Re: IPsec IKEv1 accepts non-matching phase 2 parameters

2016-01-02 Thread Stuart Henderson
On 2015-12-31, Julian Hsiao wrote: > Hi, > > I've set up two hosts to experiment with IPsec, obsd1 (192.168.0.1) and > obsd2 (192.168.0.2). > > ipsec.conf on obsd1: > > ike passive esp transport \ > from 192.168.0.1 to any \ > main auth hmac-sha2-256 enc aes-128 group

Re: ddclient won't auto run on OpenBSD 5.8

2016-01-02 Thread Stuart Henderson
On 2015-12-31, Jay Hart wrote: > Recently updated a router from 5.2 to 5.8. I had a working ddclient process > connected to and > fully working with DynDNS. Trying to use same config, may have to tweak just > a bit. > > My main issue right now is trying to get the ddclient

Re: bandwidth usage limits with pf, etc.

2016-01-02 Thread Stuart Henderson
On 2015-12-31, Mark Carroll wrote: > I was wondering recently what the biggest bandwidth hogs were on my home > network at a certain moment. On Linux I use iftop on the router for > this, but I wonder in OpenBSD if, rather than install the iftop package, > there's something

Error loading pf rules: Device busy

2016-01-02 Thread C. L. Martinez
Hi all, I have a strange problem. Every time that I try to reload my pf rules I see the following error message: pfctl: DIOCADDRULE: Device busy. I am using OpenBSD 5.8 amd64 fully patched. Any idea??

Re: Connect to OpenVPN from OpenBSD

2016-01-02 Thread Jiri B
On Sat, Jan 02, 2016 at 08:55:35PM +0500, ? ??? wrote: > Is it possible to connect to OpenVPN (riseup.net) from OpenBSD without > installing openvpn client to OpenBSD? No, you need OpenVPN package as it uses its own homemade SSL-VPN protocol. > I don't understand all this vpn-technologies

Connect to OpenVPN from OpenBSD

2016-01-02 Thread Артур Истомин
Is it possible to connect to OpenVPN (riseup.net) from OpenBSD without installing openvpn client to OpenBSD? I don't understand all this vpn-technologies very well, but know that OpenBSD has built-in vpn-services/clients, so I don't want to install openvpn-client if it possible to use software

Re: Connect to OpenVPN from OpenBSD

2016-01-02 Thread Josh Grosse
On Sat, Jan 02, 2016 at 08:55:35PM +0500, art.istom wrote: > Is it possible to connect to OpenVPN (riseup.net) from OpenBSD without > installing openvpn client to OpenBSD? No. OpenVPN servers require OpenVPN clients. > I don't understand all this vpn-technologies very well, but know that >

Re: Error loading pf rules: Device busy

2016-01-02 Thread C.L. Martinez
On 01/02/2016 08:33 AM, C. L. Martinez wrote: Hi all, I have a strange problem. Every time that I try to reload my pf rules I seethe following error message: pfctl: DIOCADDRULE: Device busy. I am using OpenBSD 5.8 amd64 fully patched. Any idea?? Sorry for the noise. There was an error

Re: Add Bay Trail EHCI controller to pcidevs

2016-01-02 Thread Mark Kettenis
> acpi0 at bios2: rev 2, ACPI control unavailable The diff below should fix that issue and get rid of the can't map interrupt issues. Index: acpi.c === RCS file: /cvs/src/sys/dev/acpi/acpi.c,v retrieving revision 1.297 diff -u

Question about urndis_decap invalid buffer len 1 < minimum header 44

2016-01-02 Thread Christoph R. Murauer
Hello ! Could someone tell me please, where I could find more informations about the following message in /var/log/messages ? Jan 3 00:48:38 thinkpad-w541 /bsd: urndis0: urndis_decap invalid buffer len 1 < minimum header 44 Jan 3 00:49:13 thinkpad-w541 last message repeated 8 times The

Re: wle200nx WiFi card on apu2b4 - athn0: Device timeout

2016-01-02 Thread Kapfhammer, Stefan
Hello, first of all I want to wish everyone on the list a happy new year and best wishes. I have now checked hardware: card has contact and ground, removed sma cabling, checked for defective contacts on sma and antennas. Everything seems ok. Installed fresh 5.9-current (2015-12-28) Installed

Intel S5000PSL with recent OpenBSD

2016-01-02 Thread Denis Fondras
Hello, I have 2 servers with an Intel S5000PSL motherboard and dual Intel Xeon L5420 CPU. When I boot a "recent" OpenBSD (>4.4) it hangs on "wskbd0 at pckbd0: console keyboard, using wsdisplay1". I tried to disable xhci and acpi without luck. I have the latest BIOS. Anything I could try ? Thank

Re: Question about urndis_decap invalid buffer len 1 < minimum header 44

2016-01-02 Thread Edgar Pettijohn
On 01/02/16 18:03, Christoph R. Murauer wrote: Hello ! Could someone tell me please, where I could find more informations about the following message in /var/log/messages ? Jan 3 00:48:38 thinkpad-w541 /bsd: urndis0: urndis_decap invalid buffer len 1 < minimum header 44 I think its due to

filter-spamassassin

2016-01-02 Thread Edgar Pettijohn
I finally got around to trying out filter-spamassassin. It appears to work correctly. However, I was trying to change the default action from accept to reject. I've tried everything I can think of but continue to get syntax errors. I assumed something like this would work: filter spam

Re: IPsec IKEv1 accepts non-matching phase 2 parameters

2016-01-02 Thread Julian Hsiao
On 2016-01-02 13:18:15 +, Stuart Henderson said: See isakmpd.policy(5). It's an utter pain but it's necessary in order to secure things with isakmpd. Right, I eventually figured that out by having isakmpd dump out the isakmpd.conf(5) equivalent config. Turns out "ike passive [...]" is