Aaron Mason escreveu:
Hi,
It has also been a vision of mine to run OpenBSD-based VPS, though at
this point the only way to achieve that is by true virtualization -
hence, I would like to propose that we attempt to bring OpenVZ
capabilities to the OpenBSD kernel. The biggest problems lie in
Rodolfo Timoteo da Silva escreveu:
Has anyone installed snort, base and receive the same error when
trying to connect to DB in the first access?
[Fri Mar 6 13:13:21 2009] [error] PHP Warning: session_start() [a
href='function.session-start'function.session-start/a]:
Hi,
Couldn't this be related to some setup configuration?
Like that options for plug and play OS so the BIOS will map all
interrupts and not the OS?
Marco Peereboom escreveu:
You need to boot with -c and then at the UKC prompt type:
disable apm
Please send that dmesg.
On Fri, Dec 05, 2008
tico escreveu:
Stephan A. Rickauer wrote:
Those of you interested in running OpenBSD as a Xen guest in
XenEnterprise might want to use this opportunity to raise their voice:
http://forums.citrix.com/thread.jspa?threadID=151525
Stephan, thanks for the notice -- I just posted my $0.02 on that
Joe S escreveu:
OS: OpenBSD 4.4 RELEASE i386
PF is blocking traffic that I want it to pass. I notice this when I
run nmap 4.76 (compiled from source). It appears that my packets are
being dropped because they don't match the pass out quick rule in my
pf.conf. I noticed this rule is modified due
One more vote for sshguard, I use it here with success, just need to
create a rule like:
block in on $ext_if proto tcp from sshguard to any port ssh
And run sshguard, it will get any host trying random passwords with no
success to the sshguard table.
Don't know it there are any alternative
/QEMU, that
will translate to the intel em driver into OpenBSD, witch runs much
better without watchdogs warnings.
Vinicius Vianna
Jason Dixon escreveu:
On Thu, Aug 07, 2008 at 06:19:55AM -0700, Thomaz Portella wrote:
Please,
Now I am using 2 servers with CARP load balance.
But I need to increase this system to more than 2 servers.
How can I do it ?
Thanks in advance,
RTFM, KTHXBYE!
Maybe the only value would be to merge a new rule without returning all
tables to default as in the situation that you have changed a table and
if you run pfctl -f /etc/pf.conf the table will get back to original values?
Never had to use it too, but someone may need it sometime?
Henning Brauer
Hi Daniel,
I was thinking about your question and at first I was sure that the man
page was right, the only thing is that you didn't think about how is the
better way to calculate the current load. If you think about it, when
you get a high load on your system the first sign of it will be in
Hi William,
I don't know for sure, but I remember dealing with this kind of problem
and setting preempt did work, maybe worth a try:
/etc/sysctl.conf:
net.inet.carp.preempt=1
Anyone else?
HTH,
Vinicius
William Stuart escreveu:
(Sorry if this is a dupe, not sure if you had to be a
Hi,
It's possible using multipath, take a look at
http://www.openbsd.org/faq/faq6.html#Multipath please.
But I needed to use some pf route-to rules to re-route the packets
between the multiple gateways. It takes some work to make right, but i
know it works if done correctly.
Remember that
bofh wrote:
On language - remember, PHP's design goal (as late as v3) was for complete
non-programmers to be able to pick it up and write programs immediately.
You can imagine how that can cause issues for security. Most libraries or
add-ons you install for PHP require you to run in insecure
You can rewrite that way using NAT rules, like the ones you're using on
iptables, I remember having to rewrite some packets this way for
tunneling on a VPN.
Mark Felder wrote:
Iptables allows me to rewrite the address of outgoing traffic. PF does
not allow this functionality. Is this a
If you wanna route packets from the internet to the SW's, you need some
IP on the OpenBSD's interfaces to the switches.
I remember being able to set IP addresses on bridged interfaces with
ifconfig, don't know if this is a good approach but was usable in the time.
Maybe your best approach is
Arjen Van Drie wrote:
Vinicius Vianna wrote:
If you wanna route packets from the internet to the SW's, you need
some IP on the OpenBSD's interfaces to the switches.
I remember being able to set IP addresses on bridged interfaces with
ifconfig, don't know if this is a good approach
Maybe it would be easier to just upgrade your NIC's to some intel em
ones, it have low interrupt usage, don't know about bge on high usage.
Stuart Henderson wrote:
On 2008-04-01, B A [EMAIL PROTECTED] wrote:
We have OpenBSD acting as router+IPsec vpn concentrator.
Our company expanding, so
Hi,
I didn't get this right..
Have you got to the shell prompt after the crash?
If so, did you tried to run fsck /dev/rwd0a? Try it, it may show some
problems, or in the boot after the crash the system will show you what
partition have been compromised.
Just run the fsck /dev/rwd0X for all
Chris Zakelj wrote:
I posted this to the samba list about a week ago and received no
responses, so I'm hoping someone here can tell me what I'm missing.
If I'm forgetting to add some piece of important info, prod as necessary.
I've been struggling with this for a while, and though it
Hi,
I don't see pipefail on the ksh man page, maybe you should ask for some
developer add it to openbsd source, or compile/install another shell to
use this, maybe even ksh.
Anyone else?
Piotrek Kapczuk wrote:
$ set -o pipefail
/bin/ksh: set: pipefail: bad option
$ echo $KSH_VERSION
@(#)PD
Hi misc,
I got a firewall with openbsd 4.1 and pf and it's receiving a lot of syn
floods attacks and even udp floods, since this is common I think someone
could have developed something on this, so why to reinvent the wheel?
The scenario is this:
block in log
block in quick inet from badip
The problem is that these attacks aren't on any pass rule, they are on
ports that my firewall doesn't permit, so the packet will go to the
block rule, and i can't use these overload rules with block can I?
Lars NoodC)n wrote:
Vinicius Vianna wrote:
I got a firewall with openbsd 4.1 and pf
?).
Stefan Schulze Frielinghaus wrote:
But what benefit do you expect to get when you block it via a
max-src-conn-rate/overload rule or directly via a (default) block rule?
In either way you will block the packet.
On Fri, 2008-02-29 at 16:49 -0300, Vinicius Vianna wrote:
The problem
Stuart Henderson wrote:
On 2008/02/13 23:32, Owain Ainsworth wrote:
(I'm someone who actually works on this)
RadeonHD hasn't even started 3d acceleration yet. Intel is a good bet if
you don't want anything that powerful. Older radeons are alright, (check
for support for specific cards on
Hi all,
I'm getting some packet loss on our firewall here (4.1 GENERIC), after
changing the old nic (msk0) we are still getting some packet loss but
very little.
Can be any improvement from changing the external nic from em2 to em0 in
our case? Can this packet loss be sure coming from cable
Hi folks,
I got a strange problem with the sk device, two machines i own the NIC's
only work on 4.0, on 4.1 or snapshot it will display no carrier on the
ifconfig status.
The dmesg for this device is:
skc0 at pci5 dev 2 function 0 3Com 3c940 rev 0x10, Marvell Yukon
(0x1): apic 2 int 17 (irq 9)
Hi,
I'm using 3.8 GENERIC kernel, and having problems mounting a FreeBSD
UFS2 harddisk, is there a way to mount it in OpenBSD or the only way is
to backup data, reformat in FFS and restore?
Thanks in advance,
DS
27 matches
Mail list logo