OpenVPN server refuses connections

Hi. I'm using OpenVPN server with such configuration: /etc/openvpn/server.conf: daemon openvpn local 192.168.0.1 port 1194 proto udp dev tun1 ca /etc/openvpn/keys/ca.crt cert /etc/openvpn/keys/server.crt key /etc/openvpn/keys/server.key # This file should be kept secret dh

Re: OpenVPN server refuses connections

Hi, On Wed, Mar 04, 2009 at 10:17:40AM +0200, Yuriy A. Dmitrishin wrote: Hi. I'm using OpenVPN server with such configuration: /etc/openvpn/server.conf: daemon openvpn local 192.168.0.1 You are listening on 192.168.0.1 with the openvpn server. port 1194 proto udp dev tun1 ca

Re: OpenVPN server refuses connections

/etc/openvpn/server.conf: local 192.168.0.1 /etc/openvpn/client.conf remote 66.66.66.66 1194 ? -- Stephan A. Rickauer --- Institute of Neuroinformatics Tel +41 44 635 30 50 University / ETH Zurich Sec +41

Re: Can't ping top-level public IP subnets

NB: Read Understanding IP Addressing ( http://www.3com.com/other/pdfs/infra/corpinfo/en_US/501302.pdf ), as linked here: http://openbsd.org/faq/faq6.html#Intro The document has a bunch of formatting errors where they write e.g. 32 instead of 3^2 because the second number is supposed to be

How do I monitor my PF based firewall?

Hello, I like to monitor my firewalls using snmp and cacti. But I don't know how to get all the information about pf, states, etc. On the net I only found hints about older OpenBSD Versions (I use OpenBSD 4.4 - stable and the included snmpd). Can you please give me a hint into the right

Re: OpenVPN server refuses connections

/etc/openvpn/server.conf: local 192.168.0.1 /etc/openvpn/client.conf remote 66.66.66.66 1194 ? Yes, this is my mistake. local 66.66.66.66 Now it works, thanks. -- P! QP2P0P6P5P=P8P5P, P.QP8P9 PPP8QQP8QP8P=.

resolved: xenocara: build problem: Package xdmcp was not found...

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 dt...@drizzle.com wrote: This occurs when building xenocara after updating /usr/src, /usr/ports, /usr/xenocara to -stable from cvs and successfully building kernel and src: -

Problems with vnc on OpenBSD 4.4

Hello, I have successfully set um an OpenBSD machine (amd64) in an Virtualbox using X and KDE as desktop. So far everything works fine, KDE is starting after boot. tightvnc is installed. However I cannot start vncserver. log The log file shows: Couldn't open RGB_DB '/usr/X11R6/lib/X11/rgb'

Re: How do I monitor my PF based firewall?

On Wed, 2009-03-04 at 09:32 +0100, Falk Brockerhoff - smartTERRA GmbH wrote: Hello, I like to monitor my firewalls using snmp and cacti. But I don't know how to get all the information about pf, states, etc. On the net I only found hints about older OpenBSD Versions (I use OpenBSD 4.4 -

Re: How do I monitor my PF based firewall?

Falk Brockerhoff - smartTERRA GmbH wrote: But I don't know how to get all the information about pf, states, etc. It's probably simplest to start with pftop. Or do you want visualization? http://www.openbsd.org/4.4_packages/i386/pfstat-2.3p0.tgz-long.html Regards -Lars

Re: How do I monitor my PF based firewall?

Am 04.03.2009 um 11:23 schrieb Lars Noodin: It's probably simplest to start with pftop. After a first quick look pftop is a great tool for debugging und manually monitoring firewall activity. But it seems that I really can't use it for a data source collector for cacti, can I? Or do you

Re: How do I monitor my PF based firewall?

Am 04.03.2009 um 11:11 schrieb Stephan A. Rickauer: As far as I remember, including a 'PF-MIB' into opensnmpd is on reyk@'s ever growing todo list already. Good news, that this is on a todo list. Bad news, that this list is ever growing. :) But thanks for this information anyways!

Re: How do I monitor my PF based firewall?

2009/3/4 Lars Noodin larsnoo...@openoffice.org: Or do you want visualization? http://www.openbsd.org/4.4_packages/i386/pfstat-2.3p0.tgz-long.html While pfstat is nice (I use it), it's daily compression job is also slow. mrtg is the way to go... Best Martin

Re: How do I monitor my PF based firewall?

On Wed, 2009-03-04 at 11:33 +0100, Falk Brockerhoff - smartTERRA GmbH wrote: Am 04.03.2009 um 11:23 schrieb Lars Noodin: It's probably simplest to start with pftop. After a first quick look pftop is a great tool for debugging und manually monitoring firewall activity. But it seems that I

Re: How do I monitor my PF based firewall?

2009/3/4 Falk Brockerhoff - smartTERRA GmbH n...@smartterra.eu Am 04.03.2009 um 11:23 schrieb Lars Noodin: Or do you want visualization? http://www.openbsd.org/4.4_packages/i386/pfstat-2.3p0.tgz-long.html Yes, but I want to use cacti for visualization as I use it for anything else :) If

Re: Using ldap everywhere ...

Hi everybody, I'm trying to set up a web/mail/dns/ftp/etc. ... using ldap everywhere... But It seems that serving ns zones over ldap is not possible on OpenBSD... The sdb-ldap backend is not in the OpenBSD ports... For the Apache vhosts, i've found that module mod_ldapvhost. But it's

AMD64 24th Feb Panic uvm_pdaemon.c

Hi Guys, I currently running AMD64.MP snapshot from 24th Feb '09. On the blue screen it says: Panic : kernel diagnostic assertion uvmexp.swpgonly = uvmexp.swpages failed : file ../../../../uvm/uvm_pdaemon.c, line 575 ddb trace Panic () at panic +0x122 __assert() at __assert + 0x21

Re: How do I monitor my PF based firewall?

Dan Carley dan.car...@gmail.com wrote: 2009/3/4 Falk Brockerhoff - smartTERRA GmbH n...@smartterra.eu Am 04.03.2009 um 11:23 schrieb Lars Noodin: Or do you want visualization? http://www.openbsd.org/4.4_packages/i386/pfstat-2.3p0.tgz-long.html Yes, but I want to use cacti for

Re: How do I monitor my PF based firewall?

On Wed, Mar 04, 2009 at 09:32:44AM +0100, Falk Brockerhoff - smartTERRA GmbH wrote: Hello, I like to monitor my firewalls using snmp and cacti. But I don't know how to get all the information about pf, states, etc. On the net I only found hints about older OpenBSD Versions (I use OpenBSD

Re: How do I monitor my PF based firewall?

Am 04.03.2009 um 14:10 schrieb Jason Dixon: Here's how you can use net-snmp's extend functionality: $ cat /usr/local/sbin/countPFstates.sh #!/bin/sh pfctl -si | grep entries | awk '{print $3}' Ok, this is a way we can go. Is there any possibility to use the extend feature with openbsd

Re: How do I monitor my PF based firewall?

On Wed, Mar 04, 2009 at 02:17:30PM +0100, Falk Brockerhoff - smartTERRA GmbH wrote: Am 04.03.2009 um 14:10 schrieb Jason Dixon: Here's how you can use net-snmp's extend functionality: $ cat /usr/local/sbin/countPFstates.sh #!/bin/sh pfctl -si | grep entries | awk '{print $3}' Ok, this

Re: How do I monitor my PF based firewall?

Am 04.03.2009 um 14:46 schrieb Jason Dixon: Other people use the PF-MIB patch to net-snmp. We don't need that functionality. We like to monitor the following for our PF firewalls in Cacti: The number of the passed and blocked packets would be also interesting. Perfect, if I can get

Re: How do I monitor my PF based firewall?

On Wed, Mar 04, 2009 at 02:55:46PM +0100, Falk Brockerhoff - smartTERRA GmbH wrote: Am 04.03.2009 um 14:46 schrieb Jason Dixon: Other people use the PF-MIB patch to net-snmp. We don't need that functionality. We like to monitor the following for our PF firewalls in Cacti: The number of

Re: How do I monitor my PF based firewall?

On 04/03/2009, Jason Dixon ja...@dixongroup.net wrote: On Wed, Mar 04, 2009 at 02:17:30PM +0100, Falk Brockerhoff - smartTERRA GmbH wrote: Ok, this is a way we can go. Is there any possibility to use the extend feature with openbsd builtin snmpd? Not currently. I don't believe there are any

Re: Using ldap everywhere ...

Since you seem to get few responses to this, I'll give you my $.02 here: After years of using OpenBSD, I've come to the conclusion that OpenBSD is best served with as little fuzz as possible (using what's in the base system if at all possible). Of course you can install ISC bind if that helps

Re: Using ldap everywhere ...

Am 04.03.2009 um 15:15 schrieb Alexander Hall: Since you seem to get few responses to this, I'll give you my $.02 here: After years of using OpenBSD, I've come to the conclusion that OpenBSD is best served with as little fuzz as possible (using what's in the base system if at all

Re: Using ldap everywhere ...

I totally agree with what you say... But the goal of our jobs is to satisfy the user and to help him to get what he wants. Saying that i'm not saying I will forget security, performance and stability. My specific goal is to manage, over openldap the maximum of services. I've been using OpenBSD

Re: Using ldap everywhere ...

CC: misc@openbsd.org From: m...@msys.ch To: alexan...@beard.se Subject: Re: Using ldap everywhere ... Date: Wed, 4 Mar 2009 16:51:15 +0100 Am 04.03.2009 um 15:15 schrieb Alexander Hall: Since you seem to get few responses to this, I'll give you my $.02 here: After years of using

chsh patch ...

Hi I got sick when adding a expire date for an useraccount with chsh. The line with the format shows [month day year] but the parameter you have to insert is the monthname as local name or an abbreviation. My patch adds the possibility to enter the old format and the numerical format as well.

Re: Using ldap everywhere ...

But It seems that serving ns zones over ldap is not possible on OpenBSD... The sdb-ldap backend is not in the OpenBSD ports... You can add dlz-ldap backend to OpenBSD's bind. All you need to do (assuming that you've got OpenBSD's sources in /usr/src and bind-9.4.2-P2.tar.gz unpacked in your

Re: Using ldap everywhere ...

Marc Balmer wrote: Am 04.03.2009 um 15:15 schrieb Alexander Hall: Since you seem to get few responses to this, I'll give you my $.02 here: After years of using OpenBSD, I've come to the conclusion that OpenBSD is best served with as little fuzz as possible (using what's in the base system

Re: Using ldap everywhere ...

a. e. wrote: I totally agree with what you say... But the goal of our jobs is to satisfy the user and to help him to get what he wants. Saying that i'm not saying I will forget security, performance and stability. My specific goal is to manage, over openldap the maximum of services. I've been

Re: 3Qs, including How insane to have /var mount with softraid discipline raid 1 ?

On Tue, 3 Mar 2009 22:26:09 -0600 Marco Peereboom sl...@peereboom.us wrote: #1 no #2 i use softraid for all kinds of uses; nothing you mention here is odd or out of place #3 that is correct; the lazy author still hasn't finished partial bringup and rebuilds. that guy kind of sucks

Re: Problems with vnc on OpenBSD 4.4

I *think* (hope) you're running into what I've worked on before. It's in the archives... http://archives.neohapsis.com/archives/openbsd/2007-11/0691.html -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Dr. Harry Knitter Sent: Wednesday,

IBM System x3650 + System Storage DS4700 not working on last snap.

Hello, I'd recently make a try to boot -current OpenBSD on Subj system (results): 0. bsd.rd: boot boot bsd.rd booting tftp:bsd.rd: 5197108+918896 [52+205088+189820]=0x635ae8 entry point at 0x200120 Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All

Re: ar5213a stuck on 11b

On Mon, Mar 2, 2009 at 9:52 PM, FRLinux frli...@gmail.com wrote: media: IEEE802.11 autoselect mode 11b hostap status: active Hello, I have looked at this issue a bit closer. The speed I am getting from the client seems faster than 11b, would that be vaguely possible for openbsd to

Re: How do I monitor my PF based firewall?

On Wed, Mar 04, 2009 at 09:32:44AM +0100, Falk Brockerhoff - smartTERRA GmbH wrote: Hello, I like to monitor my firewalls using snmp and cacti. But I don't know how to get all the information about pf, states, etc. On the net I only found hints about older OpenBSD Versions (I use OpenBSD 4.4

Re: disk perfomance issues with Symbios Logic MegaRAID SAS 1064R and mfi driver

Thanks for your response. Sorry I left out any details in my intial email. Also wanted to thank you Marco for all the work you've done for openbsd. We are running a fairly basic bonnie++ test like so bonnie++ -d /path -s 12000 -m machinename -u 0:0 Here are the full details: Version 1.03

Re: Corny shit with filesystems + mp3 player

2009/2/12 Ted Unangst ted.unan...@gmail.com: On Thu, Feb 12, 2009 at 11:56 AM, auto709...@hushmail.com wrote: Is it possible to end up with a FAT 12 file system + some kind of Netware (Novell or otherwise) on a hard drive which used to be a hard drive with one partition through plugging in

4.5 snapshot fails to detect pcmcia/cardbus adapters

Hi, I have just tried out the 4.5 snapshot on a laptop, and found that the cardbus/ethernet adapters I used are no longer detected. Both types had been working with OpenBSD v4.4. The laptop had OpenBSD v4.4 installed, and the card was detected as in this extract. ep1 at pcmcia0 function 0

Re: Upgrade on non-live disk

Tue, 03 Mar 2009 07:17:56 -0500 steve.shock...@shockley.net: On 3/2/2009 7:31 PM, Damon McMahon wrote: Is it possible/wise to follow the upgrade instructions on a non-live OpenBSD disk mounted on /altroot? I have a second drive I use as a non-live mirror with dd(1); can I use the

Re: 4.5 snapshot fails to detect pcmcia/cardbus adapters

Hi, Update, had an idea to try same adapters in second laptop, can't install OpenBSD v4.5 from snapshot, but could run up bsd.rd off the install CD and get the dmesg, as below, on this laptop the cards are detected. OpenBSD 4.5 (RAMDISK_CD) #1112: Sat Feb 28 15:06:26 MST 2009

OBSD 4.5 - Lenovo Thinkpad T60 suspend resume

Does anyone know whether ACPI suspend/ resume now works? I do ctrl+alt + F1 (or 2, 3.. ) and try to suspend from there with zzz and I get message: suspending system but nothing happens. I get the same message when I type zzz from my wm (awesome). Here's my dmesg. Thanks; OpenBSD 4.5

Re: OBSD 4.5 - Lenovo Thinkpad T60 suspend resume

On Wed, Mar 4, 2009 at 10:26 PM, Chris atst...@gmail.com wrote: Does anyone know whether ACPI suspend/ resume now works? I do ctrl+alt no, nor in 4.5. but it is being worked on.

Re: disk perfomance issues with Symbios Logic MegaRAID SAS 1064R and mfi driver

On Wed, 4 Mar 2009 18:30:47 -0500 Denis Hainsworth de...@alumni.brandeis.edu wrote: So since machine1 and machine3 are running the same exact software it would seem to indicate a hardware issue. Yet the same hardware running openbsd 4.4 also seems ok which tends to indicate some odd

scrotwm.conf setting custom xterm

Greetings, In my .profile I have the following: PS1=\...@\h \w \$ export PS1 On the console, I see: u...@host pwd $ I was looking at the man page for xterm(1), and I saw that by invoking xterm -ls, the terminal should read .profile, and set the prompt. In an xterm, I was able to run xterm

Re: scrotwm.conf setting custom xterm

scrotwm uses newlines, spaces, tabs, and '=' as conf file delimiters. It thus does not recognize quoted strings, but breaks at the first delimiter it finds. To configure xterm, you need to use the .Xdefaults file, although that does not look like what you need. scrotwm may not be able to do what

Re: disk perfomance issues with Symbios Logic MegaRAID SAS 1064R and mfi driver

On Wed, Mar 04, 2009 at 06:30:47PM -0500, Denis Hainsworth wrote: Thanks for your response. Sorry I left out any details in my intial email. Also wanted to thank you Marco for all the work you've done for openbsd. We are running a fairly basic bonnie++ test like so bonnie++ -d /path

Re: scrotwm.conf setting custom xterm

On Wed, Mar 04, 2009 at 10:28:43PM -0700, Matt Jibson wrote: I was looking at the man page for xterm(1), and I saw that by invoking xterm -ls, the terminal should read .profile, and set the prompt. In an xterm, I was able to run xterm -ls and have just this exact thing happen. Then I