Sorry for the confusion...
I will try to summarize...
I have a machine on each side of a router I am building (3.7).
One one side it is a firewall connected to the internet (192.168.0.2/24)
On the other side it is a linux notebook (10.4.50.1/16)
From linux I can ping any interface on the
On Thu, 1 Sep 2005 01:01:08 -0400, Bill wrote:
OBSD 3.7 - new install
I am building a router. And I am having a routing problem. I am not
doing any packet filtering, NAT or anything... its all strictly private
address space nets I also most definately have ip forwarding set in
sysctl
Right
Mark Scheufele [EMAIL PROTECTED] wrote:
I followed all the suggested solutions to mend the not responding
keyboard on my sunblade 100 but unfortunately I
didn't succeed. Here a quick overview:
I have a Blade 100 with a Swedish USB type 6 keyboard.
ok .version
Release 4.10.6 created 2003/06/06
On Thu, 01 Sep 2005 02:01:44 -0400, Bill wrote:
I will try to summarize...
Is it this ?:
firewallrouter=linux
192.168.0.2 192.168.0.4 10.4.0.1 10.4.50.1
In your FP it is 10.3.0.0, now it is 10.4.0.0, right ?
This is the routers table:
Internet:
Destination
Begin forwarded message:
Date: Thu, 1 Sep 2005 08:09:24 -0400
From: Bill [EMAIL PROTECTED]
To: Rod.. Whitworth [EMAIL PROTECTED]
Subject: Re: routing question - why one way?
On Thu, 01 Sep 2005 16:36:13 +1000
Rod.. Whitworth [EMAIL PROTECTED] wrote:
On Thu, 1 Sep 2005 01:01:08 -0400, Bill
On Thursday, September 01, 2005, Bill wrote:
Right now I have the router installed with two active interfaces...
Segment A (192.168.0.4) interface on the router Segment B
(10.3.0.1) interface on the router
Now I have a machine on each segment also:
192.168.0.2 (Segment A)
10.3.50.1
On Thu, 1 Sep 2005 08:11:28 -0400, Bill wrote:
Date: Thu, 1 Sep 2005 08:09:24 -0400
From: Bill [EMAIL PROTECTED]
To: Rod.. Whitworth [EMAIL PROTECTED]
Subject: Re: routing question - why one way?
On Thu, 01 Sep 2005 16:36:13 +1000
Rod.. Whitworth [EMAIL PROTECTED] wrote:
On Thu, 1 Sep 2005
On Thu, 01 Sep 2005 23:03:44 +1000
Rod.. Whitworth [EMAIL PROTECTED] wrote:
On Thu, 1 Sep 2005 08:11:28 -0400, Bill wrote:
Date: Thu, 1 Sep 2005 08:09:24 -0400
From: Bill [EMAIL PROTECTED]
To: Rod.. Whitworth [EMAIL PROTECTED]
Subject: Re: routing question - why one way?
On Thu, 01
Currently using a zoom x4 modem in half bridge mode with 3.6 stable and
haven't had any problems with dhclient obtaining a lease from the modem
so maybe it's a 3.7 thing?.
I'm just about to move to 3.7 current so this is worthwhile knowing.
Many thanks.
Nathan Gould wrote:
Just for interest,
I'm not sure if my problem is user/configuration related or if there
is a problem with isakmpd... I'd like to only initiate connections using
the isakmpd.fifo as needed. When finished with the connection I was
planning on tearing it down using the fifo too.
When I tear down the phase 2
Hi,
that's a limitation of isakmpd. I have a patch for this, but as
adding support for phase 1 SA deletion using the fifo is not that
straight forward it will not make the 3.8 release. I'm sorry.
HJ.
On Thu, Sep 01, 2005 at 10:21:51AM -0400, Kurt Miller wrote:
I'm not sure if my problem is
On Wed, 31 Aug 2005, Diego Augusto Dalmolin wrote:
Ok but... don4t you the default values like kern.somaxconn=128
are too small for an OBSD router/nat with 2 x Gig lans + 2 x 4Mbps
internet conections
do you even know what kern.somaxconn does?
--
And that's why we need each other.
It handles the size of listen() queue...
I know openbsd is a great SO.. IMHO the best one I ever worked whit!!
and I also know Theo CO. are doing their best to maintain this system
I just want to learn.. and I thought misc@ would be a place where I
could find relevant information.. my 10
hi
my laptop died in the most horrible way (it fell off from the desk ...) and I
had to replaced it so i bought a low price workstation. It came with an
integrated (*ugh*) via S3 unichrome chipset that is recognized by openbsd at
boot time. I tried starting an X session but it just hangs until i
On Wed, Aug 31, 2005 at 04:17:06PM -0500, Kevin wrote:
On 8/31/05, Christopher Linn [EMAIL PROTECTED] wrote:
On Wed, Aug 31, 2005 at 11:12:07AM -0600, Peter Valchev wrote:
I've been testing 3.8 on a couple of i386 systems (soon sparc also),
including installing more of the 3.8 beta
The problem with the unichrome is that stock xorg identifies it (correctly)
as a via, but it does not support it's specific chipset. The
unichrome.sf.net http://unichrome.sf.net project has patches for XF86 and
Xorg that fix this, but you will have to recompile xorg for it to work. It
should work,
Hi,
On Fri, 19.08.2005 at 12:41:20 +0200, Henning Brauer [EMAIL PROTECTED] wrote:
ftp-proxy does not support TLS.
ok.
moreover, when you think about it, ftp w/TLS encrypts the control
channel, it's the entire point that 3rd parties (like ftp-proxy) can't
see or modify what's gpoing on, so
Hello,
On Sat, 20.08.2005 at 11:54:27 +0800, range [EMAIL PROTECTED] wrote:
I plan to buy IBM XSeries Server,
short answer: Don't, but tell your IBM rep the machine count and the
reason, too.
But I can't see any IBM ServeRaid card (SCSI) in OpenBSD support list,
(
Diego Augusto Dalmolin [EMAIL PROTECTED] wrote:
It handles the size of listen() queue...
If you know that, then why would you think it needs to be increased to
do routing and NAT?
Adam
Hi Aaron,
On Wed, 31.08.2005 at 09:28:01 -0700, Aaron Glenn [EMAIL PROTECTED] wrote:
Allied Telesyn makes a DS3 to Ethernet converter box that's about
US$800 each. They work as advertised, but management wise are pretty
clunky.
thanks for the suggestion.
I'm also looking into other units and
because this server also handle spamd/squid/ftp-proxy...
I4ve forgotten to mention that..
I4ve got a book (Absolute BSD - The ultimate guide to FreeBSD) I know
this isn4t a openbsd book.. but I4ve got some information about
NMBCLUSTER and tcp.sendspace/recvspace that might help
Sorry for the
From: Toni Mueller [mailto:[EMAIL PROTECTED]
moreover, when you think about it, ftp w/TLS encrypts the control
channel, it's the entire point that 3rd parties (like
ftp-proxy) can't
see or modify what's gpoing on, so this cannot possibly work.
I can't see why this must be so. HTTPS
Making, drinking tea and reading an opus magnum from Toni Mueller:
Hello,
On Sat, 20.08.2005 at 11:54:27 +0800, range [EMAIL PROTECTED] wrote:
I plan to buy IBM XSeries Server,
short answer: Don't, but tell your IBM rep the machine count and the
reason, too.
But I can't see any IBM
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Toni Mueller wrote:
| I can't see why this must be so. HTTPS can be proxied with Squid which
| somehow handles the crypto stuff after reading the client's CONNECT
| ..., and digging into FTP+SSL suggests that the control channel could
| be used to
I have an altigen IP Phone sitting behind NAT on my home network (comcast). I
connect to an altigen voice server on a different network, so I have my
firewall rules set up as such:
rdr pass from $voice_server to $my_ip - $phone
Which works well for outgoing calls, but when calls are coming in,
I've tried a few times to get OpenBSD (3.8 beta from mid-late August) installed
on a Proliant DL 380 G1 with a SmartArray 5i controller. The good news is that
the installation CD found the RAID1 array and used it as /dev/sd0 to install
the OS.
The part I'm having trouble with is getting the
Making, drinking tea and reading an opus magnum from Eric Ziegast:
I've tried a few times to get OpenBSD (3.8 beta from mid-late August)
installed on a Proliant DL 380 G1 with a SmartArray 5i controller. The good
news is that the installation CD found the RAID1 array and used it as
Hi All,
I'm running in a test environment 2 soekris net4801 3.7-current as a
firewall/CARP.
fw1 I prefer to be the master and fw2 as the backup
The configuration is as follows, sis2 is connected back to back, sis1 is
my LAN, and sis0 is the WAN:
fw1
---
sysctl -w net.inet.carp.preempt=1
Hi misc@,
after a couple of hours of messing around with my systems...
The problem is that I found a
Creative USB Sound Blaster Audigy 2 NX
in my closet and thought, let's give it a try with my favorite OS.
I shouldn't have done than...
Okay the dmesg reports (after plugging in) (full dmesg at
On Thursday 01 September 2005 01:57 pm, you wrote:
Erik Sabowski wrote:
I am trying to use ccdconfig on 2 identical disks to make one big
partition. for some reason, the resulting partition is equal in size to
one of the disks, instead of being the size of both disks put together.
first i
On 9/1/05, Christopher Linn [EMAIL PROTECTED] wrote:
On Wed, Aug 31, 2005 at 04:17:06PM -0500, Kevin wrote:
On 8/31/05, Christopher Linn [EMAIL PROTECTED] wrote:
Kevin Kadow wrote:
only found a couple of X applications (xtacy, xlock) failing on
signal 11.
On Thu, 1 Sep 2005, Diego Augusto Dalmolin wrote:
because this server also handle spamd/squid/ftp-proxy...
I4ve forgotten to mention that..
that would have been helpful to know. but if your proxy has a backlog of
128 connections, a backlog of 129 or even 3456 connections is not going to
Hey,
I read the pf.conf and the pfctl manpages as I am trying to set up
some special rules for my OpenBSD Server (3.7).
Basically I want to block connections to my local network from the
machine unless the user is in the group wheel or is under the username
named, for obvious purposes. This
nevermind, i just had to do a pf -e
On 9/2/05, John Kintaro Tate [EMAIL PROTECTED] wrote:
Hey,
I read the pf.conf and the pfctl manpages as I am trying to set up
some special rules for my OpenBSD Server (3.7).
Basically I want to block connections to my local network from the
machine
Hrm.
It appears that pf is blocking ALL outgoing packets, is there a way I
can just block outgoing connections from everyone except users in the
group wheel and the user named?
John
On 9/2/05, John Kintaro Tate [EMAIL PROTECTED] wrote:
Hey,
I read the pf.conf and the pfctl manpages as I am
Hi,
On Thu, 01.09.2005 at 19:29:57 +0200, Markus Wernig [EMAIL PROTECTED] wrote:
Squid is different. Usually, it doesn't do SSL itself, but just passes
the connection on.
it does, however, talk SSL to the outside server.
You might be able to code around that by terminating two distinct
Hi,
On Thu, 01.09.2005 at 13:15:54 -0400, Michael Shalayeff [EMAIL PROTECTED]
wrote:
we do not want their driver.
i betcha it'd be a piece of goo size of minneapolis
and we would not be able to maintain it ever since...
well, I didn't ask them to write a driver, but asked for docs to be
able
Try vesa driver in xorg.
On Thursday 01 September 2005 17:29, you wrote:
hi
my laptop died in the most horrible way (it fell off from the desk ...) and I
had to replaced it so i bought a low price workstation. It came with an
integrated (*ugh*) via S3 unichrome chipset that is recognized by
On Thursday 01 September 2005 22:51, Toni Mueller wrote:
Hi,
On Thu, 01.09.2005 at 19:29:57 +0200, Markus Wernig [EMAIL PROTECTED]
wrote:
Squid is different. Usually, it doesn't do SSL itself, but just passes
the connection on.
it does, however, talk SSL to the outside server.
Not
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Toni Mueller wrote:
| Hi,
|
| On Thu, 01.09.2005 at 19:29:57 +0200, Markus Wernig
[EMAIL PROTECTED] wrote:
|
|Squid is different. Usually, it doesn't do SSL itself, but just passes
|the connection on.
| it does, however, talk SSL to the outside
On Fri, 2 Sep 2005 00:16:15 +0200
Maxim Bourmistrov [EMAIL PROTECTED] wrote:
Try vesa driver in xorg.
Tried that already :`|
--
strlcat,strlcpy:
This is horribly inefficient BSD crap. [...] This is why you use:
*((char *) memcpy (dst, src, n)) = '\0';
-- Ulrich
Not actually how do I optimize, but somewhat related.
I've got this router built and I am dropping it into production over
the weekend - all Gigabit Nic's, but all 100MB networks.
What should I watch for from a systems point of view... I've tested
across it with a few sets of machines doing
For about ~2 Months I read OpenCVS is to be released soon so I asked
myself:
Will OpenCVS be part of OpenBSD 3.8?
Kind regards,
Sebastian
--
Don't buy anything from YeongYang.
Their Computercases are expensiv, they WTX-powersuplies start burning and
their support refuse any RMA even there's
On Fri, 2 Sep 2005 00:16:15 +0200
Maxim Bourmistrov [EMAIL PROTECTED] wrote:
Try vesa driver in xorg.
Tried that already :`|
It's for LINUX but maybe it helps you too...
- http://epialinux.org/graphics.html
Hopefully you can port the needed stuff. :-/
Kind regards,
Sebastian
--
Don't
I think you need to reset your expectations. The SATA board is
*very* low end and if you hammer it with enough IO it'll simply poop
itself.
What is the point of running a super fast system with something
slower than IDE? If you need multiple CPUs chances are you need SCSI.
On Aug 31,
On 02/09/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
For about ~2 Months I read OpenCVS is to be released soon so I asked
myself:
Will OpenCVS be part of OpenBSD 3.8?
Kind regards,
Sebastian
--
Don't buy anything from YeongYang.
Their Computercases are expensiv, they WTX-powersuplies
Just to share; Damien Bergamini helped me with the 855wrap for the crappy
DELL-BIOS (see other thread).
Now, this is phantastic:
Installed 3.7 onto my DELL notebook Latitude D400. Just install, nothing
configured, with USB-keyboard (sg), USB-mouse, Broadcom integrated NIC.
Added some apps, and
you have to leave room for the real disk labels.
sd1: |label--|
sd2: |label--|
ccd0:|label--|
if you set things up like above, the sd labels get trounced.
On Thu, 1 Sep 2005, Erik Sabowski wrote:
I am trying to use ccdconfig on 2
On 9/1/05, Simon Farnsworth [EMAIL PROTECTED] wrote:
There's only two ways to get FTP+SSL past a firewall that would otherwise
filter it:
1) Drop firewalling for a range of ports used for FTP+SSL connections. For
example, open 65000-65535 for incoming, and configure your endpoints to listen
49 matches
Mail list logo