Try using something like iperf or netperf to get more results than just
icmp.
J
On Jan 11, 2008 9:36 AM, scott [EMAIL PROTECTED] wrote:
re-test and post with in your ruleset
pass in quick on fxp0 inet from any to any keep state
pass out quick on $ext_if inet from any to any keep state
/S
Take a look at this:
http://www.benzedrine.cx/ackpri.html
J
On Jan 12, 2008, at 7:01 PM, Max Hayden Chiz wrote:
I noticed that running BitTorrent was making my network go very slow
and have been trying to fix it. After spending most of the day
playing around with it I have concluded that the
Grab a Watchguard Firebox X off of ebay, they have 6 interfaces, and you can
get them pretty cheap, some of the bigger ones have more, onboard crypto,
perfect for building openbsd firewalls... you can run off a CF...
I'm putting together a project that uses openbsd on these boxes. If you
have
On Fri, Aug 8, 2008 at 3:08 PM, James Records [EMAIL PROTECTED]wrote:
Grab a Watchguard Firebox X off of ebay, they have 6 interfaces, and you
can get them pretty cheap, some of the bigger ones have more, onboard
crypto, perfect for building openbsd firewalls... you can run off a CF...
I'm
FBIII has a pci slot for expansion so you could get another 4
ports off it as well. They can be had for a reasonable price on eBay at
most times.
Let me know if anyon has any questions about this.
Thanks,
Jim
On Wed, Aug 13, 2008 at 8:26 AM, James Records [EMAIL PROTECTED]wrote:
I just got some
Pierre,
I'm seeing the same exact thing, I'm not able to reload the config without
killing and restarting relayd.
I haven't looked at the source yet, but I may get to that in the next couple
days, restarting is an ok work around for me at this point, but won't be
when it gets into production.
Try this:
replace this line:
pass in on $vpn_if inet proto tcp to $ext_addr port 21 \
flags S/SA keep state
with this:
pass in on $vpn_if inet proto tcp to $Srv port 21 \
flags S/SA keep state
Remember rdr's happen before filtering, so when pf see's this packet it will
have already been
Dug,
Not really enough info here to determine what is going on, but to be sure,
try this:
pfctl -vvs rules
This will show you the order of your rules, and whatever rule is listed as
1 is what is blocking this packet. If it is the rule you are talking
about here, then its too hard to tell with
Not sure about this but try doing it this way:
route -T 1 exec netstat -an -f inet
from man route...
J
On Tue, May 17, 2011 at 2:39 PM, patrick.oesch...@bluewin.ch
patrick.oesch...@bluewin.ch wrote:
...gives me some headache...
system1: (openbsd 4.9)
em0 192.168.1.54 (same /24 subnet as
use nat..
On Wed, Sep 14, 2011 at 6:15 PM, Rodrigo Mosconi open...@mosconi.mat.brwrote:
I would like to know how integrated/related IPsec tools are integrated
with the routing domains?
Is possible to configure ipsec tunnels as a vpn concentrator to
private classes? An example:
At my side
the new match keyword is what your looking for:
http://www.openbsd.org/faq/current.html#20090406
J
On Wed, Jun 3, 2009 at 10:36 PM, Duncan Patton a Campbell
campb...@neotext.ca wrote:
Howdy List?
I just upgraded to the snapshot-1 because the current, June 3, goes into
an error on
Hi all,
Summary,
Trying to run pptp client on my router and allow my internal Lan clients to
be natted through the tunnel. NAT appears to never happen from what I can
tell I've got everything configured correctly, though I've never set this up
before.
Thanks in advance for your help. I've
Andres,
I think the best way to understand it is to draw it out, lets say you have 2
interfaces em0 and em1,
Think of this (rough example of a really simple router setup):
Traffic em1 em0 internet
Like this:
Traffic (heading into em1) em1 (heading out of em1) (heading into em0)
em0
If its just a pptp connection your going to be using, this is pretty simple,
install the pptp package, and then look at man pptp, they have an example of
this exact setup in that man page.
J
On Mon, Sep 14, 2009 at 8:55 AM, stan st...@panix.com wrote:
OUr company was bought out a while back,
I may be wrong, but it sounds like what you really want is a leastconns
loadbalancing alg, which currently doesn't exist, though I don't know the
state of dev, anyone?
J
On Fri, Sep 18, 2009 at 1:13 PM, Josh Hoppes josh.hop...@gmail.com wrote:
I should clarify that the tag option is usable as
I think you are probably missing a route back to your source through the
middle box. You might want to look at relayd to relay the connection to
the other box, I believe that would get you what you want.
J
On Mon, Sep 21, 2009 at 10:50 AM, Matthew Young myoung24...@gmail.comwrote:
Hello,
Jose,
I would start with getting tcpdumps of both transactions and running them
through tcptrace, and look for differences, that will give you some info to
go on.
J
On Fri, Oct 9, 2009 at 2:17 PM, Jose Fragoso inet_use...@samerica.comwrote:
Hi,
I am running openbsd 4.2 on a box and I would
Ah yes, to get the disk out of the equsion, do this with your wget:
wget -O /dev/null http://192.168.1.254/bsd1
That will tell you if the disk is your bottleneck..
J
On Fri, Oct 9, 2009 at 2:17 PM, Jose Fragoso inet_use...@samerica.comwrote:
Hi,
I am running openbsd 4.2 on a box and I
Take a look at www.mindrot.org/projects/flashboot
It builds a minimal ramdisk based bsd.gz of around ~6MB
You can customize the install script and get whatever binaries you need in
there, just read the README file.
It will take some tinkering but you should be able to get what you want with
may be able to do something with relayd, though i'm not sure.
J
On Thu, Oct 29, 2009 at 12:57 PM, Matthew Young myoung24...@gmail.comwrote:
Hello,
If I use a reverse proxy I would have to know the SSL key of the
remote SSL site. (gmail.com) so that the reverse proxy server would
decrypt
kinda along the same lines, but I was wondering if anyone had ever got
armish to boot in qemu-system-arm?
google hasn't turned up anything useful as of yet.
J
On Mon, Nov 16, 2009 at 8:25 PM, Aaron Mason simplersolut...@gmail.comwrote:
On Tue, Nov 17, 2009 at 2:21 PM, igor denisov
Is this only with http? If you transfer a file using scp is it any faster?
get a copy of tcptrace from ports and take some time using it in conjunction
with tcpdump.
J
On Mon, May 10, 2010 at 8:39 AM, Benny Lvfgren bl-li...@lofgren.biz wrote:
Andreas Gerdd wrote:
Nothing more than a base
Hi All,
Having an issue with anchors and tables again, I had this same issue a
couple of years ago in 4.5 but never got any response, hoping someone can
shed some light onto what I'm missing here, or if this is even supported,
I'm trying to use an overload rule inside of an anchor to populate a
On Wed, Jun 2, 2010 at 10:48 AM, James Records james.reco...@gmail.comwrote:
Hi All,
Having an issue with anchors and tables again, I had this same issue a
couple of years ago in 4.5 but never got any response, hoping someone can
shed some light onto what I'm missing here, or if this is even
-vvs Tables
--a-r-C BLOCKTEMP games
Addresses: 0
Cleared: Wed Jun 2 16:40:14 2010
--
Calomel @ https://calomel.org
Open Source Research and Reference
On Wed, Jun 02, 2010 at 04:23:54PM -0400, James Records wrote:
On Wed, Jun 2, 2010 at 10:48 AM, James
Justin,
The article doesn't say which option causes this, so its hard to tell, once
you do find this info though, you might be able to do something with the
pf.os file by crafting a custom entry (as far as I can tell this is the only
way to match based on the tcp option field), but I've never
There isn't really functionality to do this, I've always found it better to
use freebsd's dummy net for such things. I have some instructions to get
this up and going here ( This is old but worked the last time i had to
emulate wan conditions with this stuff):
Dummynet howto...
I needed to
I have some of this left over from s similar project i was doing a while
back, I was setting up router images in a carp setup:
This builds the harness:
#!/bin/sh
#
# stupid script to start multiple qemus on a single box
SUDO=/usr/bin/sudo
USER=xx
MODE=ENABLE
usage() {
echo usage:
Oh, Qemu performance is horrible, I don't know if there is any work being
done to make kqemu work, but I just use it more as a proof of concept, if
your wanting to run VM's for performance, this is not the route to go,
IMO...
J
On Tue, Feb 2, 2010 at 10:48 AM, Bryan bra...@gmail.com wrote:
On
Here is how I handle this,
*make sure you have vim and colorls packages installed, then for your .vimrc
do something like this:*
syntax on
set nocompatible
set autoindent
set smartindent
set tabstop=4
set shiftwidth=4
set showmatch
set vb t_vb=
set ruler
set incsearch
set number
*put this in
On Thu, Oct 7, 2010 at 9:08 AM, Fred Crowson fred.crow...@gmail.com wrote:
Hi misc@
Can any one share any wisdom on connecting to an Oracle DB from OpenBSD?
Thanks
Fred
First thing I would try is a hub or a switch.
j
What does CPU usage look like when this is happening? is there any other
resources that appear to be constrained?
J
On Wed, Nov 17, 2010 at 3:21 AM, RLW seran...@o2.pl wrote:
W dniu 2010-11-16 16:14, Joel Sing pisze:
On Tuesday 16 November 2010, Robert Lewandowski wrote:
Hello,
you need a weighted round robin feature to really do this, its not in pf
currently, but someone has looked into this before:
http://kerneltrap.org/mailarchive/openbsd-tech/2008/4/19/1515374
http://kerneltrap.org/mailarchive/openbsd-tech/2008/4/19/1515374That
should get you started.
J
On Sat,
Little outdated, but this might help:
http://cisx1.uma.maine.edu/~wbackman/vpn/
J
On Dec 12, 2007 2:06 PM, Michael Gale [EMAIL PROTECTED] wrote:
Hey,
I have been asked if we can setup an IPSEC connection with a
Checkpoint
Sonicwall.
Currently I have NO information on the remote
Use something like flashboot (www.mindrot.org/projects/flashboot)
perfect for this kind of application, take a look at the package
managment stuff
J
On Dec 28, 2007, at 10:18 AM, Tobias Weingartner wrote:
In article [EMAIL PROTECTED], Nick Holland
wrote:
What have I forgotten? Is
Hi all,
I'm having an issue with tables and anchors running 4.5 that I've beat
myself up with (along with a few willing souls in #pf and #openbsd) today.
The basis of this problem is the ability (or non-ability in my case) to
access global tables from within anchors, and after spending time
For some reason my emails never seem to post, I've posted my question here:
http://pastebin.com/m4a70d079
If formatting is causing the non posting, I apologize in advance.
Thanks,
Jim
Just curious, does this work when you use the transparent keyword?
The server will see the connection as coming from the relayd box in this
case correct?
Not that it matters but for logging purposes you may want to know.
J
On Wed, Apr 22, 2009 at 10:13 AM, FRLinux frli...@gmail.com wrote:
On
...@yahoo.cawrote:
--- On Wed, 4/22/09, James Records james.reco...@gmail.com wrote:
From: James Records james.reco...@gmail.com
Subject: Re: OpenBSD relayd and public addresses
To: FRLinux frli...@gmail.com
Cc: James Peltier james_a_pelt...@yahoo.ca, misc@openbsd.org
Received: Wednesday
Can you show us the relayd protocol definition your using?
J
On Sun, Apr 26, 2009 at 12:32 PM, Magnus Hultman magnu...@gmail.com wrote:
We have a pair of OpenBSD boxes running 4.5/relayd, loadbalancing two
webservers. The webservers identify each session with a unique cookie
returned to the
Hi,
Take a look at www.hermetek.com I've used them for OpenBSD hosting, they
were great and very flexible.
Best
On Wed, Dec 11, 2013 at 8:37 AM, Francisco Valladolid H.
fic...@gmail.comwrote:
Hi.
The following list of ISP also provide OpenBSD.
http://www.bsdvm.com
I posted this on reddit a while back, i've been doing this on pfsense for a
while don't see why it wouldn't work with OBSD:
http://www.reddit.com/r/PFSENSE/comments/1vn51f/monitoring_question_analysis_of_uris_by_ip_address/
basically install httpry and do this: httpry -i em1 | grep 'GET\|POST' |
42 matches
Mail list logo