. But I gave it just a quick look (and
moved to more important things to do).
--
Martin Pelikan
flamewars)
--
Martin Pelikan
with UDP. Lots of
dropped packets would be rather catastrophic for it.
When dropped packets are 'rather catastrophic', why on earth do you
use udp then?
--
Martin Pelikan
(an example of a group)
dn: cn=mygroup1,ou=Groups,o=storkhole
objectClass: top
objectClass: posixGroup
cn: mygroup1
gidNumber: 1001
memberUid: myusr1
--
Martin Pelikan
, it's painfully slow and stupid, but fortunately for us
unneccessary most of the time.
By the way, with the vmmap diff firefox4 and everything works just
fine for about 3 days now. Thanks!
--
Martin Pelikan
'? Because with httpd it seems to work fine for
me (different setup, but works). netstat -a displays all of them all
the time.
maybe i should try GRE with IPSEC on top of
that...(?)
Not sure it'd help.
--
Martin Pelikan
alocation?
Thanks in advance.
Hi!
You have to manage that for yourself; this might help your tools written
in C. And note that in most schemas it's not 'uid', but 'uidNumber'.
--
Martin Pelikan
unsigned
find_lowest_uidnum(LDAP *l, const char *bdn)
{
static char uidNumber
to other
machines? Not to mention ^A is beginning-of-line in most terminals.
And the screen's window management! What a pleasure!
And the way screen reports its messages! Still a mystery to me.
tmux ftw :-)
--
Martin Pelikan
your customers
(sorry everyone, but ordinary people don't give a damn about your
opinion), or you're a non-profit organization, such as OpenBSD, and
you can rebel against it by not using it.
--
Martin Pelikan
@ can become a problem if each of
these hosts hosts some huge application which is hard to modify.
--
Martin Pelikan
...
--
Martin Pelikan
is just a second nature...
--
Martin Pelikan
in advance.
--
Martin Pelikan
OpenBSD 4.8-current (GENERIC.MP) #759: Sun Jan 9 20:02:53 MST 2011
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 2135785472 (2036MB)
avail mem = 2064916480 (1969MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.5 @ 0xe4cf0 (34
2011/1/10, Christoph Leser le...@sup-logistik.de:
Hello,
I have an IPSEC VPNs in Tunnelmode, configured in ipsec.conf with a line
like:
ike active esp tunnel from my_internal_net to his_internal_net peer
his_gateway_address main_mode_parameters quick_mode_parameters
preshared_key
My
those remote network Ids
that are configured in ipsec.conf?
The above, or more specific.
Sorry for the previous empty reply, I'll finally try to learn how to
use an email client.
--
Martin Pelikan
this works for me (I'm in the UK and using
ADSL from bogons.net, who I thoroughly recommend)
Of course, this should be the right way on the router. Feel free to
ask your provider on how to acheive what you want..
--
Martin Pelikan
wbsio0 at isa0 port 0x2e/2: W83627DHG rev 0x25
lm1 at wbsio0 port 0xa10/8: W83627DHG
mtrr: Pentium Pro MTRR support
uhub1 at uhub0 port 1 Intel Rate Matching Hub rev 2.00/0.00 addr 2
softraid0 at root
root on wd0a swap on wd0b dump on wd0b
--
Martin Pelikan
once, but after failing to
explain some of the behaviour I consider myself not educated enough to
play with kernel options...
Unfortunately I probably won't be able to repeat the tests for some
time now, as the machine is already in production.
--
Martin Pelikan
-qns 1500 -w ...
--
Martin Pelikan
queue (some_big_queue, lowdelay)
But this machine is quite loaded - consider increasing the limits by
several smaller steps.
I'm posting this also because someone can tell _me_ what I'm doing
wrong - any thoughts?
--
Martin Pelikan
the kernel but
currently requires to have an active flow from an initial IKEv2
handshake. B It is on our TODO list ;-).
iked(8) and certificate revocation work just fine.
--
Martin Pelikan
since it doesn't support tab-completion at all. mksh seems to do work
fine - thanks to Kevin for posting on this list.
--
Martin Pelikan
config files, like so:
$ cat my.conf
table ausfahrt persist
pass from ausfahrt
$ sudo pfctl -a potazmo -f my.conf
$ sudo pfctl -a potazmo -sT
ausfahrt
$ sudo pfctl -sT | grep ausfahrt
$
...and then load the anchor in the main file using:
load anchor potazmo from my.conf
--
Martin Pelikan
, or messed with the hypervisor's kernel lately, or if it
is a new install on an out of the box dom0 that just happens to fail.
--
Martin Pelikan
OpenBSD 5.1-current (GENERIC) #258: Mon Jun 11 11:52:20 MDT 2012
t...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
real mem = 535797760
;
u_int8_t_pad[2];
} __packed;
Imagine what would you gain if you forced people to use the same rules
or even the same interface names. These are completely separate
things.
--
Martin Pelikan
and go straight for NSD.
Seriously, it's just a matter of time before someone in your network
notices this and will wonder why some websites load and others not.
--
Martin Pelikan
:-(
--
Martin Pelikan
Index: arch/amd64/amd64/mutex.S
===
RCS file: /cvs/src/sys/arch/amd64/amd64/mutex.S,v
retrieving revision 1.8
diff -u -p -r1.8 mutex.S
--- arch/amd64/amd64/mutex.S24 Sep 2010 13:21:30 - 1.8
+++ arch/amd64
first. It also helps if they're running CARP/VRRP, because if
they don't play with VHIDs, their MAC addresses don't change with their
infrastructure :-)
--
Martin Pelikan
it'll work even if you don't invoke package updates from your
shell, but using some kind of remote administration software for
example.
--
Martin Pelikan
have no intentions of learning the guts of the PHP
interpreter, the method I used back then was the stupidest of them
all, adding die(hard); after every suspicious line in the execution
path. The function that failed was a MySQL one, IIRC. You can try
repeating that...
--
Martin Pelikan
shaping using just one rule.
#
# Remember, never trust anything you didn't test yourself first.
--
Martin Pelikan
this.
Stuff queued going out is usually called upload, and it is on your egress
interfaces. This queueing happens when traffic leaves the machine.
Sorry. (this confusion sometimes happens to almost everyone I know) :-(
--
Martin Pelikan
32 matches
Mail list logo
