* Sebastian Reitenbach [2012-04-17 10:40]:
> On Tuesday, April 17, 2012 09:35 CEST, Henning Brauer
> wrote:
>
> > * Marcin [2012-04-17 08:59]:
> > > I am looking for a hardware recommendation for a new OpenBSD based
> > > firewalls. So far I have been usi
cious data on those disks and have two
machines.
I'm very happy with Supermicro X9SC* based systems, with Xeon E3-1220
and an Intel SSD. Check with your local supplier for exact model
options. Superior performance, 35W idle, no trouble whatsoever, fair
pricing.
--
Henning Brauer, h...@b
* patrick keshishian [2012-04-11 14:55]:
> On Wed, Apr 11, 2012 at 12:20:30PM +0200, Henning Brauer wrote:
> don't you need two different index vars for this next
> section?
no, why?
> > + for (i = 0; i < n; i++)
> > + if (i < npflogifs)
> >
* Siju George [2012-04-11 14:25]:
> On Wed, Apr 11, 2012 at 3:50 PM, Henning Brauer wrote:
> >
> > please try this & report back
> >
>
> Thanks Henning but I need some help :-(
>
> I got the following errors and I have attached the .rej files
diffs are
* Henning Brauer [2012-04-11 11:26]:
> * Siju George [2012-04-10 08:16]:
> > On Tue, Apr 10, 2012 at 11:40 AM, Andres Perera wrote:
> > > altering the max might have consequences i don't know about:
> > I will stick with 15 :-)
>
> actually, bumping it sho
amically allocate the
pflogifs array.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
* Bjxrn Knutson [2012-03-28 11:31]:
> I don't know if you have seen this article at
> https://calomel.org/relayd.html , and or if it can help you .
certainly not. everything on calomel.org is garbage.
reading some other fairy tale is more insightful.
--
Henning Brauer, h...@bs
k on $int_if from prio 3
> #Admins have the highest priority
> pass in log quick on $int_if from prio 7
that might be a bit excessive logging :)
> #pass out from "the" interfaces
> pass out from ($int_if)
> pass out from (egress)
--
Henning Brauer, h...@bsws.de, henn...@op
* Brett [2012-03-24 03:18]:
> On Sat, 24 Mar 2012 02:43:53 +0100
> Henning Brauer wrote:
> > * Brett [2012-03-24 01:56]:
> > > > its normal behaviour. from xorg.conf(5):
> > > >
> > > > Option "DontZap" "boolean"
&
> > This action is normally used to terminate the Xorg server. When
> > this option is enabled, the action has no effect. Default: off.
>
> Would it make sense for this to be the "secure by default" default?
how exactly is preventing yourself from killing your o
le this will be kind of a DOS
> other zones are no longer able to create new pf states
no, there is noc such limit atm. you can and probably should have
limits on the individual rules tho.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Se
please, windows licensing and the liek are _completely_ off-topic.
please just let this thread die and let us come back to what this list
is for, OpenBSD-related questions and answers.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure
PF_PASS;" within pf.c.
it's the same to the compiler
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
> As in all of my 1 week being here not much help goes on just
> arguments and flames.
happens every now and then. it's not that we particularily like that,
but that's apparently the price for an open list.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Servi
install right onto softraid. and guess what, I'm
certain that'll happen rather sooner than later.
> Yes. Is it a technical challenge to implement further assistance?
"are you sure" style questions are certainly not "further assistance"
but rather annoying for mos
to scroll up. that red shiny button...
> The big question is, is this problem one that is common?
the fact that this afaict has never come up before here in all the
years is more than just a hint.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Servi
a user who doesn't pay
attention to the text on his screen - especially while installing an
OS, writing to disk, working with the artition table, the risk there
is utterly obvious, you gotta at least pay attention.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http
ng this for a couple of years and I don't
remember this coming up ever before. Which pretty much indicates that
this is just not a problem in practice.
> Maybe the OpenBSD philosophy is just not for me.
Maybe you just need to be a bit more open-minded and stop assuming
OpenBSD is j
* Rudolf Leitgeb [2012-03-05 13:21]:
> Am Montag, 5. Mdrz 2012, 12:36:56 schrieb Henning Brauer:
> > * Rudolf Leitgeb [2012-03-05 12:01]:
> > > That's the reason why companies which make secure encryption devices
> would
> > > never trust any CPU/OS combo. D
* Rudolf Leitgeb [2012-03-05 12:01]:
> That's the reason why companies which make secure encryption devices would
> never trust any CPU/OS combo. Depending on paranoia they offer you either
> an FPGA based solution or a hard wired one from logic ICs.
dream on.
--
Henning Brauer
* Christian Weisgerber [2012-03-04 21:46]:
> Henning Brauer wrote:
>
> > > A brief skim of the source (4.6p1) suggests that OpenNTPd passes on
> >
> > well, 4.6 is ancient. unfortunately nobody maintains the portable atm.
>
> The problem is that OpenNTPd stopp
* Phil Pennock [2012-03-04 21:05]:
> On 2012-03-04 at 19:30 +0100, Henning Brauer wrote:
> > * Phil Pennock [2012-03-04 13:23]:
> > > https://github.com/syscomet/openntpd
> >
> > please note that it takes a bit more for a new portable release,
> > namely, a
* Phil Pennock [2012-03-04 13:23]:
> On 2012-03-03 at 12:24 +0100, Henning Brauer wrote:
> > * Phil Pennock [2012-03-02 16:32]:
> > > A brief skim of the source (4.6p1) suggests that OpenNTPd passes on
> > well, 4.6 is ancient. unfortunately nobody maintains the portable
it afterwards as though fast" approach the planned
> behaviour, or merely a result of nobody getting around to implementing
> something better?
more of the latter then the former.
> Is there likely to be a release changing the behaviour before July 1st?
no.
--
Henning Brauer, h
isted as supporter when in fact their page is
> clearly Linux-only.
pls drop a mail to www@ then with this bit of info and ask for them to
be removed from support.html.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
the planet of course. details just complicate things.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
these to the 'net, but it's good enough for a seperate vlan or the
like to an openbsd box that you either run conserver on or just use to
jump through.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Serv
eps in the mind, but I would
> prefer having that done by machine.
>
> What do you think?
I'd look at the diff
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Ful
ocally terminated connections anyway
I gave the OP some input in private mail which I don't think belongs in
public. There is no one-size-fits-all recipe for dealing with DDoS.
And I certainly don't want to teach people how to make better DDoS
attacks.
--
Henning Brauer, h...@bsws.d
* keith [2012-02-17 14:33]:
> an "operator" was saying that it's the fan's in the servers that
> consume all the power.
He's wrong, the power LED takes all the power.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Servi
nd anyway - i have never seen such a dramatic design
fuckup as the bind10 design docs, and anything depending on PYTHON
(gimme a break) will never make it into base anyway.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mai
* Christiano F. Haesbaert [2012-02-11 14:25]:
> I think pf is not recalculating the checksum after nating, not sure if
> it should, henning ?
ip_output does that unconditionally, and i fixed the bridge to do that too
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services
* Pierre Berthier [2012-02-09 14:21]:
> anyone knows how to get a scsi bus rescan after adding a disk, without
> rebooting?
you can't really right now.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and D
d such).
correct.
> Still probably more expensive than Alix, though.
also correct, but their pricing is fair.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henni
ly?
no, the last one creates state (simplified, it isn't THAT simple
anymore, but that is still what it comes down to).
> Should I be using match rules to do nat-to/rdr-to instead?
should? maybe. depends. whatever is easier in your case.
could? yes.
--
Henning Brauer, h...@bsws.de, h
ssue.)
> Pears similar ciao,
that's what many of us do - full repository, synced somehow (i
personally rsync from another machine which in turn speaks cvsync to
bob) locally. Especially convenient when you sit in an airplane or the
like and want to diff...
--
Henning Brauer, h...@bsws.de, hen
announcements. 65 is EHOSTUNREACH and
exactly the error in that case.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
ace? if so, playing with
sysctl net.inet.ip.port* should help.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
extremely vague memories of something weird with locate
somewhen in the past. might misremember, doesn't matter, haven't seen
anything like that for a long time, so my advice is to upgrade.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Se
;echoreq"
> comp3="192.168.0.3"
>
> For maintenance sake, would it not be
> appropriate to define the other
> mysterious outgoing interface "fxp0"
> as well, as declared in the following
> options section?
>
> The ruleset migh suffer a little b
uchlike, merely a
> tentative status query. (BFD is appearing more & more frequently in the
> multi-vendor environments some of my OpenBSD boxen reside in).
we've been talking about it for at least 2 years now, but so far
nobody got around to actually write the code :(
--
Henning Brau
fact
> I've found this strange behavior while translating a Cisco acl :
>
> permit tcp any any range ftp ftp-data
>
> Translated to "port ftp:ftp-data", which if I understand well does not
> mean anything for PF.
right. pilot error.
--
Henning Brauer, h...@bsws.de
82 you ought to write 80 >< 82 and
not 82 >< 80.
> Then, port 81 is not filtered out.
correct, that is exactly what you told pf to do and it does.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail an
care to introduce
them to me?
> Got it, asshole?
a lemote? nope, I don't have one.
> I'll say to you what I said to the previous motherfucker who felt it
> necessary to impress me with his vast lack of knowledge on actually
> answering the question: go fuck yourself. Bye asshole!
hey miod, we must convince the rest of us to leave openbsd, this guy
here said so, and he's obviously an omniscient genius.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
> internal routes.
that should not make a difference.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
in its copy of
the kernel routing table.
now of course the question is why. could be a bug somewhere, could be
rdaomains related if you use them (speculation!), could be a missed
message on the routing socket. or sth else.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://
f you ask that question there is very likely no point in you to
"check and verify" wether a certain application should be chrooted.
chroot by itself is not a security measure to begin with.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Se
w go away..
asking the people whom's work you rely on to go away is the behaviour
of a true genius.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
* Claudio Jeker [2011-12-30 23:32]:
> On Fri, Dec 30, 2011 at 05:08:28PM +0100, Henning Brauer wrote:
> > * PP;QQ P(P8P?P8QP8P= [2011-12-30 05:21]:
> > > why does OpenBSD choose vlan379 ? how can I make it use vlan200 for
> > > all outgoing traffic except bgp commu
won't get fixed (unless someone else runs into it too
and doesn't pick stupid workarounds).
this however IS useful to (mostly) verify inteldrm itself is to blame.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosti
* Hassan Monfared [2011-12-30 10:18]:
> I wanna choose a hardware appliance to make a UTM based on OpenBSD, does
> anybody have recommendation?
yes, I have one.
stop believing marketing lies.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-S
- look for "set nexthop"
in bgpd.conf.5
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
* Wesley M. [2011-12-21 09:22]:
> When i do a newfs on HD 500Go , it takes much more times using
> OpenBSD 4.9 instead of 5.0 RELEASE.
> Same problem using fsck -y dev. Why ?
because we made it faster after 4.9 was released?!?
--
Henning Brauer, h...@bsws.de, henn...@openbsd.o
; >> f2n0:/root#
> >>
> >> also, I did
> >>
> >> f2n0:/root#grep -v ^# /etc/pf.conf
> >>
> >> set skip on lo
> >>
> >> pass in vlan2 rtable 2
> >> pass in vlan4 rtable 4
> >>
> >> pass
> &g
27;s simple: from the previous release is the only thing we test.
from older ones usually works, but as said, it doesn't get tested and
thus might break. and then you'll have to deal with that.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-S
* Rudolf Leitgeb [2011-12-19 14:40]:
> Am Montag, 19. Dezember 2011, 13:52:40 schrieb Henning Brauer:
> > gotta compromise for crippled systems. solvable with a little shell
> > script run from cron and rc.shutdown.
> Wait: your solution would be to periodically remount some v
GB0 14 3316048 lo0
>
>
> Is this intended behavior?
yes, it is.
I do admit indicating the blackhole nexthop in show rib would clear
things more up.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosti
* Rudolf Leitgeb [2011-12-19 10:17]:
> Am Freitag, 16. Dezember 2011, 21:49:18 schrieb Henning Brauer:
> > in these cases - where "runs" is the top priority and manual
> > intervention is hard - you most probably want to run with ro / and an
> > mfs or three.
* Claudio Jeker [2011-12-16 22:58]:
> So when will ISC start to integrate Quagga into BIND? A DNS server needs
> its own routing suite.
when it has been rewritten in python.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure H
on.
this is something where non-developers can easily jump in.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
* Rudolf Leitgeb [2011-12-16 10:50]:
> Am Freitag, 16. Dezember 2011, 10:26:27 schrieb Henning Brauer:
> > there is no solution but a proper remote console access, i. e. cereal.
> > it is completely beyond me why some people accept anything else.
> > yes yes, some/many prov
* Stefan Beke [2011-12-16 10:57]:
> On Fri, Dec 16, 2011 at 10:26, Henning Brauer wrote:
> > it is completely beyond me why some people accept anything else.
> Because it fits their needs.
util something breaks and trey notice that they're doomed and whine,
yes.
> Sometimes
, which is itself unsupported by a quite a
> few Java projects (ie, Jira).
stop whining already.
as much as java is sh**, we do run very big java application servers
for customers on openbsd. no problems.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de,
nge the 'fsck -p' in /etc/rc to whatever varient you wish.
> >> > There
> >> > is, to my knowledge, no knob.
> >>
> >> You probably realise but be aware you can lose data with fsck -y but
> >> only on writable filesystems?
> >>
ng to my cheap little wattage testing device).
> At first I said "sweet!" but then I realized if you have to run a build for
> 24 hours you probably haven't saved any energy ;-)
build?
build WHAT?
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://
* Peter Kay [2011-12-13 01:20]:
> On 12 December 2011 21:29, Henning Brauer wrote:
>
> > * sc...@web.de [2011-12-12 16:06]:
> >
> > > BTW: the ethernet on the motherboard (Asus K8U-X) does not work.
> > > "Acer Labs M5263 LAN" rev 0x40 at pci0 d
* sc...@web.de [2011-12-12 16:06]:
> Peter Kay wrote:
>
> > Wikipedia says 'AMD64 supported by: all models with an OPN ending in
> > BX and CV' and 'E6 stepping or later'
>
> It seems I have a BO: SSE3, but not AMD64 according to dmesg.
>
&
sabled, and of course the properties of that
core, this one is a no-brainer.
boot amd64 bsd.rd. either it boots or it doesn't.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Ro
type anything. Any ideas?
you have no getty on cereal. enable it in /etc/ttys.
if you had just ignored all the myths about CF and wear and such bs
and installed openbsd the installer would have done that for you.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http:/
* Dennis Davis [2011-12-08 12:57]:
> The exim MTA should be able to deliver mail directly in maildir
1) that wasn't the question
2) running exim is about as clever as running sendmail version 4,
driving a wheelchair on the autobahn or trusting Cameron.
--
Henning Brauer, h...@bsws.
1 and then running the install from a serial port.
and how exactly do you force your PCI puc onto address 0x3f8?
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Hen
7;s on-the-wire format hasn't
changed in ages.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
usb cereal once booted -
and if you end up i ddb> your console is unusable again since your usb
stack might be wedged, the usb kthreads don't get to run as long as
you're in ddb>, ...
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service
s not have any PAE support.
The fact that some bits are in the source tree doesn't have much to do
with it. See it as hints for a developer who wants to pick up the PAE
work. But since most i386 machines with >4G are amd64-capable and this
not being something easy I don't see that hap
* Kapetanakis Giannis [2011-12-04 14:28]:
> On 03/12/11 15:16, Henning Brauer wrote:
> >i really dunno where you diverged, but with the setup i described
> >you have internet access on the slave too, perfectly fine - given
> >your carpdevs have routed IPs and you set
mory" is a bit misleading, we're talking about pretty special
memory here - but yes, hundreds or thousands of sockets with 2MB buffers
in use each would be a problem. there is a backpressure mechanism in
the autosizing algorithm to (try to) avoid this; we might very well
want to increa
interfaces of the firewalls.
>
> About the default gw, you may add ifstated(8) in the game to make
> the slave change his gw to the master fw and not the (default)
> remote router.
i really dunno where you diverged, but with the setup i described you
have internet access on the slave too
* Sebastian Reitenbach [2011-12-02 16:16]:
> On Friday, December 2, 2011 15:30 CET, Henning Brauer
> wrote:
> > well, you actually found the answer yourself. if your em is running at
> > 100M the 10MByte/s download is superb. Why it isn't going to gig - dunno.
>
&
is running at
100M the 10MByte/s download is superb. Why it isn't going to gig - dunno.
your other issue is wasting time, electrons, energy and whatnot with
calomel.org garbage.
if someone feels like he could do the broader community a favor, track
down whoever runs that site and at least
* Henning Brauer [2011-12-01 13:21]:
> the extra cost for a flash card of a reasonable
> size, yes even hundreds of cases, can't be cheaper than the (not free)
> work time it takes you to build your strange images.
err... that is pretty much the opposite of what I wanted to say. &
ob to the community. awesome. that rightly
fails.
and yes, there is very little knowledge about stripping kernels in the
community because it is, in almost any case, stupid.
heck, I'll waste some of my time to be nice. the lines you want to lok
at and possibly remove are either "opti
providing. given this, what do I
> type into my pf.conf to make this happen?
altq priq is a bit more than a simple prio queuer.
you can use the first bits of the upcoming queueing system that made
5.0, see the prio keyword in pf.conf but be warned that the syntax
isn't set in s
- aliases on 9.0.0.0 with /32 masks on carpdev em4
here it is better to have the /28 on em4 and /32 on the carp ifs.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Mana
clean that up.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
* Jussi Peltola [2011-11-24 15:18]:
> On Thu, Nov 24, 2011 at 02:21:57PM +0100, Henning Brauer wrote:
> > that changes the order how exactly?
> > the only valid point is that the modem drops packets regardless of
> > their priority while we would drop low prio first
* Christopher Zimmermann [2011-11-24 12:28]:
> On 11/23/11 20:58, Henning Brauer wrote:
> > * Jussi Peltola [2011-11-20 04:09]:
> >> On Sat, Nov 19, 2011 at 08:58:46PM -0500, quartz wrote:
> >>> is there a way to set up altq+priq on an internet connection with
minimizes the effects - foremost when there is congestion
on that slower link.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
sed anyway :), we're much closer
to that optimum than ever before.
> With respect to the weekly makewhatis, I think that's a bug in the
> weekly(8) script: It should not blindly assume that every database
> listed in man.conf(5) is on a writable filesystem.
that I agree with compl
* Henning Brauer [2011-11-14 21:27]:
> while this is all correct, let me try to pahse it in a way that i
> think is clearer. the bpf hooks (aka where bpf grabs the packets) are
> "outside" pf, i. e. inbound packets hit pf before
sofar that it is
"outgoing" only, except that it sends nowhere and "just" feeds bpf -
and as you noted, only sees packets pf is explicitely told to send
there.
> I doubt that snort ever worked in another way.
i can confirm that the bpf - pf order has always been like
garbage as the rest of that site.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
ax. I don't wanna hear whining about that, people have been
warned.
i'm getting the impression we missed the opportunity to group all
packet-modifying statements in a set(...) or set { ... } block with
the big syntax changes :(
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Se
ked fine. B But as
> > of my newly-installed 5.0-release, this seems to be a no-op: "Caps Lock"
> > stays a caps-lock key.
>
> You can just run "setxkbmap -option ctrl:swapcaps".
which is not what he is after.
setxkbmap -option ctrl:nocaps
--
Henning Brauer,
s as the websites user.
it has been enabled just after 5.0 - miss :(
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
/bin/startx >/var/log/Xdisplay 2>&1 When you quit Firefox, X will terminate, too. Your other requirements
> are a bit trickier though.
not really - if you start X in rc.local and don't background it just
poot halt -p as last command in rc.local.
--
Henning Brauer, h...@bsws.de, h
x27;
> 1 Rebuild 458G 0:1.0 noencl
> 'unknown serial'
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
o that the
absolute numbers are pretty much useless. the RELATIVE numbers are the
interesting ones.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
e never noticed that. That is a bug.
> Is there any way to control it?
find & fix the bug :)
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning B
quot;many of them use 32 bits today" makes it sound
like a) that was common and b) right. it isn't. certainly not b). time
will tell us (oh the irony) about a).
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and
much more about this topic...
ACPI is not primarily about power management. ACPI is also not an
option for halfway modern machines.
stop pushing buttons.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services
201 - 300 of 1586 matches
Mail list logo