unknown dhcp option value 0x51
Hi, Since I first put an OpenBSD 3.5-box on my ADSL-line i've been getting messages like this every 30 minutes: Aug 22 16:40:41 fortress-maximus dhclient[20645]: unknown dhcp option value 0x51 DHCP works fine, but out of curiosity I looked in the RFC (http://www.faqs.org/rfcs/rfc2939.html) and found: DHCP protocol messages are identified by the 'DHCP Message Type' option (option code 51). Unfortunatly I have no idea what this means :-) Does anybody now what's going on? I use OpenBSD 3.7-STABLE on i386. [EMAIL PROTECTED]:~] cat /etc/dhclient.conf request subnet-mask, broadcast-address, time-offset, routers; [EMAIL PROTECTED]:~] cat /etc/hostname.fxp0 dhcp NONE NONE NONE Thanks, Hans
Re: the joys of spamd
Kevin wrote: Sep 8 11:47:11 mail spamd[19133]: 61.159.253.63: disconnected after 408 seconds. lists: china Sep 8 12:10:16 mail spamd[19133]: 211.193.204.4: disconnected after 77 seconds. lists: korea Sep 8 14:22:23 mail spamd[2121]: 61.100.12.105: disconnected after 54 seconds. lists: korea What can you do but chuckle? Just from yesterdays log: Sep 8 06:59:22 fortress-maximus spamd[22851]: 218.25.172.18: disconnected after 1000 seconds. lists: china My all-time record is 3726 seconds. That's not chuckling, that's rolling on the floor laughing out loud :-) For more entertainment see http://hanz.nl/p/spamd Hans
Re: preventing OS fingerprint
Gustavo Rios wrote: Dear gentleman, i have an obsd firewall and would like to prevent external entities discovering that firewall is openbsd, is that possible? Thanks a lot for your time and cooperation. I use the following line in pf to prevent nmap scan, including -O: block in quick log on $inet_if from any os NMAP But why would you want to hide the fact you run the most secure OS in the world? Hans
Re: Apache Log Rotation - FAQ 10.16
Uwe Dippel wrote: Could you please share your preferred methods to rotate the /var/www/logs/, ? I had the same problem, and solved it by using cronolog. This way you don't have to restart apache. From my httpd.conf: CustomLog |/usr/local/sbin/cronolog -l /var/www/logs/access-hanz.nl /var/www/logs/old/access-hanz.nl.%Y%m%d combined Hans
Re: Apache Log Rotation - FAQ 10.16
Olivier Mehani wrote: On Fri, 09 Dec 2005 11:11:23 +0100 Hans van Leeuwen [EMAIL PROTECTED] wrote: Could you please share your preferred methods to rotate the /var/www/logs/, ? I had the same problem, and solved it by using cronolog. From my httpd.conf: CustomLog |/usr/local/sbin/cronolog -l /var/www/logs/access-hanz.nl /var/www/logs/old/access-hanz.nl.%Y%m%d combined But you are not using the default chrooted apache, are you ? Yes, I am. [EMAIL PROTECTED]:~] grep httpd /etc/rc.conf.local httpd_flags=-DSSL Hans
Re: Apache Log Rotation - FAQ 10.16
Olivier Mehani wrote: On Fri, 09 Dec 2005 13:12:14 +0100 Hans van Leeuwen [EMAIL PROTECTED] wrote: CustomLog |/usr/local/sbin/cronolog -l /var/www/logs/access-hanz.nl /var/www/logs/old/access-hanz.nl.%Y%m%d combined But you are not using the default chrooted apache, are you ? Yes, I am. [EMAIL PROTECTED]:~] grep httpd /etc/rc.conf.local httpd_flags=-DSSL Hum. I'm puzzled. Did you move some files and change permissions in the chroot then ? No. Please tell me what puzzles you... Hans
Re: Spam (solutions) and some other practical issues
Gabriel George POPA wrote: Thank you Joachim. Now, regarding spamd(8), I knew that I need help from pf. Regarding SpamAssassin: I did pkg_add, I followed the instructions on modifying /etc/procmailrc I started spamd (spamc should have been called for every message). Nothing happened. No mail message was scanned. You have to tell sendmail to pass the message to procmail. See the part about sendmail.cf in procmail's manpage. Regarding that sysctl: shouldn't we add it? Thats not how it works here. Either you write a patch or stop complaining about the lack of features. Regarding the upgrade: I will build the distribution using this machine (3GHz P4, 1GB RAM) - my server is not under heavy load in this period of the week. I just hoped binpatch could be a better solution. OpenBSD doesn't supply binary patches, and this isn't going to change. See the archives for more information. Good luck, Hans
Re: security hole in sendmail
Oliver Peter wrote: On Thu, Mar 30, 2006 at 05:08:11PM -0700, Peter Valchev wrote: A race condition exists in sendmail's handling of asynchronous signals. A remote attacker may be able to execute arbitrary source code with the privileges of the user running sendmail, typically root. Excuse my question - I don't want to attack our loved project but does that mean that we've got a second remote hole? Don't kick my ass. By default sendmail only listens on the local interface. Hans
Re: mbuf leak with rl
On Thursday 14 September 2006 17:38, you wrote: Is anyone using a Realtek 8139 card with OpenBSD 3.9? I noticed that mbufs will slowly leak when using it. I noticed this after switching to 3.9. I don't know if something happened to the card or not... maybe there is a hardware error now that is making it behave funky. If you're using a rl* can you take a look at your mbuf usage (netstat -m)? Me and another person both see something similar. 237 mbufs in use: 135 mbufs allocated to data 66 mbufs allocated to packet headers 36 mbufs allocated to socket names and addresses 125/380/6144 mbuf clusters in use (current/peak/max) 856 Kbytes allocated to network (36% in use) 0 requests for memory denied 0 requests for memory delayed 0 calls to protocol drain routines I have no idea if this is good or not. dmesg: rl0 at pci0 dev 8 function 0 Realtek 8139 rev 0x10: irq 11, address 00:48:54:65:39:5a rlphy0 at rl0 phy 0: RTL internal PHY rl0 at pci1 dev 10 function 0 Realtek 8139 rev 0x10: irq 11, address 00:10:a7:0b:16:ed rlphy0 at rl0 phy 0: RTL internal PHY Greetings, Hans
Re: Rotate many Apache logfiles
On Friday 15 September 2006 14:57, you wrote: Hi! What is the preferred way of rotating Apache's logfiles? I have many virtual domains, each with its own access and error logfile. I'm using CustomLog, not TransferLog. Apache is chrooted. Adding every logfile to /etc/newsyslog.conf is one way, but hard to maintain. Is Apache's own rotatelogs program the way to go? I prefer to use cronolog. It's in ports. Hans