Re: Firewall setup

On 4/16/24 10:27 AM, Karel Lucas wrote: First and most importantly, I would like to apologize to anyone who was disturbed by my conversation. It is not my intention to offend people. I may be curt, but that's not because it's in my character. In daily life I work with electronics and

Re: Installing shellinabox on OpenBSD

at 02:38:25PM -0500, Daniel Ouellet wrote: I am not sure why people say they can't have a safe ssh client for window... OP mentioned he cannot install software on the machine. This is pretty common issue if machine is managed by somebody else. Best regards, Chris Narkiewicz

Re: Installing shellinabox on OpenBSD

Just use Putty if you want a window ssh client. It exists for more then 25 years now. and it is still supported. Just maintain your systems via ssh and move on. Putty also allow you to use ssh keys as well. I am not sure why people say they can't have a safe ssh client for window... On

Re: Cannot PXE Boot PC Engines APU.1D4

On 1/1/24 3:12 PM, Stuart Henderson wrote: On 2024-01-01, Kenneth Hendrickson wrote: --- On Monday, January 1, 2024 at 06:10:57 AM EST, Stefan Sperling wrote: Booting 7.4 or -current kernels with an old pxeboot binary won't work. Make sure that both the kernel image and pxeboot originate

Re: Cannot PXE Boot PC Engines APU.1D4

I don't have any problem with many of my pc engine. But if you want something else I used these now because they support Core Boot. https://protectli.com/ I am not going back to BIOS that are not right and not supported after a year. No thanks! On 12/31/23 8:56 PM, Kenneth Hendrickson

Re: Getting stuck on trying a fresh install to 7.4

On 12/8/23 3:34 AM, Stuart Henderson wrote: On 2023-12-07, Daniel Ouellet wrote: On 12/7/23 7:37 AM, Stuart Henderson wrote: On 2023-12-06, Daniel Ouellet wrote: Any suggestion woudl be greattly appreciated. Old boot loaders cannot boot 7.4 kernels. Upgrade your 6.7 system to 7.3 first

Re: Getting stuck on trying a fresh install to 7.4

On 12/7/23 7:37 AM, Stuart Henderson wrote: On 2023-12-06, Daniel Ouellet wrote: Any suggestion woudl be greattly appreciated. Old boot loaders cannot boot 7.4 kernels. Upgrade your 6.7 system to 7.3 first (the usual advice to avoid skipping releases during upgrades applies). Then upgrade

Re: Getting stuck on trying a fresh install to 7.4 (solved)

On 12/6/23 3:42 PM, Daniel Ouellet wrote: Any suggestion woudl be greattly appreciated. Old boot loaders cannot boot 7.4 kernels. Upgrade your 6.7 system to 7.3 first (the usual advice to avoid skipping releases during upgrades applies). Then upgrade to 7.4. I didn't care what's on it now

Re: Getting stuck on trying a fresh install to 7.4

Any suggestion woudl be greattly appreciated. Old boot loaders cannot boot 7.4 kernels. Upgrade your 6.7 system to 7.3 first (the usual advice to avoid skipping releases during upgrades applies). Then upgrade to 7.4. I didn't care what's on it now. All fresh install will do. I have 22 to do.

Re: Getting stuck on trying a fresh install to 7.4

On 12/6/23 3:26 PM, Crystal Kolipe wrote: On Wed, Dec 06, 2023 at 03:08:09PM -0500, Daniel Ouellet wrote: I try to do a fresh install on servers that run 6.7 to 7.4, but no matter what I try, I get stuck. I tried previous version and I was able to load 7.3. DMESG below for the bsd.rd. When

Getting stuck on trying a fresh install to 7.4

Hi, Hopefully you may have a clue stick to offer me. I try to do a fresh install on servers that run 6.7 to 7.4, but no matter what I try, I get stuck. I tried previous version and I was able to load 7.3. DMESG below for the bsd.rd. I try BIOS change for EFI ONLY, or Legacy & EFI, or

Re: pf queues

On 11/29/23 6:47 PM, Stuart Henderson wrote: On 2023-11-29, Daniel Ouellet wrote: yes, all this can be make without hierarchy, only with priorities(because hierarchy it's priorities), but who and why decided that eight would be enough? the one who created cbq- he created it for practical

Re: pf queues

yes, all this can be make without hierarchy, only with priorities(because hierarchy it's priorities), but who and why decided that eight would be enough? the one who created cbq- he created it for practical tasks. but this "hateful eight" and this "flat-earth"- i don't understand what use they

Ideas for a mix of Arista Leyer 3 switches and OpenBSD BGPd setup.

I am looking at ideas to improve the setup, or if you do this, your experience with it. The setup have to account for so far. 4 main transit access in different locations and 249 peering setup in major data center for public and private peering. Currently ~945,000 IPv4 routes, ~196,000 IPv6

Re: Upgrading, release by release, from 6.8 to 7.4 -- my experience

Hi Austin, Quiet for many years. Nice to see you again from the time of CD Sales, etc. (; You are 100% correct that the sysupgrade kick ass big time! Anyway, just one thing on your upgrade and all. Not sure if your version 6.8 was also an upgrade form before or a clean install. The

Re: veb and vport on apu2 -- config feedback

Hi, A few things here. Comcast DO NOT use 9000 mtu, so don't try to use that. They sadly ONLY support 1500. if you force 9000 mtu, you will only create fragments. You can find it if you search for it as well.

Re: Update from 6.5 to 7.3

I did a few from 6.6 to 7.3 and it was real easy. The source I used was: http://ftp.eu.openbsd.org/pub/OpenBSD/ Looks like this it the one that have the most files from the older version. They have all the files from 2.0 and up. (; Nice if you want to see how the system evolved over time. (;

Re: Pausing/Freezing issues with Protectli FW4B

On 8/11/23 7:06 PM, Tim Baumgard wrote: On Fri, Aug 11, 2023 at 5:56 PM Stuart Henderson wrote: On 2023-08-11, Tim Baumgard wrote: I'm having an issue with my Protectli FW4B that's become more of a problem lately. Essentially, it's the same thing that this person [0] encountered. IIRC

Re: OT: Running SOFTRAID on PCEngine APU2 via mPCIe to M.2 convertor board for NVME 2230 or 2242

Just a follow up on this for general interest. I got boards made in Hong Kong from the design done by Tobias Schramm generously made available on github. I received the board a few days ago, I ordered then the nvme 2230 to test and received it today and here we are. The following tests are

Re: OpenBSD on Thinkpad X13s ARM-based laptop

there is a dmesg of one running current as well in the archive with what's working and not as well. All in the archive. On 6/2/23 6:55 AM, Alexander Hall wrote: Search the archives for "support of thinkpad arm". This was asked just this Tuesday. /Alexander On June 1, 2023 10:46:33 PM

OT: Thank you for a second to none documentation in OpenBSD!!!

Hi, I just wanted to take a moment to give you guys thanks big time! I guess I have been spoiled for the last 2+ decades using OpenBSD and always find what I need in the man pages and rarely needed to search the web for additional info. Even for a noob trying OpenBSD I realize how easy it

Protectli VP2420 with Dasharo (coreboot+UEFI) v1.1.0 can't load any UEFI bsd.rd

Hi, I search the archive on this and saw many post on this including one from Marc Kettenis on October 30, 2020 in: $OpenBSD: conf.c,v 1.32 2020/10/30 19:39:00 kettenis Exp $ At the time looks like it fixed many issues, but now looks like it is back. Or may be just on my system with the new

Re: RSS or Atom syndication for security advisories?

Not only you can subscribe to the list for the announcement for these patches, but you already have it on the front page of the OpenBSD Journal site as well. https://undeadly.org/cgi?action=front Look right column under: OpenBSD Errata So all you asked for is already there. Not sure how

Re: RSS or Atom syndication for security advisories?

https://www.openbsd.org/faq/faq10.html#Patches Subscribe to the list and you will know it. On 5/21/23 7:34 AM, Xavier B. wrote: Hi, I just want to know if there is an RSS or Atom syndication advisories. I have several machines with several operaring system in them: GNU/Linux (alpine and

OT: Running SOFTRAID on PCEngine APU2 via mPCIe to M.2 convertor board for NVME 2230 or 2242

Hi, Anyone ever was able to find a mPCIe to M.2 convertor board on Amazon that works for using M.2 NVME 2230 or 2242 drives or even M.2 SATA (NGFF) in the APU2 like this: https://github.com/TobleMiner/M.2-NVMe-SSD-to-miniPCIe-adapter Scroll to the end and see the picture of the drives

Re: A messed-up fresh install due to a careless user

If that's a new install, may as well just redo it. The install is really fast, so this way you are sure you have a clean system and NOT one that you may have problem down the road, specially if that's your first time. That's what I would do anyway. Compare to any other IS, the install for

Re: poor routing/nat performance

With 7.2 on the APU 2 when I tested it was about 650 or so. I didn't send the info as it is not connected now. But either way, you can't get Gb speed on it no matter what. On 12/19/22 2:43 PM, Stuart Henderson wrote: On 2022-12-19, Daniel Ouellet wrote: OpenBSD 6.8 (GENERIC.MP) #4: Thu Aug

Re: poor routing/nat performance

I have the APU 1 and here is what I get TEST_DATE TIME_ZONE DOWNLOAD_MEGABITS UPLOAD_MEGABITS 12/19/2022 11:52GMT 429.05 422.17 LATENCY_MS SERVER_NAME DISTANCE_MILES CONNECTION_MODE 3 Ashburn VA 0multi

Re: How much does battle-testing weigh?

Economics 101: doesn't matter what you say, it matters what you DO. Everyone says security is important; few actually give a shit about it. Amen brother! That's right to the point! Nick.

Re: Intl I350 Network Card Not Found

Hi Brandon, The key point here for the answer provided to iyou was "Firmware" not "driver" Two different things. Driver for Linux for example is use to allow the network stack of Linux to use the card based on what the actual card support. Firmware is what actually run on the flash of the card

Re: pf.conf parser/lint

> We provide over FIVE ways to identify ports without using the hardware > driver names, but hey... this discussion is about the theory you can > check overall behaviour of a system by ignoring the important parts. I always put a description and group field in my hostname config so that it allow

Re: Microsoft's war on plain text email in open source

On 8/26/20 3:08 PM, Chris Bennett wrote: > On Wed, Aug 26, 2020 at 12:28:00PM -0500, Mike Hammett wrote: >> Text-only was great in 1985. >> >> > > And it's still pretty badass in 2020. > I really love the way company networks are brought down by a little > helpful Javascript in an HTML email. I

Adding more syspatch platform.

Just a general question as I got to really love syspatch and sysupgrade to the point that oppose to before, now my platforms are pretty much always up to date and patch in just a few days after patches are release or even in some cases the same day. To add more platform, I guess that mean man

Re: Any idea/suggestion for old Cisco router to be use running OpenBSD current for WG?

gt; > Regards, > > Kaya > > On Tue, Jun 23, 2020 at 5:03 PM Daniel Ouellet wrote: >> >> Hi, >> >> This might be a bit weird question, but I saw the wireguard being put in >> the kernel in the last few days and I am very existed abut it oppose to >>

Re: Any idea/suggestion for old Cisco router to be use running OpenBSD current for WG?

out issue, and have dozens of ER4 and > ER-Lite devices out in the wild. > > If you're looking for non-x86 routing solutions, then the Edgerouter is > one of the best bets. > > Regards, > > Jordan > > On 2020-06-23 09:01, Daniel Ouellet wrote: >> Hi, >&g

Any idea/suggestion for old Cisco router to be use running OpenBSD current for WG?

Hi, This might be a bit weird question, but I saw the wireguard being put in the kernel in the last few days and I am very existed abut it oppose to use the package on it and even today there was more on it. Many thanks for this!!! I also know there was effort and some Cisco router can run

Re: Correct subnet mask for alias IPs?

On 6/19/20 7:15 AM, Robert wrote: > Hi, > > I want to configure multiple alias IPs on the same interface and in the same > subnet. > (reason: hosting services with dedicated DNS names and IPs) > > inet 10.0.0.1 255.255.255.0 > inet alias 10.0.0.2 255.255.255.0 > inet alias 10.0.0.3

Re: IKEv2 difference with 6.7

Hi Tobias, > So the error message is probably in the other side's logs but here is > a guess: 5.6 doesn't know curve25519. > > Try adding the following to your iked.conf: > > ikesa group modp2048 Many thanks!!! That was the issue and you saved me from pulling what I have left of hairs.

Re: IKEv2 difference with 6.7

Hi, > What I see is that the initial message is received but ignored, so this > side here probably runs into some kind of error. > To find out what exactly causes this, a more verbose log would help. > You could manually start iked with -dvv and share the log for an > incoming IKE_SA_INIT request

Re: IKEv2 difference with 6.7

> The retransmits tell us that the peer doesn't answer. Or, to be more > precise, it doesn't receive *any* message from the peer. Can you have > a look at the peer's logs? Does the peer see these packets but chooses > not to reply? Is the peer also an OpenBSD? 6.6? 6.7? Not a big deal, but

Re: IKEv2 difference with 6.7

On 6/16/20 1:35 PM, Patrick Wildt wrote: > On Tue, Jun 16, 2020 at 01:09:32PM -0400, Daniel Ouellet wrote: >> Hi Tobias, >> >> I put below the full configuration and the flows as well with the 6.6 >> binary and switch to the 6.7 binary without any other changes as

Re: IKEv2 difference with 6.7

I do a lots of work from home and I need to keep the family happy too. (;) On 6/16/20 6:09 AM, Tobias Heider wrote: > Hi Daniel, > > On Mon, Jun 15, 2020 at 08:04:43PM -0400, Daniel Ouellet wrote: >>> Probably related to the following change documented in >>> https://www

Re: IKEv2 difference with 6.7

> Probably related to the following change documented in > https://www.openbsd.org/faq/upgrade67.html: > > iked(8)/isakmpd(8). The type of incoming ipsec(4) flows installed by iked(8) > or > isakmpd(8) was changed from "use" to "require". This means unencrypted traffic > matching the flows will

Re: IKEv2 difference with 6.7

On 6/15/20 8:04 PM, Daniel Ouellet wrote: >> Probably related to the following change documented in >> https://www.openbsd.org/faq/upgrade67.html: >> >> iked(8)/isakmpd(8). The type of incoming ipsec(4) flows installed by iked(8) >> or >> isakmpd(8) was changed

Re: pf table for all publicly routable ipv4 addresses

Just a question and a thought may be. I am not sure why having this pass valid table oppose to block. The reason is that if you pass all valid IP's then some service you want to block, don't you have to add more rules to do that oppose to only allow incoming from service you want? Look to me

Re: Certain size packets not passing through a L2 over L3 IPsec tunnel

On 10/10/19 4:25 PM, Russell Sutherland wrote: > I've set up a L2overL3 tunnel using the template as found in "man etherip". I > am running OpenBSD 5.9, which I believe is the first version to support the > etherip interface. > > I find the bridge/tunnel does not pass a small range of specific

Re: Incoming connection via VLAN

It's hard trying to help you as. Vlan syntax changed from the upgrade or 6.1 to 6.2 and the pf queuing changed from 6.3 to 6.4. So looks like you skip a few version and no where did you provide any details on your configuration. So I would suggest to go and read either the man page or look at

Re: What is you motivational to use OpenBSD

On 8/28/19 10:32 AM, Mohamed salah wrote: > I wanna put something in discussion, what's your motivational to use > OPENBSD what not other bsd's what not gnu/Linux, if something doesn't work > fine on openbsd and you love this os so much what will do? - Simplicity. - Clean - Lean and Slim - Work

Re: Max Speed: configuration in smnpd.conf for display in mrtg

On 8/28/19 5:44 AM, Stuart Henderson wrote: > On 2019-08-26, Daniel Ouellet wrote: >> Thanks Stuart, >> >> I guess I had the right oid before, but the fact that is doesn't allow >> the replacement always give me a fail at restart, I assume I wasn't >> u

Re: Max Speed: configuration in smnpd.conf for display in mrtg

customers are added or removed, it was a lot simpler to do it in the actual router then trying to always go back and over write the final configuration or mrtg each time. Daniel On 8/23/19 12:12 PM, Stuart Henderson wrote: > On 2019-08-22, Daniel Ouellet wrote: >> Hi, >> >> Wonder

Max Speed: configuration in smnpd.conf for display in mrtg

Hi, Wonder if anyone would know the answer for this. I try to figure out what is the entry needed in the snmpd.conf for the specific display that would show in mrtg when the scan is done. In short the display as Max Speed: 1000.0 Mbits/s to be display as for example Max Speed:

Re: Code of Conduct location

On 4/28/19 9:33 AM, Rachel Roch wrote: > Apr 28, 2019, 9:16 AM by cho...@jtan.com : > >> Strahil Nikolov writes: >> >>> Hello All, >>> >>> can someone point me to the link of the OpenBSD code of Conduct ? >>> >> >> I believe OpenBSD's code of conduct can be summed up as

Re: iked.conf insanity (passing traffic locally between two tunneled subnets)

/tunnel.realconnect.com type require flow esp out from ::/0 to ::/0 type deny On 1/16/19 5:36 PM, Daniel Ouellet wrote: >> You don't actually even need an ipsec.conf file, you could just do >> >> $ echo 'flow from 192.0.2.1/32 to 192.0.2.2/32 type bypass' | doas ipsecctl >&g

Re: iked.conf insanity (passing traffic locally between two tunneled subnets)

> You don't actually even need an ipsec.conf file, you could just do > > $ echo 'flow from 192.0.2.1/32 to 192.0.2.2/32 type bypass' | doas ipsecctl > -vf - That would actually be a very simple solution and I would sure love it! But testing doesn't show that as being the case. packets are

Re: iked.conf insanity (passing traffic locally between two tunneled subnets)

> Can someone point out an example of this gif+ipsec setup somewhere ? > > I failed at finding any GIF ref when looking IPSEC+OPENBSD, also man > ipsec does not list gif, only enc. This is dated obviously and for full disclosure I didn't try it, so look at it as such.

Re: iked.conf insanity (passing traffic locally between two tunneled subnets)

> Maybe you misunderstood - I am just talking about a couple of lines in > ipsec.conf to setup the bypass flow, but still use iked for the > actual vpn connection. I should have added that may not be the best idea but I was/am trying rdomain for this, (having the bypass in rdomain 1 as an idea)

Re: iked.conf insanity (passing traffic locally between two tunneled subnets)

> Maybe you misunderstood - I am just talking about a couple of lines in > ipsec.conf to setup the bypass flow, but still use iked for the > actual vpn connection. That's fair. May be I miss understood you, I thought that you recommended to actually switch to use the ipsec one instead. The setup

Re: iked.conf insanity (passing traffic locally between two tunneled subnets)

> OpenBSD's implementation of ipsec doesn't use the routing table, if you > want that (unless you make code changes) you will need to use a > different tunnel interface (gif or others) and just use ipsec to protect > the gif traffic. The point is to keep the configuration simple and gif doesn't

iked.conf insanity (passing traffic locally between two tunneled subnets)

Hi, I have two separate subnets (on different interfaces) on a router. I am trying to tunnel both subnets over the internet to another router on my network. I can tunnel one subnet easily and everything works as expected, but when I tunnel the 2nd subnet, then traffic from one local subnet is no

Re: [OpenIKED] Is it impossible to differentiate the policies by dstid?

The source ID does default yes, but I have a tunnel gateway for multiple VPN and I HAD to specify the dstid on the passive side as well or ONLY the last rule was picked up for the 0.0.0.0/0 of some of them as an example for all the traffic flowing via the VPN. Any overlapping routes where not

Re: want.html: Unifi wifi gear for interop debugging

On 10/6/18 11:48 AM, Tim Jones wrote: >> Thank you for handling the logistics so I don't have to do that >> on top of everything else I'm doing. >> I am looking forward to receiving your shipment. > > > Oh right, and the rest of us don't have day-jobs, plus other commitments > outside of

Re: "no route to host" from pkg_add

. https://tools.ietf.org/html/rfc6177 But that is still even crazy specially when you see users using NAT64 on IPv6... Anyway, back to my rock and I hope it help you address your assignment anyway. Daniel On 8/10/18 10:38 PM, Daniel Ouellet wrote: > Hi, > > I am not sure you got t

Re: "no route to host" from pkg_add

Hi, I am not sure you got that right. If you are an ISP the minimum assignment is /32 and you assigned /48 to end company and /56 to users. If you asked me that's a wasted, but that's what they suggest. For end users, a /64 would be plenty if you asked me and /56 for company would be plenty as

Re: "no route to host" from pkg_add

On 8/10/18 10:38 PM, Daniel Ouellet wrote: > Hi, > > I am not sure you got that right. > > If you are an ISP the minimum assignment is /32 and you assigned /48 to > end company and /56 to users. > > If you asked me that's a wasted, but that's what they suggest. &

Re: Daily insecurity output on valid users using key with valid shell and without password.

Hi Stuart, The counting to 13 was actually a sarcastic joke. (: But thanks never the less. Daniel On 7/1/18 5:54 PM, Stuart Henderson wrote: > On 2018-07-01, Daniel Ouellet wrote: >> Ha the old man page. >> >> Not good to read to quickly. (: >> >> Sorry for

Re: Daily insecurity output on valid users using key with valid shell and without password.

, conventionally have 13 asterisks in the password field. On 7/1/18 2:44 PM, Remco wrote: > Op 07/01/18 om 19:22 schreef Daniel Ouellet: >> I find this annoying and sometime I over look this because I always get >> the example: >> >> == >> Running sec

Daily insecurity output on valid users using key with valid shell and without password.

I find this annoying and sometime I over look this because I always get the example: == Running security(8): Checking the /etc/master.passwd file: Login share is off but still has a valid shell and alternate access files in home directory are still readable. Login xxx is off

Re: OT: Temperature sensors suggestions?

Pr1me wrote: > I roll SHT31-Ds through ESP8266s via I2C. Of course, there is programming > involved. > Good hardware though, if that's what you're looking for. > > On Fri, May 18, 2018 at 2:42 PM, Daniel Ouellet <dan...@presscom.net> wrote: > >> Does anyone have a decen

OT: Temperature sensors suggestions?

Does anyone have a decent temperature sensors that can connect to an OpenBSD server and be reliable and give any decent reading via either USB or Serial port or even stand alone via Ethernet? I asked because yes I can use the sensors on some servers, but I got a pretty expensive router blowing up

Re: Date of yesterday

On 4/9/18 4:36 PM, Stephane HUC "PengouinBSD" wrote: > what? > > please, explain-me! EDT EST for example. Some days are even 82800 long. Some time zone even have 1/2 hour if these still exists, so the would be 84600 or 88200.

Re: Date of yesterday

Here to confuse you even more, there is time zone that have 30 minutes and even 45 minutes differences. https://www.timeanddate.com/time/time-zones-interesting.html Have fun. On 4/9/18 4:44 PM, Daniel Ouellet wrote: > On 4/9/18 4:36 PM, Stephane HUC "PengouinBSD" wrote: >>

Re: OpenBSD Foundation on HTTPS

Come on guys. If you actually donate and click on any links there you would see it bring you to a secure page. No need to have this one https type really there isn't any information you enter on it... I guess the sand is way more think some places then others Must be nice beaches there and

Re: Community-driven OpenBSD tutorials wiki?

On 1/4/18 11:46 AM, Marcus MERIGHI wrote: > andreasthu...@gmail.com (Andreas Thulin), 2018.01.04 (Thu) 15:17 (CET): >> Thought I'd create an OpenBSD wiki somewhere, where anyone (especially > >> existing tutorials become outdated, and was thinking that a wiki would >> make updates easier. > >

Re: NTP issue on Lanner FW-7526B

It is adjusting the time, but your clock is way off, so it try to do it slowly as to not mess any logs, but if you want to adjust it al at once and don't care about that for now rdate -n4 pool.ntp.org Simple. On 12/8/17 9:58 AM, mabi wrote: > Hi, > > I have a new Lanner FW-7526B firewall

Re: EdgeRouter Lite VS Alix2D3

On 12/4/17 12:12 PM, Daniel Ouellet wrote: > On 12/4/17 8:49 AM, Ivo Chutkin wrote: >> Hello list, >> >> When I read OpenBSD could run on EdgeRouter Lite, I give it a try (now >> with 6.2 current as of 28.11.2017). >> I expected closer performance to Alix, but ERL

Re: EdgeRouter Lite VS Alix2D3

On 12/4/17 8:49 AM, Ivo Chutkin wrote: > Hello list, > > When I read OpenBSD could run on EdgeRouter Lite, I give it a try (now > with 6.2 current as of 28.11.2017). > I expected closer performance to Alix, but ERL even do not respond on > console in reasonable times, for example, it takes 10-15

Re: Lanner NCA-4010D

s/network-appliances/x86-desktop-network-appliances/nca-1510 > > Besides, how did you buy them? > > Sent from ProtonMail Mobile > > On Fri, Dec 1, 2017 at 05:24, Daniel Ouellet <dan...@presscom.net> wrote: > >> Just for the records as I know I was lo

Lanner FW-8759A

OpenBSD 6.2 (GENERIC.MP) #0: Thu Oct 12 19:53:18 CEST 2017 r...@syspatch-62-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 17104031744 (16311MB) avail mem = 16578637824 (15810MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS

Lanner FW-7573B

OpenBSD 6.2 (GENERIC.MP) #0: Thu Oct 12 19:53:18 CEST 2017 r...@syspatch-62-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 17149325312 (16354MB) avail mem = 16622563328 (15852MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS

Lanner NCA-5510A

OpenBSD 6.2 (GENERIC.MP) #0: Thu Oct 12 19:53:18 CEST 2017 r...@syspatch-62-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 68589015040 (65411MB) avail mem = 66503278592 (63422MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS

Lanner NCA-5210B

OpenBSD 6.2 (GENERIC.MP) #0: Thu Oct 12 19:53:18 CEST 2017 r...@syspatch-62-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 3428722 (32698MB) avail mem = 33241083904 (31701MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS

Lanner NCA-4010D

Just for the records as I know I was looking to find a dmesg for them and see if that would run OpenBSD before taking the chance to get them and it might be of interest to others as well. Here it goes with 4 more to come all run well so far. More update later after I test them as routers and

Re: CoDel Flows

> Also, the pf.conf man page says the default qlimit is 1024, but, if I > don't specify a qlimit, pfctl –vsq shows a qlength of 50 when I was > expecting it to be 1024. What am I missing? Why would you want to have a pool of 1024 oppose to the default of 50 slots for your queue? You will

SoC Intel Xeon D-1518 & D-1548

Hi, Is there anyone that know of have one of the Intel Xeon D-1548 SoC that works on OpenBSD? I know the D-1518 does, I find the DMESG in the archive, but I can't find anything at all on the D-1548. Any clue. Here is the D-1518 https://marc.info/?l=openbsd-misc=146236157518744=2 I am asking

Re: Qubes-OS is "fake" security

May I suggest you go read the FAQ before you spread misinformation. Qubes doesn't use KVM, it's built on Xen, and calling it just a GUI is like calling OpenBSD just a bunch of masturbating monkeys. > On May 12, 2017, at 2:37 PM, flipchan wrote: > > Qubes os is just linux

Disable memory bank via sysctl, LOM or other on Sun V100?

Hi, Is there a way to make the kernel think a full bank of memory is in use by any chance on a Sun V100? I have what appear to be a bad memory in it and the server crash however it is on a remote server that I will not be able to get physically to for a week if lucky. I wonder if there is a way

Re: Looking for a way to deal with unwanted HTTP requests using mod_perl

On 9/29/16 7:20 PM, Murk Fletcher wrote: > There's Kickstarter's Rack::Attack if you're willing to "upgrade" to ie. > Ruby on Rails: > > https://github.com/kickstarter/rack-attack > > I find this quite nice along with those pf bruteforce tables mentioned > earlier. Sure I guess you can, but

Re: Looking for a way to deal with unwanted HTTP requests using mod_perl

> I don't think bruteforce will be helpful in my case. I do occasionally > get bruteforce attacks, but not very often. > What I usually get are identical attacks of a certain set of variations > of URLs from one IP address. A little later the same thing from another > IP, then another, etc. > >

Re: New FAQ14 on Installing to a mirror

> fixed these two things and hope i got all your questions. You did many thanks! I thought I had it right, but as age advance, verifying facts is a good things! (: Daniel

New FAQ14 on Installing to a mirror

Hi, No problem all works, but I would love to clarify below to be sure I don;t do something wrong as the old and new FAQ14 changed in that aspect and I don't see a reason for the changes. In the new FaQ14 revised version here: http://www.openbsd.org/faq/faq14.html#softraid I wonder if there is

Just a quick thank you for all and every devs of OpenBSD!

This may be obvious to some, but I just wanted to take some time to say thanks for the 6.0 release and all previous one. So many improvements in the last few releases, it is really more fun to use at each new one! Some features as simple as the auto partitioning configurable, makes maintenance

Re: Sun V100 with >127Gb drives on 6.0 supported and working now?

On 9/7/16 12:31 PM, Daniel Ouellet wrote: > I always used to re-install, but only rename my partition, not redoing > them. However I changed my auto-install as well and in the proceed > forgot to NOT partition above 127Gb or to be exact 268,435,440 block of > 512 bytes as in the pas

Re: Sun V100 with >127Gb drives on 6.0 supported and working now?

On 9/7/16 4:55 PM, Michael Plura wrote: > On Wed, 7 Sep 2016 12:31:58 -0400 > Daniel Ouellet <dan...@presscom.net> wrote: > >> A quick question on this as I only notice this in the last few days by >> accident actually, and I want to know if that's real or not. &g

Sun V100 with >127Gb drives on 6.0 supported and working now?

A quick question on this as I only notice this in the last few days by accident actually, and I want to know if that's real or not. I always used to re-install, but only rename my partition, not redoing them. However I changed my auto-install as well and in the proceed forgot to NOT partition

Re: OpenBSD 6.0 release and errata60.html

On 9/1/16 2:59 PM, R0me0 *** wrote: > Hello misc, > > I have a little doubt > > Today was a Official Release of 6.0 > > This release already include errata60.html patches or I need to apply ? Yes you need to apply the patch. The release was done long ago already it was release to the public

Re: DMARC and misc@ (and likely other OpenBSD lists)

On 8/26/16 8:11 PM, li...@wrant.com wrote: >> But my question for sure that I am not sure of the answer is if you have >> emails that happened to have multiple DKIM signature added to the header >> along the way. > > Why would you have these, if email is not getting changed after sending? >

Re: DMARC and misc@ (and likely other OpenBSD lists)

On 8/26/16 5:37 PM, li...@wrant.com wrote: > Fri, 26 Aug 2016 15:36:16 -0400 Daniel Ouellet <dan...@presscom.net> >> On 2016-08-26, Peter N. M. Hansteen <pe...@bsdly.net> wrote: >> >>> The only downside is, the traditional forwarding that mailing lists do >

Re: DMARC and misc@ (and likely other OpenBSD lists)

On 2016-08-26, Peter N. M. Hansteen wrote: > The only downside is, the traditional forwarding that mailing lists do > *also* triggers the DMARC dark magic, and there is a significant risk > that messages sent with senders in DMARC domains via the mailing list > to recipients

Re: Fwd: DigitalOcean and OpenBSD

On 8/24/16 2:18 PM, Troy Frericks wrote: > -- Forwarded message -- > From: Troy Frericks <troy.freri...@gmail.com> > Date: Wed, Aug 24, 2016 at 1:17 PM > Subject: Re: DigitalOcean and OpenBSD > To: Daniel Ouellet <dan...@presscom.net> >

Re: DigitalOcean and OpenBSD

On 8/24/16 12:24 PM, R0me0 *** wrote: > Ok, here is a reply for you and all other motherfuckers that think and > answer like you. Love you too. But note that someone wanted to help you. Quote: "A dmesg would be nice. And maybe a less snarky attitude." As I said we have no clue what you run,

  1   2   3   4   5   6   7   8   9   10   >