Re: Portmap non-local set / unset attempt

Quoting "Clint M. Sand" <[EMAIL PROTECTED]>: > On Thu, Sep 22, 2005 at 07:09:12PM -0600, Theo de Raadt wrote: > > > > People keep yammering this bullshit about "Security is a process". > > > > Bullshit! Lies! It's about paying attention to the frigging details > > > > when they are right in fron

Re: can't recognize my cdrom, here is my dmesg

On 9/23/05, Csaba Nemes <[EMAIL PROTECTED]> wrote: > Hi all > > it boots from an unofficial cdrom, but it doesn't find my cdrom > here is my dmesg: > Booting is done by the BIOS and once the OS comes up if you need to use the CDROM your operating system should support it. (If you have installed MS

Re: Portmap non-local set / unset attempt

Clint M. Sand wrote: > > > Theo de Raadt wrote: > > > > It's about paying attention to the frigging details when > > > > they are right in front of your face. [ snippage ] > > No, you can put an openbsd box up and leave it for years with > root login enabled and password for a password. It takes m

Re: Max number of states in pf? (100k? 200k? 1M?)

On 9/22/05, nate <[EMAIL PROTECTED]> wrote: > Greetings > > I don't have a good way to test generating large numbers > of states so I was wondering for a server with 2GB of memory > which all it does is pf how many states can it handle? I > started with the default of 10k, exausted that pretty qui

Re: Max number of states in pf? (100k? 200k? 1M?)

Well, I'm running a similar setup, only Xeon 2.4 dual and running with 300k states, the info so far is: State Table Total Rate current entries89976 searches 2049646948754332.6/s inserts

RE: Re: Portmap non-local set / unset attempt

>Security is everything you've ever said, plus a >process. No. security does not require the process. Attempted security (that doesn't quite work) requires a process. Like the difference between does work and should work.

Re: Max number of states in pf? (100k? 200k? 1M?)

On Thu, 22 Sep 2005, nate wrote: > Can I run with 200k states? 500k ? 1M states? 'top' reads > 1833MB of memory is available. The docs say that 32MB > is enough for ~30k states. so in theory memory wise at > least this box should be able to handle at least > 1.6M states. Not that I plan to keep th

Re: Portmap non-local set / unset attempt

On Thu, Sep 22, 2005 at 07:09:12PM -0600, Theo de Raadt wrote: > > > People keep yammering this bullshit about "Security is a process". > > > Bullshit! Lies! It's about paying attention to the frigging details > > > when they are right in front of your face. And it is very clear other > > > vend

Re: Portmap non-local set / unset attempt

> Which is why I now know MORE about air-conditioners than most of the > technicians who come here. > > The phrase, and everything you said, is all excuses for the vendors. I bet that the air-conditoner technicians believe that "Air-conditioner maintainance is a process". Which is why they can n

Re: APM configuration question

On Fri, Sep 23, 2005 at 02:34:18AM +0200, Emil Khatib wrote: > Hi everybody > I've found out that OBSD supports APM; but googling around I haven't found > how to enable this feature. Is there any option to enable in the kernel with > config or recompiling the kernel? Its enabled by default on i386

Re: Portmap non-local set / unset attempt

> > People keep yammering this bullshit about "Security is a process". > > Bullshit! Lies! It's about paying attention to the frigging details > > when they are right in front of your face. And it is very clear other > > vendors do not pay attention to the details, considering the work I > > did

Re: Portmap non-local set / unset attempt

On Thu, Sep 22, 2005 at 02:02:13PM -0600, Theo de Raadt wrote: > People keep yammering this bullshit about "Security is a process". > Bullshit! Lies! It's about paying attention to the frigging details > when they are right in front of your face. And it is very clear other > vendors do not pa

APM configuration question

Hi everybody I've found out that OBSD supports APM; but googling around I haven't found how to enable this feature. Is there any option to enable in the kernel with config or recompiling the kernel? Sorry if it's a dumb question :P (By the way, is APM supported on AMD64?)

Re: Userland Compilation Dies

Stuart Henderson wrote: > --On 22 September 2005 16:52 -0400, Chris wrote: ... >> Replace "i386" in the first line with your machine name. > > That's 'machine' as in 'what uname -m tells you' (i386, sparc64, > macppc, hppa, [...]), not hostname. That was somewhat unclear on my part. Fixed n

Re: can't recognize my cdrom, here is my dmesg

Csaba Nemes wrote: > Hi all > > it boots from an unofficial cdrom, but it doesn't find my cdrom > here is my dmesg: > Booting is a BIOS activity. Using the CDROM drive after booting is an OS activity. Obviously, the OS isn't handling your CDROM drive properly, even though the BIOS is doing ok w

Re: Dell 2650, Stupid Adaptec Controller, and Daily Crashes

Have you tried by any chance tried a 3.8 with aac enabled? This seems to go wrong in em and not aac. On Thu, Sep 22, 2005 at 04:49:14PM -0500, eric wrote: > On Thu, 2005-09-22 at 16:06:39 -0500, Marco Peereboom proclaimed... > > > What do the crashes look like? > > Sometimes I can get to DDB,

Re: pkg_create error

Edy Purnomo wrote: > anyone has a reference site about upgrading 3.4 -> current ? > i don't confidence after i messed up with FBSD 4.11 http://www.openbsd.org/faq/upgrade35.html http://www.openbsd.org/faq/upgrade36.html http://www.openbsd.org/faq/upgrade37.html (3.7->3.8 is coming...) Or, since y

Re: PFLogging to Syslog

You could also try using Prelude. At heart, it's a Hybrid IDS/IPS, but can also be used to collect Syslogs from multiple servers and view them much like syslog-ng. SF Original Message Follows From: Qv6 <[EMAIL PROTECTED]> To: "James Mackinnon" <[EMAIL PROTECTED]> CC: misc@openbsd.org

Re: Dell 2650, Stupid Adaptec Controller, and Daily Crashes

3.6 was hell for me with that damn raid controller. I've got two 2650's and they were both crashing on 3.6. I'm currently using 3.5 and waiting for 3.8 to come out. From what I've heard from a couple people on the list is that the 3.8 version is much more stable. The other option is to trade your h

Re: Dell 2650, Stupid Adaptec Controller, and Daily Crashes

--On 22 September 2005 13:10 -0500, eric wrote: I have a Dell 2650 with an Adaptec controller. This machine is constantly crashing due to either a high load or some sort of a kernel panic. I know that Adaptec support was dropped in 3.7, and I wish I didn't have this piece of shit to deal with.

can't recognize my cdrom, here is my dmesg

Hi all it boots from an unofficial cdrom, but it doesn't find my cdrom here is my dmesg: OpenBSD 3.7 (RAMDISK_CD) #573: Sun Mar 20 00:27:05 MST 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/RAMDISK_CD cpu0: Intel Celeron ("GenuineIntel" 686-class, 128KB L2 cache) 301 MHz cpu0: FPU,V86,DE,

Re: Dell 2650, Stupid Adaptec Controller, and Daily Crashes

On Thu, 2005-09-22 at 16:06:39 -0500, Marco Peereboom proclaimed... > What do the crashes look like? Sometimes I can get to DDB, other times it will just crash so bad I can't even get console. I could get this much out of it when I did the PR report. uvm_fault(0xd7e12a20, 0xcffa5000, 0, 1) ->

Re: Userland Compilation Dies

--On 22 September 2005 16:52 -0400, Chris wrote: I am trying to follow the stable branch, so updated my CVS for src, ports and X like so: # cd /usr # cvs -d$CVSROOT up -Pd* That's -current. Add -rOPENBSD_3_7 for 3.7-stable, or follow updating beyond

Re: Userland Compilation Dies

On 9/22/05, Chris <[EMAIL PROTECTED]> wrote: > > Hello. > > I had an OBSD system, 3.6. I went to update it the other day to 3.7, > and everything seemed to work swell. I followed the instructions from > the upgrade faq, and things seemed to work without a hitch. > > I am trying to follow the stable

Re: Dell 2650, Stupid Adaptec Controller, and Daily Crashes

What do the crashes look like? Fell free to contact Adaptec and let them know that you are having issues with their raid card. On Thu, Sep 22, 2005 at 01:10:30PM -0500, eric wrote: > I have a Dell 2650 with an Adaptec controller. This machine is constantly > crashing due to either a high load or

Userland Compilation Dies

Hello. I had an OBSD system, 3.6. I went to update it the other day to 3.7, and everything seemed to work swell. I followed the instructions from the upgrade faq, and things seemed to work without a hitch. I am trying to follow the stable branch, so updated my CVS for src, ports and X like so:

Re: Portmap non-local set / unset attempt

That's what I thought. I have no idea why Legato continues to use portmapper at all. They've been telling me they're going to stop using it since at least 1999. I actually came up with a workaround that I think might expose a potential issue in rpcinfo. Since I couldn't get nsrexecd to automatica

Re: Portmap non-local set / unset attempt

> I'm receiving the following messages from portmap when starting Legato > Networker's nsrexecd. The nsrexecd I'm running is the Linux version under > emulation: > > portmap[16083]: non-local unset attempt (might be from 127.0.0.1) > portmap[16083]: non-local set attempt (might be from 127.0.0.1)

Portmap non-local set / unset attempt

I'm receiving the following messages from portmap when starting Legato Networker's nsrexecd. The nsrexecd I'm running is the Linux version under emulation: portmap[16083]: non-local unset attempt (might be from 127.0.0.1) portmap[16083]: non-local set attempt (might be from 127.0.0.1) The program

Dell 2650, Stupid Adaptec Controller, and Daily Crashes

I have a Dell 2650 with an Adaptec controller. This machine is constantly crashing due to either a high load or some sort of a kernel panic. I submitted the following bug report a while ago... I know that Adaptec support wa

Re: CARP/PFSYNC over USB is possible?

On Mon, 29 Aug 2005, Vinicius Pavanelli Vianna wrote: I'm currently using an OpenBSD 3.7 as a firewall for my network, since this machines is a 1U rack I can't add an extra ethernet card to it, so I was looking for an alternative solution to use redundancy, since there are plenty of usb ports fr

Re: Storage Server

On Wed, Sep 21, 2005 at 02:05:31PM -0600, Tom Geman wrote: > I was hoping someone here could answer a few questions. > Can I install OpenBSD on this PV 220, or is it just a bunch of disks with > no processor? This question is very ambiguous. You can't install OpenBSD on the PV220S itself however

Max number of states in pf? (100k? 200k? 1M?)

Greetings I don't have a good way to test generating large numbers of states so I was wondering for a server with 2GB of memory which all it does is pf how many states can it handle? I started with the default of 10k, exausted that pretty quick, then upped it to 32k about 3 weeks ago then exauste

Re: jot(1) issue

On Thu, 22 Sep 2005, frantisek holop wrote: > hi there, > > i have found the following interesting case. > is this the intended behaviour? > > kripel> jot -s"" -b - 72 > 72-b73-b74-b75-b76-b77-b78-b79-b80-b81-b82-b83-b84-b85-b86-b87-b88-b89-b90-b91-b92-b93-b94-b95-b96-b97-b98-b99-b100-b101-b102-

jot(1) issue

hi there, i have found the following interesting case. is this the intended behaviour? kripel> jot -s"" -b - 72 72-b73-b74-b75-b76-b77-b78-b79-b80-b81-b82-b83-b84-b85-b86-b87-b88-b89-b90-b91-b92-b93-b94-b95-b96-b97-b98-b99-b100-b101-b102-b103-b104-b105-b106-b107-b108-b109-b110-b111-b112-b113-b114

Re: 3.7: "INVALID PAYLOAD TYPE"

This is fixed in 3.7-stable and above. HJ. On Thu, Sep 22, 2005 at 12:37:16PM +0200, Toni Mueller wrote: > Hello, > > I have three machines: one 3.7, one 3.6, and one Windows 2000 laptop. > The client software on the laptop is this: > > ftp://ftp.funkwerk-ec.com/pub/ipsec_client/bintec_secure_

3.7: "INVALID PAYLOAD TYPE"

Hello, I have three machines: one 3.7, one 3.6, and one Windows 2000 laptop. The client software on the laptop is this: ftp://ftp.funkwerk-ec.com/pub/ipsec_client/bintec_secure_client_v11.zip aka "NCP Secure Entry" which usually runs very nicely. The two OpenBSD machines are configured identi

Re: Live dc

Andreas Bihlmaier wrote: I made bootable cdrom you described. Does it work otherwise ? Yes, it works! This is just what I want - diskless router on CD. With pf rules loaded from floppy disk.

Re: pkg_create error

On 9/22/05, Edy Purnomo <[EMAIL PROTECTED]> wrote: > i'm not sure that i can do that smoothly. > the server is our firewall and it's running : Use a quiet window on your network to down the machine. Add a new boot drive to the system and install the latest release or -current snapshot. Transfer it

Re: pkg_create error

On Thu, 22 Sep 2005 07:41:04 + "Edy Purnomo" <[EMAIL PROTECTED]> wrote: > i'm not sure that i can do that smoothly. > the server is our firewall and it's running : > > - mrtg > - squid > - openntp > > anyone has a reference site about upgrading 3.4 -> current ? > i don't confidence after i m

Re: pkg_create error

i'm not sure that i can do that smoothly. the server is our firewall and it's running : - mrtg - squid - openntp anyone has a reference site about upgrading 3.4 -> current ? i don't confidence after i messed up with FBSD 4.11 tia From: Marc Espie <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTE

Re: pkg_create error

On Thu, Sep 22, 2005 at 02:08:39AM +, Edy Purnomo wrote: > argh! > > yes, it's true, i did update the ports by typing cvsup -g -L 2 cvs-supfile > with conf: > ># Defaults that apply to all the collections >*default host=cvsup.uk.openbsd.org >*default base=/var >