Hi,
On Sun, Aug 10, 2014 at 02:48:42PM +0200, Markus Wernig wrote:
Hi all
I am trying to set up a ipsec tunnel with iked in a double NAT scenario:
Client -- NAT GW 1 -- Inet -- NAT GW 2 -- VPN GW
Client has 192.168.1.x, User is j...@doe.com
VPN GW has 10.x.y.z, hostname vpn.doe.com
On Tue, Aug 05, 2014 at 06:19:59PM +0200, Vigdis wrote:
Hello,
I tried to parse (with pfctl -nvf) the rule
match on enc0 from 192.168.1.0/24 to 192.168.2.0/24 nat-to 10.10.10.1
and all I got was:
pf.tmp:1: nat-to and rdr-to require a direction
pf.tmp:1: skipping rule due to errors
On Fri, Jul 25, 2014 at 08:17:15AM -0700, motty cruz wrote:
Hello, how to reload configuration without restarting isakmpd?
Thanks,
Have a look at THE FIFO USER INTERFACE in isakmpd(8):
NOTE: Sending isakmpd a SIGHUP or an R through the FIFO will
void any updates
On Thu, Jul 24, 2014 at 11:00:26AM +0100, Kevin Chadwick wrote:
I am using and plan to use a single server for now anyway but is relayd
SNI support planned at all?
yes. but not yet.
'Write programs that do one thing and do it well. Write programs to work
together. Write programs to handle
Hi,
On Fri, Jun 20, 2014 at 10:35:13PM -0400, Predrag Punosevac wrote:
I am seriously reading realyd man pages for the first time in my life.
Namely I am after url suffix redirection. I will try to explain little
bit better.
I have close to 10 virtual hosts running behind OpenBSD firewall
Hi,
I just committed a big change to relayd: the new filtering language.
tl;dr - I need your help! Please test the new filter rules in relayd
-current to eliminate any remaining issues in the new implementation.
When I wrote the HTTP support in relayd, I needed a way to filter and
manipulate
On Tue, May 06, 2014 at 01:09:01PM +0200, Isak Lyberth wrote:
i have some nics i want to discus about
Do you have any more details? What kind of NICs? There are some
people in OpenBSD who developed NIC drivers, but it generally depends
on the availability of the hardware, interest in the
Hi,
On Sun, May 04, 2014 at 03:52:31PM +0200, Björn Ketelaars wrote:
I'm attempting a SSL accelerator using relayd on current using the following
config:
# cat /etc/relayd.conf
prefork 1
relay wwwssl {
listen on 48.42.218.18 port 443 ssl
forward to 10.0.0.11 port http
Hi,
I've seen some typos of Heartbleed but Hearbleed is a good one :)
On Fri, May 02, 2014 at 12:20:55PM +0200, Lars Bonnesen wrote:
As far as I understand, OpenSSL 1.0.1g is needed in order to be home same
reg. heartbleed.
I know that OpenBSD's OpenSSL is a fork, and this is maybe where
On 12.02.2014, at 18:25, Bales, Tracy tracy.ba...@williams.com wrote:
Is it possible to have a shell script modify the contents of a user defined
OID that is setup in snmpd.conf?
I would like to have a cron event run a shell script and that script modify
the OID values so that a remote
Hi!
On 10.01.2014, at 21:58, Steven M. Caesare scaes...@caesare.com wrote:
I've just rebuilt my FW as a 5.4 box, and was investigating using relayd
(rather than squid) to transparently proxy for a couple of web host
servers.
It appears that this would be made possible by the filter
On 24.11.2013, at 15:40, Mihai Popescu mih...@gmail.com wrote:
...
As for the original poster, the author tried to find out a repulsive
...
We all got it and there's is no need to continue with this annoying thread.
OK? Thanks.
Reyk
On 01.11.2013, at 09:57, Marko Cupać marko.cu...@mimar.rs wrote:
I just read an article on slashdot which says that a piece of
malware made Open BSD operating system (...) modify its
settings and delete its data without explanation or prompting, and
that malware is spreading over microphone
On 28.10.2013, at 01:43, Fred Snurd fredsn...@yahoo.com wrote:
On Monday, October 28, 2013 12:38 AM, Fred Snurd fredsn...@yahoo.com wrote:
I found the following article on undeadly which uses ifstated(8) to
automatically acquire a DHCP lease upon link state
changes on an Ethernet
On 25.10.2013, at 12:08, Peter J. Philipp p...@centroid.eu wrote:
I've been trying to set up a second gif tunnel that's encrypted with
ipsec (iked for key management), but I'm stuck on an error with iked.
Here is what I see and have:
# route -T 1 exec iked -f /etc/iked.conf2
# Oct 25
Hi,
On 25.09.2013, at 15:23, LEVAI Daniel l...@ecentrum.hu wrote:
On sze, szept 25, 2013 at 14:57:13 +0200, Mike Belopuhov wrote:
On 25 September 2013 14:41, LEVAI Daniel l...@ecentrum.hu wrote:
Hi!
I'm trying to setup StrongSwan (oh, the pain...) to iked(8) IPsec. When
trying to bring
On Wed, Sep 11, 2013 at 02:00:38PM +, John Long wrote:
You want security, run OpenBSD on a Chinese router or SBC or fab your own
chips and build your own hardware. And stay the hell off the net.
Sorry for posting the following link, but this reminds me of an
incredibly bad movie:
On Sun, Sep 08, 2013 at 12:47:28AM +0100, Simon Slaytor wrote:
On 07/09/2013 23:22, Florian Obser wrote:
So you have 172.16.10.254 on two interfaces on the same box? I don't
think that will end well. I would go with two firewalls, one nats NetA,
the other nats NetB and put a link net in
On Wed, Sep 04, 2013 at 08:10:53PM +0300, K�?rlis Miķelsons wrote:
listen on lo0 port 9025
accept from any for any deliver to maildir /var/spamdb
# /usr/sbin/smtpd
/etc/mail/smtpd.conf:17: syntax error
warn: no rules, nothing to do
try putting the path in quotes:
accept from any for
Hi,
I think this is a little bit off-topic on this list, or should we
start discussing all problems of all ports here? ...
Anyway, you should make sure to use divert-to instead of rdr-to in
your pf.conf. rdr-to is considered to be obsolete for userland
proxies (except for spamd).
Reyk
On Wed,
Am 02.05.2013 um 17:37 schrieb James Shupe jsh...@hermetek.com:
I just tried to upgrade a VMware machine from OpenBSD 5.2 to OpenBSD
5.3. Sadly with the new 5.3 kernel it panics when it gets to the CPUs.
http://s10.postimg.org/v50muwvqx/crash1.png
http://s9.postimg.org/4wjed57rj/crash2.png
Hi,
Am 01.03.2013 um 15:24 schrieb Leonardo Santagostini lsantagost...@gmail.com:
Im facing maybe a misbehavior in my OpenBSD 5.2. This machine is
virtualized with KVM with 2 CPU and 4 Gb RAM
Im running 5.2 GENERIC#278 i386
The point is:
tld relay rule as show in my config is working
On Tue, Feb 05, 2013 at 07:19:02AM -0500, Nick Holland wrote:
Take a physical machine, disk image it, drop it on vmware, boot single
user, mount root partition, rename hostname.whatever0 to hostname.em0,
You can also change the ethernet0.virtualDev setting from e1000 to
vmxnet in your .vmx
On Fri, Jan 25, 2013 at 12:07 PM, Xinform3n xinfor...@gmail.com wrote:
Don't think xeons ever supported ia64.
That's true...
I confused Intel 64 instructions. EMT64 ?
Anyway, OpenBSD amd64 won't work on this type of CPU, right ?
I used to run OpenBSD/amd64 firewalls on machines that had
On Wed, Jan 23, 2013 at 5:41 PM, Erling Westenvik
erling.westen...@gmail.com wrote:
I need to connect my ThinkPad T500 running 5.2 current to the wifi
network here at my university. E.g. the eduroam network which is
available at most universities through, at least, Europe. After Googling
On Thu, Jan 24, 2013 at 10:47 AM, Dennis Davis d.h.da...@bath.ac.uk wrote:
I haven't checked wpa_supplicant for a while, but you can find it in
ports and some people actually seem to use it with OpenBSD.
...
Comments in the DESCR file for your port of wpa_supplicant state:
wpa_supplicant
Am Donnerstag, 27. Dezember 2012 schrieb Peter Hessler :
Not sure where you got greyscanner from, but you should probably ask
the authors.
It's from a guy called Bob.
http://www.ualberta.ca/~beck/nycbug06/scripts/greyscanner
On 2012 Dec 26 (Wed) at 21:31:26 +0100 (+0100), Jan Stary
On Thu, Dec 6, 2012 at 8:36 PM, Dustin Fechner d...@hush.com wrote:
On 12/06/2012 08:10 PM, Maximo Pech wrote:
that there isn't a single production ready, gnupg-like, BSD licensed
tool out there (I don't have the skills and time to program one
myself).
NetBSD has netpgp, which is BSD
Am Montag, 3. Dezember 2012 schrieb InterNetX - Carsten Schoene :
Hello,
i've setup a OpenBSD 5.2 (amd64) system using flashrd on a DELL R610
server,
with an Intel PRO/1000 PF (82571EB) dualport fibre optics adapter.
The system also have four broadcom BCM5709 copper interfaces.
I try to
Am Donnerstag, 29. November 2012 schrieb lilit-aibolit :
Good. I have two configs. And in specified time I need to *reload* to new
config-file,
not reload same config-file.
How 'relayctl reload' help me?
You should read the relayctl(8) manpage first.
relayctl load filename
Reyk
Hi,
I've read the other replies and there's no need to install any port. Like
mentioned before, just use relayd(8) from base with the router option in
relayd.conf(5) in combination with multipath routing (sysctl
net.inet.ip.multipath=1). You can also use pf with route-to or rtable
as a classifier
Hi,
On Fri, Oct 19, 2012 at 8:10 PM, Tyler Morgan tyl...@tradetech.net wrote:
On 10/19/2012 1:16 AM, Jim Miller wrote:
Two part question:
1. Anyone had any success getting iked and carp working on OpenBSD 5.1
(amd64)? We can get it working with isakmpd. The issue seems to be
that iked
On Thu, Oct 04, 2012 at 06:13:13AM +0200, Erling Westenvik wrote:
Shamefully I must admit what many OpenBSD'ers consider a crime worse
than intercourse with the devil, namely to follow a so-called Howto
(http://www.mouedine.net/) and within minutes having my daughters
Windows 7 road warrior up
On Tue, Oct 2, 2012 at 9:59 AM, Christiano F. Haesbaert
haesba...@haesbaert.org wrote:
Why not using tcpbench where you can actually specify the parameters
and know what is going on :).
Play with buffer sizes and you'll see a big difference, using -u will
give you the actual PPS.
I agree, I
Hi,
running IPsec in multiple rdomains is supported since about a year and
should work just fine. iked(8) has extended support for it but it
should also work with isakmpd(8).
- You need to create an enc(4) interface for the non-default rdomain.
Traffic will only flow if there is an enc(4)
Hi,
I agree that the transparent keyword is not really documented.
The transparent keyword enables the use of the SO_BINDANY socket
option that was added a few releases ago. It is an option for relays
to use the IP address of the client as the source of the forwarded
connection instead of the
Hi Nemir!
Short answer: Yes, it works.
Please forget all the other answers... I was reading them with some
amusement - port knocking, tunnels, special scripts, no :-). Nobody
seems to have a clue about our IPsec stack.
It is a standard feature that should just work fine with isakmpd(8).
On Thu, Apr 14, 2011 at 04:37:31PM +, Stuart Henderson wrote:
01:20:38.556705 802.1Q vid 0 pri 0 802.1Q vid 123 pri 0 arp who-has
10.3.3.2 tell 10.3.3.1
your config is OK, something is broken there. I guess this will make
it function but it's not a correct fix.
well, it works fine
On Sat, Apr 16, 2011 at 12:47:57AM +1200, Shane Lazarus wrote:
The question remains, how does the connection get torn down?
Or, in another fashion, how does the OpenBSD IPSEC implementation tell the
remote IPSEC implementation that the VPN is not currently required and to
de-register the
only parts of reload are implemented at the moment but the design is
wrong and needs some redesign to do it like iked does.
the thumb rule is that reload mostly works for redirects but not for
relays and maybe for routers.
On Fri, Apr 15, 2011 at 11:02 PM, dabheeruz dabhee...@aol.com wrote:
On Fri, Apr 08, 2011 at 03:25:55PM +0530, Indunil Jayasooriya wrote:
I am trying to test squid 3.2.0.6 on OpenBSD 4.8 (amd64) in
transparent mode. I can browse internet. But, I get the below error.
# chgrp _squid /dev/pf
# chmod g+rw /dev/pf
scary. squid should not touch /dev/pf at all.
hi,
On Tue, Oct 26, 2010 at 10:54:59PM +0200, Leon Me?ner wrote:
i'm new here so please excuse if this is the wrong list or so.
I do have a problem with getting my relayd to work on an OpenBSD 4.7
bridge thats using pf as a firewall. My configuration is the following:
...
As you can see in
hi,
thanks, good finding!
it looks right, but i have to re-think the promisc handling of trunk a
bit to see if we
a) either inherit the promisc flag on the trunk device directly which
means that trunks would always be promisc (sounds bad...).
b) find a way to use trunk without enforcing the
On Wed, Jun 23, 2010 at 08:39:20AM -0400, Adam M. Dutko wrote:
Not that I have a lot of room to talk because I haven't submitted a patch
yet...
this statement is weird, in some way.
reyk
On Mon, Jun 14, 2010 at 12:28:46PM +0100, Stuart Henderson wrote:
# cat /etc/hostname.em0
description Some Port
media 1000baseT
inet 172.16.176.166 255.255.255.252 NONE
-inet6
up
you can also pass
On Fri, Jun 04, 2010 at 12:27:12PM +0200, Massimo Lusetti wrote:
On Thu, 3 Jun 2010 23:06:58 +0200
Reyk Floeter r...@openbsd.org wrote:
This is a very brief summary, more information will follow.
reyk
That's great! ... 4.7 is just behind the door and is already time to
move
Hi!
Today I imported iked(8) that is another automatic keying daemon for
IPsec. In difference to isakmpd(8), which supports the ISAKMP/Oakley
a.k.a. IKEv1 protocol, iked(8) only supports the IKEv2 protocol at
present. The IKEv2 protocol in RFC 4306 has been simplified and
provides many benefits
On Wed, Jun 02, 2010 at 09:47:36AM +0200, Henning Brauer wrote:
OpenBSD isn't as stupid and bad as cisco.
I upgrade all my carped firewall pairs without downtime.
yes, 4.6 and 4.7 require you to adopt your pf config. 4.5-4.6 is
trivial. 4.6-4.7 isn't black magic either but admittedly not
On Wed, May 26, 2010 at 02:44:35PM +0200, Francesco Vollero wrote:
Il 26/05/10 14.32, Marco Peereboom ha scritto:
That free beer analogy has never made any sense and never will. I
honestly wonder why people keep repeating it.
I hope that in some /parallel/ universe beer is free and bsd is
On Thu, May 20, 2010 at 07:02:23PM +0200, Axel Rau wrote:
Now the question: Can I put a trunk on top of a carp?
you put carp on top of the trunk of course.
OK.
Can I have a trunk connected to 2 different switches then?
yes, i did this many times using trunk in failover mode. this is
On Thu, May 20, 2010 at 11:31:22PM +0300, Jussi Peltola wrote:
I do this too. In addition to the previously mentioned problems with
cheap switches losing their configs (and vlans) you should make sure the
active interfaces are all on one switch so that the link between them
isn't uselessly
On Tue, May 11, 2010 at 03:09:37PM +0530, Siju George wrote:
On Tue, May 11, 2010 at 12:29 PM, Claudio Jeker
cje...@diehard.n-r-g.com wrote:
Try using a cross-over cable.
Thanks for the idea Claudio.
The cross over cable does not work either.
You might have auto-negotiation
On Tue, Oct 13, 2009 at 04:41:35PM +0200, Igor Sobrado wrote:
On Tue, Oct 13, 2009 at 4:12 PM, Ross Cameron abal...@gmail.com wrote:
Uhm perhaps to provide a better OSPF and BGP implementation to the for an OS
that is the OS of choice of millions of users and thousands of corporations?
Hi,
it only works on OpenBSD and any efforts to port it to FreeBSD or
Linux weren't really successful. The reason is that OpenBSD's routing
daemons heavilly utilize the kernel's routing stack that has many
interfaces and features that are not available in and is not
compatible to other OSes.
Hi,
SSL VPN is a bit hyped but OpenVPN is a working solution if you need
it (Why did I say? Well, SSH VPN is a nice alternative that misses a
Windows client and GUI) - But I don't see a reason that SSL VPN is any
better than modern IPsec:
- IPsec is probably more secure than SSL VPN (at least
On Mon, Sep 14, 2009 at 12:09:58PM -0400, Brynet wrote:
Hi stan,
Are you talking about a PPTP client?
http://openports.se/net/pptp
-Brynet
btw., Microsoft recently introduced a new VPN protocol SSTP as a
successor for PPTP and to swim in the SSL VPN market.
Hi,
as a different approach, you can use the new router option from
relayd(8) in -current.
1.) Replace the complex ifstated state machine with a relayd using a
router configuration block. Specifing a source address in the checks
is currently not supported, but you can specify an IP TTL of 1 to
On Wed, Sep 02, 2009 at 10:14:52AM -0400, John E.P. Hynes wrote:
Toni Mueller wrote:
Hi,
I'm looking into getting switches to be used in port-extender style,
and found a thread from last year recommending Cisco switches. I need
about 20-50 ports atm, and would like to avoid Cisco. My current
On Thu, Sep 03, 2009 at 10:06:26AM -0700, J.C. Roberts wrote:
I saw the 8200zl and 5400zl switches at the InterOp Vegas show. Though
they are not rebranded Foundry/Brocade, I was told they actually are
still rebranded somethings. As I said, I could be wrong recalling Force
10, and after
slightly offtopic, but procurve works fine
trunk(4) was mostly developed with procurve on the switch side
On Wed, Sep 02, 2009 at 01:26:27PM +0200, Toni Mueller wrote:
Hi,
I'm looking into getting switches to be used in port-extender style,
and found a thread from last year recommending
ifconfig em0 up
On Tue, Aug 25, 2009 at 03:37:55PM +0100, FRLinux wrote:
Hello,
I am trying to replicate some traffic from a Cisco 6500 onto an
OpenBSD 4.5 vanilla machine. I have two NICs, rl0 which is the
administration interface and em0 which I hope to use for the ethernet
tap. So far,
hi,
do you have more details, like the tested relayd.conf lines, about the
'check send' problem?
reyk
On Wed, Aug 05, 2009 at 02:54:58PM +0200, Nice Daemon wrote:
Hi list,
I'm setting up a replacement for a customers' current Alteon Load
Balancers, using OpenBSD, pf, and relayd.
First
On Mon, Jun 08, 2009 at 02:43:33PM +0100, Anton Parol wrote:
I still can't believe that I saw mpf@ on my train this morning. I
thought I remembered his face from hackathon pics, but then he pulls out
his thinkpad and I see the blue console messages come up. I was like,
woah, very cool.
hi,
they're not related to each other, so please stop whining.
but i'm happy to have tmux(1) in base because most of the openbsd
users/hackers i know used to install the screen port on their systems
which is not needed anymore. tmux is nice, it is actively maintained
and developed in the tree,
On Wed, Apr 01, 2009 at 09:22:44AM +0200, Pierre-Yves Ritschard wrote:
* Pascal Lalonde (plalo...@overnet.qc.ca) wrote:
Hello,
I've been playing with relayd lately. There is a behavior which seems
unintuitive and I was wondering if that was a bug or the intended
behavior.
It's the
On Thu, Mar 12, 2009 at 12:22:42PM +0100, Henning Brauer wrote:
* FRLinux frli...@gmail.com [2009-03-12 10:43]:
On Thu, Mar 12, 2009 at 1:29 AM, Claudio Jeker cje...@diehard.n-r-g.com
wrote:
Also check the lo(4) link1 flag for mass IP aliases. Note: currently works
only with IPv4 (but
Hi,
the tool is requesting the UCD-SNMP-MIB which is a non-standard
extension of ucd/net-snmp. I'm not convinced to implement any of the
non-standard UCD mibs. Most of the useful values can be exported by
the standards-based HOST-RESOURCES-MIB and I already started on
extending our
Hi David,
this is a known bug and I will look at fixing it. I thought that pyr@
fixed it in 4.4, but it seems that I was wrong. Thanks for the report.
Reyk
On Mon, Nov 10, 2008 at 05:11:56PM +0100, David Caro wrote:
Hi all,
first of all, sorry for my english (i'm spaniard)
i have two
my recommendation is to stay away from this list if you're not able to
send useful bug reports. i use relayd in many production setups and
it works just fine; of course there are bugs but they can fixed or
reported. anyway, i can verify your problem on cleaning up the pf
anchor, i also did some
On Wed, Sep 17, 2008 at 10:19:11PM +0200, Michiel van Baak wrote:
redirect web {
listen on $ext_ip1 port 80:443
sticky-address
forward to webservers port http check script /usr/local/sbin/chksrvs
}
note that this will match any traffic in the 80 - 443 port range, make
Hi!
On Sat, Sep 27, 2008 at 02:01:09AM +0200, Till Neudecker wrote:
I have a pretty normal loadbalancing setup (2 relayd-loadbalancer, 2 backend
hosts). The loadbalancer accepts ssl-encrypted sessions and forwards them
unencrypted to the backend-hosts. Because all the hosts are on the same LAN
Hi!
On Wed, Sep 17, 2008 at 05:45:23PM +0200, Mikael Jansson wrote:
I use relayd with redirects to loadbalance between two webservers
one redirect is used for http requests and the other for https.
the redirects looks like the following:
redirect web_http {
listen on $ext_ip1 port http
hi!
On Mon, Sep 08, 2008 at 12:33:20PM +0200, Frans Haarman wrote:
If you use an unqouted string as psk (pre-shared key) it can't start with a
number so:
fails: ike from any to any psk 123
works: ike from any to any psk 123
it can start with a number, but it cannot be a number. so
hi,
On Thu, Aug 21, 2008 at 04:48:02PM +0200, Henning Brauer wrote:
* Claudio Jeker [EMAIL PROTECTED] [2008-08-21 16:11]:
If we stack vlan interfaces I don't see a real need for such a button.
switch vendors don't agree on the ethertype. it is configurable on all
of them, and the defaults
On Thu, Aug 21, 2008 at 04:05:50PM +0200, Claudio Jeker wrote:
no point in just doing that.
a button to change the ether type would make sense.
this is not trivial because it would require a change in the Rx path
where it is currently matching the ethertype in ether_input() before
On Sat, Aug 16, 2008 at 12:58:05PM +0800, World of Open Source wrote:
DefCon produces the most hostile network environment in the world every
year. The DefCon network has evolved with the event. What started out as a
I thought the CCC Congress in Berlin became the most hostile network
On Sat, Aug 16, 2008 at 06:55:52PM +0200, ropers wrote:
2008/8/16 Reyk Floeter [EMAIL PROTECTED]:
I thought the CCC Congress in Berlin became the most hostile network
environment in the world ;). The major difference is that the
did not filter or record any data. Unfortunately
On Wed, Jul 30, 2008 at 10:58:10PM +0200, thacrazze wrote:
Hello,
sorry that I give you a hard time
but how is status of 3D Hardware Accerlation in OpenBSD? I heard it
works with the i810 driver. But how is the current status?
You can try a recent snapshot and compile a kernel with
not decide to use a copyright like
Copyright (c) 2008 Atheros Communications Inc.
Copyright (c) 2004-2007 Reyk Floeter [EMAIL PROTECTED]
They neither apologized for all the trouble nor give me any credits
for my work. ath9k would not exist without my work on the OpenBSD
ar5k driver
hi,
On Sun, Jul 20, 2008 at 08:28:57AM -0600, Mark Zimmerman wrote:
Greetings:
Sorry for not using sendbug, but I wanted to get something out quickly
while I have a moment.
it is always better to use sendbug because it helps us to remember and
to track the bug.
Summary: I have a jetway
Dear list-members, (*
let me introduce myself. My name is Reyk Floeter, OpenBSD hacker from
the Hannover area. I have been around in the Open Source world since
a while. I am very happy with the spirit and efforts of the OpenBSD
project (www.openbsd.org).
As the name mentions Open, one would
hi stephan!
can you also show your carp configuration?
reyk
On Fri, Jul 11, 2008 at 04:55:33PM +0200, Stephan A. Rickauer wrote:
Hello,
Here's all data I was able to get off our crashing machine, the backup
node of our CARP cluster, that used to run flawlessly since 3.7.
We can
Hello,
I just imported ix(4), a driver for the Intel 82598EB 10 Gigabit
Ethernet adapters. It is based on Intel's ixgbe FreeBSD driver, with
many local changes for OpenBSD.
The driver is fully-operational and survived some long-time tests, I
had to work on borrowed hardware from another company
On Fri, May 09, 2008 at 10:40:18AM +0530, Srikant Tangirala wrote:
let pf know what to filter and what not? So, is
there some way to ensure that traffic to port 53
is in fact not from a program like iodine and what
goes to port 80 is only HTTP/HTTPS, and so on
for all the common protocols?
On Fri, May 09, 2008 at 10:40:18AM +0530, Srikant Tangirala wrote:
for all the common protocols? With my little bit
of knowledge what I figure is that we need some
piece of software(s) which understands each protocol
thoroughly, can look at raw packets in real-time
and detect the protocol
with other tricks, like delays, special kinds of
traffic shaping, etc.
Thanks for your time.
Srikant Tangirala.
On Fri, May 9, 2008 at 11:55 AM, Reyk Floeter [EMAIL PROTECTED] wrote:
On Fri, May 09, 2008 at 10:40:18AM +0530, Srikant Tangirala wrote:
for all the common protocols? With my little
On Tue, May 06, 2008 at 10:03:39PM -0700, Parvinder Bhasin wrote:
# ps -aux | grep snmp
root 26868 0.0 3.5 2372 4548 ?? S 9:45PM0:00.39 snmpd
yuck, it is running as root...
Appreciate any help.
Thanks :)
On Thu, Apr 17, 2008 at 09:35:14AM +0200, Peter N. M. Hansteen wrote:
[EMAIL PROTECTED] [EMAIL PROTECTED] writes:
How can I capture the dmesg (white on blue text) during a failed install?
I would like to capture the message during the install process (which
eventually hangs).
Can
hi!
i cannot resist to give a few comments on the PIX/ASA...
but first you should have a look at
http://www.openbsd.org/lyrics.html#35
about the Monopoly of Cizzz-coeee.
On Mon, Nov 05, 2007 at 02:26:48PM -0500, Brian A Seklecki (Mobile) wrote:
- PIX/ASA is going to get you a default
On Thu, Apr 03, 2008 at 01:35:31PM +0300, Denis Doroshenko wrote:
i have the same issue, which i reported in
http://marc.info/?l=openbsd-miscm=119608530213184w=2
then i had angry mail from Theo (WRT lack of information), though
he listed a few of developers who i needed to contact. i did some
On Thu, Apr 03, 2008 at 04:38:08PM +, Nicolas Legrand wrote:
Reyk Floeter [EMAIL PROTECTED] writes:
i have the same problems on a HP Compaq dc7600 Convertible Minitower.
acpi doesn't work. the acpi developers like marco@ are aware of the
problem and it is being worked
On Thu, Mar 20, 2008 at 09:12:44AM +0100, Claudio Jeker wrote:
reused. I don't care about SNMP but I wanted to warn you about that.
hey... :( but anyway, it shouldn't really matter when the if_index
stays consistent as long as the interface exists. it is a dynamic
interface, so i could live
On Fri, Mar 21, 2008 at 12:23:45AM +0200, Fratiman Vladut wrote:
rocommunity someone
When i run snmpd in debug mode, i receive an error that say about syntax
error into snmpd.conf at line where is defined community name.
What is wrong?
are you trying to use openbsd's snmpd with a
On Mon, Mar 17, 2008 at 01:31:47PM +0100, Arjen Van Drie wrote:
Hi,
searching on the Internet gave me no clear answer: is there a way to
include other config files in pf.conf, like
the internet is for... anyway, sometimes the manpage gives a good
answer, just look at pf.conf(5):
On Thu, Mar 06, 2008 at 08:58:01PM +0100, Sebastian Reitenbach wrote:
Reyk Floeter [EMAIL PROTECTED] wrote:
btw., did you test it with the latest code from -current?
the sparch64 was installed from a snapshot not very long ago:
OpenBSD 4.2-current (GENERIC.MP) #113: Wed Feb 13 20:47:18 MST
btw., did you test it with the latest code from -current?
On Mon, Mar 03, 2008 at 07:37:53PM +0100, Sebastian Reitenbach wrote:
Reyk Floeter [EMAIL PROTECTED] wrote:
hi!
it tested your config and it works fine without problems, there is no
bug in relayd here...
...you seem to make
On Mon, Mar 03, 2008 at 11:41:39AM -0500, scott wrote:
Thanks, everyone, for the user- vs kernel-land info. As soon as I read
it, I got it. Disappointed but I got it.
ipsec/isakpmd is, I think, kernel-land and it has some very flexible
(per ipsec rule, not just daemon level, as in user or
hi!
On Tue, Mar 04, 2008 at 10:57:57PM +0700, Agung T. Apriyanto wrote:
recently i upgrade one of my machine to 4.3-beta, and found the new
snmp program,
but i'm still using the net-snmp from ports, and somehow when i try to
issue the oid
.1.3.6.1.2.1.4.20.1.2 ( ip address look up ) it did
On Mon, Mar 03, 2008 at 10:29:30AM +0100, Wijnand Wiersma wrote:
Sebastian Reitenbach wrote:
cut
Also a http redirect did not work. I get a timeout in the browser. With
tcpdump I see incoming SYN packets to port 80, but they are not answered:
cut
I am having the same problem with
hi!
it tested your config and it works fine without problems, there is no
bug in relayd here...
...you seem to make a common mistake:
forward to ogohosts port http mode hash \
check http / code 200
you expect that the webservers always return the HTTP error code 200
101 - 200 of 347 matches
Mail list logo