On 14/02/13(Thu) 16:22, Kent Fritz wrote:
This works for me. I just installed the latest snapshot, synced the
source, applied your patch, built and installed and it works just
fine.
Hate Gmail for patches, though.
Thanks. Hope I replied in time to make the 5.3 cut. :)
Yep, it's in
On 2013-02-15, What you get is Not what you see wygin...@gmail.com wrote:
Here is ifconfig
# ifconfig re5
re5: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr ..
priority: 0
media: Ethernet autoselect (1000baseT
Is anyone here using the Soekris net6501-70 as a router+firewall? If
so what kind of performance are you seeing (throughput, PPS, etc)?
I'm considering this system for a 30-40 user environment. It will
handle web, ssh, voip, and other basic traffic. QoS will be needed.
Thanks.
-Gene
hi folks, does any one know why i have to reboot OpenBSD in order to start up
the Fan of my laptop witch is Compaq nx6325 i mean if i start up the machine
the fan does not work and it shut down to protect the cpu but if i reboot the
machine everything works fine (the fan)dmesg:OpenBSD 5.2
Gene,
I've used the PcEngines Alix2d3 board with Freebsd for a similiarly sized
office and had good success with it. We had a 30mbit pipe, 30 users, VoIP/QoS
and IPSec to our 3 data centers. Doing IPSec around 15mbit will put some load
on the CPU but it was able to handle it pretty well. I
On Fri, Feb 15, 2013 at 9:52 AM, reza r...@lethalnetworks.com wrote:
Gene,
I've used the PcEngines Alix2d3 board with Freebsd for a similiarly sized
office and had good success with it. We had a 30mbit pipe, 30 users, VoIP/QoS
and IPSec to our 3 data centers. Doing IPSec around 15mbit will
Hi
I actually use this system for our office of roughly 10 people. DHCP,
Squid, SquidGuard, Snort, IPSEC and PF. Works like a champ. Only a
single 100Mbit pipe coming in, but we are able to hit 97Mbit on
downloads. I haven't tested the throughput yet on the VPN side.
Marc
On 02/15/2013
Even a 5501 or Alix would probably be enough for that quantity of user.
If your in north america, you should look lanner fw-7535 that cost less
than a net6501-70. It's a great router and lanner have a really good
customer support, one of the best I have seen.
Michel
I have to agree on all these points. PF is the absolute best firewall I've
used on any platform. Not only is it the simplest to configure but it has
superior logging facilities.
I'd much rather not have any ISP tell me what traffic I can or cannot
receive. If you do that, say goodbye to open
Depending on pps an alix might be pushing it. In any event it wouldn't
give a lot of headroom.
Soekris 6501, axiomtek na320 etc would be better, though
depending on the environment a dell r210 or some supermicro box
with core/xeon e3 might also be good choices.
On 2013-02-15, reza
I was wondering why nobody has ever created a shell for pf so that you
could manipulate it in a way similar to JunOS instead of editing
pf.conf. Also show / monitor commands. Hierarchical edit mode, stuff
like that.
I was wondering why nobody has ever created a shell for pf so that you
could manipulate it in a way similar to JunOS instead of editing
pf.conf. Also show / monitor commands. Hierarchical edit mode, stuff
like that.
Because pf does not follow the configuration model of a switch or
router, or
On Fri, Feb 15, 2013 at 8:42 PM, Theo de Raadt dera...@cvs.openbsd.orgwrote:
I was wondering why nobody has ever created a shell for pf so that you
could manipulate it in a way similar to JunOS instead of editing
pf.conf. Also show / monitor commands. Hierarchical edit mode, stuff
like
Thanks for the reply Theo, big fan of OpenBSD
Someone referred me to NSH which is exactly what I was thinking of. It
even incorporates ifconfig so you can do all the layer 2 stuff which
is more than I was hoping for. Can't wait to play with it. I know
exactly what you mean about the hardware
Someone referred me to NSH which is exactly what I was thinking of.
No, NSH is now what you are thinking of at all.
You are asking for something which nests the *entire heirarchy* of
command structure to control interfaces and stuff PLUS pf... but NSH
cannot do that in the 'natural way' you ask
I would like to offer a suggestion though from my experience,
simplifying the configuration of a device greatly increases its
security, operationally. So if users (network IT staff) are presented
with something vaguely familiar to what they would encounter in the
other equipment like cisco or
I was drawing from situations where we implemented hardware from a
less well known vendor that has a completely different configuration
style than what most people are used to. We end up having more outages
caused by human error to the point where the equipment gets a bad
reputation.
Hi,
I own an ISP and I see no problem using OpenBSD, or Cisco as routers and
I have no problem with the configuration of PF. I kind of find it much
simpler then Cisco. Definitely better man page for sure! (:
Just know, you don't need every single features of PF to have a great
router. PF does
Well in this case JunOS, IOS, and Brocade would be what people know
and are accustomed to, because these are common brands. But I was
speaking of my experiences in working at an ISP and using vendors that
most people haven't heard of. Alcatel, Atrica to name a couple,
multi-service customer
19 matches
Mail list logo