nat-to and route-to specified in a single rule

on em2 from 192.168.1.118 nat-to (em2:0) ### states ### all icmp 74.125.77.104:8 - 192.168.1.118:8779 0:0 all icmp 80.100.x.x:9676 (192.168.1.118:8779) - 74.125.77.104:8 0:0 Regards Rob

IPSec Transport mode / Multihomed machine

to me, this because the IP address is always the same as the 'src' parameter. Is this correct or am I missing something ? Regards Rob

Re: remove users from group

, no. These users will be members of these groups forever. There's nothing you can do about it. You can only reinstall. *what* vi /etc/group -- Rob.

Re: File Server: fsck, memory requirements and large disk drives

On Sat, 27 Feb 2010 18:19:57 +0100, Claus Niesen cnie...@gmx.net wrote: I'm trying to figure out the best way to setup a home file server. I have a 700MHz Celeron with 512MB RAM (maxed out), a gigabit network adapter and 1.5TB hard drive along with a few smaller ones. Currently it is set up

Re: fsck segfault on a big partition, 4.6

On Tue, 26 Jan 2010 19:10:47 -0600 (CST), L. V. Lammert l...@omnitec.net wrote: On Wed, 27 Jan 2010, Rob Sheldon wrote: Don't know if this is related to a problem I had on a machine recently, .. however I found that if I hung the 'bad' drive on ANOTHER machine, the fsck ran just fine

Re: fsck segfault on a big partition, 4.6

On Wed, 27 Jan 2010 07:42:42 +0100, Otto Moerbeek o...@drijf.net wrote: On Wed, Jan 27, 2010 at 12:38:47AM +, Rob Sheldon wrote: Hi, Therse days, amd64 is the only platform that increases the limit (MAXDSIZE) to 8G. Though you venture into untested territory, we (myself at least) just

Re: Killing Random Processes [was: fsck segfault on a big partition, 4.6]

On Wed, 27 Jan 2010 16:00:32 +0100, frantisek holop min...@obiit.org wrote: hmm, on Wed, Jan 27, 2010 at 03:28:12PM +0100, Otto Moerbeek said that the kernel will kill random processes? are we talking about linux's OOM here or openbsd? since when is this in openbsd? i seem to recall some

Re: fsck segfault on a big partition, 4.6

On Wed, 27 Jan 2010 07:42:42 +0100, Otto Moerbeek o...@drijf.net wrote: On Wed, Jan 27, 2010 at 12:38:47AM +, Rob Sheldon wrote: There's no dmesg attached because I'm not on-site with the server at the moment, and because AFAICT this is a known problem. A pity, since it does matter

Re: fsck segfault on a big partition, 4.6

On Wed, 27 Jan 2010 22:06:19 +0100, Otto Moerbeek o...@drijf.net wrote: No, currently the amount of physical memory an amd64 can address is limited. Well, F___. :-( The rule here then is, if you've got a partition bigger than 1TB, you *must* have swap? - R. -- [__ Robert Sheldon [__

fsck segfault on a big partition, 4.6

Hi, So, the short version is that I have a server with OpenBSD 4.6 that can't fsck its big partition; fsck fails with a segfault every time. If I ulimit -d unlimited before fsck'ing, it just takes a little longer to segfault. It produces no other output. IIRC, the partition is roughly 6 TB. Two

DHCP proxy or packet rewriting

if the proxy would have access to the ethernet headers. It is also possible that there is another way to do this, which I have overlooked. If that is the case, please let me know. Otherwise, any input or insights into these options would be greatly appreciated. -- Rob Campbell

ftp site with all sorts of HDA codecs and functionality

http://psykopat.free.fr/apple/AppleHDA/Looks like Apple is way ahead of everyone else. I didn't even know they made computers any more :) Thought they were a music gizmo supplier. Rob.

Baudline has no source code

On 2008-06-29, Rob Lytle [EMAIL PROTECTED] wrote: I would like to run the Linux Baudline spectrum analyzer program to check the inputs, but it sounds like compiling it could be a mess. You say compiling -- do you have a copy of the source code under GPL? http://www.baudline.com/source_code.html

Re: (solved) Azalia / HDA problems

Hi Deanna, Just built system so haven't merged /etc's yet. My old /etc doesn't have the directories the manuals mention. Now if I could only get my TI PCMCIA triple function chip working so I can use WAP, I would be happy. Rob

Re: (solved) Azalia / HDA problems

Rob Lytle writes: Using audioctl and mixerctl I just experimented until I got settings that workied, then put them in a file sourced upon logon. Very simple hack. Not really a hack. It's documented in mixerctl.conf(5). Hi Deanna, The documentation is really confusing. man audioctl.conf

pkg_delete will not force deletion despite any -F options

FAQ and manual and no luck. Rob

Re: pkg_delete will not force deletion despite any -F options

Oh, BTW, I'm running -CURRENT cvsup'd from noon yesterday (Friday). Rob On Sat, Jun 28, 2008 at 6:56 AM, Rob Lytle [EMAIL PROTECTED] wrote: Hi, I'm trying to force the deletion of a package that some others depend upon. I've used pkg_delete -F {option} {package} with all the -F switches

Azalia / HDA problems

is lacking volume, just like the Vista version, whereas the FreeBSD HDA driver has plenty of it. Thanks, Rob. --- OpenBSD 4.3-current (GENERIC-DEBUG) #1: Sat Jun 28 09:33:15 PDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC-DEBUG cpu0: Intel

PCMCIA slot not even turning on in Sony VAIO SZ460N/C

: Thanks, Rob. --- OpenBSD 4.3-current (GENERIC-DEBUG) #1: Sat Jun 28 09:33:15 PDT 2008 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC-DEBUG cpu0: Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz (GenuineIntel 686-class) 2.01 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE

Re: PCMCIA slot not even turning on in Sony VAIO SZ460N/C

cardbus, multimedia card, and Firewire, which of course would be good for laptops. Rob ps. I was going to cross post this to OpenBSD-mobile but it doesn't look like from the MARC archives that it exists any more. Is that correct? On Sat, Jun 28, 2008 at 5:08 PM, Rob Lytle [EMAIL PROTECTED] wrote

Re: Azalia / HDA problems

On Sat, Jun 28, 2008 at 04:48:20PM -0700, Rob Lytle wrote: Hi, I'm having a problem with the azalia HDA sound driver. I've included a DMESG with option AZALIA_DEBUG in the kernel. Its important to me to have a pretty functional driver as I use digital sound card mutlimode-modems, gmfsk

Re: Azalia / HDA problems (1/2) solved

like to run the Linux Baudline spectrum analyzer program to check the inputs, but it sounds like compiling it could be a mess. Rob

Re: (solved) Azalia / HDA problems

there are other things that could be tweeked as well, but the levels needed for the program I/O are perfect. Rob.

Re: rpc.lockd doesn't build in current

Hi, I am having a problem building current today also where it stops on rpc.lockd, except my error messages are different. Arghh, right at the end of the build process. Any help appreciated. Rob Here are the error messages: *=== usr.sbin/rpc.lockd cc -O2 -pipe -I. -DSYSLOG -c

Sendbug

X-sendbug-version: 4.2 Submitter-Id: net Originator:Charlie Root Organization: net Synopsis: NFS file locking not working Severity: critical Priority: high Category: NFS Class: support Release: 4.3 Environment: NEC System :

Re: Sendbug

PROTECTED] Sent: 05 March 2008 15:25 To: Lewis, Rob Cc: [EMAIL PROTECTED]; misc@openbsd.org; Buckley, Nadine; Hughes, Adrian; Le Monde, Paul Subject: Re: Sendbug On Wed, Mar 05, 2008 at 03:22:30PM -, Lewis, Rob wrote: I am using OpenBSD as both client and server. We are running rpc.lockd on both

Re: Sendbug

: [EMAIL PROTECTED] -Original Message- From: Otto Moerbeek [mailto:[EMAIL PROTECTED] Sent: 05 March 2008 15:20 To: Lewis, Rob Cc: [EMAIL PROTECTED]; misc@openbsd.org; Buckley, Nadine; Hughes, Adrian; Le Monde, Paul Subject: Re: Sendbug On Wed, Mar 05, 2008 at 01:44:07PM -, Lewis, Rob

Re: KDE presents a distorted screen or quits in the middle of starting up

these problems? I run KDE on a thinkpad-t43 (-current), and don't have this problem. Could it be an X11 problem with color-depth? Thanks, Rob. -- Regards, Bill Karh Thanks for the advice. I will try 16 bits. I am at 24 by default. But this is not a KDE issue

/dev/agp0, Do I need a new one?

ever since. I'm certain there was a /dev/agp0 there. Thanks, Rob. -- Emancipate yourself from mental slavery, none but ourselves can free our minds Bob Marley, Redemption Song

Monty Python 3000 Thread

him, but you are supposed to be an idiot? He replies: I may be an idiot but I'm no fool. 2. Life of a Professional Accountant- to complicated to describe 3. Britains worst family- for some reason on Monty Python they enjoy ironing cats Thants enough stupidity. Rob. -- Emancipate

Re: Monty Python 3000 Thread

== wooosh ===(your humour) O(my head) --knitti - Thats the whole point of this crap. The threads aren't funny and waste a lot of time. I guess I did go whoosh over your head. Rob -- Emancipate yourself from mental slavery, none but ourselves can

Re: KDE presents a distorted screen or quits in the middle of starting up

Rob Lytle wrote: Predrag Punosevac to me, misc Rob Lytle wrote: I searched back through the archives using KDE as a keyword and as far as I can tell I am the only OpenBSD post. This is typical for me. I end up with a unique problem that no one can solve because it never came up before

Xorg warnings related to GART

(inappropriate ioctl for device) I don't know what these warnings mean or if they are related to me problem but I just noticed them. Sincerely, Rob -- Emancipate yourself from mental slavery, none but ourselves can free our minds Bob Marley, Redemption Song

Re: Xorg warnings related to GART

Even the Xorg list archives don't contain any thing like my warnings, so I guess I will just live with it. Rob -- Emancipate yourself from mental slavery, none but ourselves can free our minds Bob Marley, Redemption Song

Re: Duplicate entries in the output of mixerctl

, on an ThinkPad X60 laptop. Thanks in advance. -Amarendra -- I think there is much development going on with the azalia driver since computers en masse are switching to HDA. I was able to get XMMS and GQmpeg working but every other program that uses a soundcard is borked. Rob

Re: Azalia driver locks up computer Sony SZ460N

Hi Deanna, Yes it appears that you are correct as just KDE does it now. I just recompiled KDE and that didn't help so next is cvsup, new kernel, and new world. Thanks, Rob. -- Emancipate yourself from mental slavery, none but ourselves can free our minds Bob Marley, Redemption Song

Re: Azalia driver locks up computer Sony SZ460N- solved

It was a corrupted OS caused by so many hard reboots. Nothing to do at all with azalia. Rob. -- Emancipate yourself from mental slavery, none but ourselves can free our minds Bob Marley, Redemption Song

KDE presents a distorted screen or quits in the middle of starting up

Hi, It takes me 3 or 4 startx's before I get a KDE screen that looks normal. When it looks bad, the terminal background is black and other contrast problems exist. Other times it simply locks up in the middle of starting up. Has any one else had these problems? Thanks, Rob. -- Emancipate

Re: KDE presents a distorted screen or quits in the middle of starting up

I think I know what the response will be: use some other window manager. I do use Windowmaker for root since its so much simpler. But I've gotten used to KDE and obviously no one else is having any problems with it. So whats up? Sincerely, Rob -- Emancipate yourself from mental slavery

Re: KDE presents a distorted screen or quits in the middle of starting up

I searched back through the archives using KDE as a keyword and as far as I can tell I am the only OpenBSD post. This is typical for me. I end up with a unique problem that no one can solve because it never came up before. Sigh, I guess its FreeBSD or Vista on this triple boot laptop. Rob

HELP! boot hangs at setting tty flags

. Sincerely, Rob. -- Emancipate yourself from mental slavery, none but ourselves can free our minds Bob Marley, Redemption Song

GENERIC kernel compile fails at pcidevs_data.h

I cvsup'd this morning. Now I can't compile any kernels. They all hang at or near pcidevs_data.h Rob -- Emancipate yourself from mental slavery, none but ourselves can free our minds Bob Marley, Redemption Song

Re: HELP! boot hangs at setting tty flags- solved

I found a reference to commenting out tty03 in /etc/ttys. The machine now boots. Why? I have no idea. Rob. -- Emancipate yourself from mental slavery, none but ourselves can free our minds Bob Marley, Redemption Song

Re: Azalia driver locks up computer Sony SZ460N

Gqmeg works so its either XMMS or the way XMMS controls the driver. I will recompile XMMS. -- Emancipate yourself from mental slavery, none but ourselves can free our minds Bob Marley, Redemption Song

Azalia driver locks up computer Sony SZ460N

Here is the dmesg. Note that I have #define AZALIA_DEBUG but there are no debug messages. OpenBSD 4.2-current (ROBKERN3) #0: Mon Dec 10 21:56:24 PST 2007 root@:/usr/src/sys/arch/i386/compile/ROBKERN3 cpu0: Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz (GenuineIntel 686-class) 2.01 GHz cpu0:

boot hangs at setting tty flags

merging /etc/ So I am at a total loss. The computer requires a hard reboot so I can't generate any output to look at. Thanks, Rob. -- Emancipate yourself from mental slavery, none but ourselves can free our minds Bob Marley, Redemption Song

Re: boot hangs at setting tty flags

A temporary hack: I changed the following in /etc/rc: echo 'setting tty flags' #ttyflags -a Previously it wasn't commented out. Now who knows what can of worms this hack will open up. Rob. -- Emancipate yourself from mental slavery, none but ourselves can free our minds Bob Marley

more unimplemented commands in azalia driver

. I assume those are OSS commands. Thanks, Rob -- Emancipate yourself from mental slavery, none but ourselves can free our minds Bob Marley, Redemption Song

Re: cbb0: controller is missing in dmesg

update to pccbb.c r1.54 and pccbbvar.h r1.13 and it should work again. Miod Hi Miod, Thanks for your help but I am back to where I was in the beginning. No power gets to the PCMCIA cards. Here is the DMESG with debug options turned on. Sincerely, Rob

Re: cbb0: controller is missing in dmesg

update to pccbb.c r1.54 and pccbbvar.h r1.13 and it should work again. Miod Hi Miod, I just cvsup'd and the version of pccbb.c is still at 1.53. It must take quite a bit of time for the change to propagate. I will keep watch for the new version. Sincerely, Rob. -- Emancipate yourself from mental

Re: OpenBSD in the webcomic XKCD

On Nov 26, 2007 4:11 AM, mickey [EMAIL PROTECTED] wrote: poor dude pbly cannot do adding proper in his disklabel... MATH WORKS BITCHES! The 'poor dude' is known for posting smart, mathy, and generally insightful comics. Try browsing through his comics some. As for me, the comic was perfectly

cbb0: controller is missing in dmesg

if there is something special about my laptop so that OpenBSD can't support cardbus and pcmcia? PCMCIA cards work fine in FreeBSD and Vista. Sincerely, Robdmesg below -- OpenBSD 4.2-current

Re: cbb0: controller is missing in dmesg

On Nov 29, 2007 12:27 PM, Rob Lytle [EMAIL PROTECTED] wrote: Hi all, I cvsup'd today and saw that /usr/src/sys/dev/pci/pccbb.c had been changed. I turned on all the bugging code I could, and I get in the dmesg cbb0: controller is missing. Yet right above it in the dmesg is says cbb0

Re: cbb0: controller is missing in dmesg

On Nov 29, 2007 3:04 PM, Rob Lytle [EMAIL PROTECTED] wrote: On Nov 29, 2007 12:27 PM, Rob Lytle [EMAIL PROTECTED] wrote: Hi all, I cvsup'd today and saw that /usr/src/sys/dev/pci/pccbb.c had been changed. I turned on all the bugging code I could, and I get in the dmesg cbb0

Re: cbb0: controller is missing in dmesg

On Nov 29, 2007 3:33 PM, Rob Lytle [EMAIL PROTECTED] wrote: On Nov 29, 2007 3:04 PM, Rob Lytle [EMAIL PROTECTED] wrote: On Nov 29, 2007 12:27 PM, Rob Lytle [EMAIL PROTECTED] wrote: Hi all, I cvsup'd today and saw that /usr/src/sys/dev/pci/pccbb.c had been changed. I turned

Cardbus does not work on Sony SZ460N

as I have its debug turned on. Note the same dmesg lines and behavior were observed with the GENERIC kernel. Also, no leds turn on with any pcmcia device I've tried so it seems that cards are not getting any power. Thanks, Rob

Re: Cardbus does not work on Sony SZ460N- w. debug code dmesg

On Nov 26, 2007 10:21 AM, Rob Lytle [EMAIL PROTECTED] wrote: Hi, Cardbus/pcmcia is dead on my laptop. I think I have identified the dmesg lines that shows what happens. But I don't know why: cbb0: bad Vcc request. sock_ctrl 0xff88, sock_status 0xfff cardslot0 at cbb0 slot 0 flags

Re: Cardbus does not work on Sony SZ460N- w. debug code dmesg

) Message-ID: [EMAIL PROTECTED] Date: Mon, 26 Nov 2007 12:55:15 -0800 From: Rob Lytle [EMAIL PROTECTED] To: misc@openbsd.org Subject: Re: Cardbus does not work on Sony SZ460N- w. debug code dmesg MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X

Re: Getting HD Audio to work on Sony VIAO SZ460N

Thanks for the great work Deanna. I'm sure other Sony laptop owners are appreciative as well. Now to start work on the wpa_supplicant. Sincerely, Rob. -- Emancipate yourself from mental slavery, none but ourselves can free our minds Bob Marley, Redemption Song

How do you start a non-standard daemon/program near end of boot?

. Thanks, Rob -- Emancipate yourself from mental slavery, none but ourselves can free our minds Bob Marley, Redemption Song

Re: How do you start a non-standard daemon/program near end of boot?

NetOne - Doichin Dokov said: Rob Lytle P=P0P?P8Q
P0: Hi, I've read all the relevant boot and rc type manuals and they only give a vague reference to starting programs with rc.local or rc.conf.local. I want to start wpa_supplicant and I haven't seen any variables for doing it. Some OS's

Re: Getting HD Audio to work on Sony VIAO SZ460N

Rob Lytle writes: I am running -current cvsup'd as of a day ago. First of all, with the generic kernel, any attempt at using audio locks up the computer and requires a hard reboot. I went in and deleted all sound entries except azalia and the lockups ended. Please post your GENERIC dmesg

Getting HD Audio to work on Sony VIAO SZ460N

. Set mixerctl outputs.volume=255. Set inputs.dac4=255,255 or set the mixer control on XMMS to dac4. Still I have no headphone output. The previous post on headphone audio didn't work for me. Sincerely, Rob. -- Emancipate yourself from mental slavery, none but ourselves can free our minds Bob

Re: Getting HD Audio to work on Sony VIAO SZ460N

Rob Lytle writes: So I am SOL with the -current azalia driver. Well, no, you are not SOL, since you are willing to run -current and I am willing to fix it for you ;) Please try a -current kernel with 'option AZALIA_DEBUG' in the config file and this patch applied, then mail me the new dmesg

Re: max-src-conn-rate rule question

On 10/24/07, Henning Brauer [EMAIL PROTECTED] wrote: * Rob [EMAIL PROTECTED] [2007-10-24 00:05]: Note that I wouldn't use a flush global directive for a rule like this, because it can lead to a neat DoS where somebody can spoof one of your own IP addresses and shut down any ssh sessions you

Re: max-src-conn-rate rule question

On 10/23/07, david l goodrich [EMAIL PROTECTED] wrote: Nobody? Sad, it's still doing it. On Sun, Oct 21, 2007 at 02:22:43PM -0500, david l goodrich wrote: I've set up a max-src-conn-rate rule on my gateway router to mitigate brute-force ssh attacks. This router protects a /28 subnet,

Re: max-src-conn-rate rule question

On 10/23/07, david l goodrich [EMAIL PROTECTED] wrote: On Tue, Oct 23, 2007 at 02:55:41PM -0700, Rob wrote: On Sun, Oct 21, 2007 at 02:22:43PM -0500, david l goodrich wrote: I've set up a max-src-conn-rate rule on my gateway router to mitigate brute-force ssh attacks. This router

Re: [Newbie] OpenBSD HTTP proxy

Hi, I'm using TOR with good success here in China. Try torpark for windows, this will give your friend a preconfigured package of tor + firefox, ready to run (no need to setup a proxy on your site). REgards /Rob Tony Bruguier wrote: Hi all, I am an OpenBSD newbie (although I have used

Re: Is AMD64 page out of date about W^X?

@openbsd.org Sent: Friday, September 28, 2007 10:24 PM Subject: Re: Is AMD64 page out of date about W^X? Rob Waite wrote: It also runs on the Intel ia32e processors (...) but since Intel left out support for the page table NXE bit (No-EXecute) there is no W^X support on the Intel CPUs. Perhaps

Re: Is AMD64 page out of date about W^X?

I am sorry to keep bringing this up... but I have still not heard any authoritative answer to my question. It seems very likely that the newer Intel ia32e chips do indeed support W^X. By newer I mean since early 2005. Right now the AMD64 page says: It also runs on the Intel ia32e processors

Re: RAID1 powerloss - can parity rewrite be safely backgrounded?

On 9/25/07, Matt [EMAIL PROTECTED] wrote: I'm running a RAID1 mirror on OpenBSD 4.1 (webserver) On a power failure the parity becomes dirty and needs rewriting, which results in 1.5 hours 'downtime'. Is it safe to background this in /etc/rc or is that a no-no? I found a reference this was

Re: SMTP flood + spamdb

Oh, I'm not saying it doesn't work. What I'm saying is, greylisting is trivial to bypass, and some spammers have figured that out. Amazingly, most of them still haven't, which is why it still works in a significant number of cases. Just to give an additional data point here: I work for

Re: SMTP flood + spamdb

Hannah, On 9/26/07, Hannah Schroeter [EMAIL PROTECTED] wrote: Hi! On Wed, Sep 26, 2007 at 02:03:03PM -0700, Rob wrote: [...] While watching the connection logs, I've noticed that a large majority of spammers get the first spamd response (250 Hello, spam sender. Pleased to be wasting your

spamd shows up as an open relay

Hey guys, We just ran across an odd intermittent problem with email that we traced back to spamd showing up as an open relay. I double-checked the documentation and mailing list archives and didn't find anything relevant. Our mail server is bara.nccn.net, 12.165.58.50. There is a

Re: spamd shows up as an open relay

Hi Jeremy, On 9/25/07, Jeremy C. Reed [EMAIL PROTECTED] wrote: On Tue, 25 Sep 2007, Rob wrote: We just ran across an odd intermittent problem with email that we traced back to spamd showing up as an open relay. I double-checked the documentation and mailing list archives and didn't find

Re: spamd shows up as an open relay

. On 9/25/07, Stuart Henderson [EMAIL PROTECTED] wrote: On 2007/09/25 14:50, Rob wrote: Is there some configuration for spamd that I've missed You could run inbound and outbound email on different IP addresses, and don't accept incoming port 25 connections on the address used as a source

Re: spamd shows up as an open relay

On 9/25/07, Stuart Henderson [EMAIL PROTECTED] wrote: On 2007/09/25 17:35, Rob wrote: Since this is happening during the conversation with our inbound mail server, I don't see how filtering connections between our inbound and outbound mail servers would fix it. From what you say

Re: Wasting our Freedom

I do happen to agree with one of Jason Dixon's original arguments: this and the related discussions on this list are an utter waste of time and resources. (Of course, this means I'm going to contribute to the waste a little more.) Theo made his arguments. There have been some conversations

Re: sudo wheel group

On 9/16/07, Chris [EMAIL PROTECTED] wrote: So what's the ideal way to do things? Adding joeuser in the wheel group and then add - joeuser ALL=(ALL) ALL in sudoers? And when the joeuser account gets cracked, the cracker would be able to run privileged commands? That defies the whole purpose.

Re: OpenBSD Install Goal

One of the other sysadmins where I work has mostly used Linux, and got used to their various hand-holding tactics. I've been gradually moving us over to OpenBSD (and got them to purchase a CD set, and hopefully some meager donations soon). Usually, I handle the installation and administration, but

Re: Wasting our Freedom

I can appreciate your intentions, but you're recommending waging a propaganda campaign against a group of people that aren't going to be moved by it. Theo de Raadt is both knowledgeable, public, and straightforward, and convincing a bunch of folks who are not also knowledgeable, public, and

Re: SSH brute force attacks no longer being caught by PF rule

Although this doesn't answer your actual pf question, you might try using a tool called Grok (http://www.semicomplete.com/projects/grok/). It's a pretty decent log watcher written in Perl, designed to do exactly this sort of thing. You define matches and reactions in its config file (match =

Re: SSH brute force attacks no longer being caught by PF rule

On 8/8/07, Daniel Cid [EMAIL PROTECTED] wrote: Please, don't use grok for that! From what I saw it is vulnerable to very simple log injection attacks (you need much more string regexes): http://www.ossec.net/en/attacking-loganalysis.html Ack. Thanks for pointing that out. Some attacks can

Re: OT: serial console through S-Video 7-pin locking dub connector?

the correct signals. /Rob

Re: OpenBSD 4.1 install issue??

Yeah... sorry you are also having the problem.. if you have an evening to start from scratch... I think you could fix it though. I am not sure about this moving back from current to stable. This is what I did (and it could have been more efficient) 1) Downloaded the source trees (src.tar.gz

Re: OpenBSD 4.1 install issue??

Oh yeah... I also noticed that others were trying the snapshot. I do not think you should run it at all. I only used it to see if the change to vmparam.h was likely to be the culprit. If you are getting the uvm_page_physload: ... increase VM_PHYSSEG_MAX error (and you wont see it easily... it

Why is pf blocking some port 80 traffic??

Hello.. I just added a rule to allow port 80 traffic into my server and started noticing some odd blocks occuring. It seems that some web connections are losing their state and sending an R or F flag which gets blocked. I am not sure of the time but I think once I was refreshing the page and it

Re: OpenBSD 4.1 install issue??

help! Rob - Original Message - From: Tom Cosgrove [EMAIL PROTECTED] To: Rob Waite [EMAIL PROTECTED] Sent: Tuesday, May 01, 2007 11:58 AM Subject: Re: OpenBSD 4.1 install issue?? Rob Can you try a snapshot? VM_PHYSSEG_MAX was upped from 5 to 16 at the end of March; this should help

Re: OpenBSD 4.1 install issue??

One thing I neglected to include in my hand written dmesg was that amd64 seems to use CDBOOT 1.08 and i386 uses CDBOOT 1.06, unless my video capture made the 6 look like an 8. Maybe this is by design. Anyway.. I will stop flooding this board with my messages. Sorry ; )

x86 hardware for router system

Ethernet Controller I notice that the 4V variety is not listed in the em driver. Could anybody clarify a possible issue with this. Does the 4V version have supported drivers? Cheers Rob I also need to find a rack case to fit it all in For the interested, here's my current ebuyer.co.uk

Re: blobs are bad

On 10/19/06, Darrin Chandler [EMAIL PROTECTED] wrote: On Thu, Oct 19, 2006 at 11:34:49AM -0600, Theo de Raadt wrote: 2006/10/18, ICMan [EMAIL PROTECTED]: I have read this thread, and I don't get it. Doesn't it benefit card companies to have open source communities making their

Problem sendmail won't

provide. --Rob - Eirik Goransson / Rob Baldassano Member, Barony of Endless Hills; House Odlahorde; Viking All around Good Egg ; VROC #5029 (Tigger) come visit http://www.dracowolf.com Do you Yahoo!? Get on board. You're invited to try the new Yahoo! Mail.

Odd sendmail behavior

Need some help. All of a sudden, sendmail wont. I can't even send myself a test message from the server. I'm currently running 3.6 (in the process of getting another box up on 3.9 so that I can migrate over), but could use some help diagnosing this issue. Thanks, --Rob

[EMAIL PROTECTED]: Re: amd64 bsd.mp keyboard problems]

- Forwarded message from Rob Sessink [EMAIL PROTECTED] - Date: Fri, 25 Aug 2006 11:19:57 +0200 From: Rob Sessink [EMAIL PROTECTED] To: Mark Kettenis [EMAIL PROTECTED] Subject: Re: amd64 bsd.mp keyboard problems X-Operating-System: OpenBSD/3.9 (amd64) User-Agent: Mutt/1.5.11 Mark Kettenis

amd64 bsd.mp keyboard problems

to the bsd.mp kernel. I am using now the normal bsd kernel, but i didn't buy that dual core pc to use only 1 cpu. Does anynody have some pointers to fix this issue. Regards Rob Sessink

Re: serving DNS: the chicken and the egg

You first need to register your server as a DNS with your registrar before you can set it as an authoritative server. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jacob Yocom-Piatt Sent: Saturday, July 29, 2006 10:34 AM To: misc@openbsd.org Subject:

Re: OpenWebMail (package)

Thanks Vijay, That's what I needed, was the memory jog (or was that a memory flush?) to remind me how to check the dependencies. I've got the list now (looks like 9 dependencies) so I'll start with those :D --Rob Vijay Sankar [EMAIL PROTECTED] wrote: Did you just download

Re: OpenWebMail (package)

Thank you everyone. Good meaningful suggestions from all. ... I got OpenWebMail installed, and am in the process of reading through what I need to do to configure it for use. Thanks again everyone. --Rob Marcus Barczak [EMAIL PROTECTED] wrote: On 21/07/2006, at 2:28 PM, Rob

Re: looking for clue

you WANT your clients to constantly get new IPs? it disrupts SSL communication traffic, especially when you are dealing with external ly available IPs. --Rob Peter Blair [EMAIL PROTECTED] wrote: On 7/20/06, Rahul Sharma wrote: Hi Peter Phillips, It is not Mr. Eric Pancer but me

OpenWebMail (package)

? --Rob (starting to come up to speed) - Eirik Goransson / Rob Baldassano Member, Barony of Endless Hills; House Odlahorde; Viking All around Good Egg ; VROC #5029 (Tigger) come visit http://www.dracowolf.com Do you Yahoo!? Get on board. You're invited

<    1   2   3   >