Re: OpenBSD 4.4 httpd reverse proxy

Yes I'm sure ! It is a weird problem... In fact httpd does not proxy anything even with a successful compilation. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of disintx Sent: jeudi 6 novembre 2008 03:05 To: misc@openbsd.org Subject: Re: OpenBSD 4.4

Xorg: ABI mismatch

just updated latest Xorg. apart from the sync-to-vblank intel's issue no troubles at all at first glance but I start seeing this in the logs (excerpt) (II) LoadModule: record (II) Loading /usr/X11R6/lib/modules/extensions//librecord.so (II) Module record: vendor=X.Org Foundation

VPN Ipsec

Hello, I am trying to set up an ipsec vpn between two networks. But, I can't figure out why it doesn't work. I get some errors like (here on the malenfant gate, see network map below) : Plcy 30 keynote_cert_obtain: failed to open /etc/isakmpd/keynote//192.168.1.159/credentials Default

Re: PF: very simple question...

Limaunion wrote: Hi, for some reason my OpenBSD 4.4 firewall is been able to negotiate dhcp request although there are no rules that allow this operation. Thanks everyone for the explanation, I wasn't sure what was wrong with my configuration. Now it's clear. Best regards. JC

Re: Duplicate incoming packets to multiple destinations using pf

Ok, Here are the first results I have set up loopback addresses with the same ip address on two receivers (for testing). (A.A.A.10) Each receiver has unique external ip adresses in the same subnet as the $nms_if First, I created this rule : pass in on $int_if dup-to ( $nms_if

OpenBSD Remote Access Server

Hi Misc@, In a few days I'm going to start new RAS project, and I'd like to use OBSD as ppp/pppoe server. Has anyone ever done this before? I'm looking to manage ppp clients access and bandwidth using radius server, but I had limited experiences with ppp server and radius. If anyone willing

isakmpd routing woes

Hello, I have three /24 networks connected to each other through multihomed OpenBSD 4.0 servers using isakmpd(8). Recently, new point-to-point links have been installed between each of those networks on separate interfaces, and I would like to make it so traffic coming from/through specific

Re: SSL error

--- Doug Milam [Wed, Nov 05, 2008 at 07:58:39PM -0800]: --- I've followed the SSL instructions in the FAQ, http://www.openbsd.org/faq/faq10.html#HTTPS, but I get the following error in Firefox (other browsers don't work either) SSL received a record that exceeded the maximum permissible

Re: PF: very simple question...

On 2008-11-06, Can Erkin Acar [EMAIL PROTECTED] wrote: Parsing raw network data, even from a file, provides an opportunity to inject incredible amounts of malicious input to the parser. That is also one reason we do not have ethereal/wireshark

HP DL180 hangs on boot

Hi! I have issues booting a HP ProLiant DL180 G5 (456830-421) [1] which I hope someone can shed some light on. [ While writing thie email I've done some more testing and realized that the behaviour is not really consistent, but what I describe below is a typical case ] 1. The machine takes

Re: Xorg: ABI mismatch

Hi! On Thu, Nov 06, 2008 at 09:18:13AM +0100, giovanni wrote: just updated latest Xorg. apart from the sync-to-vblank intel's issue no troubles at all at first glance but I start seeing this in the logs (excerpt) [...] I have many more issues. For this issue, I regenerated the configuration

Re: HP DL180 hangs on boot

I had some similar issue on the HP DL 120 G5. Solution is: desactivate the RAID controler in the BIOS. If you need the use some raid, use raidctl which is working again in version 4.4 -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de Alexander Hall Envoyi

fjnews12-2008

FUNJET ASSOCIAZIONE SPORTIVA FUNJET www.funjet.it [EMAIL PROTECTED] FJNEWS 12/2008 Con la gara di Domenica 2 Novembre 2008, l'A.S.D. Funjet di Empoli chiude nel migliore dei modi una entusiasmante stagione agonistica. A Marina di Massa nell'ultima prova di Campionato Italiano Moto D'Acqua

Re: Xorg: ABI mismatch

On Thu, Nov 06, 2008 at 09:18:13AM +0100, giovanni wrote: just updated latest Xorg. apart from the sync-to-vblank intel's issue no troubles at all at first glance but I start seeing this in the logs (excerpt) (II) LoadModule: record (II) Loading

Re: Xorg: ABI mismatch

On Thu, Nov 6, 2008 at 3:35 PM, Owain Ainsworth [EMAIL PROTECTED] wrote: On Thu, Nov 06, 2008 at 09:18:13AM +0100, giovanni wrote: just updated latest Xorg. apart from the sync-to-vblank intel's issue no troubles at all at first glance but I start seeing this in the logs (excerpt) (II)

Re: Xorg: ABI mismatch

Hi! On Thu, Nov 06, 2008 at 02:35:30PM +, Owain Ainsworth wrote: [...] (EE) Failed to load module record (module requirement mismatch, 0) (EE) Failed to load module xtrap (module requirement mismatch, 0) for taking away it I've temporary added You should instead have removed the record,

NAT + IPsec problem

Hello, I am trying to setup an IPsec connection. Here is the ipsec.conf : ike esp from 10.63.61.0/26 to 193.164.151.0/28 peer 193.164.151.35 \ main auth hmac-sha1 enc aes-256 \ quick auth hmac-sha1 enc aes-256 group modp1024 psk Tunnels go up well : flow esp in from

Re: trunk(4), VLANs and MTU problems

Okay, I've done some reading up on the code. It seems the em driver (in 4.4) have its HW VLAN tagging capability disabled, and thus I cannot use that. Seems some changes have been commited since, I tried (without much hope of it working :P) to backport this into 4.4, but failed totally as

Re: isakmpd routing woes

-Urspr|ngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Carlos Laviola Gesendet: Donnerstag, 6. November 2008 13:34 An: misc@openbsd.org Betreff: isakmpd routing woes Hello, I have three /24 networks connected to each other through multihomed

Panic. ciss0: dead (HP ProLiant DL360 G5)

Hello, all! I've got panic with ciss0 on my HP ProLieant DL360 G5. Everything works fine about month or so till this day. I forgot to enable SNMP trap on iLO2, but anyway, don't know is there something interesting from Integrated Lights-Out. Before installing OpenBSD I've did hardware raid 1+0.

Re: Panic. ciss0: dead (HP ProLiant DL360 G5)

PP0P2QP4PP2 PP5P=P8Q
schrieb: Hello, all! I've got panic with ciss0 on my HP ProLieant DL360 G5. Everything works fine about month or so till this day. I forgot to enable SNMP trap on iLO2, but anyway, don't know is there something interesting from Integrated Lights-Out. Before installing

Re: NAT + IPsec problem

-Urspr|ngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von BARDOU Pierre Gesendet: Donnerstag, 6. November 2008 15:30 An: misc@openbsd.org Cc: LOUIS Marc Betreff: NAT + IPsec problem Hello, I am trying to setup an IPsec connection. Here is the

openbsd fail2ban

Hi, I have noticed that people constantly try to brute force sshd on my openbsd box, on my server I use fail2ban to prevent this and wondered if there is a similar solution for openbsd. Regards, -- Charlie Clark Network Engineer Lemon Computing Ltd Unit 9 26-28 Priests Bridge London SW14

Re: openbsd fail2ban

2008/11/6 Charlie Clark [EMAIL PROTECTED]: I have noticed that people constantly try to brute force sshd on my openbsd box, on my server I use fail2ban to prevent this and wondered if there is a similar solution for openbsd. Yes. RTFAQ. Best Martin

Re: openbsd fail2ban

-Urspr|ngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Charlie Clark Gesendet: Donnerstag, 6. November 2008 18:34 An: misc Betreff: openbsd fail2ban Hi, I have noticed that people constantly try to brute force sshd on my openbsd box, on my

Re: openbsd fail2ban

I've written a small program about 5 years ago. It was a daemon that implemented a service similar to port knocking but entirely in user level, calling pfctl by exec() system calls to insert/remove remote IP addresses in a pf table holding machines able to connect to the ssh daemon via port 22.

Intel D201GLY2 install failure, OpenBSD 4.4

I'm booting from CD as prelude to install, and during CD boot see (NOTE this is manually transcribed from the screen): : couldn't map interrupt sis0 at pci0 dev 4 function 0 SiS 900 10/100BaseTX rev 0x91pci_intr_map: bad interrupt line 19 : couldn't map interrupt pciide1 at pci0 dev 5 function

Re: openbsd fail2ban

Hi Marcus, If you come across this program again would I be able to steal it off of you, it will implement it as suggested before using pf state table tracking but your program sounds very interesting and I would still like to see it. Thank you everyone for your answers. Thanks, Charlie

Re: HP DL180 hangs on boot

Christophe Rioux wrote: I had some similar issue on the HP DL 120 G5. Solution is: desactivate the RAID controler in the BIOS. If you need the use some raid, use raidctl which is working again in version 4.4 This server has only some kind of built-in raid which I suppose is of the

Re: openbsd fail2ban

On 17:33, Thu 06 Nov 08, Charlie Clark wrote: Hi, I have noticed that people constantly try to brute force sshd on my openbsd box, on my server I use fail2ban to prevent this and wondered if there is a similar solution for openbsd. Have a look at this section of the FAQ:

Re: openbsd fail2ban

You'd be free to do whatever you want with it. I'll see I can find the source. I'm pretty sure there's a copy on my old powerbook. It was written for linux and openbsd and we used for an ad-hoc authentication method to manage a remote machine over the unsecure internet. Never did any security

Re: openbsd fail2ban

2008/11/6, Charlie Clark [EMAIL PROTECTED]: Hi, I have noticed that people constantly try to brute force sshd on my openbsd box, on my server I use fail2ban to prevent this and wondered if there is a similar solution for openbsd. Have you tried sshguard?

Re: openbsd fail2ban

On Thu, Nov 06, 2008 at 05:33:41PM +, Charlie Clark wrote: I have noticed that people constantly try to brute force sshd on my openbsd box, on my server I use fail2ban to prevent this and wondered if there is a similar solution for openbsd. Yes, but why would you want to do that? It

Re: openbsd fail2ban

If you're just tired of the noise, consider moving SSH to a different port. It provides no greater security but helps with some of the annoyance. -HKS On Thu, Nov 6, 2008 at 2:34 PM, Joachim Schipper [EMAIL PROTECTED] wrote: On Thu, Nov 06, 2008 at 05:33:41PM +, Charlie Clark wrote: I have

Re: Intel D201GLY2 install failure, OpenBSD 4.4

On Thu, Nov 6, 2008 at 11:49 AM, Jamie Cuesta [EMAIL PROTECTED] wrote: I was hoping to include a dmesg via serial port capture (my box does not include a floppy), but Use ftp.

Re: fps between 10/28 and 11/2 snapshots

On Wed, 5 Nov 2008 14:37:06 -0600 Neal Hogan [EMAIL PROTECTED] wrote: I've been running -current via snapshots and have had odd glxgears output between the 10/28 snap and 11/02 snap. Back on the 10/02 version I was getting 1000-1300 fps. On the 11/02 version I get 100-130 fps. It's not a huge

Re: NAT + IPsec problem

This is something I have struggled myself and don't have a good solution to. I actually asked a similar question to yours couple days ago :-( http://marc.info/?l=openbsd-miscm=122530349320838w=2 Basically NATing stuff going through a VPN tunnel doesn't really work. I have followed the recipe

no pg_dump?

I've installed postgresql client, server and contribs from packages on a new 4.4 OpenBSD machine and there is no pg_dump or pg_restore included that I can find. Where can I get these tools? --charlie -- Charles

Re: dhcpd on 4.4 is problematic

On Wed, Nov 05, 2008 at 08:16:01AM -0500, Kenneth R Westerback wrote: On Wed, Nov 05, 2008 at 12:22:03PM +0800, Uwe Dippel wrote: Here is what Stuart requested. I hope the attachment goes through! 00f0: 0100:

Re: VPN Ipsec

On Thu, Nov 6, 2008 at 9:39 AM, Louis Opter [EMAIL PROTECTED] wrote: Hello, I am trying to set up an ipsec vpn between two networks. But, I can't figure out why it doesn't work. I get some errors like (here on the malenfant gate, see network map below) : Plcy 30 keynote_cert_obtain:

Re: no pg_dump?

On Thu, 6 Nov 2008, Charlie Farinella wrote: I've installed postgresql client, server and contribs from packages on a new 4.4 OpenBSD machine and there is no pg_dump or pg_restore included that I can find. Where can I get these tools? They should be under /usr/local/bin/ -- Antoine

Re: no pg_dump?

Le Thu, 6 Nov 2008 17:06:54 -0500, Charlie Farinella [EMAIL PROTECTED] a icrit : I've installed postgresql client, server and contribs from packages on a new 4.4 OpenBSD machine and there is no pg_dump or pg_restore included that I can find. Where can I get these tools? --charlie

Re: no pg_dump?

On Thursday 06 November 2008, Antoine Jacoutot wrote: On Thu, 6 Nov 2008, Charlie Farinella wrote: I've installed postgresql client, server and contribs from packages on a new 4.4 OpenBSD machine and there is no pg_dump or pg_restore included that I can find. Where can I get these

Re: no pg_dump?

On Thursday 06 November 2008, Pierre-Emmanuel Andri wrote: Le Thu, 6 Nov 2008 17:06:54 -0500, Charlie Farinella [EMAIL PROTECTED] a icrit : I've installed postgresql client, server and contribs from packages on a new 4.4 OpenBSD machine and there is no pg_dump or pg_restore included that

Re: no pg_dump?

On 2008-11-06, Charlie Farinella [EMAIL PROTECTED] wrote: On Thursday 06 November 2008, Pierre-Emmanuel Andri wrote: Le Thu, 6 Nov 2008 17:06:54 -0500, Charlie Farinella [EMAIL PROTECTED] a icrit : I've installed postgresql client, server and contribs from packages on a new 4.4 OpenBSD

Re: openbsd fail2ban

On 2008-11-06, Joachim Schipper [EMAIL PROTECTED] wrote: On Thu, Nov 06, 2008 at 05:33:41PM +, Charlie Clark wrote: I have noticed that people constantly try to brute force sshd on my openbsd box, on my server I use fail2ban to prevent this and wondered if there is a similar solution

Re: no pg_dump?

On Thu, Nov 06, 2008 at 05:53:17PM -0500, Charlie Farinella wrote: http://www.openbsd.org/4.4_packages/i386/postgresql-client-8.3.3.tgz-contents .html Thank you. I have everything on the list except: /usr/local/bin/pg_config /usr/local/bin/pg_dump /usr/local/bin/pg_dumpall

Re: no pg_dump?

On 2008-11-06, Matthias Kilian [EMAIL PROTECTED] wrote: On Thu, Nov 06, 2008 at 05:53:17PM -0500, Charlie Farinella wrote: http://www.openbsd.org/4.4_packages/i386/postgresql-client-8.3.3.tgz-contents .html Thank you. I have everything on the list except: /usr/local/bin/pg_config

Re: openbsd fail2ban

One more vote for sshguard, I use it here with success, just need to create a rule like: block in on $ext_if proto tcp from sshguard to any port ssh And run sshguard, it will get any host trying random passwords with no success to the sshguard table. Don't know it there are any alternative

recommended disk layout for small web/mail/db server

Hi Folks. I'm setting a small web/mail/db server for sell web hosting, it run OpenBSD 4.4. I want to know the different view point about the disk layout for this purpose. I don't have sufficient resources for buying three separate machines (web/mail/db) at this time. I hope your advices.!

Re: no pg_dump?

On 2008-11-07, Stuart Henderson [EMAIL PROTECTED] wrote: On 2008-11-06, Matthias Kilian [EMAIL PROTECTED] wrote: On Thu, Nov 06, 2008 at 05:53:17PM -0500, Charlie Farinella wrote: http://www.openbsd.org/4.4_packages/i386/postgresql-client-8.3.3.tgz-contents .html Thank you. I have

tap devices on bridge cannot connect

I am running Qemu with 2 virtual machines. I have put the tap devices into a bridge with a trunk interface, the trunk acts as a gateway, allowing a virtual network inside the host server which can nat to public IPs and be firewalled. For some reason the 2 vmhosts cannot communicate. they will arp

Re: trunk(4), VLANs and MTU problems

On 2008-11-06, Johan Strvm [EMAIL PROTECTED] wrote: Anyone know how common this problem with blocked ICMP packets is? Idiot firewall and router admins do it the world over. If you can work out who's filtering ICMP, you can attempt to apply a LART, but experience shows this is rarely successful

Re: tap devices on bridge cannot connect

On 17:37:11 Nov 06, Lord Sporkton wrote: I am running Qemu with 2 virtual machines. I have put the tap devices into a bridge with a trunk interface, the trunk acts as a gateway, allowing a virtual network inside the host server which can nat to public IPs and be firewalled. For some reason the

Re: Laptop keyboard pictures

On Thu, Oct 30, 2008 at 7:42 PM, Ted Unangst [EMAIL PROTECTED] wrote: Can people with these new tiny notebooks send me a nice high res (1k x 1k is good) pic showing the keyboard layout? Maybe with a quarter or euro to show scale? Off list of course. I'd like to make a gallery because the

Re: Laptop keyboard pictures

Heres a pic of a portion of the eee keyboard (excuse the crappy photo): http://www.copyandwaste.com/wp-content/uploads/2008/11/img_0055.jpg Not sure if this is completely useful... but here is a comparison on the size of the eee and an old fujitsu lifebook

Re: recommended disk layout for small web/mail/db server

Thanks for the suggest, I thin begin with a 100GB hard disk, for managing users (web-mail-db) and allocate some dynamic web sites. I share the opinion about the split /var, in the past only /var/postgresql was split for me, is a good suggest /var/mail /var/mysql and /var/log Thanks and Best

Re: Laptop keyboard pictures

On Fri, Nov 7, 2008 at 12:01 AM, Andrew Konkol [EMAIL PROTECTED] wrote: Not sure if this is completely useful... but here is a comparison on the size of the eee and an old fujitsu lifebook http://www.copyandwaste.com/2008/09/16/asus-netbook/ That's awesome, thanks. I loved my lifebook, and

Re: HP DL180 hangs on boot

On 08-11-06 14.44, Alexander Hall wrote: Hi! I have issues booting a HP ProLiant DL180 G5 (456830-421) [1] which I hope someone can shed some light on. [ While writing thie email I've done some more testing and realized that the behaviour is not really consistent, but what I describe below is

Re: recommended disk layout for small web/mail/db server

Francisco Valladolid Hdez. wrote: I'm setting a small web/mail/db server for sell web hosting, it run OpenBSD 4.4. I want to know the different view point about the disk layout for this purpose. The partitioning depends on the usage. How much mail (# of messages and KB / message) do you