Hi Patrick,
Le 05/09/2013 05:24, patrick keshishian a écrit :
>
> Does there exist a nice way to do this without further sub-dividing
> the /28?
>
I would bridge the Internet-facing interface and the interface that
connects to the switch. This way you can filter with PF without
subnetting your
Seems like it would be pretty straightforward to NAT, no?
/--existing servers /28
EVIL - lie agreed upon [Puffy] <
\-new servers on RFC 1918
Would need to know more to make better recommendations.
On 9/4/
Hi Networking gurus,
Say I have /28 address space. Between them and the internet is
pf. Not all of the addresses are in use ATM.
I may have the need to add a couple new servers behind that pf
server within the same /28 range. Problem: I need to have traffic
between the new servers and what alread
Is there a way to create catchall aliases or virtuals so that SMTPD
would receive email for all domains and all user accounts? I've been
trying different combinations of alias and virtual databases, but
nothing seems to work.
To answer my own question:
# cat /etc/mail/smtpd.conf
listen on lo0 por
Penned by andy on 20130904 15:21.22, we have:
| Hi, one last question.
|
| I am reading through lots of examples and documentation on OpenBSD and v6
| and most seem to refer to adding the v6 address to /etc/hostname.X as an
| 'alias', e.g.;
| inet 10.0.0.1 255.255.255.0
| inet6 alias
Hi, one last question.
I am reading through lots of examples and documentation on OpenBSD and v6
and most seem to refer to adding the v6 address to /etc/hostname.X as an
'alias', e.g.;
inet 10.0.0.1 255.255.255.0
inet6 alias fec0:2029:f001:128::40 64
I have our test setup working now without the
# /usr/sbin/smtpd
/etc/mail/smtpd.conf:17: syntax error
warn: no rules, nothing to do
try putting the path in quotes:
accept from any for any deliver to maildir "/var/spamdb"
Thank you, Reyk, that fixed the problem!
Is there a way to create catchall aliases or virtuals so that SMTPD
would rec
On Sep 4, 2013, at 11:17 AM, Janne Johansson wrote:
> I thought the 10G benchmarks discussed recently showed that the performance
"hit" from keeping state was so small it didn't matter, so you might aswell
just let the default (keep state) be there for those services.
>
>
>
Sorry, my question is
Alexander Polakov [p...@sdf.org] wrote:
> * Ed Ahlsen-Girard [130903 16:18]:
> > Has anyone else noticed that some fonts are not displaying the right
> > character? Some substitutions, some blanks?
>
> Yes. http://reddit.com/r/programming looks like this in firefox:
> http://plhk.ru/trash/rdit-fo
I installed the 2013/09/03 snapshot first thing this morning and have
been running all day with it so far. By this point on the previous two
snapshots I would have at least two to three hard freezes. So far
everything is good. If that changes I will update this thread.
Bryan
"International technology giants won't be able to get patents for basic
software under a law passed by the New Zealand government, although
protection for significant innovations and programs will remain under
the country's copyright law."
http://blogs.wsj.com/digits/2013/09/01/new-zealand-ends-pa
On Wed, Sep 04, 2013 at 08:10:53PM +0300, K�?rlis Miķelsons wrote:
> listen on lo0 port 9025
> accept from any for any deliver to maildir /var/spamdb
>
> # /usr/sbin/smtpd
> /etc/mail/smtpd.conf:17: syntax error
> warn: no rules, nothing to do
>
try putting the path in quotes:
accept from a
My idea is quite simple - I have list of IP addresses that are only
sending spam and I need to collect that spam, instead of rejecting it,
so that I can report it to authorities.
Why do you want to do that?
I need it to report spam to authorities, they only react here if you
have actually receiv
Hello,
My idea is quite simple - I have list of IP addresses that are only
sending spam and I need to collect that spam, instead of rejecting it,
so that I can report it to authorities.
I've been thinking about using OpenBSD SMTPD for this task, but can't
figure out how to do that.
PF has table
Does it make sense for me to keep state on inbound udp to services like
isakmp, dns and ntp? I'm guessing if I don't keep state I'll suffer a slight
performance hit because the packet that starts the "flow" won't setup a state
table entry. But won't my first reply packet setup that entry for the re
On Wed, 4 Sep 2013 15:19:07 +0200, Janne Johansson
wrote:
> Our ospfd boxes didn't like having PF on during failovers, while having
> ospf redundancy upwards and carp redundancy downwards, since PF normally
> doesn't like when it can't see the whole flow. Perhaps doing
sloppy-states
> could have "
I've seen similar issues when the network port had the same network/VLAN
both untagged and tagged at the same time.
The end result was that the switch decided that the mac was on the physical
(untagged) port only, and would not talk to the same mac tagged against the
vlan IF, meaning it basically f
I thought the 10G benchmarks discussed recently showed that the performance
"hit" from keeping state was so small it didn't matter, so you might aswell
just let the default (keep state) be there for those services.
2013/9/4 Christopher Hilton
> Does it make sense for me to keep state on inboun
Might have been PF reassemble that had issues with fragments coming in to
different hosts, where at least one of the active PFs would be waiting
forever for the missing pieces to arrive also. The solution was to not PF
on routers anyhow, and that is good separation of duties in any case.
2013/9/
Hi misc@,
I have a Dell PowerEdge M600 machine running OpenBSD 5.3 which causes
frequent problems - once about every few days vlan interfaces stop
working.
Ifconfig reports them being up the whole time, but when trying to ping
anything in the given vlan, the ping fails (this also applies to the
l
I only add /32 aliases. I believe in only having one ip with the wide mask,
and just having the rest being single-ip aliases for the same reason as not
having multiple ethernet interfaces with the wide mask on the same ethernet
segment, since it screws up my knowledge on which IF will be used for
o
Our ospfd boxes didn't like having PF on during failovers, while having
ospf redundancy upwards and carp redundancy downwards, since PF normally
doesn't like when it can't see the whole flow. Perhaps doing sloppy-states
could have "fixed" it, perhaps no-state could have done it, but in the end,
we
Hi misc@,
Lets say I have a 192.168.0.1/24 alias on an interface. When I run
ifconfig with the delete or -alias parameters and specify 192.168.0.1/32
as the address, the 192.168.0.1/24 alias gets removed.
Is this desired behavior? Shouldn't ifconfig report an error because the
mask doesn't match?
Hi Jiri,
Thanks for the quick answer I won't lose time on it then. I'll also follow the
development of this feature.
Romain
-Original Message-
From: Jiri B [mailto:ji...@devio.us]
Sent: mercredi 4 septembre 2013 11:45
To: Aviolat Romain
Cc: misc@openbsd.org
Subject: Re: openbsd 5.3 sof
On Mon, 02 Sep 2013 09:56:46 -0400, John Jasen
wrote:
> Please forgive the top posting.
>
> If you have enough systems, can you hit the performance goals with carp
> and active load balancing?
>
I did think about that but these boxes will also be running OpenOSPFd and
OpenBGPd (will be our WAN
On Wed, Sep 04, 2013 at 09:33:51AM +, Aviolat Romain wrote:
> Dear openbsd users,
>
> I wanted to test this new feature of openbsd 5.3
>
> "softraid(4) RAID1 and crypto volumes are now bootable on i386 and amd64
> (full disk encryption)"
>
> In fact I wanted to have both RAID and Crypto sim
Dear openbsd users,
I wanted to test this new feature of openbsd 5.3
"softraid(4) RAID1 and crypto volumes are now bootable on i386 and amd64 (full
disk encryption)"
In fact I wanted to have both RAID and Crypto simultaneously. A bootable
encrypted RAID1 partition.
Here's the steps I followed
27 matches
Mail list logo