Re: OpenBSD 5.0 upgrade: em interface status no carrier
On Fri, Nov 18, 2011 at 4:01 AM, Sam Vaughan samvaug...@surgeonline.com wrote: On 18/11/2011, at 12:59 PM, Sam Vaughan wrote: Hi, After upgrading from OpenBSD 4.9 to OpenBSD 5.0, the Intel 82579LM and Intel PRO/1000 MT (82574L) devices on one of my servers no longer come up. facepalm If I'd bothered to compare those two dmesg outputs more closely I'd have noticed that OpenBSD 5.0 is simply enumerating the two interfaces in the opposite order. What was em0 in 4.9 is now em1 in 5.0 and vice versa. Simply swapping the cable to the other port and _not_ moving the settings in ifconfig to em1 fixes the problem. Sorry for the noise. By the way, is there any reason why I should prefer the 82579LM to the 82574L or vice versa? Thanks, Sam there's no reason you should consider either of them for any serious task as both of them are desktop low performance versions. 82576EB is known to be a very good one for routing workloads. http://www.intel.com/content/dam/doc/brochure/ethernet-controllers-phys-broch ure.pdf
Re: Which version of Firefox most secure?
On Sun, Nov 20, 2011 at 4:17 AM, Tomas Bodzar tomas.bod...@gmail.com wrote: 7.x.xx actual stable from Mozilla 7.x is no longer supported by Mozilla. 7.0.1 has 3 CVEs If you don't have 8.0 on ports, go with 3.6.24
Re: Which version of Firefox most secure?
On Sun, Nov 20, 2011 at 3:14 PM, Javier Bassi javierba...@gmail.com wrote: On Sun, Nov 20, 2011 at 4:17 AM, Tomas Bodzar tomas.bod...@gmail.com wrote: 7.x.xx actual stable from Mozilla 7.x is no longer supported by Mozilla. 7.0.1 has 3 CVEs If you don't have 8.0 on ports, go with 3.6.24 Actually I'm going with xxxterm, but Firefox is as backup only
Re: Which version of Firefox most secure?
7.x.xx actual stable from Mozilla 7.x is no longer supported by Mozilla. 7.0.1 has 3 CVEs If you don't have 8.0 on ports, go with 3.6.24 8.0 is in the process of being updated by nigel@, see his emails to ports@ in last two weeks or so. Tests and feedback is welcome from those running current. Most current port for firefox 8.0 can be found at www.github.com/jasperla/openbsd-wip/
Re: Which version of Firefox most secure?
On Sun, 20 Nov 2011 16:18:13 +0100 Tomas Bodzar tomas.bod...@gmail.com wrote: On Sun, Nov 20, 2011 at 3:14 PM, Javier Bassi javierba...@gmail.com wrote: On Sun, Nov 20, 2011 at 4:17 AM, Tomas Bodzar tomas.bod...@gmail.com wrote: 7.x.xx actual stable from Mozilla 7.x is no longer supported by Mozilla. 7.0.1 has 3 CVEs If you don't have 8.0 on ports, go with 3.6.24 Actually I'm going with xxxterm, but Firefox is as backup only Woohoo. I just tried xxxterm and I think I'm in lurv... Dhu
The Nanning International Folk Song Art Festival
misc The Nanning International Folk Song Art Festival I learn through the website www.newpastoral.com : Nanning is a multi-ethnic city based on the Zhuang and Han, is also the political, economic and cultural center of Guangxi. The Nanning International Folk Song Art Festival in Guangxi is one of the major festivals comprise cultural, economic, trade and tourism, the purpose is to inherit and carry forward the Chinese culture and arts of various ethnic groups, strengthen the exchange and development of the world's various ethnic culture. the annual autumn, The guests from around the world come with the the wings of singing, Meet with the beautiful green city:Nanning at the annual Folk Song pageant, perform in the same stage together, have heart-to-heart exchanges. the culture of ethnic, modern, world are here together and blending, Joint performance a happy song of world. Also held concurrently with The Nanning International Folk Song Art Festival include China - ASEAN Expo, China - ASEAN Business and Investment Summit series! , as well as travel food festival and trade fairs and other activities, so that where customers around the world can listen to music,see dance,taste delicious food, making new friends, find new opportunities. The Nanning International Folk Song Art Festival has been held since 1999, to provide for domestic and foreign merchants a cultural, business communication platform, has been widely acclaimed at home and abroad.
need help converting to ipsec.conf
Hi, I am converting a bunch of VPNs from my isakmpd.[conf|policy] files to ipsec.conf mostly because it seems they're deprecated, but partly because I saw an old thread that spoke of functionality I want to explore. I figured I should work through them one by one. I got my own VPN from one site to another working fine, after I figured out that ipsec.conf doesn't handle a space in the psk. The next one is site to site vpn from a client. They are using (I think) a juniper device to terminate with teh following settings: Client side: IP Address: 10.10.10.66 Peer: 10.100.1.66 Phase1 DH Group 1 Encryption: AES-256 Authentication: SHA1 Lifetime: 28800 seconds Phase2 DH Group 2 Encryption: AES-256 Authentication: SHA1 Lifetime: 3600 seconds Preshared Key: Changed PFS: enabled So. I put into my ipsec.conf: ike esp from 172.18.18.0/24 to 172.20.20.0/24 \ local 10.100.1.66 peer 10.10.10.66 \ #main auth hmac-md5 enc aes-256 group modp768 \ #main auth hmac-sha1 enc aes-256 group modp768 \ main auth hmac-sha1 enc aes group modp768 \ quick auth hmac-sha1 enc aes-256 group modp768 \ srcid ca...@fw0.example.com \ psk Changed Then I start up isakmpd and dump debug to a file and I get weird messages. # cat ipsec.log | grep unac 044235.728559 Default attribute_unacceptable: ENCRYPTION_ALGORITHM: got AES_CBC, expected 3DES_CBC 044255.325011 Default attribute_unacceptable: GROUP_DESCRIPTION: got MODP_768, expected MODP_1024 044315.878550 Default attribute_unacceptable: AUTHENTICATION_METHOD: got PRE_SHARED, expected RSA_SIG 044315.878641 Default attribute_unacceptable: HASH_ALGORITHM: got MD5, expected SHA As soon as I switch back to my beloved isakmpd.conf (was its syntax really so complicated?) it comes back up instantly. Why is ipsec expecting 3DES_CBC? There is no reference to 3des in my config... Why is it expecting MODP_1024? Or RSA_SIG? Where is it getting MD5 from? Changing the hash to md5 doesn't seem to make any difference. :( And finally... Does ipsec.conf still parse the policy file to secure the connections? Is there a better way? Or am I wrong in thinking this was a good thing to do? TIA nuffi
Re: Which version of Firefox most secure?
From: Tomas Bodzar tomas.bod...@gmail.com Subject: Re: Which version of Firefox most secure? To: Javier Bassi javierba...@gmail.com Cc: misc@openbsd.org Date: Sunday, November 20, 2011, 3:18 PM On Sun, Nov 20, 2011 at 3:14 PM, Javier Bassi javierba...@gmail.com wrote: On Sun, Nov 20, 2011 at 4:17 AM, Tomas Bodzar tomas.bod...@gmail.com wrote: 7.x.xx actual stable from Mozilla 7.x is no longer supported by Mozilla. 7.0.1 has 3 CVEs If you don't have 8.0 on ports, go with 3.6.24 Actually I'm going with xxxterm, but Firefox is as backup only I use xxxterm too (as well as scrotwm as my WM) but I need some of the add-ons that are offered on Firefox not elsewhere on any other browser
Re: Recommended working IDE
3 I already know vim, this is exactly the kind of thing I've needed. On Sat, Nov 19, 2011 at 2:37 PM, richo ri...@psych0tik.net wrote: Check out the tag explorer plugin.. http://www.vim.org/scripts/script.php?script_id=483 On 19/11/11 14:10 +1100, John Tate wrote: If vim had a class browser, I'd already be using vim. Geany was suggested to me off the list. On Sat, Nov 19, 2011 at 1:49 PM, Richard Toohey richardtoo...@paradise.net.nz wrote: On 19/11/2011, at 2:51 PM, John Tate wrote: Misc, I've had troubles with eclipse and anjuta. Eclipse does not want to run, anjuta seems to be missing it's symbol browser in anjuta-extras. Anjuta actually works, but when I open a project it gives me an error. I've already posted what it is, so search. Is there an IDE that works? What is it? Perhaps I should just learn emacs. Though, I really like anjuta. Are there any IDE recommendations apart anjuta, eclipse, and vim and emacs editors available? John -- www.johntate.org vim with syntax highlighting and brace-matching etc. etc. works for me. What language(s) and sorts of project (fat-client? console? GUI? web?) -- www.johntate.org -- richo || Today's excuse: Boss' kid fucked up the machine http://blog.psych0tik.net -- www.johntate.org
Re: make cleandir deletes stuff that it shouldn't?
On Thu, Nov 17, 2011 at 6:29 AM, Christer Solskogen christer.solsko...@gmail.com wrote: After running make cleandir in /usr/src I ran a new checkout (OPENBSD_5_0) and I found this: Updating collection OpenBSD-src/cvs Checkout src/gnu/usr.bin/cvs/doc/CVSvn.texi ... Is this intended behaviour? No, it's not intended. Fortunately, there's an easy fix that everyone uses: make obj Philip Guenther
pppoe
I am setting up an OpenBSD firewall, and have everything working but I am using userland pppoe. I am not sure if it ever became an official part of OpenBSD, but I've heard there might be kernel level pppoe support. Is there kernel level pppoe support? Or is the cybersphere filling my head with dreams? -- www.johntate.org
202.93.128.236代 办/ 代 理 开/机/打 票13699865338黄经理202.93.128.236
Your friend e/d:d8e fg+ g5d= e!! g5f(ggh(o 202.93.128.236d;# e o d;# g eof:of g%(oooooooooooi;g;g202.93.128.236 http://tw.myblog.yahoo.com/jw!1K84p1yREQXRDO9YOXH0EfAuoaYkEjm18Q--/article?mid=1 Yahoo!e%f)fe0 d= gfe0.ee3.gf4;f0i+i)c http://tw.fashion.yahoo.com/ g f, f f Yahoo!e%f)
Alert - The Branding Revolution
As you know the world's biggest branding revolution starts January 2012. What direct implications does it have for your organization? What do your teams need to know now and what must they be prepared for in advance to face the tidal wave? This White Paper provides an in-depth overview and can be downloaded directly download from the AARM web site at http://www.aarm.org I hope you'll find it helpful. Robert Robert T. Stacey President - AARM roberttsta...@aarm.org baa ___ If you have received this email in errror please accept my apologies. Insert removal in the subject line and email to remo...@aarm.org and I'll see that appropriate action is taken. To reach the AARM website AARM WEB
Re: pppoe
On Sun, Nov 20, 2011 at 6:37 PM, John Tate j...@johntate.org wrote: I am setting up an OpenBSD firewall, and have everything working but I am using userland pppoe. I am not sure if it ever became an official part of OpenBSD, but I've heard there might be kernel level pppoe support. Is there kernel level pppoe support? Or is the cybersphere filling my head with dreams? man 4 pppoe
Re: pppoe
John Tate j...@johntate.org writes: Is there kernel level pppoe support? Or is the cybersphere filling my head with dreams? $ man -k pppoe pppoe (4) - PPP Over Ethernet protocol network interface pppoe (8) - PPP Over Ethernet translator -- http://www.wistly.net
Re: Which version of Firefox most secure?
On Mon, Nov 21, 2011 at 12:05 AM, James Hozier guitars...@yahoo.com wrote: From: Tomas Bodzar tomas.bod...@gmail.com Subject: Re: Which version of Firefox most secure? To: Javier Bassi javierba...@gmail.com Cc: misc@openbsd.org Date: Sunday, November 20, 2011, 3:18 PM On Sun, Nov 20, 2011 at 3:14 PM, Javier Bassi javierba...@gmail.com wrote: On Sun, Nov 20, 2011 at 4:17 AM, Tomas Bodzar tomas.bod...@gmail.com wrote: 7.x.xx actual stable from Mozilla 7.x is no longer supported by Mozilla. 7.0.1 has 3 CVEs If you don't have 8.0 on ports, go with 3.6.24 Actually I'm going with xxxterm, but Firefox is as backup only I use xxxterm too (as well as scrotwm as my WM) but I need some of the add-ons that are offered on Firefox not elsewhere on any other browser AdSuck from packages/ports and whitelist mode (need some work from start to allow JS/cookies only for pages you really want) and runs superb
Re: pppoe
On Nov 21 12:37:37, John Tate wrote: I am setting up an OpenBSD firewall, and have everything working but I am using userland pppoe. I am not sure if it ever became an official part of OpenBSD, but I've heard there might be kernel level pppoe support. Is there kernel level pppoe support? Or is the cybersphere filling my head with dreams? Is http://www.openbsd.org/faq/faq6.html#PPP a part of cybersphere?
Re: man doc kaizen
On Sun, Nov 20, 2011 at 11:10:07PM +0800, f5b wrote: man aue ... ADMtek AN986 and ADM8511 data sheets, http://www.admtek.com.tw. ... man axe ... ASIX AX88172 data sheet, http://www.asix.com.tw. ... should we remove the period at the end of url? no. jmc