IPSec OpenBSD road warrior

2015-08-20 Thread Stefan Berger
Hi, I am trying to accomplish this: Connect a laptop (OpenBSD 5.7, road-warrior) with IPSec/VPN tunnel to an OpenBSD server. The laptop is sitting in different networks who all do NAT, the server has a static IPv4 address. The goal is to route all the traffic from the laptop to the server,

Re: problems compiling latest 5.7 patches

2015-08-20 Thread Stuart Henderson
On 2015-08-20, luke...@onemodel.org luke...@onemodel.org wrote: The error messages make it look like the code is wrong won't build. Any suggestions? Is there any chance you've tried building things without having done 'make obj' first? If so, you might have some files lying around under

Re: Ubiquiti EdgeRouter Lite

2015-08-20 Thread Stuart Henderson
On 2015-08-18, Ted Unangst t...@tedunangst.com wrote: I don't use IPsec, and I notice that Ubiquiti don't mention it as a selling point for the device. I would probably not use the edgerouter for anything too far outside what the adverising materials say (just running openbsd instead). The

Re: Ubiquiti EdgeRouter Lite

2015-08-20 Thread Stuart Henderson
On 2015-08-20, Stuart Henderson s...@spacehopper.org wrote: On 2015-08-18, Ted Unangst t...@tedunangst.com wrote: I don't use IPsec, and I notice that Ubiquiti don't mention it as a selling point for the device. I would probably not use the edgerouter for anything too far outside what the

Re: weird carp failover behavior

2015-08-20 Thread Christopher Barry
On Thu, 20 Aug 2015 21:56:18 -0500 Patrick Dohman patrick_doh...@comcast.net wrote: Anything in your modem logs? DOCSIS layer 2 is a strange beast :) Any cabling issue such attenuators or splitters behind the modem? Regards Patrick On Aug 19, 2015, at 2:34 PM, Devin Reade g...@gno.org

Re: Ubiquiti EdgeRouter Lite

2015-08-20 Thread Tobias Ulmer
On Tue, Aug 18, 2015 at 10:33:37PM -0400, dominik...@openmailbox.org wrote: On 2015-08-18 11:42, Tobias Ulmer wrote: On Tue, Aug 18, 2015 at 01:59:49PM +, Jona Joachim wrote: On 2015-08-18, Ted Unangst t...@tedunangst.com wrote: Predrag Punosevac wrote: Dear All, I am contemplating

Re: problems compiling latest 5.7 patches

2015-08-20 Thread luke350
The error messages make it look like the code is wrong won't build. Any suggestions? Attached is the dmesg output I forgot to include the first time. Thanks. On 08/19/15 04:53, luke...@onemodel.org wrote: I'm not an expert but am trying to follow the instructions to rebuild my 5.7 stable

Re: SuperMicro thin mini itx?

2015-08-20 Thread Quartz
Contact their support department. I ended up doing that anyway earlier this morning. If I don't hear back from them maybe I'll try calling tomorrow or something. They're actually pretty good about answering questions on the phone, even on the first call. They did get back to me via email,

Re: Ubiquiti EdgeRouter Lite

2015-08-20 Thread Michael McConville
Juan Francisco Cantero Hurtado wrote: Slightly off-topic: Ubiquiti released recently a new router named EdgeRouter X. 49 USD, 5 gigabit ports, 5W, dual-core 800Mhz, 256MB. It's a MIPS32, so if some developer is looking for a new platform for OpenBSD... :P . The processor is licensed from

Re: weird carp failover behavior

2015-08-20 Thread Patrick Dohman
Anything in your modem logs? DOCSIS layer 2 is a strange beast :) Any cabling issue such attenuators or splitters behind the modem? Regards Patrick On Aug 19, 2015, at 2:34 PM, Devin Reade g...@gno.org wrote: I'm trying to understand an odd behavior during carp failover where one uplink

Re: per-vlan traffic control

2015-08-20 Thread Josh Grosse
On 2015-08-20 08:47, Paulo Coimbra wrote: Hi all, I'm now doing some tests with openbsd+pf+queueing. My scenario is: [MIKROTIK 1] - [OPENBSD BOX]--[MIKROTIK 2] I've configured vlan 100 with physical interface em0 at openbsdBox and mikrotik 1, and create two queues

Re: per-vlan traffic control

2015-08-20 Thread Paulo Coimbra
Well, considering that only outbound packets can be queued, I've changed some rules at pf.conf. Packets that are outgoing at $if_Internet, is upload. Packets that are outgoing at vlan100 is download, all right? My changed pf.conf below: (but even with these changes, doesn´t work for me, I getting

Re: per-vlan traffic control

2015-08-20 Thread Paulo Coimbra
Hi Atanas, Thanks for your response. I follow some configurations in that link you send, but nothing had effect. Packets is not going to queues. br, Paulo Coimbra 2015-08-20 10:55 GMT-03:00 Atanas Vladimirov vl...@bsdbg.net: On 20.08.2015 16:35, Paulo Coimbra wrote: Well, considering that

Re: per-vlan traffic control

2015-08-20 Thread Atanas Vladimirov
On 20.08.2015 16:35, Paulo Coimbra wrote: Well, considering that only outbound packets can be queued, I've changed some rules at pf.conf. Packets that are outgoing at $if_Internet, is upload. Packets that are outgoing at vlan100 is download, all right? My changed pf.conf below: (but even with

Re: SuperMicro thin mini itx?

2015-08-20 Thread Atanas Vladimirov
On 20.08.2015 04:46, Quartz wrote: Try the X10SBA Doesn't appear to fit the bill, unfortunately. That hdmi+displayport stack is too high, and while it has onboard DC12V it's missing the standardized plug on the back. Given that no one else has responded, I'm assuming that SuperMicro just

Re: redirect nor vpn (as I know it) solves this problem

2015-08-20 Thread Sonic
On Wed, Aug 19, 2015 at 6:46 PM, Stuart Henderson s...@spacehopper.org wrote: It's not *that* complex. It may be easier with tag rather than received-on and if there's any confusion about rule ordering it may be easier to use 'quick' and place them at the top of the ruleset. pass in quick

Re: Pre-orders for 5.8

2015-08-20 Thread lists
To celebrate the upcoming 20 years anniversary release of OpenBSD, Salute! four (instead of the usual one) songs are contributed and will be included in the release. The song I contributed is being released today: http://www.openbsd.org/lyrics.html#58c Thanks, nice tune, very catchy

Re: per-vlan traffic control

2015-08-20 Thread Paulo Coimbra
Hi all, I'm now doing some tests with openbsd+pf+queueing. My scenario is: [MIKROTIK 1] - [OPENBSD BOX]--[MIKROTIK 2] I've configured vlan 100 with physical interface em0 at openbsdBox and mikrotik 1, and create two queues (vlan100_in and vlan100_out) to limit

Re: per-vlan traffic control

2015-08-20 Thread Rafael Zalamena
On Thu, Aug 20, 2015 at 09:47:09AM -0300, Paulo Coimbra wrote: Hi all, Hello Paulo, I'm now doing some tests with openbsd+pf+queueing. My scenario is: [MIKROTIK 1] - [OPENBSD BOX]--[MIKROTIK 2] I've configured vlan 100 with physical interface em0 at

Re: Ubiquiti EdgeRouter Lite

2015-08-20 Thread Juan Francisco Cantero Hurtado
On Tue, Aug 18, 2015 at 01:08:10PM -0400, Ted Unangst wrote: Jona Joachim wrote: Thank you very much for the write-up! I'm looking into buying hardware to build a small OpenBSD home router and this looks interesting. You say that the machine will not be able to serve as an IPSEC gateway.

Re: per-vlan traffic control

2015-08-20 Thread Atanas Vladimirov
On 20.08.2015 17:31, Paulo Coimbra wrote: Hi Atanas, Thanks for your response. I follow some configurations in that link you send, but nothing had effect. Packets is not going to queues. br, Paulo Coimbra 2015-08-20 10:55 GMT-03:00 Atanas Vladimirov vl...@bsdbg.net: On 20.08.2015 16:35,

KeePass 2.30- libpng and other errors

2015-08-20 Thread Andrzej Drewnowski
Hello! I am trying to run KeePass on OpenBSD (amd64)- current (but on 5.7 are the same errors). I installed Mono from packages and downloaded KeePass-2.30-portable. Unfortunately I can't start KeePass because of this errors: SendMessage (25165861, 0x112c, 0x4, 0x4) libpng error: invalid after

Re: SuperMicro thin mini itx?

2015-08-20 Thread Gene
On Wed, Aug 19, 2015 at 1:47 AM, Quartz qua...@sneakertech.com wrote: We need to build some OpenBSD-based network devices that we'd strongly prefer to be based on SuperMicro hardware. Does anyone know offhand if they offer any products that conform to the Thin-Mini-ITX standard? Their website

Re: USB mouse spontaneously detaching

2015-08-20 Thread howard eisenberger
Data point: plugging a no-name USB mouse into a PS/2 to USB adapter instead of directly into a USB 2.0 port on old HP amd64 board seems to have solved this in my case. Regards, Howard E.

Re: SuperMicro thin mini itx?

2015-08-20 Thread Quartz
From Supermicro website: http://www.supermicro.nl/products/motherboard/ATOM/ http://www.supermicro.nl/products/embedded/embedded_motherboard.cfm I know they sell Atom-based boards and various embedded boards, but just because it's Atom and/or embedded doesn't automatically mean it conforms

Set screen resolution for inteldrm during boot ?

2015-08-20 Thread nawi
Hello ! I am new to OpenBSD - sorry if I ask about a already documented thing. I have here a Lenovo ThinkPad W541 which works till X without problems. The dmesg shows, that the resolution switches to 2880x1620 during boot. Is there a way (UKC) to change the resolution during boot for the console

Re: Set screen resolution for inteldrm during boot ?

2015-08-20 Thread Theo de Raadt
I am new to OpenBSD - sorry if I ask about a already documented thing. I have here a Lenovo ThinkPad W541 which works till X without problems. The dmesg shows, that the resolution switches to 2880x1620 during boot. Is there a way (UKC) to change the resolution during boot for the console ?

Re: IPv6 source addresse selection

2015-08-20 Thread Stuart Henderson
On 2015-08-19, Denis Fondras open...@ledeuns.net wrote: Hi, I have an OpenBSD5.7 router with IPv6 enabled. I have multiple IPv6 addresses : - em0 : 2a00:6060::1/64 - em1 : 2001:7f8:81::6:983:1/64 - gif0 : 2001:470:11:c8::2/128 IPv6 access is provided by HurricaneElectric tunnel with BGP.

Re: Ubiquiti EdgeRouter Lite

2015-08-20 Thread Chris Cappuccio
Stuart Henderson [s...@spacehopper.org] wrote: On 2015-08-18, Ted Unangst t...@tedunangst.com wrote: I don't use IPsec, and I notice that Ubiquiti don't mention it as a selling point for the device. I would probably not use the edgerouter for anything too far outside what the adverising

Re: SuperMicro thin mini itx?

2015-08-20 Thread Chris Cappuccio
Quartz [qua...@sneakertech.com] wrote: Why would you contact their marketing department? That's silly. Well because I assume that marketing encompasses sales, and the sales department kinda ought to know what products the company sells. Contact their support department. I ended

Re: SuperMicro thin mini itx?

2015-08-20 Thread lists
From Supermicro website: http://www.supermicro.nl/products/motherboard/ATOM/ http://www.supermicro.nl/products/embedded/embedded_motherboard.cfm Recently I bought a X9SBAA-F on ebay and except this bug[1] everything is working as it should. [1]

Re: SuperMicro thin mini itx?

2015-08-20 Thread Quartz
Why would you contact their marketing department? That's silly. Well because I assume that marketing encompasses sales, and the sales department kinda ought to know what products the company sells. Contact their support department. I ended up doing that anyway earlier this morning.

Re: KeePass 2.30- libpng and other errors

2015-08-20 Thread Peter Van Eenoo
If you don't need the keepass 2x functionality, then the keepass 1x package is available and works great. On Aug 20, 2015 8:28 AM, Andrzej Drewnowski andrewdrewnow...@gmail.com wrote: Hello! I am trying to run KeePass on OpenBSD (amd64)- current (but on 5.7 are the same errors). I installed

Re: Set screen resolution for inteldrm during boot ?

2015-08-20 Thread Christoph R. Murauer
No. We have no plans to do that, since the kernel would need to store additional font sizes. Thanks for your answer. No problem - I thought I missed maybe some documentation about it. Only for my understanding, a „workaround would then be to disable inteldrm in UKC to keep the default