On 2022-08-08, Rachel Roch wrote:
> TL;DR I've got wg(4) working great on the router itself (i.e. VPN up, all
> localhost traffic routes across VPN). But I can't get it working with
> external clients (i.e. devices that use the router as their default gateway).
>
> ip.forwarding is on:
>
On 2022-08-08, Stuart Longland wrote:
> This had been working fine for ages… but the past week it's been up and
> down like a yo-yo. I suspect it is *NOT* my end, but rather, common
> equipment in our area because others in my street (oddly enough,
> related ISPs) have the same problem with
On 2022-08-06, Todd Carpenter wrote:
> Hi all,
>
> I've been trying to get relayd up and running on my configuration and had a
> couple of questions I could not find answers for.
>
> As I understand it, relayd is capable of making a "protocol" where you
> could essentially take connection details
On 2022-08-05, Sean Kamath wrote:
> What I still believe: Get a printer that does one thing: Print. No
> gizmofrobs or wingdings. And get a laser printer. Ink is a nightmare.
OTOH I'm very happy with my Brother MFC-J4335DW inkjet. I haven't
got scanning to work from OpenBSD but that works
On 2022-08-03, TCH wrote:
> I have an OpenBSD 7.1 server. First i've installed only the following sets:
> bsd, bsd.mp, bsd.rd, base71, comp71, man71.
>
> Then, when i was installing nginx, PHP and it's accessories with pkg_add,
> php-gd refused to install because it needed xbase. I've booted
On 2022-08-02, Nick Holland wrote:
> On 7/29/22 7:29 AM, Nicolas wrote:
>> The computer seems to run fine. I don't know if that error message is
>> important.
>
> The message is important in that the kernel re-link process is a
> really cool bit of OpenBSD security, which isn't working for you
>
On 2022-08-01, void wrote:
> Hello,
>
> My connection has a /64 Neighbour Discovery (ND) for the pppoe
> connection and a /48 Prefix Delegation (PD) for the LAN.
>
> (ipv4 works fine)
>
> The parent interface of the pppoe connection is cnmac1
> The LAN interface is cnmac0. (cnmac2 is present but
On 2022-08-02, Ben Hancock wrote:
> FWIW, I do know that the printer _works_, as I can print from machines
> running other OS'es via the usual ways.
One thing you could try is doing a packet capture on a working
OS (e.g. with wireshark) and compare with what you're sending from lpr.
> I'm on
On 2022-07-31, John Mettraux wrote:
>
> On Sat, Jul 30, 2022 at 08:40:59PM -0700, Ben Hancock wrote:
>>
>> Here's my /etc/printcap:
>>
>> lp|brother:\
>> :rm=192.168.xxx.xxx:\
>> :rp=brother:\
>> :sd=/var/spool/output/lpd:\
>> :lf=/var/log/lpd-errs:
>
> Hello,
>
> Brother
On 2022-08-01, Kenneth Gober wrote:
> On Sun, Jul 31, 2022 at 8:35 AM Tobias Fiebig <
> tob...@reads-this-mailinglist.com> wrote:
>
>> > You could periodically rsync it to permanent storage and use mount_mfs'
>> > -P option to populate at boot.
>> Really good point; I will give setting that up a
On 2022-07-31, Kostya Berger wrote:
> Hello everyone. I'm trying to set up a wireless AP with EAP-TLS (802.1x).So,
> in the file /etc/hostname.athn0 I use "mediaopt hostap" and "wpa wpaakms
> 802.1x" options among the standard.
> QUESTION: where do I supply Radius server address:port ? It's
On 2022-07-31, Tobias Fiebig wrote:
> I am running a small setup, where recently the boarder router VMs of a user
> caused prolonged and consistent low bandwidth (2-3mb/s) yet high utilization
> (many IOPS) disk utilization on the virtualization nodes (more writeup at
> [1]).
fwiw using a VM
On 2022-07-30, Mik J wrote:
> Hello Omar,
> Thank you for your answer.What am I supposed to do if the software has no
> Makefile
> If I want it to be installed manually, I need to type something like rake30
> build:agent
> Am I supposed to deconstruct the initial installer that is provided in
On 2022-07-28, Nicolas Goy wrote:
>
> Ok, I think I found the issue.
>
> The cisco is useing the address fe80:b2b:11fe:161::2 but for some
> reason, openbsd doesn't link this.
>
> I cannot ping fe80:b2b:11fe:161::2%vport0
>
> The system is adding fe80::%vport0/64 to the routing table.
>
> I am
On 2022-07-28, Chris Bennett wrote:
> On Thu, Jul 28, 2022 at 08:13:46AM -0000, Stuart Henderson wrote:
>> Either use -d, or set CVSROOT, or replace CVS/Root files with ones
>> containing the path to the repo (cvschroot from the cvsutils package
>> makes this easy). If your
On 2022-07-29, Martin Schröder wrote:
> Hi,
> I'm using pppoe to connect to my provider via DSL on 7.1.
> Since yesterday my connection has been very flaky.
>
> Is there a way to get more information about the connection state changes
> etc.?
> Currently I only see the occasional
>
> /bsd:
On 2022/07/28 14:01, rsyk...@disroot.org wrote:
> Stuart Henderson wrote:
> > On 2022-07-28, rsyk...@disroot.org wrote:
> > > Dear list,
> > >
> > >
> > > I have a ports tree. (Most probably first obtained
> > > by downloadin
On 2022-07-28, rsyk...@disroot.org wrote:
> Dear list,
>
>
> I have a ports tree. (Most probably first obtained
> by downloading a .tar file.) I am able to update it
> with, e.g.,
>
> ; CVSROOT=anon...@ftp.hostserver.de:/cvs
> ; cvs -d $CVSROOT -q up -Pd -rOPENBSD_7_1
>
> After that I thought --
On 2022-07-27, void wrote:
> Hello misc@
>
> I installed 7.1-release to an edgerouter-lite-3 (mips64, octeon). In
> the errata, I saw there was a security fix
> https://ftp.openbsd.org/pub/OpenBSD/patches/7.1/common/005_pppoe.patch.sig
> which was especially pertinent as this is a router. So,
On 2022-07-23, not jacinda ardern wrote:
> Is there a way to see the build status of the different architectures
> for snapshot packages, eg via a continuous integration pipeline or
> somesuch
No
> I noticed that the current snapshots seem to have moved to libz-7.0 in
> the last few days but
rly
slow to build port.
>
> Le vendredi 22 juillet 2022 à 21:04:44 UTC+2, Stuart Henderson
> a écrit :
>
> So you have the case that really doesn't work, "The main problem occurs if
> the build directory is on NFS"
>
> But for PHP there really is no
à 15:21:53 UTC+2, Stuart Henderson
a écrit :
We do bulk builds with ports tree, package and log directories, etc
on NFS _all_ _the_ _time_ and there is not normally a problem.
The main problem occurs if the build directory is on NFS.
(A second problem with cmake when packages are built by
We do bulk builds with ports tree, package and log directories, etc
on NFS _all_ _the_ _time_ and there is not normally a problem.
The main problem occurs if the build directory is on NFS.
(A second problem with cmake when packages are built by more than
one machine and the clocks are different
On 2022-07-20, Stuart Henderson wrote:
> On 2022-07-19, Zé Loff wrote:
>> You have a single core machine with 2Gb RAM, and the data you sent seems
>> to indicate that there is no free RAM left.
>
> Where are you seeing that? systat vm shows ~850MB free. No apparent
On 2022-07-19, Zé Loff wrote:
> You have a single core machine with 2Gb RAM, and the data you sent seems
> to indicate that there is no free RAM left.
Where are you seeing that? systat vm shows ~850MB free. No apparent mbuf leak.
No pool allocation failures.
--
Please keep replies on the
On 2022-07-17, Tobias Fiebig wrote:
> Also, the voltages do not necessarily look overly healthy... but that might
> just be a fluke.
Sensors sometimes give incorrect values depending on how the motherboard
is designed - they may use e.g. different values of resistor which means
they may need
On 2022-07-17, ha...@tutanota.de wrote:
> Please implement it asap.
How rude. That is not how things work here.
> (it would be very easy, and of huge help)
It's not as easy as you seem to think.
--
Please keep replies on the mailing list.
On 2022-07-17, Brian Durant wrote:
> I am trying to download and install the i386 verion of OpenBSD 7.1 to an
> IBM/Lenovo T60.
>
> https://cdn.openbsd.org/pub/OpenBSD/7.1/i386/install71.img (and .iso)
> give me the following message:
>
> Error 503 Backend is unhealthy
>
> Backend is unhealthy
On 2022-07-17, Paul Pace wrote:
> On 2022-07-17 00:28, Kapfhammer, Stefan wrote:
>> You need to define a table.
>> See relayed.conf manual page
>> Section macros
>
> The macros section does include include creating tables that contain a
> macro:
>
>
> MACROS
> Macros can be defined that
On 2022-07-13, Tobias Fiebig wrote:
> Heho,
>
> When doing what i described in my message, I get the below messages.
>
> When I set static routes, packet forwarding works fine, i.e.:
>
> gw02.dus01.as59645.net ~ # route add -inet6 2a06:d1c2::/48
> 2a06:d1c0::dead:beef:c02
> add net
On 2022-07-13, Tobias Fiebig wrote:
> Heho,
> I am running OpenBGPd (on 7.1+binpatches), and have some tunnel links between
> hosts and up/downstreams over wg tunnels.
>
> I am basically wondering whether the behavior is known/normal and/or happened
> to others, or if it is worth it to setup a
On 2022-07-11, Brian Durant wrote:
> On 7/11/22 15:25, Stuart Henderson wrote:
>> On 2022-07-11, Björn Gohla wrote:
>>>
>>> Brian Durant writes:
>>>
>>>> I have a problem with both Firefox and Chromium being unable to access
>>>>
On 2022-07-11, Björn Gohla wrote:
>
> Brian Durant writes:
>
>> I have a problem with both Firefox and Chromium being unable to access
>> the file system using the "open" dialog. The dialog appears, but no
>> files or directories appear regardless of path. Things function
> [...]
>
> This sounds
On 2022-07-11, Steve Williams wrote:
> First, I built a Raspberry Pi 4b system with a USB wired NIC and went to
> restore my backup from Google using rclone only to find that rclone isn't
> supported on arm64. :(
Try removing the BROKEN-aarch64 and building from ports.
It has been a while since
On 2022-07-11, Brian Durant wrote:
> I have a problem with both Firefox and Chromium being unable to access
> the file system using the "open" dialog. The dialog appears, but no
> files or directories appear regardless of path. Things function normally
> however, with both Midori and
On 2022-07-08, Stuart Henderson wrote:
> You are missing the intermediate certificate on the server.
visually:
imap - presents an intermediate cert, providing a path to the trusted root cert
---
Certificate chain
0 s:/CN=mail.thinkerwim.org
i:/C=US/O=Let's Encrypt/CN=R3
1 s:/C=US/O=Le
You are missing the intermediate certificate on the server.
On 2022-07-08, wim wrote:
> Hi everybody,
>
> I have this weird issue.
> I can read the mails with mutt on openbsd but when I want to sent I get
> this message from the mutt log:
> [2022-07-08 14:33:16] mutt_send_message() Sending
On 2022-07-06, Jan Stary wrote:
> This is current/amd64 on an APU2D0, dmesg below
> Everything runs just fine from a SD card.
>
> My problem is it does not boot with this mSATA disk in.
> The leds of the mSATA and the leds of the APU keep blinking,
> the console keeps repeating
Is it in the
On 2022/07/05 11:35, Tor Houghton wrote:
> On Wed, Jun 29, 2022 at 11:24:58AM -0000, Stuart Henderson wrote:
> > > [snip]
> > >
> > > So after 5 minutes xidle starts xlock and 5 minutes after that my laptop
> > > autosuspends. If I unlock the laptop befor
On 2022-07-02, Ed Ahlsen-Girard wrote:
> I have a ThinkPad T530, with a recently acquired docking station that I
> am finally attempting to use. It doesn't pick up on the displayport to
> the external monitor. I have read acpi(4), acpidock(4), sensorsd(8), and
> sensorsd.conf(5), and I don't know
On 2022-06-07, Florian Obser wrote:
> Since my other computer is a datacenter, and my laptop is just a
> glorified vt100, I figured how to autosuspend it when it's idle for some
> time.
>
> I already at xidle(1) in my .xsession to start xlock(1). I then
> discovered -startCmd in xlock(1).
>
> I
On 2022-06-28, Christer Solskogen wrote:
> On Tue, Jun 28, 2022 at 12:18 PM Łukasz Moskała wrote:
>
>> You wanted to set the CARP IP as default gateway on both master and
>> backup, right?
>>
>>
> No, the master is the gateway. So what would not make sense as all.
> I would like to have the CARP
On 2022-06-28, Christer Solskogen wrote:
> On Tue, Jun 28, 2022 at 10:21 AM Łukasz Moskała wrote:
>
>>
>> What problem are you trying to solve?
>>
>>
> Having identical config files on both the master and backup when it comes
> to setting up the default gateway. I was hoping I could just use the
On 2022-06-27, Boyd Stephens wrote:
>
> Over this past weekend we were able to anecdotally determine what
> triggers the condition and error. The IT Director and his team powered
> down the telco vendor's/upstream equipment into which the ix0 device is
> connected. Once this was done the
I'll answer here for now but ports@ is a better list for ports questions
On 2022-06-28, Chris Narkiewicz wrote:
>
> I'm trying to build mutt with gpg, sasl and slang support, following
> ports(7) flavor build instruction, but it fails.
>
> I'm noob to ports infrastructure, so could somebody
On 2022-06-27, Ivo Chutkin wrote:
> Hello guys,
> It is not related to OpenBSD. Since I started my admin "career" with
> OpenBGPD and OpenBSD, I just need some thoughts and advises from anyone
> more experienced.
>
> The situation is as follows:
> I have 2 border routers in main location. All
On 2022-06-27, David Rinehart wrote:
> Is there a way to add a CORS header to httpd(8) responses for static
> content?
No.
> I see three options:
> 1. Create a diff that adds a server CORS property to httpd.conf(5).
> 2. Create a diff that adds generic header NVPs to httpd.conf(5).
>
On 2022-06-24, Boyd Stephens wrote:
> On 6/23/22 05:34, Stuart Henderson wrote:
>> How do the following look?
>>
>> pfctl -si
>> systat -b mbuf
>> vmstat -m
>>
>> Comparing normal + failed might be useful too.
>>
>> Are you using qu
On 2022-06-24, Ted Wynnychenko wrote:
> Hello
> I am leaving the original message intact below.
>
> I did some experimenting, and have found the following.
>
> When there is a boot.conf file present in /etc with only the following:
>> stty com0 115200
>
> Then, the system will boot. At the
On 2022-06-24, Jonathan Thornburg wrote:
> In <https://marc.info/?l=openbsd-misc=165579145005202=1>,
> Stuart Henderson wrote
>> netstart does nothing to clear existing configuration. It wouldn't make
>> sense to do this for joinlist without also e.g. clearing IP addr
How do the following look?
pfctl -si
systat -b mbuf
vmstat -m
Comparing normal + failed might be useful too.
Are you using queues in pf?
The ifconfig output you included looks normal. (rxpause/txpause is
"has negotiated flow control" and doesn't indicate what flow control
is actually blocking)
On 2022-06-22, Siegfried Levin wrote:
> My server has been running for weeks without an issue. It is running OpenBSD
> 7.1. However, today I suddenly cannot use doas anymore. It always hang. Has
> anyone met this issue before?
How does the doas process look in top(1) when it's hanging?
--
On 2022-06-20, Julian Smith wrote:
> It turned out that i needed to do `ifconfig iwn0 down -joinlist up` to remove
> all networks from the join list, as described in ifconfig(8). [I'm not
> actually sure that the `down` and `up` are necessary.]
>
> Would it be possible and make sense to have
On 2022-06-18, Janne Johansson wrote:
> Den lör 18 juni 2022 kl 11:17 skrev Cristian Danila :
>> 09:51:40.913795 arp reply 192.168.121.131 is-at 00:0c:29:c3:d9:a7
>
> arp is done "outside" of pf, that is why you see the arp exchange.
> nmap lists this as "I know things about the hosts" and while
On 2022-06-15, Łukasz Moskała wrote:
> Maybe it would be possible to update from 6.6 to 6.8 (which is still on
> mirrors), but I don't know if skipping a release is supported.
It's not supported and I wouldn't expect any help if it goes wrong,
but it often works to jump multiple releases.
On 2022-06-13, Mike Fischer wrote:
> After solving a recent problem on a VM where the /usr/local was full I was
> left with a disklabel that had a hole of unused space in it (see below for
> details). I was wondering if there is a way to compact the partitions, i.e.
> move the partitions
On 2022-06-10, Moritz Röhrich wrote:
> In the end I don't think there is a right answer without defining
> what purpose the list should serve. If it's an insider game for the
> devs, documenting all the places where OpenBSD contributors have
> been, removal is completely undesirable.
Yes that is
On 2022-06-09, David Diggles wrote:
> I've just got ldap login working on OpenBSD/7.1 with accounts stored
> locally in ldapd and using ypldap.
>
> I just thought I'd share something so anyone reading this may save
> wasting the time that I wasted :-)
>
> Your LDIF entry that you read into ldap
On 2022-06-05, open...@007sascha.de wrote:
> Hi,
> I would like to build a dynamic gif tunnel and search the "best" and secured
> concept for that.
> Szenario: HomeRouter with dynamic IP; OpenBSD as Gateway with static IP.
> 6in4 gif tunnel.
> On IP change at HomeRouter, i have to adjust the
On 2022/06/04 15:23, Theo de Raadt wrote:
> Stuart Henderson wrote:
>
> > If you are running -current and have not updated base recently, you
> > may run inTO "pkg_add: Unknown option: always-update ".
> > To fix it, just update to a newer base
If you are running -current and have not updated base recently, you
may run inTO "pkg_add: Unknown option: always-update ".
To fix it, just update to a newer base snapshot.
On 2022-06-02, Pantelis Roditis wrote:
> I recently started running multiple pflogd instances and noticed that
> /etc/rc.d/pflogd killed/restarted every running instance.
> The same happened from newsyslog rotations as well.
>
> After suggestions by brynet, sthen and ajacoutot (thank you guys)
>
On 2022-06-02, Mike Fischer wrote:
> I think the issue is more general. It applies whenever multiple
> instances of any service are needed.
>
> I have a similar issue with php_fpm which I am using in multiple PHP
> versions and with different settings (chroot(2) for httpd(8) or without
>
On 2022-05-29, Georg Pfuetzenreuter wrote:
> This is a multi-part message in MIME format.
> --ixL2X1ILWFWJlrgqgqUkZvxl
> Content-Type: text/plain; charset=UTF-8; format=flowed
> Content-Transfer-Encoding: 7bit
>
> Hi,
>
> I just installed a fresh copy of OpenBSD 7.1 and copied my
On 2022-05-29, n18fu...@tutanota.com wrote:
> I saw the recent change in pf.conf.5. Thank you. But I would argue that a
> person who just wants to set up a VPN can easily overlook the max-mss option.
> That's why I suggest adding it to examples like this:
Would prefer to have a *short*
On 2022-05-28, Peter Nicolai Mathias Hansteen wrote:
> --Apple-Mail=_2B4B5EC6-B0C2-4A8D-9201-FCBDE33C5566
> Content-Transfer-Encoding: 8bit
> Content-Type: text/plain;
> charset=utf-8
>
>
>
>> 28. mai 2022 kl. 04:25 skrev Matsuda Kenji :
>>
>> Hello.
>>
>> I just installed OpenBSD 7.1 and
On 2022-05-27, Arete wrote:
> I’m setting up spamd in front of a Postfix mail server, and am having
> an issue with rdr-to rules not working the way I expect.
>
> My setup: Re-purposed Mac Mini running MacOS 12.4 Monterey, Postfix &
> Dovecot, smtp port-forwarded to this box from my firewall.
On 2022-05-22, Avon Robertson wrote:
> The libcrypto build and install as outlined above by Theo was completed
> without error a few minutes ago on the Dell M6600. It was then rebooted
> and mutt's G command was invoked to fetch mail from pop3.xtra.co.nz.
>
> Sadly the attempt failed and mutt's
On 2022-05-24, Nick Holland wrote:
> On 5/24/22 6:28 PM, Gustavo Rios wrote:
>> May some one here suggest a documentation the explains this scenario ? I am
>> in needof this.
>>
>> Thanks in advance!
>
> I've actually been experimenting with the UEFI OpenBSD and Windows combo,
> though I suspect
On 2022-05-24, Nathaniel Nigro wrote:
> any of the ftp mirrors with the "doc" directory should have historical
> versions txt and pdf of the faq and the pf guide
Those files are nearly 10 years out of date.
--
Please keep replies on the mailing list.
is on console
On Sat, May 21, 2022 at 2:53 PM Stuart Henderson
wrote:
On 2022-05-20, Sandeep Gupta wrote:
Hello,
This post here (
http://matecha.net/posts/openbsd-on-pi-4-with-full-disk-encryption/) claims
its possible to
boot OpenBSD directly from USB without the need for UEFI on sdcard.
I tried
On 2022-05-20, Sandeep Gupta wrote:
> Hello,
>
> This post here (
> http://matecha.net/posts/openbsd-on-pi-4-with-full-disk-encryption/) claims
> its possible to
> boot OpenBSD directly from USB without the need for UEFI on sdcard.
> I tried today but couldn't get it to work. I got a blank
On 2022/05/20 22:18, Avon Robertson wrote:
> Thank you for your response Stuart. Alas your suggestion to try the
> binary from the working host does not work. I have pasted a log of my
> actions below. I will try Theo's fix tomorrow.
Hopefully there will be a snapshot by then so you can just
On 2022-05-20, Avon Robertson wrote:
> I have been unable to fetch mail with mutt on this host using either the
> currently installed snapshot and mutt package, or the snapshot and mutt
> package that had been installed 2-3 days previously.
>
> I have been able to send mail using mutt in
On 2022-05-18, Michael wrote:
> On 05/19/22 01:44AM, Mihai Popescu wrote:
>> Hello,
>>
>> I want to export XDG_CACHE_HOME variable used by Xorg.
>> What is the best place (file or ?) to export this variable?
>>
>> I remember i used some file to export a long time ago PS1 variable.
>> Should I
On 2022-05-19, Jordan Geoghegan wrote:
> I've run pfsync + CARP for a number of years now. One interesting
> "gotcha" I discovered when building an IPv6-only test network was that
> pfsync does not work in an IPv6-only environment. I tried both unicast
> and multicast configurations to no
On 2022/05/18 01:40, Vitaliy Makkoveev wrote:
> > On 18 May 2022, at 01:18, Stuart Henderson
> > wrote:
> >
> > On 2022-05-17, kasak wrote:
> >> Can I somehow revert kernel to 7.1-release, to make syspatch working?
> >
> > Boot bsd.rd and do an 'up
On 2022-05-17, kasak wrote:
> Can I somehow revert kernel to 7.1-release, to make syspatch working?
Boot bsd.rd and do an 'upgrade' install to 7.1 again. (You can also do
this with sysupgrade if you modify the script).
On 2022-05-16, Alexander Bochmann wrote:
> Hi,
>
> ...on 2022-05-16 13:23:31, Philipp Buehler wrote:
>
> > I cannot recall many applications from 20y ago that have been very keen
> > on sending from certain ports (besides IKE already mentioned by JJ).
>
> I seem to remember firewall rules that
ry off-the-shelf home CPE so it's
very very xommon on the internet.
> I hope the clarifications helps and that im right or at least that I
> learn something new :)
> Thanks
> Tom Smyth
>
>
>
>
>
>
>
>
> On Sun, 15 May 2022 at 19:37, Stuart Henderson
> wrote:
On 2022-05-15, Tom Smyth wrote:
> IP fragments on internet are avoided generally through PMTU discovery (mtu
> path
> discovery) but
> PMTU does not work beyond a Nat (if a smaller MTU interface exists
> behind a NAT then the smaller
> MTU will not be discovered.
That's not right, NAT doesn't
On 2022-05-15, Theo de Raadt wrote:
> .Bd -literal -offset indent
> -inet 0.0.0.0 255.255.255.255 NONE \e
> +inet 0.0.0.0 255.255.255.255 0.0.0.1 \e
> pppoedev em0 authproto pap \e
> authname 'testcaller' authkey 'donttell' up
> -dest 0.0.0.1
> inet6 eui64
>
> I don't think this
On 2022-05-15, Jason McIntyre wrote:
> On Sat, May 14, 2022 at 09:14:36PM -0000, Stuart Henderson wrote:
>> On 2022-05-14, Georg Pfuetzenreuter wrote:
>> > pppoe(4) already has a section on this, possibly this could be used as a
>> > start.
>>
>>
On 2022-05-15, Stephan Mending wrote:
> Especially the line stating "the kernel did not panic" surprises me, as I am
> greeted by the kernel debugger. Not sure how to interpret that.
ddb is entered for panics (which are explicit calls from kernel
code) and for other exceptions (which are not) -
On 2022-05-14, Georg Pfuetzenreuter wrote:
> pppoe(4) already has a section on this, possibly this could be used as a
> start.
It's not a great start really. Mixes up information about a method to
set the pppoe MTU to 1500 (RFC4638) and using scrub, doesn't describe
the problem (says "causing
On 2022-05-14, n18fu...@tutanota.com wrote:
>> I recommend "max-mss" instead of no-df, you don't really want fragments
>> if you can help it. The number to cap at is 40 below the lowest actual
>> MTU across the tunnel, so 1380 should do for WireGuard, IPsec varies
>> depending on the options
On 2022-05-14, William Ahern wrote:
> On Fri, May 13, 2022 at 11:10:41PM +0200, n18fu...@tutanota.com wrote:
>> Hi,
>>
>> I've set up an OpenBSD server on the Cloud, set up a Wireguard tunnel, and
>> configured default route through that server. I've noticed that I can't
>> access some websites:
On 2022-05-13, Marko Cupać wrote:
> The only problem I currently have with pfsync is the fact that it does
> not synchronise queue membership of states.
IIRC this is meant to work but only if you have identical rulesets,
after expanding interface addresses etc. This will require some care in
On 2022-05-13, Fabrizio Francione wrote:
> Code:
> tcp connection fixup {
> tcp nodelay
> }
>
> relay IPERF_TEST{
> listen on 10.10.10.2 port 6740
> forward to 192.168.20.9 port 6670
> protocol fixup
> }
> With IPERF I obtain a speed of 144Mbps .
Why use nodelay? That disables Nagle
On 2022-05-12, David Demelier wrote:
> (vm) #
> ping 8.8.8.8
> PING 8.8.8.8 (8.8.8.8): 56 data bytes
> ping: sendmsg: Can't assign requested address
> ping: wrote 8.8.8.8 64 chars, ret=-1
> (vm) #
> # ftp http://5.135.187.121/index.html
> Trying 5.135.187.121...
> ftp: connect: Can't assign
On 2022-05-09, Steffen Nurpmeso wrote:
> Until now whenever i wanted to do this i had to install xbase,
> otherwise the port makefile complained some. (I am afraid i have
> forgotten the details.) Is this still true?
Yes. We don't particularly want to deal with reports of build failures
or
On 2022-05-09, Atanas Vladimirov wrote:
> Hi Guys,
>
> I'm running -current.
> Recently I noticed (not sure when it changed) that my CPU is not
> throttling anymore. The `hw.perfpolicy` is set to auto and `hw.setperf`
> is always at 100%. I red that there was a change in 7.1:
>
> - Changed the
On 2022-05-09, Stuart Henderson wrote:
>>>
>>> That doesn't seem like correct behavior (the ISC version certainly
>>> offers both). Both options should be sent if configured, it's up to
>>> the client to properly handle this.
>>> Clients that are
On 2022-05-06, Florian Obser wrote:
> On 2022-05-06 10:28 -04, Sonic wrote:
>> On Fri, May 6, 2022 at 7:18 AM Florian Obser wrote:
>>> Also, dhcpd(8) does not even hand out option 3 when option 121 is
>>> configured.
>>
>> That doesn't seem like correct behavior (the ISC version certainly
>>
On 2022/05/09 10:46, Riccardo Giuntoli wrote:
> Yes I know. With rdomains and pair it would be nice to write a daemon
> that inspect L7 search for bittorrent identification and take action
> above those packets.
> Yes. DMCA is a complete overkill. Vultr applies it. When business will
It doesn't
On 2022-05-09, Riccardo Giuntoli wrote:
> I've found a distfiles on the fr openbsd mirror:
>
> https://ftp.fr.openbsd.org/pub/OpenBSD/distfiles/ndpi-4.2.tar.gz
>
> Someone try it?
This is used by ntopng, we don't have anything to use this to make
packet forwarding decisions (anyway, by the time
On 2022-05-04, Theo de Raadt wrote:
> I have also pointed out a couple of times now that sysclean ignores the
> lessons of "find -print0" and "xargs -0", and I worry it could find a
> file called
>
> "/somewhere/matchingpattern/\n/etc/spwd.db"
Thus is easily fixed by adding a "delete" mode which
On 2022-05-04, nace...@narwhals.org wrote:
> https://marc.info/?l=openbsd-tech=162652200109398=2 I disagree.
> while its technically correct with the rfc, in practice, not many OSes
> rigidly enforces not using the router option when 121 is present that
> I've used.
It's not just technically
On 2022-05-06, Theo Buehler wrote:
> While we could readily make libssl fall back to the legacy stack if
> SSL_OP_NO_TICKET is disabled, I don't think this optimization outweighs
> the overall benefit of TLSv1.3 - better protocol, cleaner code.
Especially when the major beneficiary of this is
On 2022-05-05, Fabio Martins wrote:
> On Thursday, May 5, 2022, Marcus MERIGHI wrote:
>
>> Hello Stuart, Hello Fabio,
>>
>> thanks for reading and suggesting!
>>
>>
>> Exactly, though it is going to be relayd that is listening and
>> forwarding to the application (or not, in case of
601 - 700 of 7779 matches
Mail list logo
