On 7/26/06, Gustavo Rios <[EMAIL PROTECTED]> wrote:
# Pass encrypted traffic to/from security gateways
pass in proto esp from $GATEWAY_B to $GATEWAY_A
pass out proto esp from $GATEWAY_A to $GATEWAY_B
In the last two line above, if i wanted to specify the interface,
whi
On 7/25/06, prad <[EMAIL PROTECTED]> wrote:
what is the best way to stop those robots and spiders from getting in?
The sure way to stop robots and spiders is to shut down your web
server. I don't suppose that's the answer you're looking for.
Treat malicious robots as malicious/unwelcome users.
On 7/24/06, Matthias Bertschy <[EMAIL PROTECTED]> wrote:
I have encountered this problem, and Kenneth helped me with some diffs.
Glad to see you got a follow-up on that thread. I didn't find it in
the archives, though. When can one obtain these diffs?
I have tested them and they work, but I
When using the alias clause (per dhclient.conf(5)), I encounter a
problem with dhclient: it immediately exits after obtaining a lease.
It does seem to set the requested alias, however.
It exits with the following syslog messages:
Jul 22 16:14:11 sol dhclient[1937]: buf_read (connection closed)
Ju
On 7/21/06, Pedro Timsteo <[EMAIL PROTECTED]> wrote:
In bash, I often type a command, but then think "I want to have all the
xterm for this", so I press CTRL-L and then RETURN.
How about the follwoing: press CTRL+A, prepend "clear; " to your
command line and use CTRL+E to return to where you we
On 7/14/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Does the dhcpd that is shipped with OpenBSD 3.7 support the ability
to update bind?
No, it does not.
Does the dhcpd that is shipped with OpenBSD 3.9 support this?
IIRC, it does not support it either.
If not, is the recommended app
On 7/9/06, Jacob Yocom-Piatt <[EMAIL PROTECTED]> wrote:
i'm building a machine on the cheap for colocation. what is the most affordable
card that will do hardware SATA RAID? i've seen ~220 usd for the MegaRAID 150-4.
If you're using it for co-location, remember that the 150-4 isn't
exactly low
On 7/6/06, Bharj, Gagan <[EMAIL PROTECTED]> wrote:
Our server is getting hammered on a daily basis by IPs trying to open
an ssh session.
The archives contain a myriad of options to mitigate the effects of
brute force attacks, etc. This topic has been (repeatedly) beaten to
death on this list, i
On 7/6/06, Bernd Schoeller <[EMAIL PROTECTED]> wrote:
On Thu, Jul 06, 2006 at 01:33:52PM +0200, [EMAIL PROTECTED] wrote:
> Is there any way to combine htaccess with one-time-pads?
Looks like a difficult task, as http is not session based. So, the
brower would ask for a new OTP on every GET reque
On 7/6/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Is there any way to combine htaccess with one-time-pads?
How about using mod_auth_radius and supporting S/Key or OTP in your
RADIUS back-end? You allow the user to login with realm
@skey.domain.ext, in order to let the RADIUS server select
On 7/4/06, Joachim Schipper <[EMAIL PROTECTED]> wrote:
On Tue, Jul 04, 2006 at 11:07:37AM -0700, Ginja_Ninja wrote:
> 3. Ultra secure remote login away from home on the laptop.
Run it over IPsec, or OpenVPN if you want to be able to pass broken
firewalls. (Note - setting up IPsec on OpenBSD is
On 7/4/06, FTP <[EMAIL PROTECTED]> wrote:
but my current permissions are:
-rwsr-sr-x 1 root wheel 35830 Jun 26 13:05 openwebmail.pl
I thought that the above are correct?
Have you checked that the partition your /var/www resides on is not
mounted with the 'nosuid' setting?
Cheers,
Rogier
On 7/4/06, sonjaya <[EMAIL PROTECTED]> wrote:
How to blok ddos/Flooding/ssh brute attack with pf .
This subject has been pretty much beaten to death. In the list
archives, you will find a myriad of solutions people use for this
problem. Please read the archives before posting (and flogging th
On 6/29/06, Stuart Henderson <[EMAIL PROTECTED]> wrote:
On 2006/06/29 09:40, Karsten McMinn wrote:
> On 6/29/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> >My big problem is in selecting which SATA-Card (I've only used Dawicontrol
> >on OBSD) and if I should buy one with four ports or two wi
On 7/4/06, mike <[EMAIL PROTECTED]> wrote:
On Tue, 4 Jul 2006 00:34:53 -0700 (PDT) Rob Baldassano wrote:
> I have been running OpenBSD 3.6 since the day it came out, and am now
> in need up going to 3.9
why don't you start here:
http://www.openbsd.org/faq/upgrade39.html
Please be careful with
On 6/28/06, Thomas Bvrnert <[EMAIL PROTECTED]> wrote:
i've done several tests and i got bad values :-(
From what I've seen in the list archives (hint), the 4801 CPU's aren't
exactly powerhouse equipment. Don't expect a level of performance that
these machines were not designed for.
They are
On 6/28/06, Juan Luis Moyano <[EMAIL PROTECTED]> wrote:
Hi guys, is there any script or some package that lets me connect my
obsd box automatically to an unsecured wireless AP?
Yes, sed(1) would probably work. I suppose parsing the output for
ifconfig -M would do the trick. IIRC, ifconfig -M do
On 6/25/06, FTP <[EMAIL PROTECTED]> wrote:
on a 3.9 newly installed box I started DHCPD. The clients do obtain an IP
address but cannot go 'out' to the Internet.
Which is entirely expected behaviour as dhcpd does not provide routing
services or NAT features. It provides addresses and configurat
On 6/25/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Yes, but the first thing for me is to learn how the system works and this
is also a part of my diploma project.
If you want to get to know the system, read afterboot(8) and the fine
documentation (such as the FAQ, etc.). I find those far
On 6/24/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Where can I find any info concerning the purpose of every file in OpenBSD?
Manual pages to start are hier(7) and whatis(1).
I am trying to make it smaller by deleting unuseful files.
Even when you install all the sets and source code
On 6/23/06, Joco Salvatti <[EMAIL PROTECTED]> wrote:
[Fri Jun 23 15:42:51 2006] [error] (13)Permission denied: exec of
/cgi-bin/nagios/tac.cgi failed
A quick guess: check your file permissions for tac.cgi. From errno(2):
13 EACCES Permission denied. An attempt was made to access a file in a
wa
On 6/20/06, sonjaya <[EMAIL PROTECTED]> wrote:
i try put postfix n amavisd-new as mx in openbsd 3.9
Your question seems to have to with Postfix rather than OpenBSD.
Hence, this is not really the appropriate list.
Besides that, given the error message, I suspect careful reading
should provide
On 6/8/06, Lars Hansson <[EMAIL PROTECTED]> wrote:
How I wish it was as easy with APNIC [...]
Well, I'd say Google is your friend. The process at APNIC seems pretty
similar to RIPE's. At least, it does so at first glance.
Through Googling for "obtain apnic person object", I end up at:
http://s
On 6/8/06, Lars Hansson <[EMAIL PROTECTED]> wrote:
I wanted to try SixXs but I dont have an apnic (or other rir) handle.
Getting one of those is relatively easy. I'd recommend filling out the
template for a person or role object:
http://www.apnic.net/db/ref/db-objects.html
As for SixXS access,
On 5/26/06, edgarz <[EMAIL PROTECTED]> wrote:
So, is here any way how to whitelist blacklisted hosts from
sbl's(spamcom, spamhaus, etc.) for ONLY ONE DOMAIN.
i'm using postfix.
This is probably more of a postfix question than an OpenBSD one. A
quick glance of the documentation at postfix.org
On 5/24/06, viq <[EMAIL PROTECTED]> wrote:
How about authpf? SSH into box, and as long as session is active, you
don't get redirected to spamd - with a tiny bit of settings.
You're correct on not getting redirected to spamd. However, such a
setup will only work on networks that do not block out
On 5/24/06, Jakub G3azik <[EMAIL PROTECTED]> wrote:
Sounds good, but telling all those users to change their MUA config..
For roaming users, they are likely to be confronted with outbound port
25 blocks on more and more networks. Given those conditions, they're
likely to have to change their co
On 5/18/06, Abel Talaversn Estevez <[EMAIL PROTECTED]> wrote:
I've read "man pf.conf" and it says:
Tables can also be used for the redirect address of nat and rdr rules
and in the routing options of filter rules, but only for round-robin pools.
But... why tables can't be used with bin
On 5/9/06, Miguel <[EMAIL PROTECTED]> wrote:
i have the interface fxp0 monitored with mrtg and i see >768 kbps right
now, how can i check what is not working?
The Altq mechanism only controls outbound traffic. IIRC the PF FAQ
also mentions this. To obtain (partial) control over incoming externa
On 5/6/06, stan <[EMAIL PROTECTED]> wrote:
Is there a way that I can adjust the sensitivty of wmoused?
Although I work mostly with a CLI, I suppose the following sounds
promising, citing from wsmouse(4):
"The wsmouse driver provides a number of ioctl functions to control
various parameters (se
On 5/5/06, carlopmart <[EMAIL PROTECTED]> wrote:
I need to assign to each user a x509 cert and IP associated to this cert
As I haven't yet tried the ipsecctl and ipsec.conf tools, I cannot
tell you whether they support IKECFG to hand out IP addresses based on
certificates. The man page lists th
On 5/5/06, carlopmart <[EMAIL PROTECTED]> wrote:
Somebody knows when ipsec faq will be published on openbsd website??
It used to be published there but it was taken down. A quick search
through the list archives should provide a more definite answer as to
why. Alternatively, look up the old v
On 5/4/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
Stop in /usr/XF4/xc-old/programms/Xserver/hw/xfree86/XF86Setup
A quick guess: did you install the tcl and tk packages? IIRC, the FAQ
mentions those as a prerequisite for building XF86Setup on i386.
The lines in the preceding source code d
On 5/3/06, paul dansing <[EMAIL PROTECTED]> wrote:
php is required in order to use many of the more mature web
applications such as forum software.
It's open for debate whether maturity also extends to the platform
chosen for an application. Fortunately, everyone gets to decide that
for themsel
Given your combined mention of IPSec and pfsync, I trust you want to
setup pfsync between peers that are located on different networks.
Check out ifconfig(8) bits on syncpeer to setup pfsync(4). You'll want
to setup a flow between these two peers so that the traffic between
them is protected.
On
On 4/22/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> I installed box booting from PXE and then with lastest snapshot.
> After that I used:
>
> # export [EMAIL PROTECTED]:/cvs
> # cd /usr; cvs checkout -P -rOPENBSD_3_9 src
You're going at it in a way that is not recommended (and thus
unsuppor
On 4/12/06, Bryan Irvine <[EMAIL PROTECTED]> wrote:
> I've just installed a new firewall, and i'm trying to get spamd to log
> to /var/log/spamd.
Have you SIGHUP'ed the syslogd process? It should re-read its
configuration file at that point, using your new configuration.
> !spamd
> daemon.err;da
On 4/7/06, Gilles Chehade <[EMAIL PROTECTED]> wrote:
> It requires some configuration tuning, not a switch to another httpd.
You're probably right on this. The OP may want to look at recent
configuration changes, runaway scripts and the like.
For instance: does the server config perform DNS looku
On 3/23/06, Michael Hernandez <[EMAIL PROTECTED]> wrote:
> I have a feeling this has been asked before but I'm sure there
> are new readers on this list (such as myself) that could benefit from
> a repeated answer.
It certainly has. Did you search the list archives? You can easily
find the answer
On 3/21/06, Smith <[EMAIL PROTECTED]> wrote:
> I would even consider doing away with dns and point everyone to the isp
> dns along with using static ip addresses.
To avoid timeouts, I recommend you check out the FAQ [1] first before
doing away with (Reverse) DNS. Distributing hosts files to your
c
On 3/21/06, Joachim Schipper <[EMAIL PROTECTED]> wrote:
> Amavisd has a very good algorithm for balancing backups. It is, sadly,
> otherwise a bit of a pain to get going.
I suspect you mean amanda (misc/amanda in ports).
Cheers,
Rogier
--
If you don't know where you're going, any road will get
On 3/1/06, Steffen Wendzel <[EMAIL PROTECTED]> wrote:
> I try to find out how many energy is left on my battery. I run
> OpenBSD 3.8. My notebook does not support APM but ACPI
In that case, you should probably give -current snapshots a spin.
There has been quite a bit of work on ACPI since 3.8. Ap
On 2/16/06, yo2lux <[EMAIL PROTECTED]> wrote:
> arp -s 192.168.10.127 00:50:fc:9d:81:e7 permanent
With this command, you're only creating an ARP entry, not a filter of some sort.
> [...] but nothing happen, my network connection between gateway
> work with all internal IP.
This behaviour isn't
On 2/9/06, Brian Shackelford <[EMAIL PROTECTED]> wrote:
> ! sh -c "pfctl -e -f /etc/pf.conf"
You could use the (ppp0) syntax and enable pf by default instead. That
way, it will deal with the address as it is present on the ppp0
interface. At the same time, it will keep the rest of your networks
pr
On 2/3/06, Charles Sprickman <[EMAIL PROTECTED]> wrote:
> It either freezes or panics when probing (or creating?) "rd0", which I
> assume is the ramdisk used in the install. It runs 3.3 fine.
Perhaps you need to look at the FAQ if you're running i386:
upgrading/reinstalling OpenBSD/i386 using bsd
On 1/21/06, Greg Thomas <[EMAIL PROTECTED]> wrote:
> If I'm out of my mind please let me know. It is working but I can
> always use my last resort of buying a USB cable and plugging it into
> my OpenBSD box or I can put my wireless/parallel
If you have the spare PCI slot available, you could also
On 1/15/06, Pete Vickers <[EMAIL PROTECTED]> wrote:
> While we're on this subject, what about adding something like "
> sysctl -w | grep hw.sensor" to /etc/daily ? I'd consider the output
> of such to be as useful as the status of disk space etc.
If you're concerned about temperature readings and
On 1/15/06, Dave Feustel <[EMAIL PROTECTED]> wrote:
> How can ssh be used to connect to a computer with a (variable)
> dhcp-assigned ip address, given that the ip address can change
> at any time?
Your problem is not with SSH.
Although I cannot say whether your situation will allow for it, try
ob
On 1/12/06, RV Tec <[EMAIL PROTECTED]> wrote:
> Tyan. The S2880, mentioned by Peereboom has been replaced by S2882. Does
> anyone know if this is still supported?
The S2882 and S2882-D work like a charm for me. Both in UP and MP
modes. Dmesg for the S2882-D is below (also sent to dmesg@). Where it
On 1/12/06, Craig Skinner <[EMAIL PROTECTED]> wrote:
> On Thu, Jan 12, 2006 at 11:19:54AM +0100, Otto Moerbeek wrote:
> >
> > Austin was asking for a euro zone bank.
>
> Last time I looked, the UK was on a map of Europe.
>
> Many UK banks are multi-currency.
According to the EC regulation 2560/200
On 1/10/06, Chris <[EMAIL PROTECTED]> wrote:
> but dnssec-makekeyset dont seem to exist in my system.
>
> I m doing something wrong or it is not possible to allow dynamic updates
> with SIG in openbsd. I think with BIND 9 is possible.
You may want to look into dnssec-keygen(8). It can also generat
On 1/9/06, Alexander Farber <[EMAIL PROTECTED]> wrote:
> What's actually meant by "shared network" and why is it bad (is it somehow
> related to broadcasts?). The ifconfig shows my cards being on 2
> different networks:
As mentioned in dhcpd.conf(5), a shared network is a set of (logical)
networks
On 12/18/05, Michael Steinfeld <[EMAIL PROTECTED]> wrote:
> any ideas?
You're probably dealing with FAQ item #10.16: dealing with Apache's chroot()
http://www.openbsd.org/faq/faq10.html#httpdchroot
> "/var/www/users/mike/rails/public/dispatch.fcgi" (pid 9195), chdir()
> failed: No such file or di
On 11/27/05, Sanjay Arora <[EMAIL PROTECTED]> wrote:
> Now, some quick question...which BSD flavour to try first...thrust is on
> easy to install & learn for a newbie.
You really should view the installation manuals for each of the three systems
to get an idea as to what you should do. Only you ca
On 11/27/05, Sanjay Arora <[EMAIL PROTECTED]> wrote:
> Newbie for freeBSD. One question freeBSD vs openBSD...what's
> the difference
You may want to just get some first-hand experience: compare the
(Open, Net and Free) BSD's yourself. Think of what (set of) task(s)
you want to accomplish and your
On 11/27/05, J Moore <[EMAIL PROTECTED]> wrote:
> On Sun, Nov 27, 2005 at 01:16:27AM -0600, the unit calling itself Matthew
> Weigel wrote:
> > You should probably look to
> > http://www.openbsd.org/cgi-bin/man.cgi?query=popa3d first.
>
> Yep - I looked at it first... but IIRC it doesn't support
On 11/10/05, Lionel Vidal <[EMAIL PROTECTED]> wrote:
> Sorry to not give the whole log of messages, but I cannot copy them
> except by writing them fast on paper. I could get some specific part
> if required though.
Try attaching a serial console. See the FAQ [1] for more details. You
will want to
On 11/7/05, Per-Olov Sjvholm <[EMAIL PROTECTED]> wrote:
> The compat list is not always that clear. How many people know that the LSI
> Logic 150-4 and 150-6 MegaRAID cards are actually known as the compatible
> card "LSI/Symbios 523 SATA"?
Probably, those that read the misc@ archives or those who
On 11/2/05, Dag Richards <[EMAIL PROTECTED]> wrote:
> Though without redundant switches you have your new single point
> of failure is the switches.
Which, in many cases, already was a single point of failure. Keeping a
few spare, low-grade switches at least allows you to get things back
up quickl
On 11/2/05, Gustavo Rios <[EMAIL PROTECTED]> wrote:
> Would this approach requires any special support into the switch
> device?
CARP does not require special support, I suppose. Rather, it requires
a more feature-rich switch not blocking its traffic (multicast). In
other words: if you don't disab
This is more a "me too" than a solution, I'm afraid.
On 10/31/05, Hannah Schroeter <[EMAIL PROTECTED]> wrote:
> If I include an alias directive in /etc/dhclient.conf, dhclient exits
> after having acquired a lease, the syslog messages are like this:
This is quite similar to something I also exper
On 10/30/05, PARAMVIR DHINDSA <[EMAIL PROTECTED]> wrote:
> > But CPU fan (constantly running) has never been a
> problem on MS-Windows and FreeDOS. In fact it seldom
> runs on these OSs if never.
Your comparison of "it works on X" is not really worthwhile as it is
unlikely to solve your problem wi
On 10/28/05, Jared Solomon <[EMAIL PROTECTED]> wrote:
> Roger, thanks for the tip, enabling verbose helped me fix it.
It has come through for me on several occasions when some hardware
component was messing things up. Typically, I check with another BSD
flavour or a Knoppix CD in case of problems
On 10/28/05, Jared Solomon <[EMAIL PROTECTED]> wrote:
> What is the installer detecting post fdc0 that I can disable to allow
> it to boot and install (and then I can post a dmesg!)
Perhaps booting with a verbose output provides you with more
information on the culprit.
boot -c
UKC > verbose
Als
On 10/25/05, frantisek holop <[EMAIL PROTECTED]> wrote:
> is openssh public domain?
Considering the text on the OpenSSH homepage that mentions OpenSSH
being "freely useable and re-useable by everyone under a BSD license"
[1], I'd say it isn't in the public domain. Of course, the LICENSE
file [2] i
On 10/23/05, Monah Baki <[EMAIL PROTECTED]> wrote:
> Until 4 days ago, I no longer receive email on my server. I thought it was
> my provider (cox) since they block inbound and outbound smtp.
In the first case, you're out of luck unless you find an external
party that can relay your e-mail to you
On 10/23/05, Ken Gunderson <[EMAIL PROTECTED]> wrote:
> Now my question is whether there is some way to shorten
> this delay that I'm missing?
Did you read through the list archives? This matter is well-discussed.
Other OS'es, such as NetBSD, use a different way for the checking of
parity (i.e. in
On 10/23/05, Bachman Kharazmi <[EMAIL PROTECTED]> wrote:
> And about keeping them synced, master.passwd is the most important
> thing for keeping the 'accounts' intact.
You may want to look into the yp(8) subsystem. For the enviroment you
describe, this may be what you're looking for to keep many
On 10/23/05, poncenby smythe <[EMAIL PROTECTED]> wrote:
> option root-path "/tftpboot";
IIRC, this isn't what pxeboot(8) advises you to do. Why are you
entering a root path to be found at what seems to be a TFTP location?
Specifying a root disc location would seem to be more appro
On 10/9/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> I have installed Openbsd on my computer.
> The manual says now for multi-booting with XP you must
> do dd if=/dev/rsd0a of=openbsd.pbr bs=512 count=1
Please don't type commands on the console that you don't understand
beforehand. You will
On 10/7/05, Nick Holland <[EMAIL PROTECTED]> wrote:
> Rogier Krieger wrote:
Somehow, I expected you'd reply :)
> > Giving up on the BIOS built-in LANdesk
> > 0.99 PXEboot was a little harder, but the machine is a wee bit beyond
> > its supported life cycle.
&g
We recently deployed a new fileserver:)
Most surprising thing was that it recognised a 250 GByte HDD at the
first go, without real effort. Giving up on the BIOS built-in LANdesk
0.99 PXEboot was a little harder, but the machine is a wee bit beyond
its supported life cycle.
For those interested; i
On 10/4/05, Ryan Puckett <[EMAIL PROTECTED]> wrote:
> When using 3com NICs (aka xl's) in a trunk, the trunk interface will not
> be defined after a system reboot.
Wouldn't a hostname.if(5) entry to ensure readyness of the physical
interfaces suffice? For VLAN interfaces, I usually add the followin
On 9/26/05, Steven R. Gerber <[EMAIL PROTECTED]> wrote:
> I'm looking for new SUPPORTED RAID controllers.
You may want to look into the LSI MegaRAID cards, such as the 150-4
and 150-6 SATA controllers (not the 150-2). Running the upcoming 3.8
will get you built-in RAID management support.
Persona
On 9/24/05, Kiraly Zoltan <[EMAIL PROTECTED]> wrote:
> I want to drop her Internet connection at night (11:00AM) because the
> child don't go to sleep.
It would seem your problem is primarily one of parenting and not so
much a technical one. Still, cron(8) and various self-made scripts may
prove u
On 9/23/05, John Marten <[EMAIL PROTECTED]> wrote:
> There's got to be a better way, and I'm open to suggestions.
This is really something well dealt with in the archives, so please
search those for other suggestions. I'm sure there are better options.
Personally, I use the following combination
On 9/22/05, Edy Purnomo <[EMAIL PROTECTED]> wrote:
> i'm not sure that i can do that smoothly.
> the server is our firewall and it's running :
Use a quiet window on your network to down the machine. Add a new boot
drive to the system and install the latest release or -current
snapshot. Transfer it
On 9/21/05, Johan P. Lindstrvm <[EMAIL PROTECTED]> wrote:
> I'm on the lookout for SATA cards. I am not interested in RAID (or the lack
> there of in the SATA controllers) for this assembly.
So far, Silicon Image SiI 3112 and 3114 model controllers seem to work
fine for me. In the Netherlands, the
Saw the following item in a thread on the netbsd-tech-security list
[1]. The text below deals with 1024 bit RSA keys being/becoming
practicable to crack (in about a year) as discussed in a talk at MIT
earlier.
Glad that 3.8 also includes 2048 bit keys as a default [2]. I copied
the talk announceme
On 9/10/05, Rico <[EMAIL PROTECTED]> wrote:
> After following all the steps I get the error:
> Internal Server Error
Typically, your httpd error logs will provide you with the best place
to look for fixing the problem.
Usually, it's something simple; in case of files not being found,
you're missi
On 9/6/05, Cristian Del Carlo <[EMAIL PROTECTED]> wrote:
> What can i use to connect sendmail and clamd?
Perhaps, if only for hints, you may want to take a look at MailDroid
that came across the list some time ago. It connects the in-base
sendmail to clamav through smtp-vilter from ports.
You'll
On 9/4/05, Gijs Nijholt <[EMAIL PROTECTED]> wrote:
> Why is it gone and what is the alternative?
Various messages such as [1] detail why it was removed some time ago
as it didn't work well enough. You'll want to read the rest of the
thread for more details.
Using localhost NFS mounts may provide
On 9/3/05, Ben <[EMAIL PROTECTED]> wrote:
> I've gone over my policy, conf, and batch files with a fine tooth comb, and
> can't see what the problem could be (Aside from the fact that I'm using XP):
Personally, I encountered the same problem with no proposal being
chosen. Still, retrying to get m
On 8/29/05, Miroslav Kubik <[EMAIL PROTECTED]> wrote:
> In my opinion, it is better to have it disabled as default.
This is something that has been beaten to death. You'll want to see
the archives and/or the CVS commits such as referred to in this
message [1]. In short: if you don't like X11 at po
On 8/27/05, JSD <[EMAIL PROTECTED]> wrote:
> I have a big root access problem. If someone has physical
> access to my OpenBSD box, than he/she can swith into single
> user mode (-s) and can change the password of root.
This is hardly unique to OpenBSD. How about placing your devices in a
securely
On 8/25/05, Joco Salvatti <[EMAIL PROTECTED]> wrote:
> I'd like to know where I could find informations about how to configure bind
> to work under OpenBSD 3.7.
Setting up BIND is well documented. See the files in /usr/share/doc.
You'll find the Bind ARM (in HTML format) there. Also, see the man
p
On 8/23/05, Theo de Raadt <[EMAIL PROTECTED]> wrote:
> These changes have been worked on for almost 3 years now. And they
> went in right after the tree unlocked after 3.7.
Thanks for setting me straight. It only means that, at least for my
systems, the transition has been pretty painless so far.
On 8/23/05, Theo de Raadt <[EMAIL PROTECTED]> wrote:
> This release will bring a lot of new ideas from us. One of them in
> particular is somewhat risky.
First off: I like the idea. The technical merit is obvious. I have a
question regarding the timing, though.
Is there a particular reason to go
On 8/20/05, Gary Clemans-Gibbon <[EMAIL PROTECTED]> wrote:
> I'm wondering if I could have fed a command to the boot prompt that
> would have NOT mounted the two data drives.
Yes, which is one of the times single user mode proves its
usefullness. You'll want to check boot(8) for more information,
On 8/20/05, Gary Clemans-Gibbon <[EMAIL PROTECTED]> wrote:
> /dev/rwd1a: UNEXPECTED INCONSISTENCY; RUN fsck_ffs MANUALLY.
> Can't open /dev/rwd1a: Device not configured
> CAN'T CHECK FILE SYSTEM.
You seem to have a hardware problem. Are you sure the system *detects*
your data drive? The dmesg fro
On 8/20/05, viq <[EMAIL PROTECTED]> wrote:
> Actually, I had to log in as root a few times, to build some of the ports.
> Well, maybe not _HAD_ to, but i didn't really know how to otherwise allow
> user to use more RAM just for the build.
How about using the -c option to sudo(8)? It allows you to
On 8/15/05, Luiz Otavio Souza <[EMAIL PROTECTED]> wrote:
> Why CARP not send packets with physical CARP interface address ?
Unfortunately, I do not really understand the question and/or what
you're trying to accomplish. Should anyone think I'm derailing, please
bring a clue-by-four.
Unless I'm ba
On 8/12/05, Rogier Krieger <[EMAIL PROTECTED]> wrote:
> After deploying spamd as a shield for a non-OpenBSD mail host, I
> wonder how to expand this setup to support multiple mailhosts (say
> three mx'es mxN).
Although it may be bad form to reply to oneself, any thoughts o
After deploying spamd as a shield for a non-OpenBSD mail host, I
wonder how to expand this setup to support multiple mailhosts (say
three mx'es mxN).
I couldn't find much on Google. Although the man pages on spamd and
friends are excellent in getting spamd to work, I did not find hints
to build a
On 8/4/05, Z L <[EMAIL PROTECTED]> wrote:
> I installed OBSD3.7 on my laptop. Things that are not working are:
> sound and modem (dial-up internal laptop modem) and apm.
Apart from providing the *complete* dmesg output already requested by
someone else, you will also want to check the notes on the
On 7/24/05, stan <[EMAIL PROTECTED]> wrote:
> I'm building a firewall pair, and I'm getting this error message on both
> machines of the pair. carp0 is the external interface.
>
> Where should I start looking for this?
Possible hardware troubles notwithstanding, you'll want to be positive
that th
On 7/24/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> MD5 isn't realy that secure and so I would like to have a rmd160 and sha1
> Checksum-file to ensure that I downloaded original stuff.
Changing the algorithm (or adding another, for that matter) will not
provide greater proof of authenticit
On 7/19/05, Rene Rivera <[EMAIL PROTECTED]> wrote:
> [...] I just can't follow current on a production server (as other users
> will also tell you).
At the risk of sounding discourteous, you should get yourself a proper
test environment. That way you can leave your production equipment
alone.
For
On 7/18/05, edgar mortiz <[EMAIL PROTECTED]> wrote:
> a: 209721763 MSDOS # Cyl 0*-
> 1024*
This disklabel entry appears to differ from your fdisk entry. sd0a
starts at 63 sectors while the fdisk partition appears to start at 32
sectors.
> *3: 0B0
On 7/17/05, Kevin <[EMAIL PROTECTED]> wrote:
> P.S. Skip the reverse DNS part unless you really need it. That part
> can cause more headaches than it will likely ever be worth in a
> smallish network like the one you describe.
Preparing for a reverse lookup is rather simple; there are plenty of
ex
101 - 200 of 254 matches
Mail list logo
