Re: iked + gif + ospfd - use null-route to stop default route being used in case of no vpn

On Tue, Nov 07, 2017 at 04:13:51PM +0100, Jeremie Courreges-Anglas wrote: > On Tue, Nov 07 2017, Kim Zeitler wrote: > > On 11/07/17 15:31, Jeremie Courreges-Anglas wrote: > >> On Tue, Nov 07 2017, Stuart Henderson wrote: > > > > I have a

Re: iked + gif + ospfd - use null-route to stop default route being used in case of no vpn

On Tue, Nov 07, 2017 at 02:42:29PM +, Stuart Henderson wrote: > On 2017/11/07 15:31, Jeremie Courreges-Anglas wrote: > > On Tue, Nov 07 2017, Stuart Henderson wrote: > > > On 2017-11-07, Kim Zeitler wrote: > > >> This is a cryptographically

Re: Hellos from the Lands of Norway.

3rd > second that ... > > On Tue, Nov 7, 2017 at 9:47 AM, Christer Solskogen < > christer.solsko...@gmail.com> wrote: > >> On Tue, Nov 7, 2017 at 3:55 PM, Ywe Cærlyn >> wrote: >> >> > Well I have introduced myself then. >> > >> > Maybe I will write some more posts at a

Re: Hellos from the Lands of Norway.

SOUL OF ROOT 55 Is that you??? On Nov 7, 2017 11:52 AM, "Base Pr1me" wrote: > second that ... > > On Tue, Nov 7, 2017 at 9:47 AM, Christer Solskogen < > christer.solsko...@gmail.com> wrote: > > > On Tue, Nov 7, 2017 at 3:55 PM, Ywe Cærlyn wrote: > >

Re: Hellos from the Lands of Norway.

second that ... On Tue, Nov 7, 2017 at 9:47 AM, Christer Solskogen < christer.solsko...@gmail.com> wrote: > On Tue, Nov 7, 2017 at 3:55 PM, Ywe Cærlyn wrote: > > > Well I have introduced myself then. > > > > Maybe I will write some more posts at a later time. > > > > > I

Re: Hellos from the Lands of Norway.

On Tue, Nov 7, 2017 at 3:55 PM, Ywe Cærlyn wrote: > Well I have introduced myself then. > > Maybe I will write some more posts at a later time. > > I have a suggestion. Don't. -- chs

Re: Hellos from the Lands of Norway.

Well I have introduced myself then. Maybe I will write some more posts at a later time. Peaceful Salutations.

Re: pf not redirecting DNS queries

On 11/7/2017 9:39 AM, Jeremie Courreges-Anglas wrote: On Mon, Nov 06 2017, Scott Bennett wrote: [...] $ cat /etc/resolv.conf.tail search 123090.net lookup file bind options edns0 Just being curious, why use "options edns0" here? I haven't actually modified this

Re: pf not redirecting DNS queries

On 11/7/2017 8:46 AM, Stuart Henderson wrote: On 2017-11-07, Scott Bennett wrote: I want to be able to enforce that all queries get funneled to OpenDNS. I don't want someone to be able to outsmart the filter, at least at this one level. Redirection lets me configure

Re: Error : page Ports - Working with Ports

On Tue, Nov 07, 2017 at 01:09:02PM +0100, Stephane HUC "PengouinBSD" wrote: > I'm not going to submit a diff when I'm trying to understand if what i'm > higlighting it's normal... really, sorry! You might be surprised at how much you learn about an issue, and refining your thoughts, by preparing

Re: iked + gif + ospfd - use null-route to stop default route being used in case of no vpn

On 11/07/17 16:13, Jeremie Courreges-Anglas wrote: On Tue, Nov 07 2017, Kim Zeitler wrote: On 11/07/17 15:31, Jeremie Courreges-Anglas wrote: On Tue, Nov 07 2017, Stuart Henderson wrote: I have a question concerning routes and ospf. We are

Re: iked + gif + ospfd - use null-route to stop default route being used in case of no vpn

On Tue, Nov 07 2017, Kim Zeitler wrote: > On 11/07/17 15:31, Jeremie Courreges-Anglas wrote: >> On Tue, Nov 07 2017, Stuart Henderson wrote: > I have a question concerning routes and ospf. We are using iked(8) with a gif(4)

Re: iked + gif + ospfd - use null-route to stop default route being used in case of no vpn

On 11/07/17 15:31, Jeremie Courreges-Anglas wrote: On Tue, Nov 07 2017, Stuart Henderson wrote: I have a question concerning routes and ospf. We are using iked(8) with a gif(4) interface and ospfd(8) to set up=20 routing. If the ipsec tunnel is down, no ospf route is

Re: iked + gif + ospfd - use null-route to stop default route being used in case of no vpn

On 2017/11/07 15:31, Jeremie Courreges-Anglas wrote: > On Tue, Nov 07 2017, Stuart Henderson wrote: > > On 2017-11-07, Kim Zeitler wrote: > >> This is a cryptographically signed message in MIME format. > >> > >>

Re: pf not redirecting DNS queries

On Mon, Nov 06 2017, Scott Bennett wrote: [...] > $ cat /etc/resolv.conf.tail > search 123090.net > lookup file bind > options edns0 Just being curious, why use "options edns0" here? -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE

Re: iked + gif + ospfd - use null-route to stop default route being used in case of no vpn

On Tue, Nov 07 2017, Stuart Henderson wrote: > On 2017-11-07, Kim Zeitler wrote: >> This is a cryptographically signed message in MIME format. >> >> --ms030007050806020307030407 >> Content-Type: text/plain; charset=utf-8; format=flowed

Re: Hellos from the Lands of Norway.

Your name is not Norwegian. What's going on here? On Tue, Nov 7, 2017 at 2:37 PM, Stuart Henderson wrote: > On 2017-11-07, Ywe Cærlyn wrote: > > I hate replying to a post about licenses, but you're missing something > fundamental here... > > >

Re: pf not redirecting DNS queries

On 2017-11-07, Scott Bennett wrote: > On 11/6/2017 9:29 PM, trondd wrote: >> On Mon, November 6, 2017 8:50 pm, Scott Bennett wrote: >>> pass quick proto { tcp, udp } to port $udp_ports >> >> Because you're telling pf to pass all taffic on port domain to anywhere. >> Quick

Re: Hellos from the Lands of Norway.

On 2017-11-07, Ywe Cærlyn wrote: I hate replying to a post about licenses, but you're missing something fundamental here... >The real song > of the GNU licence is this. And "thou shall make no money". Not

Re: Hellos from the Lands of Norway.

On Tue, Nov 7, 2017, at 06:13 AM, mich...@hekeler.com wrote: > This seems to be a very technically orientated and serious discussion. > ‎Chapeau, Mr. Ywe Cærlyn! > God Bless Norway!

Re: iked + gif + ospfd - use null-route to stop default route being used in case of no vpn

On 2017-11-07, Kim Zeitler wrote: > This is a cryptographically signed message in MIME format. > > --ms030007050806020307030407 > Content-Type: text/plain; charset=utf-8; format=flowed > Content-Language: en-GB > Content-Transfer-Encoding: quoted-printable >

Re: Error : page Ports - Working with Ports

(...) > This will: > > a) indicate clearly what you are talking about without you having to >scramble to explain what you mean > b) force you to propose a solution, so it's easy to understand what you >think is wrong > c) allow me (or someone else) to apply, tweak and commit the fix if it

Re: Error : page Ports - Working with Ports

Quote from the FAQ. Summary: Some ports are split into several packages. make install will only install the main subpackage. To list the different packages built by a port, use: $ make show=PKGNAMES make install will only install the main subpackage. To install them all, use: $ make install-all

Re: Error : page Ports - Working with Ports

On Tue, Nov 07, 2017 at 12:41:22PM +0100, Stephane HUC "PengouinBSD" wrote: > > > Le 11/07/17 à 12:34, Rodrigo Mosconi a écrit : > (...) > >> " > >> By twice: "make install will only install the main subpackage". Normal? > >> > > > > [make install] is a command that is writen in the shell.

Re: Error : page Ports - Working with Ports

Le 11/07/17 à 12:34, Rodrigo Mosconi a écrit : (...) >> " >> By twice: "make install will only install the main subpackage". Normal? >> > > [make install] is a command that is writen in the shell. realize that is > in mono-spaced font, so it is something from terminal > > I'm sorry, but you

Re: Error : page Ports - Working with Ports

2017-11-07 9:25 GMT-02:00 Stephane HUC "PengouinBSD" : > Hi, all... > > Into page "Ports - Working with Ports", in "Using flavors and > subpackages" section, > https://www.openbsd.org/faq/ports/ports.html#PortsFlavors > > It's wrote: > " Summary: Some ports are split into

Error : page Ports - Working with Ports

Hi, all... Into page "Ports - Working with Ports", in "Using flavors and subpackages" section, https://www.openbsd.org/faq/ports/ports.html#PortsFlavors It's wrote: " Summary: Some ports are split into several packages. make install will only install the main subpackage. To list the different

Re: Hellos from the Lands of Norway.

This seems to be a very technically orientated and serious discussion. ‎Chapeau, Mr. Ywe Cærlyn!

iked + gif + ospfd - use null-route to stop default route being used in case of no vpn

Hello I have a question concerning routes and ospf. We are using iked(8) with a gif(4) interface and ospfd(8) to set up routing. If the ipsec tunnel is down, no ospf route is set and the default route used. Is it sensible and possible to add a null-route from the vpn-gateway to the

relayd: make icmp check engine optional because ICMP may be forbidden (feature request)

Wanted to try relayd inside a FreeBSD jail which has raw socket support disabled (default of ezjail for security reasons [0]). By chance, the jail also has IPv6 disabled. The hce program will fail to start in check_icmp.c:icmp_init because these two network features are not available. I don't