On 2020-06-09 00:59, Vertigo Altair wrote:
Hi Misc,
I have a firewall device and I'm using OpenBSD on it. There is an
electricity problem where the device runs. Therefore, I have to run the
"fsck -y" command regularly at startup due to the electricity problem.
To
overcome this, I want to use
Dear group,
try to configure on an 6.7 installation a IKEv2 VPN server to be accessed
by linux and android clients but got completely lost. I don't even know how
to debug it!
Here is my iked-dv output:
ikev2 "vpn" passive tunnel esp inet6 from 0.0.0.0/0 to 0.0.0.0/0 from ::/0
to ::/0 local
I have been in a similar situation of power being unreliable and no UPS, so I
sympathize.
This is how I have achieved RO filesystem (default partitions)
1. Add to /etc/fstab
swap /dev mfs rw,-P=/dev,-s=32m 0 0
2. Create RO Script
#!/bin/sh
UP=$(( $(date +%s) - $(sysctl
> > > Before 6.7 iked didn't start DPD in this particular case.
> > > It kicks in if the tunnel is up and there haven't been any incoming ESP
> > > packets
> > > in the last 5 minutes.
> > > A possible workaround would be to ping through the tunnel to have at
> > > least one
> > > incoming
On 6/9/20 9:25 PM, Paul B. Henson wrote:
> Hmm, I had never considered using jumbo frames.
...
> I guess multicast would work too
Neither jumbo frames nor multicast will prevent group demotion when the
other side of a crosslink cable goes physically down. Only not having
the sync interface in
On 6/9/2020 1:42 PM, Markus Wernig wrote:
Neither jumbo frames nor multicast will prevent group demotion when the
other side of a crosslink cable goes physically down. Only not having
the sync interface in the carp group will.
True. But I think he was just discussing general best practices,
On Tue, 9 Jun 2020 at 08:59, Vertigo Altair wrote:
>
> Hi Misc,
> I have a firewall device and I'm using OpenBSD on it. There is an
> electricity problem where the device runs. Therefore, I have to run the
> "fsck -y" command regularly at startup due to the electricity problem.
Isn't it just
> > > Jun 8 12:23:24 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce:
> > > retransmit 1 INFORMATIONAL req 2
> > peer 192.0.2.199:500 local 192.0.2.2:500
> > > Jun 8 12:23:28 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce:
> > > retransmit 2 INFORMATIONAL req 2
> > peer 192.0.2.199:500
Hi,
I'm trying to update a Fujitsu RX200 S6 server from 6.6->6.7 and I'm having
problems.
via sysupgrade boot of upgrade kernel stops (no hung, no ddb) at
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com0: console
pckbc0 at isa0 port 0x60/5 irq 1 irq 12
pcppi0 at isa0 port 0x61
On 2020-06-07, Switch 1024 wrote:
> Hi,
>
> I have a Ultimate Hacking Keyboard [1] and it seems to prevent my
> lenovo X1 Carbon 4th gen. from suspending and hibernating.
>
> Sometimes it works, but more often than not, the power led flashes
> rapidly, the displays turn off, hdmi cuts out, the
Maurice McCarthy wrote:
> Add your user to the operator group.
> Regards
Hi Maurice,
My user is already in the operator group and for that matter in wheel
group. However, your email made me poke little bit more into this issue.
These are the changes that coused the "problem" for me personally.
Booting a current kernel, does not solve the problem either...
I was able to boot -s /obsd and put the new kernel there.
here is the new dmesg:
> OpenBSD/amd64 BOOT 3.45
boot>
Sebastien Marie wrote:
> A fix has been commited.
Great.
After applying 009_asr Privoxy's regression tests indeed
run without errors.
> Thanks for investigated the problem and provided a test case. It was very
> useful to properly found the state corruption.
You're welcome.
Fabian
On 2020-06-09, Maurice McCarthy wrote:
> Add your user to the operator group.
> Regards
>
>
operator is quite powerful, but it doesn't normally have access to
USB device nodes. It is mostly meant for backup operators, it has rw
access to tape devices and read access to disk device nodes in /dev.
On 2020-06-08, Markus Wernig wrote:
> On 6/9/20 12:27 AM, Paul B. Henson wrote:
>
>> Yes, I am using a direct link between the two physical firewalls.
> [...]
>> Is this no longer a best practice?
>
> If it's in the documentation, I suppose it still is.
>
> But I have found it problematic,
On 2020-06-08, Steffen Nurpmeso wrote:
> Pity they did not wave through .19 before freeze, plenty of time
> there would have been.
"Plenty of time" "But it's just one port!"
With dozens of people trying to push through updates to ports they
are interested in before tagging too, there is not
Hmm, interesting.
Thanks both
Marcus MERIGHI wrote:
> punoseva...@gmail.com (Predrag Punosevac), 2020.06.08 (Mon) 23:57 (CEST):
> > It seems that there is another change on 6.7 perhaps among packages
> > which broke printing for me. I am using built in LPD to print onto the
> > network connected Brother HL-5250DN. I am
Hello Stuart.
Stuart Henderson wrote in
:
|On 2020-06-08, Steffen Nurpmeso wrote:
|> Pity they did not wave through .19 before freeze, plenty of time
|> there would have been.
|
|"Plenty of time" "But it's just one port!"
And a small and minor one, sure.
|With dozens of people trying to
> Before 6.7 iked didn't start DPD in this particular case.
> It kicks in if the tunnel is up and there haven't been any incoming ESP
> packets
> in the last 5 minutes.
> A possible workaround would be to ping through the tunnel to have at least one
> incoming packet every 5 minutes.
There is
On Tue, Jun 09, 2020 at 01:11:38PM +, Leclerc, Sebastien wrote:
> > > > Jun 8 12:23:24 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce:
> > > > retransmit 1 INFORMATIONAL req 2
> > > peer 192.0.2.199:500 local 192.0.2.2:500
> > > > Jun 8 12:23:28 hv-fw-inf-02 iked[50153]:
On Tue, Jun 09, 2020 at 06:29:05PM +, Leclerc, Sebastien wrote:
> > Before 6.7 iked didn't start DPD in this particular case.
> > It kicks in if the tunnel is up and there haven't been any incoming ESP
> > packets
> > in the last 5 minutes.
> > A possible workaround would be to ping through
Was wondering if I wanted such an interface for management purposes,
that is - unconnected during normal installed operation but accepting
dhcp assignment when connected - could it be placed in a different
domain (not r0)? This way it should be available when needed but yet
not interfere with the
On 6/9/2020 7:36 AM, Stuart Henderson wrote:
IME the best setup for pfsync between 2 machines is to use a dedicated
cross-connect (preferably configured for jumbo frames). Obviously that's
not possible with >2 machines though.
Hmm, I had never considered using jumbo frames. It looks like
Hello,
Is there anyone have the answer to solve the watchdog timeout problem ? I got
one in the internet as followings, and it didn't solve the problem.
config -ef /bsddisable mbbiosquit
Is there any better method to solve it.
Thanks
Clarence
Hi all,
I'm sending this e-mail since I have found other users in this
mailing-list using the same device without issues.
I'm using a "Protectli FW1" with FreeBSD 12.1 amd64 as a firewall which
is serving me with great performances and no issues at all. The
appliance has 4 Intel Gigabit
Hi Misc,
I have a firewall device and I'm using OpenBSD on it. There is an
electricity problem where the device runs. Therefore, I have to run the
"fsck -y" command regularly at startup due to the electricity problem. To
overcome this, I want to use readonly file system.
I know there are some
Add your user to the operator group.
Regards
punoseva...@gmail.com (Predrag Punosevac), 2020.06.08 (Mon) 23:57 (CEST):
> It seems that there is another change on 6.7 perhaps among packages
> which broke printing for me. I am using built in LPD to print onto the
> network connected Brother HL-5250DN. I am getting row PostScript output
> on
On 2020-06-09, Vertigo Altair wrote:
> Hi Misc,
> I have a firewall device and I'm using OpenBSD on it. There is an
> electricity problem where the device runs. Therefore, I have to run the
> "fsck -y" command regularly at startup due to the electricity problem. To
> overcome this, I want to use
30 matches
Mail list logo
