Re: Read sysctl from file

s the "best" way to do it. Also it does not fail halfway, it will report errors for each of the settings that cannot be applied, e.g. with a config that sets kern.securelevel=0 and net.inet.udp.sendspace=9216, this happens: # ./sysctl -p example.conf sysctl: kern.securelevel: Operation not permitted net.inet.udp.sendspace: 9216 -> 9216 Peter

Re: Read sysctl from file

y these tools wouldn't use Linux-specific features. But emulating simple features like sysctl -p in a non-invasive way isn't too hard. Peter

Re: Preferred configuration for SLAAC in hostname.if

d 'rtsol' and 'inet6 autoconf' are > "equivalent" as far as /etc/netstart is concerned. > > What's the preferred setting for SLAAC in hostname.if(5)? "inet6 autoconf" is what you get if you choose the autoconf option during install. I wasn&#x

Re: AMD64 modern laptop recommendation

ar recent models can be had lightly used at attractive prices via ebay and similar. For UEFI and such, for my latest I simply did not change the BIOS defaults away from "Secure Boot" and things just worked. -- B< -- - Peter -- Peter N. M. Hansteen, member of the

Re: AMD64 modern laptop recommendation

t that device. [1] http://bsdly.blogspot.com/2017/07/openbsd-and-modern-laptop.html - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traff

Re: Robust ThinkPad suggestions for running OpenBSD.

I still occasionally miss the trackpoint, but then my typical work is not too mouse-intensive. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network

Re: Problems with IPv6 and routing domains

On 2017 Jul 04 (Tue) at 16:24:53 +0200 (+0200), Claus Lensbøl wrote: :Hi Peter, : :I'm getting: :# route -T75 default ::1 -blackhole :route: botched keyword: default :usage: route [-dnqtv] [-T tableid] command [[modifiers] args] :commands: add, change, delete, exec, flush, get, monitor,

Re: Problems with IPv6 and routing domains

Always Always ALWAYS ALWAYS create a default route in each routing domain. !/sbin/route -T XXX default ::1 -blackhole On 2017 Jul 04 (Tue) at 15:16:24 +0200 (+0200), Claus Lensbøl wrote: :Hi misc, : :I'm having trouble with implementing rdomains and IPv6. : :I have followed this guide which mig

Re: Enabling BFD on a VLAN interface

Hi Tristan BFD is not yet finished, so it is disabled. It was not enabled for the 6.1-release, sorry. On 2017 Jun 30 (Fri) at 20:24:49 +0200 (+0200), Tristan Delsol wrote: :Hi all, : :I currently have BGP setup to our ISP using openBGPd, this works great. I saw that the current stable 6.1 has

Re: Can I use OpenBSD in a virtual machine, for example, VirtualBox?

arious 'cloud' providers such as Amazon, Microsoft and others have tended to be usable and some are now even adding official support. So the short answer applies. (In addition we hav LDOMs on SPARC64, and possibly others I've forgotten just now) -- Peter N. M. Hansteen, member of the f

Re: bgp-spamd added 192.43.244.163

+49 351 8107227 : :Bitte prüfen Sie, ob diese Mail wirklich ausgedruckt werden muss! Before you :print it, think about your responsibility and commitment to the ENVIRONMENT : -- If two wrongs don't make a right, try three. -- Laurence J. Peter

Re: Current FreeBSD looking to switch to OpenBSD

Also, http://man.openbsd.org/ is very useful - go there, type your keyword in the search field, click apropos and you get all the man pages matching that keyword. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www

Re: bgp-spamd added 192.43.244.163

Please double check your setup. That IP is for 'lists.openbsd.org', and should be listed in the *whitelist*. I do distrubute the whitelist next to the blacklist, so you MUST NOT blindly block every IP that I distribute to you. On 2017 Jun 03 (Sat) at 23:30:36 +0200 (+0200), Markus Rosjat wrote:

Re: smtpd doesn't start

On 2017 May 30 (Tue) at 10:37:37 +0100 (+0100), Craig Skinner wrote: :.localdomain (.local interferes with iStuff, avoid it) :.internal :.private :.priv :.lan NO NO NO NO NO NO NO NO NO All of those domains may (or have been) issued by ICANN, and can be used for real. The only domains you should

Re: Can I bind USB/other interface/device number (e.g. cdceX) to particular MAC, USB serial number or the like?

On 2017 May 29 (Mon) at 02:13:57 + (+), Tinker wrote: :Hi misc@, : :For pluggable devices such as USB NIC:s, is there any way to make OpenBSD :bind a particular device based on its MAC or USB serial number or the like :variable, to a particular interface or device filename? : :E.g. MAC X is

Re: file systems

On 2017 May 26 (Fri) at 11:35:49 -0300 (-0300), Friedrich Locke wrote: :Hi folks, : :does anybody here run OBSD with a file system bigger than 10TB ? :How much time boot takes to bring the system up (i mean fsck) ? :Are you using ffs2 ? With softdep ? : :Thanks. I created a 24T disk with ff2. I p

Banana Pi R1 - working dwge(4)

o it's fairly up to date. dmesg follow after my signature. -peter rebooting... U-Boot SPL 2017.03 (Apr 01 2017 - 16:25:44) DRAM: 1024 MiB CPU: 91200Hz, AXI/AHB/APB: 3/2/2 Trying to boot from MMC1 U-Boot 2017.03 (Apr 01 2017 - 16:25:44 -0600) Allwinner Technology CPU: Allwinner A20 (

Valgrind W^X Violation

ddr 0x00203d70 paddr 0x00203d70 align 2**3 filesz 0x0290 memsz 0x0290 flags r-- Dynamic Section: NEEDED libc.so.89.3 HASH0x101f40 STRTAB 0x102558 SYMTAB 0x1020a8 STRSZ 0x11c SYMENT 0x18 DEBUG 0x0 PLTGOT 0x203ee0 PLTRELSZ0x2b8 PLTREL 0x7 JMPREL 0x1026f0 RELA0x102678 RELASZ 0x78 RELAENT 0x18 RELACOUNT 0x2 === Thanks in advance for any advice that you might be able to offer. Peter

Re: Spamtrap doesn't work for me

;ll see if I can come up with suitable wording unless somebody beats me to it. - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic"

Re: Spamtrap doesn't work for me

; But the spamd-greytrap table remains empty > Peter, do you have any entries when you do pfctl -t spamd-greytrap -T show Actually, I don't have that table at all. The greytrapping parts uses the database, not tables. The thinking is roughly that it makes sense to have the whitelisted addr

Re: Spamtrap doesn't work for me

ting a SPAMTRAP address (-T), keys should be > specified > as email addresses: > >spamt...@mydomain.org > > > So without angle brackets. It looks like spamdb actually accepts addresses both with and without angle brackets - I have both kinds in my spamdb: [W

Re: Libreoffice Calc (sometimes) kills X when attempting to import a CSV file?

And it happened again - On 05/07/17 23:48, Stuart Henderson wrote: > On 2017-05-06, Peter N. M. Hansteen wrote: >> And it happened again - >> https://home.nuug.no/~peter/soffice_vs_x_csv/fehfeh.csv triggered >> another kaboom, producing the log file >>

Re: OpenBSD and you

On Wed, May 10, 2017 at 01:20:06PM +0300, Manolis Tzanidakis wrote: > On Wed (10/05/17), Peter N. M. Hansteen wrote: > > That was the first option that came to mind, and the one I may go for as > > a supplemental format *if* I can find a way to generate PDFs from this > > so

Re: OpenBSD and you

t does not seriously disrupt other things I need to get done. The in-browser print preview method is simply not a practical option. And reverting to the previous powerpoint clone rubbish is right out. If I do find a workable option, I'll let you all know. -- Peter N. M. Hansteen, member of

Re: OpenBSD and you

And I was just reminded off-list that the remark markdown variant (https://github.com/gnab/remark) used for this presentation requires javascript enabled in your browser. Sorry about that. I'll be looking into workarounds, hopefully some can be found. - Peter -- Peter N. M. Hansteen, memb

Re: OpenBSD and you

/~peter/openbsd_and_you/ Updates may happen occasionally. - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah s

Packet in and out on the same eithernet port.

Because of one user's misconfiguration of Microsoft's HypeV, his virtual machines were not getting the results of arp. As a result of that configuration all the packets going to machines on the same subnetwork were going to the default gateway. The default gateway was an OpenBSD 6.1 server. Ope

Re: Libreoffice Calc (sometimes) kills X when attempting to import a CSV file?

On 05/07/17 23:48, Stuart Henderson wrote: > On 2017-05-06, Peter N. M. Hansteen wrote: >> And it happened again - >> https://home.nuug.no/~peter/soffice_vs_x_csv/fehfeh.csv triggered >> another kaboom, producing the log file >> https://home.nuug.no/~peter/soffice_vs_x_

Re: Libreoffice Calc (sometimes) kills X when attempting to import a CSV file?

And it happened again - https://home.nuug.no/~peter/soffice_vs_x_csv/fehfeh.csv triggered another kaboom, producing the log file https://home.nuug.no/~peter/soffice_vs_x_csv/Xorg.0.log and the core file https://home.nuug.no/~peter/soffice_vs_x_csv/Xorg.core I'll have to read up on use

Re: Libreoffice Calc (sometimes) kills X when attempting to import a CSV file?

be able to extract some useful information. > - look at /var/crash and profit :D - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious netwo

Libreoffice Calc (sometimes) kills X when attempting to import a CSV file?

was killed in such a way that it left a corefile: [Sat May 06 09:50:22] peter@elke:~$ ls -ltr *core -rw------- 1 peter peter 1528700960 May 5 22:56 firefox.core -rw------- 1 peter peter56259040 May 6 09:25 emacs-25.2.core (the firefox.core here is too old to be relevant here). So the q

Re: Incorrect file destination when logging with syslogd

t syslogd, to ensure it is picked up. On 2017 May 05 (Fri) at 16:30:33 +0200 (+0200), Paolo Aglialoro wrote: :Sorry Peter, what do '2' or '5' stand for? :And what does creating a file with '5' mean? : :This was my procedure: : :# cat "" > c2851.log :# cho

Re: Incorrect file destination when logging with syslogd

On 2017 May 05 (Fri) at 15:38:36 +0200 (+0200), Paolo Aglialoro wrote: :As written, mtime was due by me recreating the file trying to make things :work, not by syslog. :As of today, in fact, mtime is still unchanged, while output to :/var/log/messages still flowing from router. : : :On Fri, May 5,

Re: Pf with secondary DNS resolution

f PF rules and some fairly straightforward scripting involving host and pfctl commands. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic

Re: Pf with secondary DNS resolution

'production' ruleset. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.

/etc/rc.d/nsd start/stop/restart fails in nsd.conf does not enable "Remote Control"

/etc/rc.d/nsd uses nsd-control to start/stop/restart nsd. nsd.conf tells you that "Remote Control" is by default disabled. It would be nice if some part of the documentation pointed out that it must be enabled.

Re: Need some pointers regarding ELF

One quick note. The sources here are against 6.1 not -current, in order to compile against -current I'M sure it'll have to be put up to speed. Regards, -peter

Re: Need some pointers regarding ELF

On Tue, Apr 25, 2017 at 10:07:37AM +, Stuart Henderson wrote: > On 2017-04-25, Peter J. Philipp wrote: > > Hi, > > > > In the past I've been examining signed binaries in the OpenBSD system. > > I wrote some kernel code for this, but I'm stuck befor

man.openbsd.org via HTTPS

I found a website that provides man.openbsd.org via HTTPS: https://twitter.com/FiloSottile/status/845068942762762241 https://man.filippo.io/ Have a great weekend!

Re: torrent downloads

yes, but unlike those distros the openbsd installers aren't measured in gigabytes. The site mentioned by OP (http://openbsd.somedomain.net) is up to date, and has the torrents mentioned. it just seems, nobody cares. On 2017 Apr 27 (Thu) at 15:07:38 +0200 (+0200), Nicolas Schmidt wrote: :Many d

Need some pointers regarding ELF

have passed. I also found a patch by matt dempsky online which does the randomize stuff, but that didn't help me much either. Thanks! -peter

Re: OpenBSD 6.1, spamd strange behavior

ns you're not showing us? (see the GREYTRAPPING section of the man page) -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic&quo

Re: spamd and outlook.com

And apropos of the subject, quite on-topic: https://home.nuug.no/~peter/dmarc-reject_openbsd-misc_spadm_and_spf.txt - P (pats robot on virtual head) -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no

Re: spamd and outlook.com

domains is one solution, and in addition you will find my collection of manually maintained SPF sedimentation is available at https://home.nuug.no/~peter/nospamd The problem is that the 'architects' behind outlook.com and their ilk are really not on board with the idea that having some

Re: howto show IPv6 address lifetime?

't understand this first sentence. > > I would like to see the address lifetime, which address is preferred, which > is deprecated, etc. On Linux a simple command like "ip a s" shows. As quoted above, ifconfig is your friend: [Wed Apr 19 14:19:35] peter@elke:~$ ifconfig iwm

Re: ordering

ated, you could do worse than head over to http://www.openbsd.org/donations.html and donate an equivalent (or larger!) amount via whatever option appears appropriate. I'm sure this will make you feel even better while downloading the release. -- Peter N. M. Hansteen, member of the first RFC 1149

upgrading on vultr.com: make sure to select the bsd.mp set

was actually quite simple: the installer does not select the bsd.mp kernel automatically, but do select it. Then it will get installed and the system will boot the correct mp kernel. I'm sure we can supply more detail if needed. - Peter -- Peter N. M. Hansteen, member of the first RFC

Intuos Draw (uwacom) question

l?ACTION=3&LA=5&ARTICLE=160633&GROUPID=6271&artnr=WACOM+CTL-490DW Any feedback would be appreciated. Regards, -peter

Re: Does OpenBSD's pf prevents Hole punching?

from that point :D Yes and no. With a sufficiently restrictive rule set (eg https://home.nuug.no/~peter/pf/newest/simplest-secure.html just to do some blatant self-promotion) you could be fairly certain to have successfully prevented access of any kind via the network. Working from tha

Re: Topics for revised PF and networking tutorial

overload ' option. Tables can hold both inet and inet6 items, and you can add them as single addresses or with masks: [Fri Apr 07 18:31:40] peter@skapet:~$ doas pfctl -t myself -T show 127.0.0.1 192.168.103.1 213.187.179.198 ::1 2001:470:27:658::2 2001:470:28:658::1 2001:470:df8

Re: Topics for revised PF and networking tutorial

d. On the other hand there is a chance we will be able to offer a similar session at EuroBSDCon too, but no decisions have been made yet. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember

Re: how is IPv6 over pppoe supposed to work?

ically addresses DHCPv6 prefix delegation. Peter

Re: New support

0 C Netherlands P T Huizen Z 1273 LD O Wenka Computer Systems I A Delta 81 M i...@wenka.nl U http://www.wenka.nl/en/ B +31 85 111 8800 X N IT security, networking and open source software consultancy. OpenBSD-based networking and VoIP support.

New support

0 C Netherlands P T Huizen Z 1273 LD O Wenka Computer Systems I A Delta 81 M i...@wenka.nl U http://www.wenka.com/en/ B +31 85 111 8800 X N IT security, networking and open source software consultancy. OpenBSD-based networking and VoIP support.

Topics for revised PF and networking tutorial

nclude. Do you have questions on PF and related matters, or are there specific topics you would like to see covered? We want to hear from you, either contact us directly at the reply-to address use the list. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdl

Re: OpenBSD httpd and HTTP/2

Yes, that's the point of QUIC. On 2017 Mar 31 (Fri) at 13:30:59 +0200 (+0200), Marina Ala wrote: :UDP servers listening? would that open possibility for massive DOSes?  :  : :Sent: Friday, March 31, 2017 at 12:14 PM :From: "Reyk Floeter" :To: "Marina Ala" :Cc: "OpenBSD Misc" :Subject: Re: OpenB

Re: Sony Vaio VPCSA

s secure modes. Try changing one option at the time (yes, that could be time consuming), if at all possible collecting dmesg output for each variation (saving to somewhere on the usb stick you're installing from should work fine). - Peter -- Peter N. M. Hansteen, member of the first RFC

Re: regarding OpenSSL License change

eir tree is likely to be time consuming (just ask the people who did just that on the OpenBSD source and ports trees at least once), but unless they get everyone explicitly on board with the new license they will need to go through one. -- Peter N. M. Hansteen, member of the first RFC 1149 imp

Re: For the super paranoid

There is no way hardware supported way to do this on mainstream Intel / AMD. Yes it's possible to make a chip that could do it. No it's not reasonable, it would destroy performance without really helping that much. If you are facing an adversary powerful enough to have access to your RAM sticks, it

Re: bandwidth monitoring

d in the subject (this is true about most of Michael's books, btw) -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delila

Re: AP using AR9287 working yesterday, broken today.. How to diagnose?

>> add athn0 > > If i recall correctly, from some discussion on misc@, you cannot use a > wireless interface in a bridge ( athn0 or all, I'm not sure). But > maybe I say something wrong, search the archive. > You certainly can have a wireless device in a bridge, this is how my current hostap athn

Re: hairpin nat with pf ?

n even think of several tutorials and accompanying slides that deal with what you are looking for, available right there on the Internet. And even a book (*cough*). But start with the PF FAQ, go on to the pf.conf man page and then move to the other resources if you feel the need to. -- Pete

Re: Just to understand, ARM64 has SMP and ARM32 does not? &, OpenBSD design fine with ARM's weak mem coherency?

On 2017 Feb 26 (Sun) at 03:56:33 + (+), Tinker wrote: :Hi misc, : :I just wanted to understand what's going on with SMP on ARM - : :Did I get it right, that ARM64 has SMP (as of the patches this week), but :ARM32 does not have SMP and will not get it too? : :What was the reason for not impl

inquiry on PIM option

you have some insights in this it would be appreciated. I'm kinda desperate to get igmp v3 support since I want my settop box to work so that I can sit down and relax over a movie somedays. OH yeah I'm working off -current sources and snapshot system from feb 14th. :-( Regards, -peter

Re: OSPFd stucks in EXCHG/EXSTA

14:31 skrev Peter Hessler : :> :> Are you establishing an ospf session with the N3048? If you are, then :> there is an MTU miss-match. :> :> Either "system jumbo mtu" refers to the IP packet, which doesn't match :> the 1500 set on trunk1, or it refers to the ethe

Re: OSPFd stucks in EXCHG/EXSTA

Are you establishing an ospf session with the N3048? If you are, then there is an MTU miss-match. Either "system jumbo mtu" refers to the IP packet, which doesn't match the 1500 set on trunk1, or it refers to the ethernet packet which should be 1518 (16 bytes for the ethernet header). Is it fixe

Re: sendsyslog: dropped 4 messages, error 55

I agree I don't give much information. I have no idea what information to give. -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Marcus MERIGHI Sent: Tuesday, January 31, 2017 3:13 AM To: Peter Fraser Cc: 'misc@openbsd.org

sendsyslog: dropped 4 messages, error 55

My /var/log/messages is filling up with messages like the following: Jan 30 10:28:06 gateway sendsyslog: dropped 4 messages, error 55 Jan 30 10:28:06 gateway sendsyslog: dropped 2 messages, error 55 Jan 30 10:28:06 gateway sendsyslog: dropped 2 messages, error 55 Jan 30 10:28:06 gateway sendsyslog

Re: make pf allow out on lo per user

;to' in your rules. Also, as I keep repeating to anybody who cares to listen, just like "verbing weirds the language", "excessiv quicks weird your PF rule set". -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http:/

Re: Pf on lo0

not evaluated for the packet. Also as Sebastien mentioned do check for any "set skip on lo" or similar in your ruleset. If you have that, filtering simply does not happen on interfaces or interface groups in the "set skip" rule. -- Peter N. M. Hansteen, member of t

Re: dig/nslookup limitations - can only do NSLOOKUPs using port 53

do that anyhow to load up the newly changed code. Cheers, -peter

Re: OpenBGPd - Multi-home ISP : DDoS Protection

On 2017 Jan 12 (Thu) at 11:18:58 +0100 (+0100), Uday MOORJANI wrote: :Dear OpenBSD-Misc, : :First of all, awesome work on the OpenBGPd and BFD code. I'm working on a :WAN setup for an enterprise and we are migrating from static route WAN to a :full fledge BGP transit in a multi home environment for

Re: IPv6 OSPF

On 2017 Jan 13 (Fri) at 13:48:13 +0200 (+0200), Claudiu Popescu wrote: :Hi, : :First of all, hopefully I managed to send this email to the correct list :) :I am pretty new to OpenBSD but so far I managed to get everything :working for a router without IPv6 OSPF. :I have ospfd and ospf6d running but

Re: Funding for Skylake support

05:44:10 Subject: Re: Funding for Skylake support On 1/7/2017 3:19 PM, Peter Membrey wrote: > Hi all, > > I've gotten OpenBSD up and running on a new Intel NUC, but unfortunately > Skylake isn't supported. I was able to get X working in software accelerated > mode, bu

Re: Non-free firmware without asking the user

s Theo so plainly put it, >If you don't want such firmwares loaded onto the hardware, then don't >buy the hardware that needs it. On Sat, Jan 7, 2017 at 9:28 PM, Martin Hanson wrote: > 08.01.2017, 02:53, "Peter Rippe" : >> I think it absolutely is a language is

Re: Non-free firmware without asking the user

I think it absolutely is a language issue: > On policy page it clearly says: "OpenBSD strives to provide code that can be freely used, copied, modified, and distributed by anyone and for any purpose." Operative word being **strives** - might want to look it up. It does not say 'guaranteed', 'on

Funding for Skylake support

ss what sort of funding would be needed. Thanks in advance! Kind Regards, Peter Membrey

Re: relayd[66834]: relayd: socketpair: Too many open files

Ah yes I see those lines now, thank you. Kevin, what version of OpenBSD are you using? You mentioned this is a new project so I assume 6.0? Peter On Jan 5, 2017, at 10:08, Theo de Raadt wrote: >> Hmm. The default number of files is 128 for daemons, but it's strange you'd

Re: relayd[66834]: relayd: socketpair: Too many open files

looks like socket pairs are created between all the relayd processes, i.e. n^2 * 2 ish file descriptors, which could exceed 128 pretty fast. Are you running with a non-default prefork setting? Peter > On Jan 5, 2017, at 09:12, Kevin wrote: > > Nope. I was hoping for another solution, es

Re: relayd[66834]: relayd: socketpair: Too many open files

Have you modified your open file limits in /etc/login.conf? Especially in the daemon section? Peter > On Jan 5, 2017, at 08:50, Kevin wrote: > >> On Tue, Jan 3, 2017 at 1:16 PM, Kevin wrote: >> >> Hey gang, >> >> So I'm putting a new firewall in place

Re: isakmpd set up

Yes I did try with the extra .0 it made no difference -Original Message- From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Denis Fondras Sent: Tuesday, January 3, 2017 1:56 AM To: Peter Fraser Cc: 'misc@openbsd.org' Subject: Re: isakmpd set up > ike

Re: isakmpd set up

[mailto:owner-m...@openbsd.org] On Behalf Of Steve Williams Sent: Monday, January 2, 2017 6:57 PM To: Peter Fraser ; 'misc@openbsd.org' Subject: Re: isakmpd set up Hi, I have been using OpenBSD on a dynamic IP address for 10+ years. I have an account with dynamic dns provider Zoneedit a

isakmpd set up

A charity that I support has been having trouble with its internet provider (Rogers). The problem I have is that Roger is the only supplier that is available that will give a fixed IP address. I want the fixed IP address so I don't have to drive there to fix problems. It occurred to me that if I

Re: How to make spamd more annoying ?

I want with log data. Also, a few links to useful resources such as http://bgp-spamd.net/. I hope you find this useful. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil b

Re: How to make spamd more annoying ?

On 12/13/16 19:29, Mik J wrote: > Peter, you use greylists but I read somewhere that gmail servers change > their IPs when they retry to send the mails. With a high outgoing volume > of mails, many IPs can be whitelisted thanks to spamlogd. But my server > is very low volume. How wo

Re: How to make spamd more annoying ?

On Mon, Dec 12, 2016 at 11:12:33PM +, Mik J wrote: > Thank you Peter, > I've added the -s 5 Option and removed the -5Do you know what is the default > -w window size ?About the -S I didn't understand what it means (I read the > man) the -S option: by default spamd wi

Re: How to make spamd more annoying ?

On 2016 Dec 12 (Mon) at 21:31:25 + (+), Mik J wrote: :Hello, :I've been annoyed for months/years by a few marketing companies from which I regularly unsubriscribed (according to the law in my country they should have done it).A few days ago I decided to make spamd work on my pf machine. :

Re: SSL/TLS troubleshooting

On 2016 Dec 10 (Sat) at 22:56:05 +0100 (+0100), Christian Schulte wrote: :$ uname -a :OpenBSD t60.schulte.it 6.0 1KHZ.MP#7 amd64 You broke it. Please use a GENERIC kernel, and it will work as normal.

Re: assign process to cpu (core)

On 2016 Dec 08 (Thu) at 16:27:29 +0100 (+0100), Roger Schreiter wrote: :Hello, : :is there a mean to get a running process running on :a certain cpu (core)? Or restrict it from running on a cpu? : :I have a cheap Atom CPU with four cores, and all interrupts, :also network traffic, is using CPU0. :

Re: LibC openBSD affected ?

able to a classic buffer overflow. Yes. See http://www.tedunangst.com/flak/post/who-even-calls-link-ntoa -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malic

Re: acer swift 7, atheros qca6174 wireless and intel hd 615 video

On Sat, Dec 3, 2016 at 8:24 PM, Jonathan Gray wrote: > On Sat, Dec 03, 2016 at 11:57:18AM -0600, Peter Miller wrote: >> On Mon, Nov 28, 2016 at 11:23 AM, Stefan Sperling wrote: >> > On Mon, Nov 28, 2016 at 11:09:12AM -0600, Peter Miller wrote: >> >> As for the wif

Re: acer swift 7, atheros qca6174 wireless and intel hd 615 video

On Mon, Nov 28, 2016 at 11:23 AM, Stefan Sperling wrote: > On Mon, Nov 28, 2016 at 11:09:12AM -0600, Peter Miller wrote: >> As for the wifi, I don't see support for the atheros 6174 chipest in >> the man pages, and I don't know if anyone is working on it. As of now >

Re: HP Proliant MicroServer G8: not seeing disks [solved]

1 interface 1 "Microsoft Wired Keyboard 600" rev 2.00/3.00 addr 3 uhidev1: iclass 3/0, 2 report ids uhid0 at uhidev1 reportid 1: input=2, output=0, feature=0 uhid1 at uhidev1 reportid 2: input=1, output=0, feature=0 uhub5 at uhub3 port 1 configuration 1 interface 0 "Intel Rate Ma

Re: PCI Express wireless adapter supported under OpenBSD

purted it's worth keeping in mind one other option: get the highest quality access point or 'wireless router' you can afford, configure it as access point only (no dhcp or routing, leave that to the OpenBSD tools) - Peter -- Peter N. M. Hansteen, member of the first R

acer swift 7, atheros qca6174 wireless and intel hd 615 video

[ 1792.791] ABI class: X.Org Video Driver, version 20.0 [ 1792.791] (II) VESA(0): initializing int10 [ 1792.792] (EE) VESA(0): Cannot read int vect [ 1792.792] (II) UnloadModule: "vesa" [ 1792.792] (II) UnloadSubModule: "int10" [ 1792.792] (II) Unloading int10 [ 1792.792] (II) UnloadSubModule: "vbe" [ 1792.792] (II) Unloading vbe [ 1792.792] (EE) Screen(s) found, but none have a usable configuration. [ 1792.792] (EE) Fatal server error: [ 1792.792] (EE) no screens found(EE) [ 1792.792] (EE) Please consult the The X.Org Foundation support at http://wiki.x.org for help. [ 1792.792] (EE) Please also check the log file at "/var/log/Xorg.0.log" for additional information. [ 1792.792] (EE) [ 1792.794] (EE) Server terminated with error (1). Closing log file. -- Later Peter

Rspamd or other such programs

Using clamsmtpd and the instructions in http://technoquarter.blogspot.ca/2015/02/openbsd-mail-server-part-3-clamav-an d.html I was able to smtpd to interface with clamd. Is there a similar procedure to get rspamd or similar to work with smtpd?

Re: OpenBSD and you

On 11/26/16 04:57, R0me0 *** wrote: > As I did see any mention around here, I was boosted to post this great > presentation by Peter N . M. Hansteen. > > https://home.nuug.no/~peter/blug2016/ It's nice to hear you like it! The meeting where I presented this was a lot less wel

Re: How to detect this kind of attacks

d-command address=119.141.24.19 host=119.141.24.19 command="RCPT > TO:" result="550 Invalid recipient" > Nov 26 06:06:57 server smtpd[55880]: 3bcc430eee258cd7 smtp event=closed > address=119.141.24.19 host=119.141.24.19 reason=disconnect You could try configuring spamd(

Re: OpenBSD 5.2 AutoFSCK at boot

in guests, that for some reason bit OpenBSD guests more frequently than others. But again, we don't have sufficient information to help you diagnose. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/

Re: HP Proliant MicroServer G8: not seeing disks

y that some time during the next few days. I'll report back if I notice any difference. - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network t

<    3   4   5   6   7   8   9   10   11   12   >