Re: VPN Remote Services Connetivity

However, if I am on the the firewall machines themselves, I can ping machines on the remote end, but service connection fails. Steve is right. You have not setup flows in your isakmpd.conf to allow for this. Are there additional rules I need to put into pf for this type of connectivity?

Re: Theo gave an interview to Forbes Mag. about Linux

On 6/17/05, J. Lievisse Adriaanse [EMAIL PROTECTED] wrote: Theo gave an interview to Forbes Magazine, in which he stated: It's terrible, De Raadt says. Everyone is using it, and they don't realize how bad it is. In many cases I talked to people those who chose Linux instead of OpenBSD for

3.7-stable i386 crash

For the second time in about a week, a new server of us with OpenBSD i386 3.7-stable (of a couple of weeks ago) crashed. Here it is the dmesg with the stack trace. Do you think there is any hint of it being an hardware or software problem? Thanks. Jun 18 03:09:36 arwen /bsd: fsync failed:

Re: Hydra and Amap-Port...

If I recall correctly, Sebastian has had numerous attempts to get a diff submitted last year, that all went nowhere. Some highlight that I might be wrong about: - no communication at *all* from the maintainer - no desire from anyone else to commit the diffs b/c they were not blessed by the

[Fwd: Re: Theo gave an interview to Forbes Mag. about Linux]

Message-ID: [EMAIL PROTECTED] Date: Sat, 18 Jun 2005 11:50:27 +0200 From: Thorsten Johannvorderbrueggen [EMAIL PROTECTED] User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050317) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Sparc Urani [EMAIL PROTECTED] Subject: Re: Theo gave an interview to

Re: PPPoE Download Performance Woes (Resolved)

I guess this is one of those things that keeps biting into you until you get it resolved. After some experimentation, while I never thought this would have such an effect--especially with net.inet.tcp.rfc1323=1 and net.inet.tcp.sack=1 by default--the following simple additions to /etc/sysctl.conf

is 3.5 still supported?

http://www.openbsd.org/security.html says that OpenBSD 3.4 and earlier releases are not supported anymore. The following paragraphs only list advisories issued while they were maintained; these releases are likely to be affected by the advisories for more recent releases. Is the 3.4 in that

Re: [Fwd: Re: Theo gave an interview to Forbes Mag. about Linux]

On Sat, Jun 18, 2005 at 02:57:27PM +0200, Thorsten Johannvorderbrueggen wrote: [...] OBSD only supports apm, no apci. There's some initial acpi support in -current. So just wait and see what else will be done. Ciao, Kili

Re: phpbb

sauce for the goose... On Fri, 17 Jun 2005, Clint M. Sand wrote: Anyone care to share a procmail line to destroy any message with how do I chroot and mysql and php? see http://perlcode.org/tutorials/procmail/proctut/ HINT By default, procmail scans only the headers of the email message.

Re: Theo gave an interview to Forbes Mag. about Linux

The register has put up a very lazy opinion piece on the article: http://www.theregister.co.uk/2005/06/17/de_raadt_channels_ballmer/ In it they dismiss Theo as a bitter, egotistical, Steve Ballmeresque character. Ah well, the register = cheap uk tech tabloid rag so who cares what they think.

OT: Programming portability

I'm curious as to how programs actually get ported from one OS to another, and if certain directions are easier than others. That is, how does one figure out what needs to be changed in order to make OpenNTPD work on Linux? Is it generally easier to move a program from $some_bsd to

Re: OT: Programming portability

* Chris Zakelj [EMAIL PROTECTED] [050618 12:21]: I'm curious as to how programs actually get ported from one OS to another, and if certain directions are easier than others. That is, how does one figure out what needs to be changed in order to make OpenNTPD work on Linux? Is it generally

Blocking ARPS from certain individuals and priortizing other broadcasts

Is this possible using PF? We are using OBSD 3.6 (and newer if needed) as a network provider to ISPs. Customers southbound have viruses that send out 100 ARPs a second. This loads up the NAT table therefore making the NAT box useless. I am trying to clear the NAT quicker, but this makes other

Re: perl -MCPAN checksum mismatch on anything

CPAN now uses ftp or ncftp to download the files and all packages get installed perfectly! Noticed the same problem. Seem that lynx is un-gz'ing the files inline and not removing the .gz, so CPAN tries to do a checksum and un-gz them and errors out. FYI, that didn't work here, so I

Re: OT: Programming portability

Jim Razmus wrote: * Chris Zakelj [EMAIL PROTECTED] [050618 12:21]: I'm curious as to how programs actually get ported from one OS to another, and if certain directions are easier than others. That is, how does one figure out what needs to be changed in order to make OpenNTPD work on

CD-tower vs. RAID server

I'm asking this here because I know you people know alot about computers. A friend of mine wants to share files with the world with the help of his networked CD-tower server. He would like a bit of saftey against hw crashes. The weakest hw link is the harddrive so he therefore proposed using his

Re: is 3.5 still supported?

Hi, Is the 3.4 in that quote correct, and if so, an I correct in inferring that 3.5 _is_ still supported (i.e. that following 3.5- stable would still get me all critical to security/reliability patches)? Don't count on it. The current release (3.7) and its predecessor (3.6) are supported.

USB 2.0 card 'not configured'

Hiya. I was told in [EMAIL PROTECTED] to email this address to ask for helpb so yeah. :) The problem is, I bought a USB 2.0 PCI controller card for my server, but it only will work at 1.0 or 1.1 (not sure which) speeds. The 2.0 isnbt working.. It says bnot configuredb in the dmesg.

Re: Theo gave an interview to Forbes Mag. about Linux

On 18/06/05, Harry Tormey [EMAIL PROTECTED] wrote: The register has put up a very lazy opinion piece on the article: http://www.theregister.co.uk/2005/06/17/de_raadt_channels_ballmer/ In it they dismiss Theo as a bitter, egotistical, Steve Ballmeresque character. Ah well, the register =

Re: CD-tower vs. RAID server

On Sat, Jun 18, 2005 at 07:54:29PM +0200, Tim wrote: But apart from that what would be other drawbacks of using a CD-tower server to provide files on the internet? It will be awfully slow, especially for parallel access (lots of seeks, and CD drives aren't designed for this). Additionally, I

Re: USB 2.0 card 'not configured'

On Sat, 18 Jun 2005 13:05:11 -0500 ConCon [EMAIL PROTECTED] wrote: : Hiya. : : : I was told in [EMAIL PROTECTED] to email this address to ask : for help, so yeah. :) : : The problem is, I bought a USB 2.0 PCI controller card for my : server, but it only will work at 1.0 or 1.1 (not sure

Why timezone it is always incorrect??

Hi all, Is not possible to adjust clock under OpenBSD correctly??? I do not understand why cmos clock needs to leave at UTC. why? Do i need to recompile kernel with TIMEZONE option to correct this bug?? Is not possible to use sysctl tool to correct this??? Thank you very much. -- C.L.

Re: Theo gave an interview to Forbes Mag. about Linux

I thought Theo never used Linux? On 6/18/05, Constantine A. Murenin [EMAIL PROTECTED] wrote: On 18/06/05, Harry Tormey [EMAIL PROTECTED] wrote: The register has put up a very lazy opinion piece on the article: http://www.theregister.co.uk/2005/06/17/de_raadt_channels_ballmer/ In it

Re: Why timezone it is always incorrect??

If you need to leave the timezone set differently because you dual-boot, you can edit the kernel with config(8). A custom kernel is unnecessary. -Josh Grosse- On Sat, Jun 18, 2005 at 10:04:37PM +0200, C. L. Martinez wrote: Hi all, Is not possible to adjust clock under OpenBSD

Re: Why timezone it is always incorrect??

C. L. Martinez wrote: Is not possible to adjust clock under OpenBSD correctly??? I do not understand why cmos clock needs to leave at UTC. why? Do i need to recompile kernel with TIMEZONE option to correct this bug?? Is not possible to use sysctl tool to correct this??? Aside from me

Re: Theo gave an interview to Forbes Mag. about Linux

On Sat, 18 Jun 2005 16:06:27 -0400 Haroon Khalid [EMAIL PROTECTED] wrote: I thought Theo never used Linux? Again, the is a clear difference between using Linux, and reading the source of it or observing it's development model! Jasper On 6/18/05, Constantine A. Murenin [EMAIL PROTECTED]

Re: How do we disable console output temporarily.

On 2005/06/18 14:04:27, John Draper wrote: We are getting attacked, but our root console is outputting log data so fast we can't ussue any root commands. Quickest way is probably 'pkill syslogd' (or 'kill `cat /var/run/syslogd.pid`' if you don't have pkill). ...or just login as a user other

Re: Why timezone it is always incorrect??

User A is on the east coast. User B is on the west coast. They both use the same computer. What time is it? UTC is the correct time. User wants to view time in his own time zone. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of C. L. Martinez Sent:

Re: How do we disable console output temporarily.

On 6/18/05, John Draper [EMAIL PROTECTED] wrote: Hi, We are getting attacked, but our root console is outputting log data so fast we can't ussue any root commands. What can I do to temporarily stop the console output so I can ussue a few root commands to change our FW settings? JD

Re: How do we disable console output temporarily.

Moritz Grimm wrote: John Draper wrote: We are getting attacked, but our root console is outputting log data so fast we can't ussue any root commands. What can I do to temporarily stop the console output so I can ussue a few root commands to change our FW settings? Log in as a regular

Re: How do we disable console output temporarily.

On Sat, Jun 18, 2005 at 02:47:03PM -0700, John Draper wrote: But the pkill syslogd seems a reasonable thing to do, but how do I set it back again? One other problem I have is my ps don't work, but that problem is going to be fixed in my next scheduled upgrade. If ps doesn't work, there's a

Re: Blocking ARPS from certain individuals and priortizing other broadcasts

Is proxy ARP running by default on a typical BSD install? I am talking about ARPS. The only traffic I can see coming into the box is ARP when I do a network trace. As soon as I disable the customer, NAT returns to normal as far as the entries are concerned. I enable the customer and then I start

OpenBSD users group in Tucson, AZ

Is there anyone here on the list from Tucson, AZ, and if so would you have any interest in forming a local OBSD users group? If so please contact me offlist. Steve

FINAL NOTICE: Ebay Members

Dear eBay Member, You have not yet verified your eBay account. On May 20, 2005 we sent you an email to notify you that you must provide account vericfication to continue to be a part of eBay. This is needed to protect the integrity of your account Section 9 of the EBay User agreement states

Upgrade to 3.7 and VPN no longer works

I just upgraded my firewall to 3.7, but I've found my VPN is now not working. I keep seeing NAT detected messages, but both machines have real IPs so it doesn't make sense. The client machine is a 3.6 install, and the server machine was a 3.4 machine which I used the media CD to upgrade. I've

Re: Upgrade to 3.7 and VPN no longer works

On Sun, Jun 19, 2005 at 01:34:06PM +1000, Dave Harrison wrote: I just upgraded my firewall to 3.7, but I've found my VPN is now not working. I keep seeing NAT detected messages, but both machines have real IPs so it doesn't make sense. The client machine is a 3.6 install, and the server

Re: Upgrade to 3.7 and VPN no longer works

Stephen Marley wrote: On Sun, Jun 19, 2005 at 01:34:06PM +1000, Dave Harrison wrote: I just upgraded my firewall to 3.7, but I've found my VPN is now not working. I keep seeing NAT detected messages, but both machines have real IPs so it doesn't make sense. The client machine is a 3.6

Re: Upgrade to 3.7 and VPN no longer works

On Sun, Jun 19, 2005 at 02:16:24PM +1000, Dave Harrison wrote: Stephen Marley wrote: Have you tried the -T option to isakmpd? Seems like the option I want ... but I can't see it in the man page on either my 3.6 or 3.7 machines, and isakmpd won't accept -T as a flag on either machine. Is

gdt at bsd.mp

Hi. Actually I don't know about usefulness my information but... I have another machine - on Intel 7501VW2 with 2 Xeon. And I have Intel SRCZCR RAID controller there. So, with uniprocessor kernel it's recognized and work fine - there is 3 SCSI acting and seen as one (RAID5) disk. desg follow