Damian Higgins wrote:
Hi Stuart,
First off, thank you for the feedback you provided. Unfortunately, you
misunderstood the issue I'm encountering because you haven't read my
entire post. So, I'll try to make a brief post of the previous
message, to make it easier to read, and hope you will have
soko.tica Wrote:
Hello, list
When I tried to see pf log of my recently installed OpenBSD 4.4
desktop box, I've got the message that snaplen has been raised from 96
to 116, even when I did give it a try with -s 96.
That is normal. The snaplen is only used for listening on an interface.
When
On 2008-11-06, Stuart Henderson wrote:
On 2008-11-05, Limaunion [EMAIL PROTECTED] wrote:
Hi, for some reason my OpenBSD 4.4 firewall is been able to negotiate
dhcp request although there are no rules that allow this operation.
dhcp uses BPF (like tcpdump does), this is below PF and is not
I have previously used two PPPoE links succesfully. The
sys/net/if_pppoe.c:pppoe_find_softc_by_session() is correct as long as
the devices are attached to different ethernet devices.
Since you have not provided any information about your configuration, I
can only make a guess. I would say
Joaquin Fernandez Piqueras wrote:
The problem is that the bridge doesn't filter anything. I tried to put
rules that block everything but only filter administration interfaces.
The trafic still go through the bridge.
Are you perhaps using VLANs on the network you are bridging?
Are you bridging
Hey
so now I changed the tagging from tcp_output to ip_output.
I also put an pf_tag_unref to so_free and sosetopt (in case that there
is allready a tag set).
I couldn't see a reason for a pf_tag_unref in the so_accept because
the socket could be reused.
Thanks to Henning for the ideas!
Nice, you probably want to keep the application/kernel tag name spaces
distinct though. Otherwise it would be easy for any local user/program
to mess with pf.conf generated tags and bypass filtering etc. It could
be as easy as adding a prefix (APP_ ?) to all application generated
Darrin Chandler wrote:
On Wed, Oct 24, 2007 at 11:46:34PM -0400, Brian wrote:
Make sure you have restarted Firefox after making changes to
/etc/resolv.conf. Specifically, the application-level DNS cache will
contain old data if you have not restarted it. This bit me for 3
minutes straight
L. V. Lammert wrote:
At 05:12 PM 10/24/2007 +0200, Henning Brauer wrote:
* L. V. Lammert [EMAIL PROTECTED] [2007-10-24 16:46]:
Virtualization provides near absolute security - DOM0 is not visible to
the user at all, only passing network traffic and handling kernel calls.
The security comes
L. V. Lammert [EMAIL PROTECTED] wrote:
If not, then security issues compound due to multiple guest OSs and
each set
of inherent vulnerabilities.
security issues and protections do not add up like numbers.
Sure they do. If I'm running Windoze as a guest OS, there are hundreds or
Tony Sarendal [EMAIL PROTECTED] wrote:
On 10/21/07, Henning Brauer [EMAIL PROTECTED] wrote:
* Tony Sarendal [EMAIL PROTECTED] [2007-10-21 14:50]:
stateless is poop.
What will happen when the limit of maximum concurrent states is reached
?
Will it stop forwarding new flows ?
depends on
Tony Sarendal [EMAIL PROTECTED] wrote:
To design a reliable IP network I would need the devices to be able to
handle
the desired pps rate even when that state limit is exceeded.
Many routing devices have over the years achieved good performance by
different flow caching
methods, we have
Anton Karpov [EMAIL PROTECTED] wrote:
2007/10/10, Stuart Henderson [EMAIL PROTECTED]:
On 2007/10/10 20:43, [EMAIL PROTECTED] wrote:
Nice to hide your local network IP ;)
Do not show it anyone!
On 10/10/07, Anton Karpov [EMAIL PROTECTED] wrote:
It's a kind of useless and funny XSS...
On 9/6/07, asdf [EMAIL PROTECTED] wrote:
--- Can Erkin Acar [EMAIL PROTECTED] wrote:
pppoe is not included in the installation kernels. You have a few
choices, in order of preference:
But the GENERIC kernel that is installed does contain support for PPPoE?
Sure.
3. if you have
asdf wrote:
Is it possible to install OpenBSD on a machine connected to a DSL modemusing
the
PPPoE network connection? I have an old PC I'd like to use as a router for my
new
DSL internet service and I am pretty sure that its CD-ROM drive is
non-functional.
pppoe is not included in the
Umaxx wrote:
hi,
after upgrading my router to -current the dsl pppoe connection does not work
anymore.
userland ppp connects fine but freezes after K30 seconds. freeze means the
connection is still there no errors shown in logs and ifconfig state is normal
but there is no more incoming
Jurjen Oskam wrote:
Hi there,
I'm using OpenBSD 4.1-stable/amd64 (dmesg below). I'm setting up ipsec to
secure my wireless network, and that seems to work great. (Great job on the
new way to configure ipsec, by the way!)
When using tcpdump on the enc0 interface, I noticed that it
On 2007-03-28 Tamas TEVESZ wrote:
ok, so i'm not *entirely* sure it's with pppoe(4), but as far as i can
put bits and pieces together, it's always happening after ifconfig
pppoe0 down; ifconfig pppoe0 destroy and then either sh
/etc/netstart pppoe0 or (the second case) starting ppp(8).
Dan Farrell wrote:
I'm running Snort 2.4.5 (the pkg) on OpenBSD 4.0 and I use a bpf filter
file to have Snort ignore certain hosts altogether.
The command I'm using is 'snort -D -i dc1 -F bpfile'
The kernel has a limit for the maximum number of filter
instructions. Currently it is set to
On Thu, Dec 21, 2006 at 03:29:51PM +0200, Dominik Zalewski wrote:
On Thursday 21 December 2006 15:04, Peter N. M. Hansteen wrote:
Dominik Zalewski [EMAIL PROTECTED] writes:
I have OpenBSD 4.0 firewall and I would like to redirect all outgoing
http requests to my squid web proxy.
On Thu, Dec 21, 2006 at 02:39:50PM +, Stuart Henderson wrote:
On 2006/12/21 15:29, Dominik Zalewski wrote:
In this article squid is running on the same machine as OpenBSD firewall.
In
my case I have squid running on different machine connected to LAN
interface.
My question is
Edy [EMAIL PROTECTED] wrote:
Hi,
I am trying to configure spamd on the current bridge PF firewall which
is running on OpenBSD 4.0
fxp0 and fxp1 both are setup as bridge interfaces
the following is the rdr rule for spamd
## Spamd Stuff
# Table that spamd updates
table spamd persist
On Sat, Sep 02, 2006 Nick Holmes wrote:
I'm currently in the position where I have an OpenBSD firewall (standard
issue x86 affair), a Zyxel 660H-61 ADSL router, and two 3COM WLAN devices
providing the necessary services. I'd very much like to consolidate and get
one box doing the lot
On Monday 22 May 2006 Liviu Daia wrote:
On 22 May 2006, Lars Hansson [EMAIL PROTECTED] wrote:
On Monday 22 May 2006 17:27, Liviu Daia wrote:
Ok, let me rephrase this. How realistic will be to run an
OpenBSD firewall or router without xbase a few years from now?
Extremely realistic.
On 10/02/06, Damon McMahon [EMAIL PROTECTED] wrote:
Greetings,
I'm having trouble getting pppoe(4) to establish a connection from my
OpenBSD 3.7 RELEASE (+ errata patches) box to my ISP through a Netgear
DG632 in bridge mode. I can successfully establish a connection using
pppoe(8) although
Claudio Jeker wrote:
On Wed, Nov 02, 2005 at 04:42:12PM +0100, Henning Brauer wrote:
* Dulmandakh Sukhbaatar [EMAIL PROTECTED] [2005-11-02 05:25]:
I'm new to OBSD, and configured in-kernel pppoe as my internet gateway.
I found out that with userland pppoe automatic reconnect is posible,
Antoine Jacoutot wrote:
Jason McIntyre wrote:
my hostname.pppoe0 file does this without problem. i guess the problem
is you specify an exact ip, but a wildcard for your gateway.
Sorry about that. I was not very clear. In fact, I also tried to set the
gateway to a fixed IP, but it does not
You possibly have other/previous pppoe sessions not being
terminated correctly. The reason is that, the kernel pppoe
does not terminate unknown sessions (ie. not handled by itself).
see pppoe(4) manual page for details, compiling a kernel
with PPPOE_TERM_UNKNOWN_SESSIONS option may help.
Can
Talmage wrote:
I'm planning on implementing a OpenBSD all-in-one router/firewall/
PPPoE_client/VPN_server and have been having issues getting the in-
kernel PPPoE to work which is the first thing I'm working on. I've
checked the pppoe(4) manpages but still haven't been able to get it
Melameth, Daniel D. wrote:
I've looked into this further and still cannot determine where the issue
lies. Based on some advice, I unplugged the OpenBSD machine and setup a
Windows XP machine instead. The Windows native PPPoE client was able to
download at 5.5Mb/s and the OpenBSD machine was
Josh Grosse wrote:
[snip]
I have a VT8235 southbridge chip, providing integrated AC97 audio.I
just want 2-channel (stereo) output, but am only able to obtain
left-channel output from the soundcard. I'm running 3.7-release, and
of course its using the auvia(4) driver.
[snip]
ac97: codec
Jason Ackley wrote:
Can you try turning on the debug flag to pppoe0 ?
Good advice, debug mode gives lots of useful output
also tcpdump on the parent interface, eg. 'tcpdump -nei fxp0 no ip'
helps.
I just tested this in a lab setup and it would not connect unless the
debug flag was set on the
32 matches
Mail list logo