is 'set prio' in pf unidirectional or bidirectional?

Hi, I'm trying to update my pf.conf to prioritize Ooma VoIP packets. My OpenBSD firewall sits between my Ooma on my internal network and the outside world. It's hard to Google for this info, since the pf FAQ has so many mirrors out there, it's hard to separate the noise from the signal. I own

Re: Creating https certificates dynamically for redirected/blocked requests

On Tue, Jun 14, 2016 at 8:05 AM, Ted Wynnychenko wrote: > Hello > > For many years now I have been using a DNS black hole setup to stop http/https > connections to blocked websites (well, any connection to those sites). This > has > worked well. > > Connections with http

Re: Is there such a thing as a fanless OpenBSD-capable laptop?

Ulf Brosziewski, 15 Jun 2016 00:48: > Your feedback in bugs@ would be appreciated. Can you exclude that > it's a hardware failure? Some people claim that various Acer models > are prone to such failures because the touchpads have a bad > electrical grounding. i sent a reply to your bugs@ reply

Re: Creating https certificates dynamically for redirected/blocked requests

>From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of Stuart Henderson >Sent: Tuesday, June 14, 2016 12:31 PM > >On 2016-06-14, Ted Wynnychenko wrote: >> This really isn't a big deal; but as more sites have started using https, and as >> tools such as

Re: Is there such a thing as a fanless OpenBSD-capable laptop?

On 06/14/2016 11:58 PM, frantisek holop wrote: > ropers, 14 Jun 2016 03:37: >>> the acer travelmate b115-m is an el cheapo netbook >>> with no moving parts if you stick an ssd in it. >>> >> >> Thanks for the addition and dmesg. Do you know if all the Travelmate B115's >> are fanless or only the M

Re: bluetooth audio -> usb dongle?

On 16-06-15 00:01:04, frantisek holop wrote: > i'd like to use a bluetooth wireless headphone with > openbsd. is this possible with some usb dongle? > > -f > -- > i am sick and tired of being sick and tired. > Someone answered a similiar question recently. I believe the answer was "if the

bluetooth audio -> usb dongle?

i'd like to use a bluetooth wireless headphone with openbsd. is this possible with some usb dongle? -f -- i am sick and tired of being sick and tired.

Re: Is there such a thing as a fanless OpenBSD-capable laptop?

ropers, 14 Jun 2016 03:37: > > the acer travelmate b115-m is an el cheapo netbook > > with no moving parts if you stick an ssd in it. > > > > Thanks for the addition and dmesg. Do you know if all the Travelmate B115's > are fanless or only the M models, not MP or P? What about the B116's and >

Re: Is there such a thing as a fanless OpenBSD-capable laptop?

Erling Westenvik, 14 Jun 2016 09:03: > With all due respect: This is not the place to ask for detailed specs > for a whole series of computers. You could easily have found answers to all > of your questions above if you had done some very basic homework: > >

Re: DNS servers around here not working for days. dig works. fix?

> > > > I don't know if this will be usable for your case, here at home the aDSL > > > > modem tries to be the resolver. The trouble is with the ISP: their DNS > > > > servers are quite frequently unreliable and unstable. They even affect > > > > the PPP connection sate, as the modem firmware

Re: DNS servers around here not working for days. dig works. fix?

On Tue, Jun 14, 2016 at 09:05:57PM +0100, Stuart Henderson wrote: > > If you can't find some other way to get things working then at least > you should be able to browse by "ssh -D 1080 somehost" and setting the > browser to use 127.0.0.1:1080 as SOCKS proxy, and tell it to have the > far end

Re: DNS servers around here not working for days. dig works. fix?

Tue, 14 Jun 2016 14:50:57 -0500 Chris Bennett > > Could you trip the power to the wifi translating network segment? > > Possibly, but since mostly even the mains coming into large buildings > aren't even fully enclosed with metal, might get severe burns and

Re: DNS servers around here not working for days. dig works. fix?

On 2016/06/14 13:48, Chris Bennett wrote: > On Tue, Jun 14, 2016 at 05:28:48PM +, Stuart Henderson wrote: > > On 2016-06-14, Chris Bennett wrote: > > > They both work for me also, with dig @8.8.8.8, etc. > > > Whois fails, lynx, elinks, firefox cannot

Re: OpenBSD on a Chuwi hi12 tablet - dmesg

Tue, 14 Jun 2016 11:54:02 -0400 Andre Smagin > Occasionally it is asked if OpenBSD can run on a tablet, so I wanted > to share a dmesg showing what it looks like on one. What's not to love about a dmesg plus related technical output? Looks like an Atom x5-Z8300 CPU device, and

Re: make optional servers insttall

Marc Espie wrote: On Tue, Jun 14, 2016 at 01:37:34PM -0500, Chris Bennett wrote: On Tue, Jun 14, 2016 at 06:54:35PM +0200, Marc Espie wrote: On Tue, Jun 14, 2016 at 04:41:56PM +0300, wrote: Split baseXY tarbail to serversXY and baseXY, this step will be

Re: DNS servers around here not working for days. dig works. fix?

Tue, 14 Jun 2016 13:48:56 -0500 Chris Bennett > > > They both work for me also, with dig @8.8.8.8, etc. > > > Whois fails, lynx, elinks, firefox cannot connect outside > > > > > > Could this problem be because of my being behind the wifi NAT? Could you trip

Re: make optional servers insttall

Marc Espie wrote: > > Everybody keeps talking about how new hardware has so much space, just > > buy this or buy that. How about telling that to the genius 9 year old > > who has no allowance but there is some old crappy hardware sitting > > around. > > That's nice as a thought experiment. If he

Re: make optional servers insttall

On Tue, Jun 14, 2016 at 01:37:34PM -0500, Chris Bennett wrote: > On Tue, Jun 14, 2016 at 06:54:35PM +0200, Marc Espie wrote: > > On Tue, Jun 14, 2016 at 04:41:56PM +0300, > > wrote: > > > Split baseXY tarbail to serversXY and baseXY, this step will be optinize >

Re: DNS servers around here not working for days. dig works. fix?

Tue, 14 Jun 2016 11:38:03 -0700 Christopher Ahrens > li...@wrant.com wrote: > > Tue, 14 Jun 2016 11:46:39 -0500 Chris Bennett > > > >> $ dig bsd.org @8.8.4.4 +trace > >> dig: couldn't get address for 'm.root-servers.net': not

Re: DNS servers around here not working for days. dig works. fix?

On Tue, Jun 14, 2016 at 05:28:48PM +, Stuart Henderson wrote: > On 2016-06-14, Chris Bennett wrote: > > They both work for me also, with dig @8.8.8.8, etc. > > Whois fails, lynx, elinks, firefox cannot connect outside > > > > Could this problem be because

Re: DNS servers around here not working for days. dig works. fix?

li...@wrant.com wrote: Tue, 14 Jun 2016 11:46:39 -0500 Chris Bennett $ dig bsd.org @8.8.4.4 +trace dig: couldn't get address for 'm.root-servers.net': not found pass ~ $ dig bsd.org @8.8.8.8 +trace dig: couldn't get address for 'i.root-servers.net': not

Re: make optional servers insttall

On Tue, Jun 14, 2016 at 06:54:35PM +0200, Marc Espie wrote: > On Tue, Jun 14, 2016 at 04:41:56PM +0300, > wrote: > > Split baseXY tarbail to serversXY and baseXY, this step will be optinize > > disk usage. why the need for httpd, ldpd and other optional services

Re: DNS servers around here not working for days. dig works. fix?

On 2016-06-14, Chris Bennett wrote: > They both work for me also, with dig @8.8.8.8, etc. > Whois fails, lynx, elinks, firefox cannot connect outside > > Could this problem be because of my being behind the wifi NAT? Compare the full output from resolving

Re: DNS servers around here not working for days. dig works. fix?

Chris Bennett wrote: $ dig bsd.org @8.8.4.4 +trace ; <<>> DiG 9.4.2-P2 <<>> bsd.org @8.8.4.4 +trace ;; global options: printcmd . 7197IN NS a.root-servers.net. . 7197IN NS b.root-servers.net. . 7197

Re: DNS servers around here not working for days. dig works. fix?

Chris Bennett said: > Neither 8.8.8.8 or 8.8.4.4 works. What does that mean, precisely? Can you ping them? -- Dmitrij D. Czarkoff

Re: DNS servers around here not working for days. dig works. fix?

Tue, 14 Jun 2016 11:46:39 -0500 Chris Bennett > $ dig bsd.org @8.8.4.4 +trace > dig: couldn't get address for 'm.root-servers.net': not found > > pass ~ $ dig bsd.org @8.8.8.8 +trace > dig: couldn't get address for 'i.root-servers.net': not found You

Re: Creating https certificates dynamically for redirected/blocked requests

Ted Wynnychenko wrote: Hello For many years now I have been using a DNS black hole setup to stop http/https connections to blocked websites (well, any connection to those sites). This has worked well. Connections with http are routed to an IP on the internal network which returns a simple

Re: make optional servers insttall

Francois Pussault wrote: U can play with tuned packages but I think it is usless. Just let defaut install .. it is really tiny even for old machines setup so the space lost questions is just a waste of time in my point of view. I think there are really low space to gain on tunning packages

Re: Creating https certificates dynamically for redirected/blocked requests

On 2016-06-14, Ted Wynnychenko wrote: > This really isn't a big deal; but as more sites have started using https, and > as > tools such as relayd and squid (and others?) have developed ways to "inject" > https certificates on the fly, I am wondering if there is a way to

Re: DNS servers around here not working for days. dig works. fix?

On 2016-06-14, Chris Bennett wrote: > This happens here in Mexico and also in Guatemala. > But it has been about five days now. Enough! > > dig works fine, locally and using the server my USA website uses. > I tried adding that to /etc/resolv.conf and .tail

Re: DNS servers around here not working for days. dig works. fix?

$ dig bsd.org @8.8.4.4 +trace ; <<>> DiG 9.4.2-P2 <<>> bsd.org @8.8.4.4 +trace ;; global options: printcmd . 7197IN NS a.root-servers.net. . 7197IN NS b.root-servers.net. . 7197IN NS

Re: DNS servers around here not working for days. dig works. fix?

Hi Chris, Does your network works fine, can you reach icmp at 8.8.8.8 for example? Try the flag +trace with dig and see where it ends. like: dig whatever.com @8.8.8.8 +trace Best Regards, 2016-06-14 11:12 GMT-03:00 Chris Bennett < chrisbenn...@bennettconstruction.us>: > This happens here in

partition alignment and sector sizes [was Re: Started having bioctl encryption problems recently - lost data. Error within FAQ?]

On 2016-06-13, Chris Cappuccio wrote: > c. You must start the first partition past block 0, block 64 > is standard for various reasons. I think we should consider changing this. Most mechanical drives these days have 4KB sectors (though many hide it with synthetic 512 byte

Re: make optional servers insttall

On Tue, Jun 14, 2016 at 04:41:56PM +0300, wrote: > Split baseXY tarbail to serversXY and baseXY, this step will be optinize > disk usage. why the need for httpd, ldpd and other optional services for > desktop use case? Right, like it matters. Any package suite

Re: DNS servers around here not working for days. dig works. fix?

dig mx bsd.org @8.8.4.4 dig mx bsd.org @8.8.8.8 both work for me On Tue, Jun 14, 2016 at 9:27 PM, Chris Bennett < chrisbenn...@bennettconstruction.us> wrote: > They both work for me also, with dig @8.8.8.8, etc. > Whois fails, lynx, elinks, firefox cannot connect outside > > Could this

Re: DNS servers around here not working for days. dig works. fix?

I don't know if this will be usable for your case, here at home the aDSL modem tries to be the resolver. The trouble is with the ISP: their DNS servers are quite frequently unreliable and unstable. They even affect the PPP connection sate, as the modem firmware uses that to trigger self induced

Re: DNS servers around here not working for days. dig works. fix?

They both work for me also, with dig @8.8.8.8, etc. Whois fails, lynx, elinks, firefox cannot connect outside Could this problem be because of my being behind the wifi NAT? Chris Bennett

Re: DNS servers around here not working for days. dig works. fix?

On Tue, Jun 14, 2016 at 06:50:53PM +0300, li...@wrant.com wrote: > I don't know if this will be usable for your case, here at home the aDSL > modem tries to be the resolver. The trouble is with the ISP: their DNS > servers are quite frequently unreliable and unstable. They even affect > the PPP

Creating https certificates dynamically for redirected/blocked requests

Hello For many years now I have been using a DNS black hole setup to stop http/https connections to blocked websites (well, any connection to those sites). This has worked well. Connections with http are routed to an IP on the internal network which returns a simple "blocked" web page.

Re: DNS servers around here not working for days. dig works. fix?

Tue, 14 Jun 2016 11:08:17 -0500 Chris Bennett > On Tue, Jun 14, 2016 at 06:50:53PM +0300, li...@wrant.com wrote: > > I don't know if this will be usable for your case, here at home the aDSL > > modem tries to be the resolver. The trouble is with the ISP:

OpenBSD on a Chuwi hi12 tablet - dmesg

Hello. Occasionally it is asked if OpenBSD can run on a tablet, so I wanted to share a dmesg showing what it looks like on one. It is a dual-boot (Windows 10 and Android), Chinese designed and made Chuwi Hi12 tablet with attachable keyboard: http://en.chuwi.com/product/items/Chuwi-Hi12.html

Re: DNS servers around here not working for days. dig works. fix?

both 8.8.8.8 and 8.8..4.4 work for me. On Tue, Jun 14, 2016 at 8:26 PM, Chris Bennett < chrisbenn...@bennettconstruction.us> wrote: > Neither 8.8.8.8 or 8.8.4.4 works. > After netstart, no. After reboot, no. > > -- cat /etc/motd Thank you Indunil Jayasooriya http://www.theravadanet.net/

Re: DNS servers around here not working for days. dig works. fix?

Neither 8.8.8.8 or 8.8.4.4 works. After netstart, no. After reboot, no.

Re: IPv6 fragmentation woes

Hi, Back to this issue: Setup: Source: Linux box: 2a02:27d0:100:115:6000::200 Destination: OpenBSD 5.9-stable box: 2a02:27d0:116::3 Source#: ping6 -M do -s 1232 2a02:27d0:100:114::3 PING 2a02:27d0:100:114::3(2a02:27d0:100:114::3) 1232 data bytes 1240 bytes from 2a02:27d0:100:114::3:

Re: make optional servers insttall

U can play with tuned packages but I think it is usless. Just let defaut install .. it is really tiny even for old machines setup so the space lost questions is just a waste of time in my point of view. I think there are really low space to gain on tunning packages but big work to do so

Re: DNS servers around here not working for days. dig works. fix?

Chris Bennett said: > This happens here in Mexico and also in Guatemala. > But it has been about five days now. Enough! > > dig works fine, locally and using the server my USA website uses. > I tried adding that to /etc/resolv.conf and .tail but no help. > whois fails. > Digging every site I want

Re: make optional servers insttall

On Tue, Jun 14, 2016 at 04:41:56PM +0300, ?? ?? wrote: > Split baseXY tarbail to serversXY and baseXY, this step will be optinize > disk usage. why the need for httpd, ldpd and other optional services for > desktop use case? Storage is so cheap today so there's no benefit for your proposition.

DNS servers around here not working for days. dig works. fix?

This happens here in Mexico and also in Guatemala. But it has been about five days now. Enough! dig works fine, locally and using the server my USA website uses. I tried adding that to /etc/resolv.conf and .tail but no help. whois fails. Digging every site I want to use is a pain and many won't

make optional servers insttall

Split baseXY tarbail to serversXY and baseXY, this step will be optinize disk usage. why the need for httpd, ldpd and other optional services for desktop use case?

what device for usb tablet to write to xorg.conf

Hello everyone, please, what should one write in xorg.conf instead of /dev/uhid3 below: Section "InputDevice" Identifier "w_stylus" Driver "usbtablet" Option "Type" "stylus" Option "Device" "/dev/uhid3" <--- Option "Mode" "Absolute" Option "Threshold" "10" EndSection

Re: Is there such a thing as a fanless OpenBSD-capable laptop?

On Tue, Jun 14, 2016 at 03:37:01AM +0200, ropers wrote: > On 14 June 2016 at 00:53, frantisek holop wrote: > > > the acer travelmate b115-m is an el cheapo netbook > > with no moving parts if you stick an ssd in it. > > Thanks for the addition and dmesg. Do you know if all the