Sounds like a possible MTU issue... Liberal use of tcpdump should
help in diagnosing the problem.
On 6/25/07, Lawrence Horvath [EMAIL PROTECTED] wrote:
Im having some trouble accessing certain sites from my laptop going
through a obsd router doing nat
I have 2 tested configurations
of them all default install for now.
Massive roll out last weekend. All new fresh wipe clean. My mistakes
here, sorry.
Thanks for the updates,
Daniel
to your hardware here, but just in case, here it is
anyway:
Hope it help you some, if not, sorry for the noise.
Daniel
==
LOM to console and back #.
init 0
ok setenv auto-boot? false
#depending on which Hardware and OBP Version you are running it is
either or ( I do both in order
will lead us.
To sparc64? ;)
Anyway, what about Transmeta?
--
Daniel 'Shinden' Horecki
http://morr.pl
Claudio Jeker wrote:
The reject route only triggers for UDP traffic. So carp (which runs inside
the kernel) and ospfd (uses a raw socket) are not affected. On the other
hand ripd/routed and other tools using multicast over UDP hit that route
and when sending all packets are discrded.
Thanks
The FTP problem has been fixed (worked around)
in -current AFAIK. See the archives for ports@
Thank you!
Jason McIntyre wrote:
On Wed, Jun 27, 2007 at 04:05:06PM -0400, Daniel Ouellet wrote:
Thanks for the clarification Claudio!
May be a suggestion, a quick addition to man 8 spamd in regards to
enable ip multicast on the systems might be welcome. I sure overlook
that for sure and looking
.
pass in quick on $ext_if inet proto tcp from goodguys \
to $ext_if port ssh flags S/SA keep state
Daniel
,
Daniel
J.D. Bronson wrote:
Guys...I was not the one that started this thread..
I just chimed in and asked for a tweak on the setup.
Sorry for my mistake then. I should refrain from replying on lack of
sleep. (;
I have what I need for now :)
Glad it help you never the less.
I'm trying to install the newest clamav (0.90.3) on OpenBSD 3.9 . I updated
The clamav package for 3.9 is clamav-0.88.tgz
For 4.1 it is: clamav-0.90.tgz
Don't mix versions.
http://openbsd.org/faq/faq15.html#Latest
3) Mail setups
I can find lots of setups with virtual mailusers. I have been
succesfully using a Courier-imap/Postfix/MySQL setup for several years
now, connected to a webbased mailmanagement tool.
If I was to drop all that in favor of a more 'core' OpenBSD setup - what
would be a nice
it as better then other solutions. I am more then
open to be put in the 21th century and learn it however if that's so
blind of me.
Best,
Daniel
Hello everyone,
I would greatly appreciate it someone would help me diagnose this spamd
problem. We've been running spamd since last October, and until this past
Thursday, it was working great. I may be mistaken, but I don't think I've
ever seen entries like the following before (email
Hello everyone,
My apologies if you get this twice-- it just occurred to me that I sent
my original message out using the wrong email address.
I would greatly appreciate it someone would help me diagnose this spamd
problem. We've been running spamd since last October, and until this
On Mon, 14 Jan 2008, Daniel Barowy wrote:
I would greatly appreciate it someone would help me diagnose this spamd
problem. We've been running spamd since last October, and until this past
Thursday, it was working great. I may be mistaken, but I don't think I've
ever seen entries like
On Mon, 14 Jan 2008, Calomel wrote:
Dan,
The blocked while grey listed number of 8 is dependent on the amount of
retries the remote mail server attempted while grey listed. Comcast servers
for example will try once per minute to deliver their mail. For example, if
you grey listed comcast for
you do not. So, don;'t use that one.
Best,
Daniel
state
If I force it half-duplex, then I get a link.
One output of the crash I was able to grab is below. This is on current
(11/28/07) as well as I try various kernel with the same results.
I have this bug on two boxes so far.
Best,
Daniel
dc0: flags=8843data error type 32 sfsr=0 sfva=239d08
I just got this output on the console working on it trying to find out
what's going on.
May be this mean something to someone.
dc0: failed to force tx and rx to idle state
data error type 32 sfsr=0 sfva=500ba000 afsr=8400 afva=1fe02010048
tf=0xe00176d8
panic: data fault: pc=105e4c4
On 1/17/08, Juan Miscaro [EMAIL PROTECTED] wrote:
I am using OpenBSD 4.2 as my WAP with a ral adapter. My wireless
client is running Kubuntu.
However, after a while the connection breaks completely and the only
thing that rectifies the situation is a reboot on the serverside.
I thought
and it's pretty darn efficient I tell you.
Just do it and then give feedback on your new find joy! (;
Best,
Daniel
spamd.conf
===
all:\
:uatraps:override:nixspam:override:china:override:korea:override:
# University of Alberta greytrap hits.
# Addresses stay
that they can use
and if you can find that, then you have all that you need.
Your VoIP provider should definitely be able to tell you the UDP ports
needed for the RTP stream and then that would give you plenty to work with.
Hope this answer your question some anyway.
Best,
Daniel
provide you the best setup and if you can be sure the QoS is
setup right on the phone and the switch accept as is and do not replace
it, then filtering on PF after that should definitely be easy to do.
Anyway, hope this provide you more to work with,
Best,
Daniel
David Newman wrote:
On 1/23/08 4:21 PM, Daniel Ouellet wrote:
So, you could check for UDP RTP stream from that IP's and all phones
can and are most likely preset with a fix range of ports that they can
use and if you can find that, then you have all that you need.
Gack. No.
I've seen more
Daniel Ouellet wrote:
port use are negotiated via the control port on UDP/5050 and that's when
Should have been UDP/5060 here. Not 5050 as above. Sorry, fat finger...
Or in some cases when NAT traversal is also in use for SIP, you will
have UDP/5060 and UDP/5061.
Regardless
interrupt 0x8000
pgt0: state dump: driver curfrag[]
pgt0: 0x1c2f 0x22ab 0x0008 0x 0x0094 0x0085
pgt0: state dump: device curfrag[]
pgt0: 0x1c27 0x22a9 0x 0x 0x0090 0x0084
Thanks,
Daniel
the Microsoft centric bias users that care less for security, but
would also be the first to scream should there be compromise too.
Any suggestions here?
Sorry for the somewhat off topic question, but I need suggestion if
there is any.
Best,
Daniel.
Thanks Thomas,'
But that solution sis to be install on Windows server, witch I have kill
all years ago and I am not going back.
http://www.webdrive.com/products/webdrive/sysreq.html
I sure appreciate your suggestion and time however.
Thanks
Daniel
Thomas Althoff wrote:
www.webdrive.com
NetOne - Doichin Dokov wrote:
I really didn't fully understand you - do you want or not to allow FTP
acces, and why clients are not able to save as when using it? Do you
mean that they need it mapped as a network drive? If so, they can use
something like this:
Andrew Ruscica wrote:
On Thu, Jan 24, 2008 at 05:58:57PM -0500, Daniel Ouellet wrote:
..
I only allow ssh access and in very special case, I had accepted ftp from
If you're considering a commercial product, http://www.sftpdrive.com
If the product performs as it says, you shouldn't need
Here's a patch for the mkhybrid man page:
http://dickman.org/openbsd/mkhybrid_man_update.patch
Changes are as follows:
- remove references to outdated cd burning packages and non-working urls
- update the url for the creator/type database to a working link
- spelling fixes
want the delay here and the IT is
oppose to have server internally that is control by outside people. Kind
of a catch 22 if you asked me.
But I keep trying to find ideas that might finally work for them,
however, I have to admit, I am not successful yet.
Best,
Daniel
Boris Goldberg wrote:
Hello Daniel,
I believe it should be possible to set up samba-over-ssh. I mean samba
listening localhost only on the server andputty
(www.chiark.greenend.org.uk/~sgtatham/putty/) with port forwarding on
clients.
Thanks,
I don't
Here's a patch for the mkhybrid man page:
http://dickman.org/openbsd/mkhybrid_man_update.patch
Changes are as follows:
- remove references to outdated cd burning packages and non-working urls
- update the url for the creator/type database to a working link
- spelling fixes
general
, but I am interested in looking into this however.
Thanks for sharing it!
Best,
Daniel
where it will end for sure.
Best and thanks for all.
Daniel
On Wednesday 30 January 2008 12:35, Douglas A. Tutty wrote:
My wife is sensitive to what she describes as electromagnetic fields.
She gets headaches and other pains when exposed to equipment: the
higher the frequency, the worse her symptoms.
Rather than trying to find obsolete equipment that
Richard Daemon wrote:
On Feb 1, 2008 5:14 PM, badeguruji [EMAIL PROTECTED] wrote:
From Sun's own mouth:
...Solaris 10 OS, the most secure OS worldwide holding 176 records...
is that so?
~~aapka kalyan ho~~
Doesn't MS say the same thing for Vista?
They
On 2/2/08, Brian [EMAIL PROTECTED] wrote:
Basically, I want to attempt to avoid getting watchdog timeouts on my
bittorrent connections.
altq will not help you with this. This is an IRQ, driver or hardware
problem. I would suggest trying an ACPI kernel (see archives), filing
a bug report or
On 2/4/08, Richard Green [EMAIL PROTECTED] wrote:
I have this rule:
'scrub in all max-mss 1400'
When when two peers on opposite sides of this firewall attempt to connect, a
TCP SYN packet passes in from peer-1 though one interface, with it's MSS
field set to 1360, through a bi-nat rule and
On Wednesday 06 February 2008 22:38, Douglas A. Tutty wrote:
Since this will be for a low-MHz box, it's BIOS probably won't like
large drives either. That means SCSI. If the boxes aren't great or
have room or provide cooling for SCSI drives, that makes it external.
Could you use a small IDE
.
Best,
Daniel
On Friday 08 February 2008 15:37, Douglas A. Tutty wrote:
I'd like to avoid root access as OpenBSD disables it by default for
a good reason. But so far it seems the most maintainable solution.
You could, with some work, do it differently. On the source box, make
a tarball of what you want on
/bugreport.cgi?bug=461465
https://bugzilla.novell.com/show_bug.cgi?id=354593
You could back out 006 or wait for fix for security fix.
Daniel
--
Daniel Horecki
http://morr.pl
Geoff Steckel [EMAIL PROTECTED] writes:
threads is a particular programming model of multiple execution
contexts in a (mostly) shared memory and (mostly) shared resource
environment which is not cost-effective for producing reliable software.
Are you really unable to see the irony in
Geoff Steckel [EMAIL PROTECTED] writes:
The threads advocates have never specified any
advantages of a program written using that model
(multiple execution points in a single image)
over a multiple process model, assuming that
parallelism is useful.
Remind us how asynchronous signaling
Is there is a fix for it yet?
This is my first post at a mailing list so please
don't bite my head off. =P
- Daniel Andersson
Thanks for the speedy replies guys!
No, but it has been reported that if the system is doing other things
at the same time, the chance of freezing is much less. (specifically
freezes were seen with rtorrent+top, they were not seen when logging
vmstat output at the same time).
We also have
Yesterday, I switched over the net/ktorrent since it supports encryption,
which
I am finding I need for some very low seeded torrents, where all the seeds
are
running encryption. I have not experienced any system freezes with
net/ktorrent, and I would definitely recommend it.
Brian
Note: I
permanently, it's probably not related.
Tas.
Yes. it is a permanent freeze. It would freeze sometime at night, and the
next morning it would still be frozen. Only the routing part works.
Daniel Andersson
Well this bug wont get fixed.
That's what Theo said months ago... :)
Yes. I found the thread where you bashed each other before I made my first
post . I
guess I'll go with FreeBSD or NetBSD instead.
Daniel
if today you could start with a clean sheet and not
have to be stuck with legacy setup?
Many thanks for the suggestions.
Daniel
On 3/1/08, Edd Barrett [EMAIL PROTECTED] wrote:
Which reminds me,
a birthday card my housemate drew for me:
http://students.dec.bmth.ac.uk/ebarrett/files/obsdcard.jpg
Why do I have a feeling this might do really well as a sticker
of it and was also able to reproduce the problem as well
on his X4100 too.
http://marc.info/?l=openbsd-techm=120122281409313w=2
Any chance that may be that might be fix for the final release of 4.3?
Best,
Daniel
Saulo Bozzi Daleprane wrote:
Already, try with the cd42.iso but don't boot.
Did you follow all the steps:
http://openbsd.org/faq/faq4.html#42cdboot
to get around the problem.
If you can work that way, then just use the current, that is for now the
4.3:
ftp://ftp.openbsd.org/pub/OpenBSD/snapshots/i386/cd43.iso
and do the snapshots install that will give you 4.3 for now.
Best,
Daniel
can't find one, just I though that as a
last chance, may be someone on the list knows or have something usable.
He even said he would send one Lego model to Theo if he can make one
that is somewhat nice and obviously if Theo might like to get Lego
Wireframe Puffy. (;
Many thanks,
Daniel
If nobody responds to this with a quality file, I will gladly make a 2D
version of it as an SVG for you and all of us.
On Sunday 09 March 2008 03:29:49 pm Daniel Ouellet wrote:
Hi,
Sorry about this off topic request. My Sun keep asking me to get a
Wireframe Puffy
Daniel Anderson wrote:
If nobody responds to this with a quality file, I will gladly make a 2D
version of it as an SVG for you and all of us.
I will wait a few days, may be someone might have something or not. I
can't say yet. No reply other then yours yet. Anything would be mostly
I suggest letting the OpenBSD donation page (
http://openbsd.org/donations.html ) be your first step in this process, since
they've donated something to the project and it's always nice to reciprocate.
Personally, I chose M5 Computer Security (U.S.-based) and have been very happy
with the
I found myself in a similar situtation and just set all icmp to go out a
single interface:
pass in on $int_if route-to { ($dsl_2_if $dsl_2_gw) } proto { icmp } from any
to any keep state
And for incoming connections for ssh that go to a given interface I added
these:
pass in quick on
/cvsweb/src/share/misc/license.template?rev=1.2content-type=text/x-cvsweb-markup
or the text itself only too. (;
http://www.openbsd.org/cgi-bin/cvsweb/~checkout~/src/share/misc/license.template?rev=1.2
Best,
Daniel
When the process tries to write to the socket after the connection has
been closed, it gets a SIGPIPE signal. Without custom signal handling,
the default action is to terminate the process, see signal(3).
signal(3).
Basic socket programming issue, the author sucks. Try the patch below ;)
Daniel
Here is an excerpt from a pf.conf I have doing exactly what you're asking. Use
this as a base. You will need to add more and adjust some to your setup,
bittorrent_tcp_ports is obviously not defined here. And some of the options
for the rules may not really be needed, but they remained after I
to do this, but they sure are available.
I guess it's never to early to get young mind turn on to OpenBSD! (;
Best,
Daniel
PS: Still would be very much appreciated if some 3D, or somewhat like it
of Puffy is available somewhere to start with.
trying to load a new one, but loading 4.2 on it gives me IPMI problem,
so I run current on most boxes.
Just wonder?
Thanks
Daniel
the port then. I justed wonder
as yes, that's not new, but in previous release, the out of packages was
for less time if I remember. Must be the libc and the release timing
happening at the same time that make it longer this time around.
Not the end of the world.
Best,
Daniel
On Monday 07 April 2008 14:00, you wrote:
We'll provide you with a secure system, but.. hell, once you get it..
it won't be secure anymore, wait another 6 months, it'll be secure
again. briefly.
The developers provide a secure system that can be downloaded completely
free of charge. If you
prelink/prebind feature now.
Daniel
--
Daniel Horecki
http://morr.pl
In piloting HFSC's service curves on 4.2-release, I uncovered something
wrong. In sending one 1024 byte ICMP packet every second (ping -s 1016),
pfctl gets it mostly right:
queue interac on pcn0 bandwidth 64Kb priority 7 hfsc( realtime(128Kb 128
32Kb) )
[ pkts:333 bytes:
On Tue, Apr 8, 2008 at 7:22 PM, Ryan McBride [EMAIL PROTECTED] wrote:
On Tue, Apr 08, 2008 at 07:04:31PM -0600, Daniel Melameth wrote:
8.25Kb/s? I know this is 1Kb/s so what's going on? Is this just an
inaccuracy in the pfctl output or does altq really think I'm moving 8Kb/s?
I assume
On Tuesday 08 April 2008 18:07, you wrote:
As part of my move from GNU/Linux to OpenBSD on my server, I just
want to clarify what I need to do to ensure that I have performance
optimised.
I imagine, if you run the standard OpenBSD system on your servers for
some time, you'll be satisfied.
of spamd sync is
use, or when you add lots of entry in it is the default limits in the
table entry of pf.
I also have better results with unicast setup for the sync and you want
to make sure to put a spamd.key as well in the setup.
Works very nicely for me.
Best
Daniel
Anil Saini wrote:
how can i completely uninstall port or package from openBSD
http://openbsd.org/faq/faq15.html#PkgRemove
Anil Saini wrote:
how can i change the default squid configuration options of squid while
installing it from BSD ports
http://openbsd.org/faq/faq15.html#Ports
I am using a Memtech AT2515-2048 (2GB) drive with a Soekris 4801, and have
been very happy. Boot is on-par with just about any ATA drive. I set it up
for limited writes out of longevity concerns which I imagine are not
well-founded in the case of SSD. It's a router..not a desktop, so my speed
card.
Don't asked me what's different, I do not know, that's the end results
however.
So, if you have a choice, I sure would use em, if CARP is not in the
picture, bge is not bad, but em still provide better results so far.
Best,
Daniel
On Fri, Apr 18, 2008 at 7:39 PM, Moe Sizlak [EMAIL PROTECTED] wrote:
Recently I moved from freebsd 6 to openbsd 4.2 but have had some problems.
I get a lot of timeouts on web pages with a high number of hops and I think
it may be something to do with either pf and/or sysctl.
The installer can't mount the cd to read the files from it. I'm using a
recent install43.iso. I'll try to use ftp for the install sets, but it would
be nice if I could do it all from the CD.
Here is what I get if I try to mount the CD
cd0(ahci0:1:0): Check Condition (error 0x70) on opcode 0x8
On Wednesday 23 April 2008 15:24, you wrote:
The old saying goes, the only stupid question is the one that you
don't ask. However, it should be modified for OpenBSD as, the only
stupid question is the one you don't research before you ask. It's a
tough crowd but in time you start to understand
Stupid question here, did you uncomment them in php.ini?
---
On Friday 25 April 2008 10:58:25 am you wrote:
One of my development machine has been upgraded many times over the years,
of couse, .. now trying to setup a php test site for a new project (have
.
---
On Friday 25 April 2008 11:39:33 am you wrote:
At 11:28 AM 4/25/2008 -0700, Daniel Anderson wrote:
Stupid question here, did you uncomment them in php.ini?
Not really a stupid question, but I did - both manually with phpxs.
Actually had an error when I enabled curl (it showed as duplicated
, then soryy for the noice and just hit
delete.
Best,
Daniel
On Thursday 16 February 2006 01:58, A Rossi wrote:
My client didn't really like the idea of just making a windows
partition and disallowing the users from accessing it with
permissions, because then they'd know about something... And some
might complain about it being broken - they have
On Monday 20 February 2006 18:47, Marcus Barczak wrote:
Just recently acquired a cast off Sun DDS3 SCSI tape drive. It's an
external unit and connected to my internal Adaptec 2940UW controller.
The problem i'm experiencing is anytime I try issuing a command with
mt for instance:
I have an
it, but first
try the latest snapshot and I would very much believe your problem will
be gone.
I know it is for me big time!
Just a friendly suggestion.
Daniel
first as well.
I didn't think it was even going to run, I mean the AMD64 on Intel CPU.
Obviously, I never tried it.
Daniel
On Wednesday 22 February 2006 08:19, you wrote:
Hello.
What are the thin-client options with OpenBSD ?
Something similar to www.ltsp.org
If anyone is using openbsd as a thin-client server. i would be
interested in hearing their experiences.
I've actually used OpenBSD as an LTSP server. The
with doing
it from source!
Daniel
Chris Smith wrote:
In addition to preventing infected PC's from using their own SMTP engine
to send out spam by blocking port 25 from all but the mail server. I
would also like to add those hosts automatically to a table in order to
block their access altogether so that the infected PC's
Ray Lai wrote:
On Wed, Feb 22, 2006 at 03:31:41PM -0500, Daniel Ouellet wrote:
Chris Smith wrote:
In addition to preventing infected PC's from using their own SMTP engine
to send out spam by blocking port 25 from all but the mail server. I
would also like to add those hosts automatically
Ray Lai wrote:
I thought you meant you could do something like:
block in log-table zombie to port 25
where zombie is updated automatically.
If you read on the PF and look at what I send you, you will see that
bad-ssh IS updated automatically.
That's what the line:
Ray Lai wrote:
I thought you meant you could do something like:
block in log-table zombie to port 25
where zombie is updated automatically.
Read this section and you will get a few good idea on log to table and
then use the same table to block the traffic you don't want:
that question now, so lets move on until Sun
open up, there isn't much we can do.
Sorry for the noise my question have cause!
Daniel
could also use dynamic DNS provider for your dsl changing IP's
and be done with it.
Just a thought anyway. Sure worth the try and, hey in 4 minutes, what do
you have to waist trying it! (:
Daniel
[EMAIL PROTECTED] wrote:
I just read the articles provided at www.unixguru.de and googled but
didn`t found this one.
Just was and still is on the front page of undeadly.org:
http://www.undeadly.org/
Plenty of OpenBSD only stuff there.
Bryan Brake wrote:
if the x.x.x versioning is followed 4.0 would mean there is a major
upgrade to the OS, while 3.10 is minor updates.
Just thinking about all the goodies that a 4.x OS would mean.
Bryan
What was it before. 2.9 to 3.0 or to 2.10???
Each release have major changes as far as
is the
efficiency in that!
Plus:
OpenBSD 4.0 (GENERIC) #675: Thu Nov 1 00:00:00 MST 2006
Looks a lot better then
OpenBSD 3.10 (GENERIC) #675: Thu Nov 1 00:00:00 MST 2006
Looks to much GNU to me! (:
Daniel.
PS: Just practicing my sarcasm a bit here.
Sizov Alexander wrote:
Hi, misc.
Whether there is a way restriction of quantity of simultaneous
connections from one ip address, using pf?
I would suggest you start by reading the following:
http://openbsd.org/faq/pf/filter.html
And as you are at it. Read the complete PF FAQ, it's very
401 - 500 of 2706 matches
Mail list logo