What have you looked at? are you running pf? what kind of ruleset?
Tried simplifying it?
--Bryan
On 9/25/07, rezidue [EMAIL PROTECTED] wrote:
I've been having problems with throughput on a box I'm using as an edge
gateway. I can't seem to get it to push out more than 150Mb/sec at about
20k
On Tue, Sep 25, 2007 at 11:57:37PM -0500, rezidue wrote:
I've been having problems with throughput on a box I'm using as an edge
gateway. I can't seem to get it to push out more than 150Mb/sec at about
20k pps. It's a Tyan Thunder K8SR (S2881) board that has two gig broadcom
interfaces on a
Chris Smith wrote:
On Tuesday 25 September 2007, Craig Skinner wrote:
If you are using postfix:
/etc/postfix/main.cf:
..
..
smtpd_recipient_restrictions =
reject_non_fqdn_hostname
reject_invalid_hostname
reject_non_fqdn_sender
reject_non_fqdn_recipient
Rob wrote:
You're right, then. If I explicitly block inbound connections to the
outbound mail server (instead of redirecting them), that might fix the
problem ... depending on just what kind of check the recipient's mail
server is doing.
A sending MTA is not required to accept SMTP
RW wrote:
What I was getting looked like backscatter and smelled like backscatter
it is just that some of the IPs sending it didn't check out as MTAs.
i.e. they were not listed MXs for the domain they came from AND the
domain was not likely someone with separate outbound senders.
They all
Hi,
we have here six 9GB Wide SCSI HDDs (68 pin), which are of no
use to us anymore. Each has been surface-scanned, so (at the moment)
they are working well.
Details:
4 IBM DDRS-39130 manufactured in October 1998
2 Quantum Atlas IV (should also be from the last century)
*If* someone from the
In doing this, strnlen() looks only at the first maxlen characters at s and
never beyond s+maxlen.
Shouldn't it be never beyond s+maxlen-1?
CL
Craig Skinner [EMAIL PROTECTED] writes:
'bots getting smart eh? Bugger! If that is the trend, greylisting
starts to lose its value as spammers adapt to the RFCs.
If they adapt to greylisting and start following relevant RFCs, we've
succeeded in making spamming more expensive. I don't see that
Hi all,
Yesterday my workstation started doing this:
[EMAIL PROTECTED]:eddlocal ifconfig
ksh: cannot fork - try again
It usually only lasts a couple of minutes, but during which time the
machine is pretty useless.
Top tells me that I have 500MB of RAM free, and that the OS has not
even started
hmm, on Tue, Sep 25, 2007 at 02:50:41PM -0700, Rob said that
We just ran across an odd intermittent problem with email that we
traced back to spamd showing up as an open relay. I double-checked the
documentation and mailing list archives and didn't find anything
relevant.
dnsstuff.com is
On 2007/09/25 23:57, rezidue wrote:
I've been having problems with throughput on a box I'm using as an edge
gateway.
dmesg and vmstat -i might give clues. Also try bsd.mp if you use
bsd (or vice-versa), and Claudio's suggestion of 4.2 is a good one.
Edd Barrett wrote:
Hi all,
Yesterday my workstation started doing this:
[EMAIL PROTECTED]:eddlocal ifconfig
ksh: cannot fork - try again
It usually only lasts a couple of minutes, but during which time the
machine is pretty useless.
you sure you've not got your maximum number of
hmm, on Wed, Sep 26, 2007 at 11:22:23AM +0200, frantisek holop said that
dnsstuff.com is great to have a look what an admin
left out/forgot/doesn't know :D
i was quite dismayed too when it showed me as an open relay...
(http://www.dnsstuff.com/tools/dnsreport.ch?domain=obiit.org)
sorry,
On Wed, Sep 26, 2007 at 10:11:57AM +0100, Edd Barrett wrote:
Hi all,
Yesterday my workstation started doing this:
[EMAIL PROTECTED]:eddlocal ifconfig
ksh: cannot fork - try again
It usually only lasts a couple of minutes, but during which time the
machine is pretty useless.
Top tells
Hello ,
A Greeting Card is waiting for you at our virtual post office! You can
pick up your postcard at the following web address:
http://www.all-yours.net/u/view.php?id=a0190313376667
visit E-Greetings at http://www.all-yours.net/
and enter your pickup code, which is: a0190313376667
(Your
On 26 September 2007, Craig Skinner [EMAIL PROTECTED] wrote:
RW wrote:
What I was getting looked like backscatter and smelled like backscatter
it is just that some of the IPs sending it didn't check out as MTAs.
i.e. they were not listed MXs for the domain they came from AND the
domain
Dear all,
First, let me say a big hello to everyone here. I've been out of this
list for almost three years... Just came back less than a week ago and
Chuck Yerkes is sorely missing...
I don't know if this question will be better answered here or on [EMAIL
PROTECTED]
After reading an email
Rui Miguel Silva Seabra [EMAIL PROTECTED]
lol it's always bullshit when it's not convenient to you, right?
and you are a troll. can you please troll around somewhere else, you
are wasting precious magnetic domains.
eris will not set you free, she will eat you alive.
-sm
On 26/09/2007, Markus Lude [EMAIL PROTECTED] wrote:
You have reached the limit of the maximal allowed processes run by you.
Correct I am only allowed 64. A quick login class switch to staff
should fix this.
Thanks for the help.
--
Best Regards
Edd
On Tue, 25 Sep 2007, Jonathan Gray wrote:
SNIP
There has been at least one dmesg submitted for these,
Did you see any serial ports detected in the dmesg? If so how many?
thanks
diana
On Wed, 26 Sep 2007, Liviu Daia wrote:
Greylisting is trivial to bypass, with or without a queue: just send
the same messages twice. Some spammers have figured that out long ago.
Ever wondered why sometimes you receive 2 or 3 copies of the same spam,
from the same IP, with the same
On Wed, Sep 26, 2007 at 02:32:05PM +0200, Siegbert Marschall wrote:
You don't seem to get the fact that I'm not even talking about what's
more or less free (in your definition). The BSD has fewer requirements,
but it allows some users to not have the freedoms you claim to defend.
ROTFL. I
hi
i run the hoststated and ic have a small problem.
my config are
table hobbithosts {
#check http /ldirector.html code 200
check icmp
timeout 300
real port 443
host $hobbit_predmz_ip
}
service hobbit01 {
virtual host $hobbit_dmz_ip port 443
On 2007/09/26 06:38, Diana Eichert wrote:
On Tue, 25 Sep 2007, Jonathan Gray wrote:
SNIP
There has been at least one dmesg submitted for these,
Did you see any serial ports detected in the dmesg? If so how many?
none showing.
but it allows some users to not have the freedoms you claim to defend.
think you'll struggle to find people here who claim to defend freedom.
personally, i'm a believer and practitioner, i leave the defending
to the mis-guided and the hypocrites.
On 26/09/2007, Diana Eichert [EMAIL PROTECTED] wrote:
On Tue, 25 Sep 2007, Jonathan Gray wrote:
SNIP
There has been at least one dmesg submitted for these,
Did you see any serial ports detected in the dmesg? If so how many?
T'was mine:
OpenBSD 4.2 (GENERIC) #375: Tue Aug 28 10:38:44 MDT
On 26 September 2007, Damien Miller [EMAIL PROTECTED] wrote:
On Wed, 26 Sep 2007, Liviu Daia wrote:
Greylisting is trivial to bypass, with or without a queue: just
send the same messages twice. Some spammers have figured that out
long ago. Ever wondered why sometimes you receive 2 or
according to the datasheet for the CS5535 there are 2 UARTS on the chip.
http://www.amd.com/files/connectivitysolutions/geode/geode_gx/31506_cs5535_databook.pdf
that would suck if it was permanently disabled
diana
Liviu Daia wrote:
How does spamd distinguish between a legitimate retry and a
re-injection of the same message with the same Message-Id, sender etc.?
It doesn't.
Just what you described would probably be within the default 25 mins
grey period. Another delivery attempt would be needed
On Wed, 26 Sep 2007, Liviu Daia wrote:
On 26 September 2007, Damien Miller [EMAIL PROTECTED] wrote:
On Wed, 26 Sep 2007, Liviu Daia wrote:
Greylisting is trivial to bypass, with or without a queue: just
send the same messages twice. Some spammers have figured that out
long ago.
hmmm, further reading of the data sheet makes me wonder if the serial UART
is at address 2E8H for com3, if so that is disabled in GENERIC.
#pccom3 at isa? port 0x2e8 irq 9# (conflicts with some video cards)
I'm not completely familiar with the device scan when the kernel is
loaded.
On 26 September 2007, Craig Skinner [EMAIL PROTECTED] wrote:
Liviu Daia wrote:
How does spamd distinguish between a legitimate retry and a
re-injection of the same message with the same Message-Id, sender
etc.?
It doesn't.
Just what you described would probably be within the
Diana Eichert schrieb:
hmmm, further reading of the data sheet makes me wonder if the serial UART
is at address 2E8H for com3, if so that is disabled in GENERIC.
#pccom3 at isa? port 0x2e8 irq 9# (conflicts with some video cards)
I'm not completely familiar with the device scan when the
On Wed, 2007-09-26 at 17:02 +0300, Liviu Daia wrote:
Another delivery attempt would be needed after this time to pass
spamd.
Moral: randomize the greylisting time...
Between which min/max valuse? Keep in mind that this corresponds to the
(minimum) delay introduced in delivering a good
Liviu Daia wrote:
Why should it? The second copy is sent in a separate run, that's
the whole point. The only thing the bot has to figure out is how long
to wait until the second run. A smart one would send a second copy
after 10 minutes, and a third one after, say, 35 minutes.
OK, but
On 26 September 2007, Luca Corti [EMAIL PROTECTED] wrote:
On Wed, 2007-09-26 at 17:02 +0300, Liviu Daia wrote:
Another delivery attempt would be needed after this time to pass
spamd.
Moral: randomize the greylisting time...
Between which min/max valuse? Keep in mind that this
On Wed, 26 Sep 2007, Markus Hennecke wrote:
As it won't probe on port 0x2e8 it will not find it. Thats why it was
disabled, the probe will have negative effects on other hardware.
Greetings
Markus
that's what I assumed, but I thought I'd ask anyway.
thanks
On 26 September 2007, Liviu Daia [EMAIL PROTECTED] wrote:
On 26 September 2007, Luca Corti [EMAIL PROTECTED] wrote:
On Wed, 2007-09-26 at 17:02 +0300, Liviu Daia wrote:
Another delivery attempt would be needed after this time to pass
spamd.
Moral: randomize the greylisting
Liviu Daia [EMAIL PROTECTED] writes:
Why should it? The second copy is sent in a separate run, that's
the whole point. The only thing the bot has to figure out is how long
to wait until the second run. A smart one would send a second copy
after 10 minutes, and a third one after, say,
Liviu Daia wrote:
That's up to you. The minimum should be large enough to keep away
naive bots, as it does now. The maximum should be as large as you
can afford without being too anti-social. :) Some crap will still pass
through anyway.
The maximum should also leave plenty of time
On Wed, 26 Sep 2007, Liviu Daia wrote:
On 26 September 2007, Craig Skinner [EMAIL PROTECTED] wrote:
Liviu Daia wrote:
How does spamd distinguish between a legitimate retry and a
re-injection of the same message with the same Message-Id, sender
etc.?
It doesn't.
Just what you
On 2007/09/26 11:03, Dave Anderson wrote:
Or take advantage of the (by default) 25 minute window to use other
means to detect that this address is sending spam. Perhaps spamd should
be extended to look for excessive attempts to send messages from an
address during that period?
google:
Dave Anderson [EMAIL PROTECTED] writes:
Or take advantage of the (by default) 25 minute window to use other
means to detect that this address is sending spam. Perhaps spamd should
be extended to look for excessive attempts to send messages from an
address during that period? (How often do
I know it's weird that's why I posted this in the first place :P
anyway, the OpenBSD gateway is running web server (apache+php), and mail server
(postfix+dovecot).
The thing is, it doesn't seem there are alot of connections from those daemons.
and like i said before,
if i tried to connect to
[diverted to [EMAIL PROTECTED]
On Wed, Sep 26, 2007 at 08:08:41AM -0700, big one wrote:
| OLPC (One Laptop Per Child) had released XO AMD Geode LX Laptops
| using G1G1 (Buy 2 Get 1). One laptop will be sent to the buyer and the
| 2nd laptop will be sent to a child in a poor, developing country.
|
I connect to the internet using pppoe(8) by putting the following line
in /etc/rc.local.conf:
ppp -ddial pppoe
However, the pf rules load before I have an internet connection and
therefore pfctl reports an error.
How does one load PF after ppp?
Amit.
On Wed, 2007-09-26 at 17:38 +0300, Liviu Daia wrote:
That's up to you. The minimum should be large enough to keep away
naive bots, as it does now. The maximum should be as large as you
can afford without being too anti-social. :) Some crap will still pass
through anyway.
Sometimes is
On Wed, 2007-09-26 at 16:01 +0100, Craig Skinner wrote:
The defaults work very well:
See: http://www.ualberta.ca/~beck/nycbug06/spamd/mgp1.html
Hear: http://www.fetissov.org/public/nycbsdcon06/2.4.mp3
Maybe this also has to do with amount and type of traffic you get.
Small shops are
Hi,
I got Samhain
http://www.la-samhna.de/samhain/
installed on a 4.1
The default configuration file for it is written for a FreeBSD system.
Are there people out there who use Samhain on OpenBSD if so could you
please help me tune the configuration file to use it with OpenBSD.
The default
On 2007/09/26 22:32, Reza Muhammad wrote:
Would a tcpdump log be any helpful at this point?
maybe; try ifconfig pfsync0 create and tcpdump -nipfsync0 -vvs1000
inserts 280924 1221.4/s
removals 280226 1218.4/s
expect it
2007/9/26, Amit Finkler [EMAIL PROTECTED]:
How does one load PF after ppp?
By using ppp.linkup
cat /etc/ppp/ppp.linkup
MYADDR:
!bg sh -c /sbin/pfctl -e -f /etc/pf.conf
Best
Martin
I connect to the internet using pppoe(8) by putting the following
line in /etc/rc.local.conf:
ppp -ddial pppoe
However, the pf rules load before I have an internet connection and
therefore pfctl reports an error.
How does one load PF after ppp?
Being in the same situation I had not
I'm not 100% certain I'm getting your idea here ... we do currently
run inbound/outbound mail on different IPs, but the problem isn't with
the connections themselves.
From the example session transcript with spamd that I posted earlier:
250 Hello, spam sender. Pleased to be wasting your
On Wed, Sep 26, 2007 at 05:54:58PM +0200, Amit Finkler wrote:
I connect to the internet using pppoe(8) by putting the following line
in /etc/rc.local.conf:
ppp -ddial pppoe
However, the pf rules load before I have an internet connection and
therefore pfctl reports an error.
How does
On 26 September 2007, Peter N. M. Hansteen [EMAIL PROTECTED] wrote:
Liviu Daia [EMAIL PROTECTED] writes:
Why should it? The second copy is sent in a separate run,
that's the whole point. The only thing the bot has to figure out
is how long to wait until the second run. A smart one
On Wed, Sep 26, 2007 at 05:54:58PM +0200, Amit Finkler wrote:
I connect to the internet using pppoe(8) by putting the following line
in /etc/rc.local.conf:
ppp -ddial pppoe
However, the pf rules load before I have an internet connection and
therefore pfctl reports an error.
Oh, I'm not saying it doesn't work. What I'm saying is, greylisting
is trivial to bypass, and some spammers have figured that out.
Amazingly, most of them still haven't, which is why it still works in a
significant number of cases.
greylisting does what it does. It delays the
On Wed, 26 Sep 2007, Liviu Daia wrote:
Same, 28 minutes later:
Sep 25 18:42:52 ns1 postfix-localhost/smtpd[13055]: 72BCD142A7:
client=unknown[212.239.40.101]
Sep 25 18:42:53 ns1 postfix/cleanup[21622]: 72BCD142A7: message-id=[EMAIL
PROTECTED]
Sep 25 18:42:53 ns1 postfix/qmgr[1554]:
[IMAGE]Having trouble reading this email? See it in your browser
ArabianBusiness.com Daily News Alert
GHMK ]m Gacf^Z:
GaCMO ,26 SHJcHQ 2007
[IMAGE]
GaCNHGQ GaQFmSmI
HfQUI OHm fdGSOG_ J]fRGd HcfG]^I cSGecm Cf.Ec.G_S Zal
Hi Claudio...
What does 'net.inet.ip.ifq.maxlen=256' do for us?
Tried a few 'man', and a few google searches and I wasn't very
successful. Found tons of other posts telling ppl to bump up that
sysctl, but never found what it does exactly.
Cheers,
g.
Maybe I've missed something but what makes it impossible to write a
device driver for the Wireless chipset?
-Josh
On 9/26/07, Paul de Weerd [EMAIL PROTECTED] wrote:
[diverted to [EMAIL PROTECTED]
On Wed, Sep 26, 2007 at 08:08:41AM -0700, big one wrote:
| OLPC (One Laptop Per Child) had
On 26 September 2007, Jeremy C. Reed [EMAIL PROTECTED] wrote:
On Wed, 26 Sep 2007, Liviu Daia wrote:
Same, 28 minutes later:
Sep 25 18:42:52 ns1 postfix-localhost/smtpd[13055]: 72BCD142A7:
client=unknown[212.239.40.101]
Sep 25 18:42:53 ns1 postfix/cleanup[21622]: 72BCD142A7:
On 26 September 2007, Bob Beck [EMAIL PROTECTED] wrote:
Oh, I'm not saying it doesn't work. What I'm saying is,
greylisting is trivial to bypass, and some spammers have figured
that out. Amazingly, most of them still haven't, which is why it
still works in a significant number of
On 26/09/2007, Paul de Weerd [EMAIL PROTECTED] wrote:
[diverted to [EMAIL PROTECTED]
On Wed, Sep 26, 2007 at 08:08:41AM -0700, big one wrote:
| OLPC (One Laptop Per Child) had released XO AMD Geode LX Laptops
| using G1G1 (Buy 2 Get 1). One laptop will be sent to the buyer and the
| 2nd
On 2007/09/26 13:58, Joshua Smith wrote:
Maybe I've missed something but what makes it impossible to write a
device driver for the Wireless chipset?
not impossible, but I think it was fiddly. it's malo(4), isn't it?
there's the usual silly games with firmware files too, you need to get
them
On 26/09/2007, Joshua Smith [EMAIL PROTECTED] wrote:
Maybe I've missed something but what makes it impossible to write a
device driver for the Wireless chipset?
Nothing is impossible, but the problem is that so many parts of the
OLPC hardware are proprietary and without readily available
Reza Muhammad wrote:
Hi guys,
I'm having a problem with my Internet connection in my home network. I
noticed that \
my Internet connection has been very slow since I upgraded to -current a week
ago. \
First, I thought it was just my ISP problem. Then, I tried to connect to the
\
Hi,
maybe this is a bit off-topic, but:
I'm planning to upgrade my firewall box which is running 4.1-STABLE on a 512Mb
Kingston compactflash card to 4.2 on a 1-2gb (also Kingston) cf card.
Currently I have / mounted ro and /var and /etc on an mfs which can be
tricky...
Question is: do I still
On Wed, Sep 26, 2007 at 10:48:02AM -0700, Tom Bombadil wrote:
Hi Claudio...
What does 'net.inet.ip.ifq.maxlen=256' do for us?
Tried a few 'man', and a few google searches and I wasn't very
successful. Found tons of other posts telling ppl to bump up that
sysctl, but never found what it
On 2007/09/26 10:48, Tom Bombadil wrote:
What does 'net.inet.ip.ifq.maxlen=256' do for us?
try http://archive.openbsd.nu/?ml=openbsd-techa=2006-10t=2474666
On 9/26/07, Chris Cohen [EMAIL PROTECTED] wrote:
Question is: do I still need to mount / ro on current cf cards or do they have
enough write cycles?
Go ahead and mount rw. I've put a couple of terabytes through a 256M
card with iogen, and it's doing fine. The wear-leveling mechanisms on
the
[ Answering to a post from two and a half years back. :-)
I was fiddling with nfs and stuff and remembered this thread.
While reading it, I found out what the problem was. I realize
(or at least hope) that Han is not still troubleshooting this
issue, but for the archives... :-) ]
Han
net.inet.ip.ifq.maxlen defines how many packets can be queued in the IP
input queue before further packets are dropped. Packets comming from the
network card are first put into this queue and the actuall IP packet
processing is done later. Gigabit cards with interrupt mitigation may spit
out
Hopefully this makes it through , I've been trying to post comments all day
but they don't seem to make it here.
To Bryan, I wasn't running pf originally when I noticed this problem but I
am now just to block ssh from the outside. I've disabled and re-enabled pf
to see if it affects throughput
For some reason I can't seem to reply to the earlier responses. Hopefully
this gets through.
On 9/26/07, Bryan Irvine [EMAIL PROTECTED] wrote:
What have you looked at? are you running pf? what kind of ruleset?
Tried simplifying it?
--Bryan
I wasn't running pf originally when I
On Wednesday 26 September 2007 21:17:00 Chris Kuethe wrote:
On 9/26/07, Chris Cohen [EMAIL PROTECTED] wrote:
Question is: do I still need to mount / ro on current cf cards or do they
have enough write cycles?
Go ahead and mount rw. I've put a couple of terabytes through a 256M
card with
Paul de Weerd [EMAIL PROTECTED] wrote:
[diverted to [EMAIL PROTECTED]
On Wed, Sep 26, 2007 at 08:08:41AM -0700, big one wrote:
| OLPC (One Laptop Per Child) had released XO AMD Geode LX Laptops
| using G1G1 (Buy 2 Get 1). One laptop will be sent to the buyer and the
| 2nd laptop will be
Oh, I'm not saying it doesn't work. What I'm saying is, greylisting
is trivial to bypass, and some spammers have figured that out.
Amazingly, most of them still haven't, which is why it still works in a
significant number of cases.
Just to give an additional data point here: I work for
Hi!
On Wed, Sep 26, 2007 at 02:03:03PM -0700, Rob wrote:
[...]
While watching the connection logs, I've noticed that a large majority
of spammers get the first spamd response (250 Hello, spam sender.
Pleased to be wasting your time.) and immediately disconnect. This
suggests to me that rather
Hannah,
On 9/26/07, Hannah Schroeter [EMAIL PROTECTED] wrote:
Hi!
On Wed, Sep 26, 2007 at 02:03:03PM -0700, Rob wrote:
[...]
While watching the connection logs, I've noticed that a large majority
of spammers get the first spamd response (250 Hello, spam sender.
Pleased to be wasting your
Rob [EMAIL PROTECTED] writes:
I would guess the latter too, except that they tend to wait the full
default 10 seconds until the first 250 response. I'm looking forward
to increasing the stutter time to something on the order of 60 seconds
and watching to see what happens then.
I have reports
On Wed, 26 Sep 2007 17:26:22 +0200, Peter N. M. Hansteen wrote:
Or take advantage of the (by default) 25 minute window to use other
means to detect that this address is sending spam. Perhaps spamd should
be extended to look for excessive attempts to send messages from an
address during that
On Sep 26, 2007, at 5:08 PM, big one wrote:
OLPC (One Laptop Per Child) had released XO AMD Geode LX Laptops
using G1G1 (Buy 2 Get 1). One laptop will be sent to the buyer and
the 2nd laptop will be sent to a child in a poor, developing country.
According to Mr Theo de Raadt from OpenBSD,
rezidue wrote:
kern.version=OpenBSD 4.0-stable (GENERIC.MP) #0: Thu Mar 15 07:28:19 CST
Just for the hell of it, try running GENERIC, instead of GENERIC.MP.
--Toby.
On 2007/09/26 13:50, rezidue wrote:
Order a 4.2 CD and install it as soon as you get it. 4.2 removed many
bottlenecks in the network stack. In the meanwhile check out for the ip
ifq len:
# sysctl net.inet.ip.ifq
net.inet.ip.ifq.len=0
net.inet.ip.ifq.maxlen=256
On Wed, Sep 26, 2007 at 08:47:04AM -0600, Diana Eichert wrote:
On Wed, 26 Sep 2007, Markus Hennecke wrote:
As it won't probe on port 0x2e8 it will not find it. Thats why it was
disabled, the probe will have negative effects on other hardware.
Greetings
Markus
that's what I assumed,
It's been a few years since anybody has asked this. Is anybody
working on an AX.25 implementation for OpenBSD? Just passed my Extra
exam and would like to start doing some packet radio soon. Would love
to put OpenBSD 23km up like this guy did with Linux:
http://vpizza.org/~jmeehan/balloon/
On Wed, Sep 26, 2007 at 01:58:16PM -0400, Joshua Smith wrote:
Maybe I've missed something but what makes it impossible to write a
device driver for the Wireless chipset?
-Josh
No one said it is impossible, it is just far harder than it should
be due to a lack of documentation and companies
On Wed, 26 Sep 2007, Douglas A. Tutty wrote:
On Wed, Sep 26, 2007 at 08:47:04AM -0600, Diana Eichert wrote:
On Wed, 26 Sep 2007, Markus Hennecke wrote:
As it won't probe on port 0x2e8 it will not find it. Thats why it was
disabled, the probe will have negative effects on other hardware.
Here's the log:
10:12:28.738263 UPD ST:
all 6 122.200.52.134:22 - 125.160.128.35:60387
ESTABLISHED:ESTABLISHED
[1381080430 + 65535] wscale 0 [3262031687 + 17040] wscale 0
age 3812101632:33:20, expires in 00:00:00, 482:293 pkts, 38584:35992 bytes
id: 46facdc5804b creatorid:
On 2007/09/27 10:16, Reza Muhammad wrote:
Here's the log:
Can's suggestion to block the incoming packets on sis0 is good.
The problem is caused because you receive a lot of junk traffic
from your ISP's network. Since OpenBSD 4.1, PF uses 'keep state'
by default (this avoids some problems with
Running 4.1 generic kernel w. RAID1 on AMD64.
Checking a users quota freezes the system and renders it useless.
I have implemented quotas like described in the FAQ
1) alter /etc/fstab: /dev/raid0f /var ffs rw,userquota,softdep,nodev 1
2 -- This is a 60GB slice
2) create a test quota file
On Wed, 26 Sep 2007 11:37:28 -0700, Can E. Acar [EMAIL PROTECTED]
wrote:
Reza Muhammad wrote:
...
also
There is a lot of external broadcast traffic they are probably the cause
of
the large number of state insertions/deletions. They are either a badly
designed
p2p/broadcast/whatever
93 matches
Mail list logo
