Re: ACLs in PF ?
On Thu, 12 Mar 2020 14:09:59 + Tom Smyth wrote: > Hi Duncan, > Peter M Hansteen has a a great book on pf > https://nostarch.com/pf3 > and Peter M Hansteen also has a nice tutorial on PF > https://home.nuug.no/~peter/pftutorial/#1 > > The manuals are great but the links above help with some context also > to help people use the manuals more effectively > Hope this helps you ... > > Thanks, > Tom Smyth > Merci, Dhu > On Thu, 12 Mar 2020 at 06:46, Duncan Patton a Campbell > wrote: > > > > > > easily solved by reading the right man pages. ignore. > > > > Dhu > > > > On Thu, 12 Mar 2020 00:06:23 -0600 > > Duncan Patton a Campbell wrote: > > > > > > > > Hi all. > > > > > > This may seem naive but I am wondering there is a simple pf setup to > > > perform positive access > > > control only accepting traffic from a definite limited set of IP/IP6 > > > addresses. > > > > > > RSVP thanks, > > > > > > Dhu > > > > > > > > > > > > -- > > > Je suis Canadien. Ce n'est pas Francais ou Anglaise. > > > C'est une esp`ece de sauvage: ne obliviscaris, vix ea nostra voco;-) > > > > > > > > > > > > -- > > Je suis Canadien. Ce n'est pas Francais ou Anglaise. > > C'est une esp`ece de sauvage: ne obliviscaris, vix ea nostra voco;-) > > > > > -- > Kindest regards, > Tom Smyth. > > -- Je suis Canadien. Ce n'est pas Francais ou Anglaise. C'est une esp`ece de sauvage: ne obliviscaris, vix ea nostra voco;-)
Re: OpenBSD 6.6-current shutter about one time every 1-3 seconds
I removed all the pkg_scripts from loading on 6.6-current and tried to test the system under full load (150Gb database reindexing) with apm -H. Stutters are present, but have minimal possible visual affect to foreground programs. apm -A works as expected, by rising CPU frequency to high value when db reindexed. apm -L rises shutter effect significantly. In most cases of testing, it looks like some system process(es), possible disk I/O procedures case bumbles. The last test was dd urandom data directly to external USB3.0 disk. Stutters increase their visibility to console applications like ncurses based visualizer or simply USB keyboard symbols input. I think ktrace will be good tool to analyze it or what tool can be used? Martin ‐‐‐ Original Message ‐‐‐ On Wednesday, March 11, 2020 6:25 PM, Peter J. Philipp wrote: > On Wed, Mar 11, 2020 at 06:12:44PM +, Martin wrote: > > > > Peter, can you share which software you started in /etc/rc.conf.local > > by > > pkg_scripts="imapd..." > > I'll try to find some correlation. > > Martin > > pkg_scripts="isc_named cyrus_imapd saslauthd" > > along with apmd -A, vmd, sndiod -f rsnd/0 -f rsnd/1, portmap, nfsd, mountd, > unwind, rad, tftpd, xenodm, dhcpd > > It's just the workstation I power up every day when I'm home. > > Hope that helps, > -peter
FYI - ftp.usa.openbsd.org outage today (Thursday March 12th)
RIT is shutting down power to the building ftp.usa.openbsd.org resides in today at 4pm. Accordingly, I will be shutting the mirror down at 3pm. This will be a short outage, and I will be turning things back on by 9pm tonight. (All times are EDT) FYI --Kurt Mosiejczuk
Re: ACLs in PF ?
Hi Duncan, Peter M Hansteen has a a great book on pf https://nostarch.com/pf3 and Peter M Hansteen also has a nice tutorial on PF https://home.nuug.no/~peter/pftutorial/#1 The manuals are great but the links above help with some context also to help people use the manuals more effectively Hope this helps you ... Thanks, Tom Smyth On Thu, 12 Mar 2020 at 06:46, Duncan Patton a Campbell wrote: > > > easily solved by reading the right man pages. ignore. > > Dhu > > On Thu, 12 Mar 2020 00:06:23 -0600 > Duncan Patton a Campbell wrote: > > > > > Hi all. > > > > This may seem naive but I am wondering there is a simple pf setup to > > perform positive access > > control only accepting traffic from a definite limited set of IP/IP6 > > addresses. > > > > RSVP thanks, > > > > Dhu > > > > > > > > -- > > Je suis Canadien. Ce n'est pas Francais ou Anglaise. > > C'est une esp`ece de sauvage: ne obliviscaris, vix ea nostra voco;-) > > > > > > > -- > Je suis Canadien. Ce n'est pas Francais ou Anglaise. > C'est une esp`ece de sauvage: ne obliviscaris, vix ea nostra voco;-) > -- Kindest regards, Tom Smyth.
Re: pf-badhost-0.3 released
Awesome stuff!! I can't wait to upgrade the script on my gateway(s) this week. Thank you. Zann On 2020-03-10 14:51, Jordan Geoghegan wrote: Hey folks, Last time I posted about this, I got a fair bit of interest and I've had quite a few downloads and enquiries about pf-badhost, so I figured I'd share here that I've updated the script. pf-badhost and unbound-adblock are both now at version 0.3, released earlier today. I highly encourage anybody running an older version of these scripts to update to the latest version, as I have made a number of significant improvements to the security and robustness of the script. Links to the scripts can be found here: www.geoghegan.ca/pfbadhost.html www.geoghegan.ca/unbound-adblock.html Regards, Jordan
Re: alacritty build
Le 11/03/2020 à 15:51, Wayn0 a écrit : part of the staff group, datasizr-cur=4096M max infinity during build on my dual core i7 4xxx it took 17m to build RAM usage really going over 800mb 35mb binary not sure it's worth all of that This is mostly because rust statically link to almost everything. Once stripped it's a bit “better”. -- David