
> mpath0 at root
> scsibus0 at mpath0: 256 targets
> mainbus0 at root
> bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xe66d0 (57 entries)
> bios0: vendor Dell Inc. version "1.2.3" date 07/21/2011
> bios0: Dell Inc. PowerEdge R210 II
> acpi0 at bios0: rev 2
> acpi0: sleep states S0 S4 S5
> acpi0: tables DSDT FACP SPMI ASF! HPET APIC MCFG BOOT SSDT ASPT SSDT SSDT
> SPCR DMAR HEST ERST BERT EINJ
> acpi0: wakeup devices P0P1(S4) GLAN(S0) EHC1(S4) EHC2(S4) PXSX(S4) RP01(S5)
> PXSX(S4) RP02(S5) PXSX(S4) RP03(S5) PXSX(S4) RP04(S5) PXSX(S4) RP05(S5)
> PXSX(S4) RP06(S5) [...]
> acpitimer0 at acpi0: 3579545 Hz, 24 bits
> acpihpet0 at acpi0: 14318179 Hz
> acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
> cpu0 at mainbus0: apid 0 (boot processor)
> cpu0: Intel(R) Xeon(R) CPU E31260L @ 2.40GHz, 2400.39 MHz, 06-2a-07
> cpu0:
> FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,MELTDOWN
> cpu0: 256KB 64b/line 8-way L2 cache
> cpu0: smt 0, core 0, package 0
> mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
> cpu0: apic clock running at 100MHz
> cpu0: mwait min=64, max=64, C-substates=0.2.1.1, IBE
> cpu1 at mainbus0: apid 1 (application processor)
> cpu1: Intel(R) Xeon(R) CPU E31260L @ 2.40GHz, 2400.02 MHz, 06-2a-07
> cpu1:
>
Re: TCP wrapper alternative?
look at: http://cr.yp.to. Em ter, 9 de jul de 2019 às 16:52, Thomas Smith escreveu: > > Hi, > > I'm considering an option to evaluate connecting IPs before they're evaluated > by `pf` in order to make some decisions about the "reputation" of a > connecting IP. Then if that reputation is low enough, some action could > either be taken: in `pf` to protect the associated application (say by > blocking the connection); or in the app responsible for the listening port. > > `pf`, unfortunately, isn't able to make routing decisions based on external > factors (insofar as I understand)--I'm hoping to add some additional (very > simple) intelligence to that. Just another metric or two for determining if a > connection is legitimate. > > I've been looking into TCP wrappers for OpenBSD but it seems that this > functionality was removed in version 5. Is my understanding of that correct? > > If so, is there an alternate way to achieve what I mentioned? > > I know I can use something like sshguard or fail2ban, but I'm looking for a > much simpler option and one that preferably doesn't rely on tailing log files > (if there aren't viable alternatives, I may consider these, however). > > ~ Tom > -- Pag Bem Fácil Ltda www.pagbemfacil.com.br
vmd eating lots of memory
Hi all,
I'm running two vmd(8) VMs:
[weerd@despair] $ cat /etc/vm.conf
vm "undeadly" {
owner root
memory 2G
disk /home/vmm/undeadly.dsk
disk /storage/vmm/undeadly.dsk
interface switch "vmmswitch" lladdr "fe:e1:bb:02:6b:bf"
}
vm "testvm" {
owner root
memory 2G
disk /home/vmm/testvm.dsk
interface switch "vmmswitch" lladdr "fe:e1:bb:02:6b:be"
}
switch "vmmswitch" {
enable
interface bridge0
}
Both machines have been up since boot of the host machine:
[weerd@despair] $ vmctl status
ID PID VCPUS MAXMEM CURMEM TTYOWNERSTATE NAME
2 23133 12.0G1.1G ttyp1 root running testvm
1 42094 12.0G1.5G ttyp0 root running undeadly
[weerd@despair] $ uptime
4:11PM up 43 days, 57 mins, 12 users, load averages: 0.02, 0.07, 0.07
[weerd@despair] $ ssh undeadly uptime
4:11PM up 43 days, 57 mins, 2 users, load averages: 0.28, 0.12, 0.10
[weerd@despair] $ ssh testvm uptime
4:11PM up 43 days, 57 mins, 0 users, load averages: 0.00, 0.00, 0.00
However, the undeadly VM consumes signficantly more memory that the
other VM:
[weerd@despair] $ ps wwwaux | grep -e vm[d] -e [P]ID
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
_vmd 42094 3.7 57.9 28769236 19398792 ?? Ip 7Jun19 4741:37.66 vmd:
undeadly (vmd)
_vmd 4567 0.0 0.0 1384 1384 ?? Isp7Jun190:00.01 vmd: vmm (vmd)
root 84392 0.0 0.0 1564 1436 ?? Isp7Jun190:00.02 /usr/sbin/vmd
_vmd 55269 0.0 0.0 1304 1468 ?? Isp7Jun190:00.01 vmd: control
(vmd)
root 51181 0.0 0.0 1236 928 ?? Is 7Jun190:00.01 vmd: priv
(vmd)
_vmd 23133 0.0 0.2 2100100 70272 ?? Ip 7Jun19 1886:16.18 vmd:
testvm (vmd)
All systems run snaps from around the same time:
[weerd@despair] $ sysctl kern.version
kern.version=OpenBSD 6.5-current (GENERIC.MP) #6: Tue Jun 4 15:05:10 MDT 2019
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
[weerd@despair] $ ssh undeadly sysctl kern.version
kern.version=OpenBSD 6.5-current (GENERIC) #7: Fri Jun 7 00:45:34 MDT 2019
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
[weerd@despair] $ ssh testvm sysctl kern.version
kern.version=OpenBSD 6.5-current (GENERIC) #6: Tue Jun 4 14:57:43 MDT 2019
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
So it looks like there's a memory leak, either only for busy VMs or it
shows more for busier VMs. Has anyone seen anything similar on their
vmm VMs?
I'll reboot the undeadly VM for now, as other processes are getting
killed for out of memory reasons (bgpd, in my case; see end of below
dmesg of host machine 'despair').
Paul
--- despair dmesg
OpenBSD 6.5-current (GENERIC.MP) #6: Tue Jun 4 15:05:10 MDT 2019
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 34332733440 (32742MB)
avail mem = 33282105344 (31740MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xe66d0 (57 entries)
bios0: vendor Dell Inc. version "1.2.3" date 07/21/2011
bios0: Dell Inc. PowerEdge R210 II
acpi0 at bios0: rev 2
acpi0: sleep states S0 S4 S5
acpi0: tables DSDT FACP SPMI ASF! HPET APIC MCFG BOOT SSDT ASPT SSDT SSDT SPCR
DMAR HEST ERST BERT EINJ
acpi0: wakeup devices P0P1(S4) GLAN(S0) EHC1(S4) EHC2(S4) PXSX(S4) RP01(S5)
PXSX(S4) RP02(S5) PXSX(S4) RP03(S5) PXSX(S4) RP04(S5) PXSX(S4) RP05(S5)
PXSX(S4) RP06(S5) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Xeon(R) CPU E31260L @ 2.40GHz, 2400.39 MHz, 06-2a-07
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,MELTDOWN
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 100MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.1, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Xeon(R) CPU E31260L @ 2.40GHz, 2400.02 MHz, 06-2a-07
cpu1:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,MELTDOWN
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 1, core 0, package 0
cpu2 at mainbus0: apid 2 (application processor)
cpu2:
Re: Dig on openbsd too old ?
On Sat, Jul 20, 2019 at 12:29:04PM -, Stuart Henderson wrote: > On 2019-07-18, Mik J wrote: > > Thank you Otto for your quick answer. > > > > Le jeudi 18 juillet 2019 à 08:54:02 UTC+2, Otto Moerbeek > > a écrit : > > > > On Thu, Jul 18, 2019 at 06:41:12AM +, Mik J wrote: > > > >> Hello, > >> I'm using Openbsd 6.5 and have DiG 9.4.2-P2 provided with it.This version > >> seems to be old (from 2009) but I couldn't find exactly when it dates. > >> However new DNS records appeared in 2013 such as CAA in RFC 6844When I dig > >> the CAA record dig returns NXDOMAIN > >> insteadhttps://dns.google.com/query?name=google.com=CAA=true > >> Do you think we could have an updated version of dig in Openbsd base ? > >> Thank you > >> > >> $ dig CAA google.com > > > > Yes, known. It is on my list to update it, but I don't know when I > > will get to it. > > BIND switched license to MPL, AFAIK this is no good for base. Personally > I would be happier to just remove it than update to a still-old version > as it gets in the way of running something current .. yes, agreed, the latest version for us would be 9.10.8 released about a year ago. IMO we should have at least a basic resolve command in base. -Otto > > > If you really need a newer one, you can install isc-bind from packages, it > > comes with a newer dig in /usr/local/bin > > I do this, and have an alias in .kshrc: > > alias dig=/usr/local/bin/dig > >
Re: Dig on openbsd too old ?
On 2019-07-18, Mik J wrote: > Thank you Otto for your quick answer. > > Le jeudi 18 juillet 2019 à 08:54:02 UTC+2, Otto Moerbeek > a écrit : > > On Thu, Jul 18, 2019 at 06:41:12AM +, Mik J wrote: > >> Hello, >> I'm using Openbsd 6.5 and have DiG 9.4.2-P2 provided with it.This version >> seems to be old (from 2009) but I couldn't find exactly when it dates. >> However new DNS records appeared in 2013 such as CAA in RFC 6844When I dig >> the CAA record dig returns NXDOMAIN >> insteadhttps://dns.google.com/query?name=google.com=CAA=true >> Do you think we could have an updated version of dig in Openbsd base ? >> Thank you >> >> $ dig CAA google.com > > Yes, known. It is on my list to update it, but I don't know when I > will get to it. BIND switched license to MPL, AFAIK this is no good for base. Personally I would be happier to just remove it than update to a still-old version as it gets in the way of running something current .. > If you really need a newer one, you can install isc-bind from packages, it > comes with a newer dig in /usr/local/bin I do this, and have an alias in .kshrc: alias dig=/usr/local/bin/dig
Re: adding ipv6 and pppoe to my firewall
On 2019-07-20, shadrock uhuru wrote: > Hi Stuart > thanks for the reply > > On 7/12/19 1:20 PM, owner-m...@openbsd.org wrote: >>> hypothetical ipv4 Address and ipv6 prefix from zen: >>> ND Prefix: :::::/64 >>> PD Prefix: ::::/48 >>> IPv4 Address: 12.34.56.78 (Subnet mask 255.255.255.255) > --- >>> fw1 em0: 192.168.2.2 (lan) >>> fw1 em1: 12.34.56.78 (wan) > i have taken carp out of the configuration which leaves me with: > > /etc/hostname.em0 > mtu 1508 > inet 192.168.2.2 255.255.255.0 NONE > > /etc/hostname.em1 > mtu 1508 > inet 12.34.56.78 255.255.255.255 NONE > inet6 autoconf -autoconfprivacy -soii > > /etc/hostname.pppoe > mtu 1500 > inet 0.0.0.0 255.255.255.255 0.0.0.1 pppoedev em1 authproto chap > authname "XXX@isp" authkey "XXX" up > dest 0.0.0.1 > inet6 eui64 > !/sbin/route add default -ifp pppoe0 0.0.0.1 > !/sbin/route add -inet6 default -ifp pppoe0 fe80::%pppoe0 -priority 8 > > /etc/rad.conf > interface em0 > > dhcpcd to be added > >> If you need DHCPv6-PD then don't hardcode the addresses on the >> inside interfaces, just let PD fetch them.(For the UK ISPs I'm most familiar >> with, zen seems to need PD otherwise >> they don't route the block to me, at least in the config they've got >> on my user account > by inside interfaces do you mean the lan facing nic on the firewall and > any tun interfaces ? Yes any lan facing nics. tun depends on what you are doing with them, I haven't use that for ages. > i am on zen also and will have a look at dhcpcd >> question 5 do i need to put -autoconfprivacy -soii in the nics or should i remove it. >> Don't use autoconf on interfaces where you run rad(8), that is like >> running dhclient and dhcpd on the same interface. >> > so remove autoconf from em0 ? Yes. > should i be using the mtu option in rad.conf to ensure that all nodes on > a link use the same MTU value i.e. 1508 ? No - the only place MTU should be set to 1508 is the "pppoedev" (parent interface) for the pppoe connection, in your case em1. > could you send examples of the following files to compare with mine for > any misconfigurations on my side please. > wan hostname file pppoe is the "wan" interface. I guess you mean the pppoedev interface, em1 in my case: mtu 1508 up > lan hostname file Showing those will just add complication as I have multiple subnets and they're all on vlans. Typically just "inet XX.XX.XX.XX/YY" in those, no IPv6 setup. > pppoe hostname file mtu 1500 group zen inet 0.0.0.0 255.255.255.255 0.0.0.1 pppoedev em1 authproto chap authname "zenXX@zen" authkey "XXX" up inet6 eui64 inet6 autoconf -autoconfprivacy !/sbin/route add default -ifp pppoe1 0.0.0.1 !/sbin/route add -inet6 default -ifp pppoe1 fe80::%pppoe1 -priority 8 > rad.conf just "interface" lines listing all the "lan" interfaces, e.g. interface vlan2 interface vlan3 [...] > dhcpcd.conf the below tells it to fetch a handful of subnets from the ISP; one for vlan2, one for vlan3, one for vlan4, etc. if you only have one "lan" / "inside" interface then you would just list that instead of the multiple vlan interfaces. = ipv6only noipv6rs duid persistent option rapid_commit require dhcp_server_identifier slaac private nohook resolv.conf, lookup-hostname allowinterfaces pppoe1 vlan2 vlan3 vlan4 vlan5 script "" interface pppoe1 ia_na 1 ia_pd 2 vlan2/1 vlan3/2 vlan4/3 vlan5/4 =
Re: PgTAP ports
On 2019-07-20, Tito Mari Francis Escaño wrote: > Hi to everyone at misc, > Is anyone working to create a PgTAP package from pgtap.org? I think this > would be great for TDD down to the database level. Unfortunately my OpenBSD > setup is running on a VM and not sure it's advisable to create and build > packages using this environment. Your feedback and advise is highly > appreciated. There is no problem using a VM for ports development. If the port is accepted for commit to the tree, packages will be built on the main build infrastructure. If you get something working, or even if you don't get it to work but make a start at it, send a tar of your work to ports@.
Am I blacklisted on @openbsd.org?
Hello, I recently moved my mail server to a new host and at the same time I migrated from postfix to opensmtpd. Everything worked fine so far, except that I'm unable to send emails to @openbsd.org. I'm doing an effort to avoid being categorized as spam and enabled dkim, spf, dmarc. According to various validators on the web it works. I'm also not blacklisted on any of the RBL lists. https://codevoid.de/I/p/report.png My first mail was sent yesterday morning. Greylisted first, but now connecting from my server runs into spamd stuttering and the log shows: 8b6dbf42b6a64904|inet4|mta||sh[at]codevoid.de|foobar[at]openbsd.org| foobar[at]openbsd.org|1563520479|1563520479|0|17|pending|26128| Connection closed unexpectedly So I think I got blacklisted. I don't know why and I don't know how to fix this. Is one of the openbsd.org mail admins on this list who would be kind enough to help me with this issue? Best Regards, Stefan
PgTAP ports
Hi to everyone at misc, Is anyone working to create a PgTAP package from pgtap.org? I think this would be great for TDD down to the database level. Unfortunately my OpenBSD setup is running on a VM and not sure it's advisable to create and build packages using this environment. Your feedback and advise is highly appreciated. Thanks.
