Re: IPsec over PPPoE

> > 5) There is note in FAQ, that Native WireGuard support is also > available. As both IPsec and WireGuard are new to me, may wg(4) be an > option? > Yes, it should be a good option for site2site tunnels. -- May the most significant bit of your life be positive.

odd choices for pkg_add (-i)

I usually add a bunch of packages in a row, and when it wants me to interact, I don't understand why the packages act differently: pkg_add subversion mtr arping rsync Ambiguous: choose dependency for subversion-1.7.8: a 0: apr-util-1.4.1p0 1: apr-util-1.4.1p0-ldap Your choice: 0 Am

Re: odd choices for pkg_add (-i)

2013/5/14 Marc Espie > On Tue, May 14, 2013 at 04:08:30PM +0200, Janne Johansson wrote: > > I usually add a bunch of packages in a row, and when it wants me to > > interact, I don't understand why the packages act differently: > > > > pkg_add subversion mtr ar

Re: Header files for C/C++ development

If only the FAQ had answers to questions like this... Oh wait => http://www.openbsd.org/faq/faq4.html#AddFileSet 2013/6/3 Tito Mari Francis Escaño > Since you already installed the system, you can extract comp53.tgz on / so > you don't have to reinstall if I recall correctly. YMMV but hope th

Re: www.openbsd.org down?

2013/6/25 Killman BOFH > Apparently a problem with DNS A record > > www.openbsd.org is down but openbsd.org is up! > > They are different machines. -- May the most significant bit of your life be positive.

Re: Management of pf.conf

2013/7/11, Jummo : > Hi, > > How do you manage your pf.conf? > > My setup: I have 9 firewalls with carp and each with around 500 lines of > pf.conf, except one firewall, later more. I edit the pf.conf manually. > Every logical pf rule has a unique identifier (a number) which I add > manually and ma

Re: OpenBSD pxe automated install

Build your own bsd.rd which feeds precomputed values for disk size and so on. Not super hard to do. Den 12 aug 2013 21:44 skrev "Loïc BLOT" : > Hello, > thanks for your reply Johan, but this is not why i want. site.tgz > contain a set of preconfigured files to deploy with other sets to deploy > si

Re: ABI break - a question

I don't think the upgrade will mess with files in /root ever, so it should be as safe as /home/other-user. If you install-and-wipe-your-disks-accidentally I'd think /home is in the same kind of danger. 2013/8/13 Stefan Wollny > Hi there, > > I usually follow -current installing snapshots as so

Re: OpenBSD pxe automated install

2013/8/13 Loïc BLOT > Hello Don, > I haven't any problem with iPXE (used on my libvirt/KVM hypervisor).> > Same here, boot ipxe in kvm without any issues. > > And lastly, IMHO, optionally, it would be nice if the eventual solution > was > > capable of being pxebooted via > > > > iPXE - o

Re: 10G NIC recommendation

I have only run (and still do run) 10G networking over ix(4), but those seems to work fine enough. The limit does not seem to be the HW in that case, as the recent 10G discussions state. 2013/8/15 Diana Eichert > What I want to do. > > create a netflow collector using OpenBSD by looking at > d

Re: Compiling BOINC/Seti@Home for OpenBSD 5.3 Sparc64

When you run autoconf/automake (from ports at least), they usually say that you should export variables like AUTOCONF_VERSION and AUTOMAKE_VERSION to something like 2.11 or 1.9 or so. For me: $ pkg_info | grep auto autoconf-2.59p3 automatically configure source code on many Un*x platforms auto

Re: 10GBit OpenBSD Firewall

Our ospfd boxes didn't like having PF on during failovers, while having ospf redundancy upwards and carp redundancy downwards, since PF normally doesn't like when it can't see the whole flow. Perhaps doing sloppy-states could have "fixed" it, perhaps no-state could have done it, but in the end, we

Re: Ifconfig alias removal with netmask

I only add /32 aliases. I believe in only having one ip with the wide mask, and just having the rest being single-ip aliases for the same reason as not having multiple ethernet interfaces with the wide mask on the same ethernet segment, since it screws up my knowledge on which IF will be used for o

Re: 10GBit OpenBSD Firewall

/4 andy > On Wed, 4 Sep 2013 15:19:07 +0200, Janne Johansson > wrote: > > Our ospfd boxes didn't like having PF on during failovers, while having > > ospf redundancy upwards and carp redundancy downwards, since PF normally > > doesn't like when it can't see

Re: pf: Should I keep state on inbound udp?

I thought the 10G benchmarks discussed recently showed that the performance "hit" from keeping state was so small it didn't matter, so you might aswell just let the default (keep state) be there for those services. 2013/9/4 Christopher Hilton > Does it make sense for me to keep state on inboun

Re: Strange vlan interface behavior/crash

I've seen similar issues when the network port had the same network/VLAN both untagged and tagged at the same time. The end result was that the switch decided that the mac was on the physical (untagged) port only, and would not talk to the same mac tagged against the vlan IF, meaning it basically f

Re: how to set framebuffer resolution

The FAQ has some info on making the text console have more lines on x86-y machines, if that is what you are after. 2013/9/9 remy couture > Hi, > > i'm looking for infos on how to play with the screen resolution on intel > framebuffer. > > Other OSes have some kind of "mode setting" at the boot

Re: Quick question on PFS in ipsec

You are going to see (if you debug the negotiations done by isakmpd) if both sides say they can use FPS, IIRC. 2013/9/12 Jeff Simmons > The man page for ipsec.conf states, in regards to crypto 'suites': > > "Perfect Forward Security (PFS) is enabled unless group none is specified." > > So is P

Re: 10GBit OpenBSD Firewall

If you queue your http traffic, downloading those pics are not that bad on the links. ;) 2013/9/13 noah pugsley > On Fri, Sep 13, 2013 at 12:02 AM, Henning Brauer >wrote: > > > * Andy [2013-09-02 15:55]: > > > Also I'm very willing to beta test the new ALTQ code? I was chatting > > > to Theo

Re: current vs. older binaries

http://www.openbsd.org/faq/current.html Most likely the 8/13 change. 2013/9/18 Riccardo Mottola > Hi, > > I have updated to a current snapshot (13 sept to be precise). The system > starts up, but most of the application which I had installed from ports > crash with a "bad system call". wmaker,

Re: cvsync, rsync

2013/9/19 > Alexander Hall wrote: > > Marc already anwered all your questions. Let me quote it. > > > > > Fuck off > > The most brilliant answers of the experts: > An old quote which fits nicely here: A book is a mirror: if an ape looks into it an apostle is hardly likely to look out. We have

Re: cvsync, rsync

> > Raimo, if people believe that hash(A)=hash(B) implies A=B, so strong > > > believe, that they use it in their programs, > > > > It's a matter of engineering. Usually that is good enough. > > > > If you don't think it's good enough then you should probably also worry > > about how often strcmp(

Re: cvsync, rsync

2013/9/20 > Janne Johansson wrote: > > > In practical terms, if I rsync a file from X to Y, and rsync says it is > > complete, how to verify the 4G files actually are equal? > > Given that rsync only knows that hash(A) was equal to hash(B) at the end, > >

Re: cvsync, rsync

ilures can affect the contents, then after I rsync a file from left to right, I would want to _know_ that rsync didn't go cheap on me and sent me the wrong parts just because the rolling checksums and hashes seemed to match. So how do you propose I verify this? 2013/9/20 Janne Johansson > 201

Re: OpenBSD5.3/PF Settings help request

2013/9/25 Erling Westenvik > On Wed, Sep 25, 2013 at 04:40:37PM +0200, Adelin Balou wrote: > > The problem is : The Firewall has Internet and hosts on WLAN and LAN > can't > > connect to internet. I don't know if my NAT and Filtering rules are not > > matching. My /etc/resolv.conf has an ADSL int

Re: OpenOSPFd and CARP Masters

For 5.4, plus54.html states: "Reinstate ospfd(8)code to announce routes to backup carp interfaces, so that a specific route is maintained during failover." ..which I think means it actually will an

Re: USB ethernet for OpenBSD

I bought two blue $2 usb-eth from china, they did not work on obsd, but similar stuff (UNKNOWN4 in usbdevs) is available, so if anyone wants one, we can try to whip up a working driver together. The closest thing seems to be axe(4), except the current supported chip is named 96xx-something and mine

Re: Best OpenBSD cloud hosting?

Clouds solve problems for you. Like this: http://www.cloudave.com/17213/cloud-is-simple-well-its-real-complex-but-that-complexity-can-and-should-be-hidden-from-users/geek-poke-cloud-complex/ 2013/10/10 Florian Obser > On Thu, Oct 10, 2013 at 09:15:34AM +0200, InterNetX - Robert Garrett wrote:

Re: Dell servers

We run a bunch of R320s with intel ix(4) 10GE cards. Work fine. The onboard raid is mfi or something IIRC, but it works also. 2013/10/11 Friedrich Locke > Is anyone running OBSD 5.3 on Dell R*** series servers ? > What about 10G etherner devices ? And Storage ? > Is there any concern when buyi

Re: new queueing subsystem

2013/10/16 Boris Goldberg > Is the old queueing gone? Is existing pf.conf not going to work with 5.4? > > > The new queueing doesn't appear until 5.5, so 5.4 will most certainly work without you doing anything related to your pf.conf. -- May the most significant bit of your life be positive.

Re: RAID Crypt dual booting

2013/10/27 Predrag Punosevac > > 3. Are there any strong opinions on CARP/pfsync vs RAID 1/altroot for > firewall redundancy for small office use. > > > I really don't see how those two options would be pitted against each other. Most of the time I don't see the firewall rules as super secrets,

Re: slashdot rumours

You still need to be able to send high-pitched sounds to scare away the bats in /usr/games/wump 2013/11/1 Erling Westenvik > On Fri, Nov 01, 2013 at 10:43:52AM +, Stuart Henderson wrote: > > block in quick on azalia0 freq >=18KHz > > I'd suggest removing "in" in case the machine is already

Re: OpenSMTPD won't start after last update

http://undeadly.org/cgi?action=article&sid=20131107073405&mode=expanded&count=0 which points to: http://www.openbsd.org/faq/current.html#20131106 2013/11/7 Nikola Gyurov > After rebuilding, OpenSMTPD suddenly yelled syntax errors in a > previously working config file. Apparently 'certificate'

Re: QEMU CPU cores not showing up

2013/11/13 Bruno Delbono > Stop ranting away on the demerits of disabling apm (and now pci - right! > wtf?!). > He's not. He's rambling about you twisting knobs without having any kind of clue as to why or how it would have helped, probably based on an outdated guide which now also don't know w

Re: /usr/obj slice size

Josh Grosse wrote: On Mon, 15 Dec 2008 14:24:18 +, Dave Wilson wrote ...I'm trying to create a 2G MFS for /usr/obj, but if I go much above 200 with mount_mfs I get an error... For /usr/obj on i386, my userland build script creates two MFS mounts, builds sparse files on them, assigns

Re: OpenBSD 4.4 amd64 bsd.mp can't detect 4GB memory

Owain Ainsworth wrote: Enabling bigmem=1: Also, from sys/arch/amd64/amd64/machdep.c: /* Tweakable by config(8) */ How? That diff was never commited. Config needs to know about it before it can change it. I did a similar config(8) patch for when PAE was in the same situation, so if someon

Re: www@

Jordi Espasa Clofent wrote: Hi all, I've sent a mail to www@ about some questions to build a mirror but no response at moment. ?Who's behind this mail account? It is a mailing list.

Re: script

Nick Guenther wrote: Does anybody provide a commercial shell scripting??? for i in "Don't wait" "Buy Things Now" "Save Now" "$0.99" "Get your instant trial account now" "Double Your Sales Calls, Free Script Demo"; do echo $i done Like that? Hey man, that wasn't just 'commercial grade', tha

Re: Port ZFS to OpenBSD

Khalid Schofield wrote: Dev's. What are the chances of getting a port of ZFS to OpenBSD? If you just sit and wait for it, I'd say: "zero to very-little".

Re: Port ZFS to OpenBSD

Dieter wrote: What are the chances of getting a port of ZFS to OpenBSD? I can't quite bring myself to run solaris since it lacks so much of what I love about OpenBSD and Linux is back to square one because of the reasons I moved to OpenBSD. Have you ruled out FreeBSD? Why are so many peop

Re: hoststated on OpenBSD

Pierre-Yves Ritschard wrote: * Beavis (pfu...@gmail.com) wrote: I would like to ask some folks here regarding hoststated is it still available for OpenBSD? hoststated is now called relayd, after being called hostated. I think we should name it 'The daemon formerly known as hoststated'

Re: tale of two nic's and dhclient

frantisek holop wrote: i am at a bit of loss here. i have finally a notebook where both the wireless (iwn0) and normal nic (lii0) get recognized. both are dhcp clients of my home router. consider the following scenario: 1. boot up, lii0 gets a lease 2. i disconnect the wire 3. route -n flush;

Re: Diskless 4.4 machines.

John Tate wrote: Is it possible to have OpenBSD diskless or almost diskless? By almost diskless I mean an incredibly small amount installed locally and the rest over NFS or something. "man diskless"

Re: Pre-Order Prizes

Ted Unangst wrote: Take a dozen posters to hackaton ($10/each) Take 10 minutes off to have devs sign them (= fun morale booster) Sell each poster for $500/each: Profit! you can do this yourself, and yet at the many bsd events I've attended, I've never once seen anyone ask a developer to sign a

Re: IP aliases: how many in one server with OpenBSD 4.4? Is it possible to change the limit?

Henning Brauer wrote: * Alvaro Mantilla Gimenez [2009-02-19 02:52]: Anyways, the question is still valid: how many IP aliases we can reach in an OpenBSD system? which is the limit? in theory, there is none but memory. in practice, it is a simple linked list, so things get slower at some point

Re: openbsd in virtualization

Daniel Ouellet wrote: - XEN I could be wrong here, but if my memory is somewhat intact, I think XEN is not playing to well with OpenBSD. There was worked done to port it to OpenBSD, I think it was two years ago, but I can't remember exactly, it's in the archive anyway and as far as I know, t

Re: PF and CLamAV "Integration" - how to do it?

Protocol Six Consulting wrote: I was wondering if anyone here knows how to integrate the PF firewall with ClamAV. 8< Unfortunately I've not seen any real discussion or howtos for this type of integration. For anything else than really small sites, having a program watch each and every pack

Re: Trouble setting u pkerberos for pgsql

Jon Sjvstedt wrote: Hello all! Installing pgsql server for the first time, I get stuck on this (which is a part of the /usr/local/share/doc/postgresql/README.OpenBSD) ktutil -k /etc/postgresql/krb5.keytab get postgres/server.domain ktutil: connect(kerberos.): Connection timed out ktutil: connect

Re: How to find available wifi access points?

Matt wrote: Hi, Happily running a laptop on OpenBSD - but I am a first time wifi-er. I have no trouble connecting to a _known_ SSID, but I would like to find out which wifi networks are within my reach. ifconfig iwn0 chan man ifconfig: [...] chan [n] Set the channel (rad

Re: SOEKRIS - How to install MTR to a Flashdist image

Frothingdog.ca wrote: I really didn't realize how much this pushes everyones buttons. I thought OBSD was OBSD not matter where you go with it. "I just replaced the kernel with netbsd, the userland with freebsd and try to start linux apps under emulation, but this is still OpenBSD so you will

Re: VPN client-to-site over IPSec

Joco Salvatti wrote: Hi Misc, Is it possible to implement a client-to-site VPN over IPSec? I have searched on the web, but only found site-to-site models. http://www.openbsd.org/papers/asiabsdcon07-ipsec/mgp00065.html

Re: Untable ssl connections over ikev2 VPN

Den fre 30 nov. 2018 kl 04:21 skrev Theodore Wynnychenko : > > > -Original Message- > > Hello > > > > I have been having trouble getting an openBSD laptop to connect to ssl > > connections when communicating over ikev2. > > Check if the MTU is causing issues, sometimes VPNs (which lower th

Re: [OT?] I have 4 IPs. How is outbound IP selected, say run lynx URL on server?

Den fre 30 nov. 2018 kl 21:32 skrev Chris Bennett : > I'm just curious. Is there a default method to select on this? Random? > Can I control this somehow? > It's clear how everything else selects IP, but I just wanted to know in > case that ever mattered, say one of my IPs were blocked. > And I wan

Re: Core Dev?

> Does anyone has any suggestions for me? I want OpenBSD due to reliability and > security issues. AWS is the leader in hosting market. It is only natural to > expect at least a FAQ or HOW-TO from openbsd team on this topic. One possibility is to read up on how you create AMIs (obsd ones at that

Re: Fetching full CVS tree (-current -stable) by /usr/bin/cvs

Den ons 5 dec. 2018 kl 14:07 skrev Denis : > I'm using cvsync currently, but it is not so secure as SSH wrapped > /usr/bin/cvs fetching. > > According to OpenBSD FAQ: https://www.openbsd.org/anoncvs.html > I can follow -stable -or current by executing separate commands and it > seems I should have

Re: netstat *:* udp sockets

Den fre 14 dec. 2018 kl 03:58 skrev Philip Guenther : > On Thu, Dec 13, 2018 at 10:40 AM Ted Unangst wrote: > > netstat -an tells me I am listening to all the udp. > > > > Active Internet connections (including servers) > > Proto Recv-Q Send-Q Local Address Foreign Address > > (state)

Re: Automated remote install

Den mån 17 dec. 2018 kl 11:19 skrev : > > Has anyone successfully automated (i.e with Ansible/etc) the process of > installing OpenBSD on a remote server? > > jcs indicates that his QEMU-based method demands knowing what kind of network > card is in the server. This seems hard to automate. I thin

Re: USB stick recovery after dd with miniroot64.fs

Den tors 3 jan. 2019 kl 17:21 skrev Mihai Popescu : > I used a storage USB stick to dd the miniroot64.fs on it. It was the > wrong one with some useful files saved on it and I did the dd > if=miniroot64.fs of=/dev/rsd1c bs=1m and let it write. The USB size is > almost 32Gb, it was configured as one

Re: mirror download speed variation

Den tis 8 jan. 2019 kl 14:26 skrev Mihai Popescu : > So, I still have two questions about mirrors: > Can a mirror limit your download speed ? Sure they could, I don't think many do though. > Do a CDN url point to an existing mirror, or is it a diffeent server? Different servers, spread around t

Re: article : undefined behavior and the purpose of C

Den tors 17 jan. 2019 kl 14:05 skrev Mayuresh Kathe : > > Don't know if this has been discussed here before, but I found the > following excerpt from the article at > http://www.yodaiken.com/2018/12/31/undefined-behavior-and-the-purpose-of-c/ > unnerving; > ... often the writers of the ISO C Standa

Re: boot problems, nvme?

I think I saw something similar on a box, until I disabled X-APIC in BIOS setup. If you have that option, do try disabling it. Den tors 31 jan. 2019 kl 14:37 skrev Kapetanakis Giannis < bil...@edu.physics.uoc.gr>: > Hi, > > I've just installed current as well 6.4 on a new pc and I have problems

Re: is pfsync loosing data on reboot?

Den fre 1 feb. 2019 kl 07:17 skrev Harald Dunkel : > Hi folks, > I have a question about pfsync protocol in a master-backup firewall > configuration (OpenBSD 6.3 and 6.4): > If I reboot (let's say) the backup host, will it receive the whole > set of state information again, when it gets back onlin

Re: Missing libraries.

Den mån 11 feb. 2019 kl 06:15 skrev Kihaguru Gathura : > Hi, > Any ideas on how to fix the missing libraries, > www# pkg_add -v mini_sendmail-chroot > Can't install mini_sendmail-chroot-1.3.9 because of libraries > |library c.95.0 not found > | /usr/lib/libc.so.92.6 (system): bad major > It reall

Re: Puffy Security smtpd out of date ( closed )

Den fre 8 mars 2019 kl 20:59 skrev Sean Kamath : > > It's a shame good work like this is > > of no use anymore. According to my opinion, it's well written and easy to > > follow. > > > > So, I’ll take issue with the “well written” part of that. It doesn’t do much > in the way of explaining anyth

Re: Running stuff when a network becomes available

Den mån 11 mars 2019 kl 14:11 skrev Ipsen S Ripsbusker : > > I want a few things to happen as soon as I get an internet connection > after not having had one. > It would suffice to add a crontab entry that runs the attachment > periodically. ifstated(8) can be taught to watch over an interface and

Re: TLS suddenly not working over IKED site-to-site - SOLVED?

Den tors 14 mars 2019 kl 21:51 skrev Zhi-Qiang Lei : > Mine is resolved by applying a smaller max-mss in pf and disabling ipcomp. > Only disabling ipcomp didn’t work. > > > On Thu, Dec 20, 2018 at 6:54 PM Theodore Wynnychenko > wrote: > >> Then, I took the advice above, and disable ipcomp on the

Re: Golang under Arm or Octeon

I gave it a low-effort check for octeon, and Go needs/wants to build from a super-old implementation in C which is actively trying to tell you its not supported, then from that you are supposed to build tons of versions on top of each other to get to a modern version. Doesn't really help when 99.9

Re: Is it worth considering compling a generic MPPF kernel for user convenience

With MPPF it can go away almost ~5x as fast on a 6-core machine. Den tis 2 apr. 2019 kl 13:35 skrev Theo de Raadt : > No, this is not our style, it very much doesn't fit the development > process to have users running prototype code for 6 months. > > And anyways why do you want this, since pf is

Re: OpenBSD httpd: PCI - DSS Compliance

I think that point was badly made by the site, they don't list what they did look at or how they deduced it, only that "it may" even though that same report later says no version string was sent as if that was a good thing. I guess this means "because you did as expected and did not send a version,

Re: 6.5 PowerPC Packages

Den tors 9 maj 2019 kl 16:49 skrev Andrew Luke Nesbit < em...@andrewnesbit.org>: > > Unless https://www.openbsd.org/plat.html is out of date, it doesn't look > > like OpenBSD is currently supporting POWER8 or POWER9 plaftorms. > > I wonder what is the best way to determine interest in getting Open

Re: OpenBSD on VMware ESXi

Den ons 22 maj 2019 kl 12:52 skrev Roderick : > Hallo! > As far as I read in WWW, OpenBSD do run on VMware ESXi out of the box. > What does run better on amd64 virtual machine? i386 or amd64? > Are there reasons to preffer one to the other? > The ESX template for 64-bit comes with more recent "ha

Re: PF firewall for desktop

Den sön 26 maj 2019 kl 10:03 skrev Walt : > I like having a firewall that would pretty much require someone physically > entering the computer room in order to attack the firewall. With OpenBSD, > your firewall can control your network traffic without having an IP address > at all. > One thing th

Re: bwfm bcm43569

Den fre 28 juni 2019 kl 06:45 skrev Joseph Mayer < joseph.ma...@protonmail.com>: > point today (due to not using block device multiqueueing and I get the > impression that the disk/IO subsystem is mostly not parallellized, for > some usecases also the 3GB buffer cap limit matters). > That last po

Re: cd command, chdir syscall, shell behavour

Den lör 29 juni 2019 kl 22:42 skrev ropers : > Anyway, in an ideal world, typing man would always show the man > page > actually relevant to what the box would do if the user typed at > the > prompt. I don't know how this could be solved though; and how would $ unset PATH ; man cc behave? By s

Re: Did I install correctly the openbsd?

Den ons 10 juli 2019 kl 02:16 skrev SOUL_OF_ROOT 55 : > I installed openbsd 6.5 in Virtualbox for Windows 7, the following > screenshots show it: > I tried to install openbsd according to the following video: > Did I install correctly the openbsd? > Good tip on reporting when things didn't go as

Re: traceroute and pf

Apart from PF failing the syntax, what would one expect to achieve with >=0 ? That would always cover all users, since its never a negative number. /usr/include/sys/types.h:typedef__uid_t uid_t; /* user id */ /usr/include/sys/_types.h:typedef __uint32_t __uid_t;

Re: strange behaviour with route-to, default route, and ping -I

Isn't that because your pings aren't originating from em0:network? Your rule need to apply in order to work, and the originating ip of the ping will not be correct in the first place, and neither does the ping come in on em0, as you state in the rule. "if incoming packets on em0 matches addresses

Re: Fresh install ftp SSL handshake failed

Fix the clock so its not 7th of March? 2016-11-28 21:55 GMT+01:00 Oliver Marugg : > Hi > > I did a complete new install of OpenBSD 6.0-current today. > > After first boot I followed FAQ, sent dmesg, and read afterboot(8) but I > am running in some trouble downloading the initial ports.tar.gz, >

Re: Are ease-of-reference patches wanted for man pages?

2017-02-25 9:45 GMT+01:00 Currell Berry : > Is feedback / are patches solicited for man-pages in order to improve > their usability to average users (even if this were to make them > somewhat less formal in nature)? > > I find the openbsd man pages very useful, but I do run across things > which I

Re: File Server with OpenBSD?

2017-03-08 13:52 GMT+01:00 Roderick : > > On Tue, 7 Mar 2017, Nick Holland wrote: > > The point is, you can't design ONE box for ten years of life. With >> modern SSD tech, I suspect you won't see a SATA port on a computer in >> ten years. >> > > But we can try to speculate. I guess, we will have

Re: Opinion about Rust and Go

2017-03-28 23:59 GMT+02:00 : > Hello, > > I just want to know the opinion of OpenBSD developpers about Rust and Go, > I already know Ted's opinion. > http://www.tedunangst.com/flak/post/thoughts-on-replacement-languages > > As they are both touted as memory safe, what do you think about them ? >

Re: OpenBSD httpd and HTTP/2

2017-03-31 13:30 GMT+02:00 Marina Ala : > UDP servers listening? would that open possibility for massive DOSes? > QUIC does make sure the client initial UDP packets are larger than the response until some secret handshakes are completed, so a QUIC webserver won't be a good amplifier, even if it

Re: maximum number of interfaces

I think I did some 25k tun devices in a VM long time ago. It would bomb at 27k or so, if my memory serves right. 2017-04-03 4:08 GMT+02:00 Edgar Pettijohn : > Is there a maximum number of network interfaces that can be configured? I > looked around in /usr/include to see if I could find it #def

Re: pledge for sockets?

That sounds like what pf can do for stuff running on the local machine, based on userid of the process opening the sockets. At least if your daemons all run as separate users. 2017-04-26 10:09 GMT+02:00 Luke Small : > Would it be a good idea to make a pledge like call that limits a process > fro

Re: kernel page fault trap

Can't you make the kvm run the console as a "serial" and then telnet or something to get that serial output from the guest? 2014-11-11 22:12 GMT+01:00 Nikos Skalkotos : > Hello, > > Is there a way to output the rescue disk console on a serial port? It > will help for the copy-paste because I don

Re: patch for FAQ14

Please don't mix "you" and "we" in the text on who is doing what. 2014-11-20 16:34 GMT+01:00 Daniel Jakots : > On Sun, 16 Nov 2014 20:09:35 +0100, Daniel Jakots > wrote: > > > I wanted to add some content to FAQ14 > > Here it is. > > This can be useful for people who want to encrypt only their

Re: ffs and utf8

2014-12-01 10:20 GMT+01:00 Dmitrij D. Czarkoff : > pizdel...@gmail.com said: > > How do you 'enforce' NFD? > > > > Let the kernel normalize (ie /destructively/ transform) the file names > > behind user's back, so that a file will be listed with a different name > > than that with which it was crea

Re: ffs and utf8

2014-12-01 12:05 GMT+01:00 Dmitrij D. Czarkoff : > Stefan Sperling said: > > Bad idea. See my other post. Apple did this and broke existing > applications. > > OpenBSD changed time_t and broke existing applications, but hardly > anyone thinks it was a bad idea. Fancy filenames are long known to b

Re: AMD64 packages

That it is a discussion about a discussion, not about any topic of its own. 2014-12-11 12:37 GMT+01:00 Mihai Popescu : > > The conversation is very META. > > > What is META? > > -- May the most significant bit of your life be positive.

Re: What are the disadvantages of soft updates?

2015-01-20 1:46 GMT+01:00 Currell Berry : > I was mainly curious as to why soft updates were not enabled by default > if they have so many good qualities. Your answers explained this well. > At least sun4c but also other memory starved machines (mostly those who do not have a lot of kernel memor

Re: How to get the number of interrupts per second

the first display line of vmstart would be since-boot, then it is per-period numbers. 2015-01-28 11:44 GMT+01:00 Federico Giannici : > I have to get (via command line) the number of interrupts per seconds in a > given moment (OpenBSD 5.5 amd64). > > I noticed that the number shown by vmstat is d

Re: Raspberry Pi 2 Model B

But it still requires a blob to actually run, does it not? The fact that there is docs for the blob isn't as important as being forced to have someone elses code running alongside your kernel in order to even boot it, let alone produce graphics on it. 2015-02-02 13:47 GMT+01:00 Lampshade : > Hi

Re: Raspberry Pi 2 Model B

to prevent untrusted binary code from running on the same cpu where your openbsd kernel runs, and that is where OpenBSD has drawn the line. 2015-02-02 16:43 GMT+01:00 Einfach Jemand : > Am 02.02.2015 um 15:20 schrieb Janne Johansson: > > But it still requires a blob to actually run, does

Re: Best filesystem & options for large drive

2015-02-10 17:44 GMT+01:00 yary : > I know FFS2 can handle that size easily, but I'm worried about fsck > taking forever. This machine will have 1.5GB RAM, from what I've read > that's not enough memory to fsck a 4TB volume without painful > swapping. Is there some filesystem-plus-options for rece

Re: disk change-out and packages

For backup software, I usually make a program or script to make all 64k (minus a few) combination of two-byte-filenames in a dir, then ask for a backup and later a restore of it. Surprising results when backup programs decide that certain combinations of bytes are "illegal" and won't back them up f

Re: cpu section in dmesg was changed

Yes, that is expected from snaps right now. 2012/11/5 Sergey Bronnikov : > After upgrade to latest snapshot I see strange lines in dmesg: > > Constant TSC= yes > Invariant TSC [ITSC]= no > Architectural Performance Monitoring [PERF]

Re: afsd?

nnpfs (ie arla) has been discontinued in openbsd. 2012/11/12 Anders Trobäck : > Hi, > > is afsd working in 5.2? > > If yes, where can I read about the error "arla[13196]: > kern_open /dev/nnpfs0: Operation not supported by device" besides > in /var/log/daemon? > > If no, where can I read about why

Re: afsd?

>> nnpfs (ie arla) has been discontinued in openbsd. >> >> > is afsd working in 5.2? >> > >> > If yes, where can I read about the error "arla[13196]: >> > kern_open /dev/nnpfs0: Operation not supported by device" besides >> > in /var/log/daemon? >> > If no, where can I read about why? > > So now it

Re: trunk(4) and non-standard MTU

Can you show the output of "ifconfig trunk0" after you have run this? And uname -a since a moderately recent -current wont allow mtus >1500 when I test. 2012/9/18 mxb : > /etc/hostname.em0: > up mtu 9000 > > /etc/hostname.em1 > up mtu 9000 > > /etc/hostname.trunk0 > trunkproto lacp trunkport em0 t

Re: KSH command logged to syslog

My guess, compliance to some standard Den 16 dec 2012 11:17 skrev "Paul de Weerd" : > On Sun, Dec 16, 2012 at 11:02:31AM +0100, David Coppa wrote: > | > .profile can be interrupted with ctrl+c. > | > | >>> Because it is under controle or the user and he/she can disable > | >>> such funcionality. >

<    1   2   3   4   5   6   >