On 2/18/2010 7:21 AM, Liam Farr wrote:
Hi,
I thought that the system might be using the built in crypto in the AMD Geode CPU instead of the
HIFN and have used config -e -o bsd.new /bsd to disable glxsb (glxsb0 at pci0 dev 1
function 2 AMD Geode LX Crypto rev 0x00: RNG AES) in the kernel,
On 2/18/2010 12:47 PM, Ryan Corder wrote:
Essentially, on these lower-power devices, the cost of moving the data to and
from the crypto card across the PCI bus negates most performance gains you
would achieve trying to offload it.
Right
Where as on servers, these devices only offer a benefit
On Fri, 2009-10-30 at 12:01 -0700, Lawrence-Sporkton wrote:
I believe its the Gobi 1000 or Gobi UNDP-1 which appear to be the same
device
Very odd. This is a CDMA/3G/GSM/EVDO modem?
Normally they show up as PCMICIA, USB, or PCI Serial devices.
A lot of times the PCMCIA ones present a USB
On Fri, 2009-10-30 at 22:08 +0100, C. Diego Raffaelli A. wrote:
Any idea? Am i right using OpenBSD and trying to use Radius and/or
NAS??
RADIUS Authentication and RADIUS Accounting are what you want, but
that's off-topic for this list.
Look in ports for RADIUS servers.
Good luck.
~BAS
On Tue, 2009-08-04 at 13:53 -0300, Marcos Laufer wrote:
Hello, has anyone had any experience with LaCie Raid and Storage
very Feng shui
~BAS
I'm the kind of Mac-using sociopath that looks at an external
NAS and asks: 'What kind of RAID array defines me as a person?'
On Tue, 2009-06-30 at 11:15 +0200, u...@o3si.de wrote:
Is it possible to load balance / failover the traffic over IPSec? If
so,
should I use GIF for load balancing / routing?
That's what Cisco DMVPN is, as far as I can tell. Was just reading
about it.
You're talking about GRE tunnels to two
On Wed, 2009-06-10 at 09:24 -0700, Journey Man wrote:
Yet another rule that redirects port 1443 to port 443 works:
Try tcpdump:
% sudo tcpdump -i $ext_if 'port 443'
Then try to re-create the TCP socket from a 3rd party remote host. See
if the syn packet comes in. If not, then your ISP could
On Sat, 2009-05-02 at 05:06 -0500, Robson Caetano wrote:
Hi
I would like to log From:, To: and Subject: fields of
every SMTP connection to my internal SMTP server
that is passed by the openbsd firewall.
You're better off doing that within your MTA. Courier has a Big Brother
feature:
All:
Do we want to slip this into presently supported branches containing
1.6.9p17? It's a quick patch:
http://www.sudo.ws/cgi-bin/cvsweb/sudo/parse.c.diff?r1=1.160.2.21r2=1.160.2.22only_with_tag=SUDO_1_6_9
I tested it on -rOPENBSD_4_3. Just be sure to nuke the version string.
$ more
I haven't looked if we have support, but gre(4) w/ ipv6 address and stf(4)
seem to be best options out there for secure v6 tunnels.
That sounds... bizarre.
According to ipv6book.ca, M. Blanchet. It's a good read, except
OpenBSD/NetBSD are neglected (probably becase of the stf(4)/6to4(4)
, Brian A. Seklecki wrote:
But as soon as I start an scp from Perspex to Soekris, Perspex reboots
after a few hundred kb. Unfortunately, Perspex is in a datacenter and I
do not have console access to it to see what the heck is happening at that
exact moment.
I don't recall. But for the record
On Mon, 2008-12-15 at 00:06 +, Danial wrote:
I don't like responding to my own thread but I really need
help with this one, so I'll try to rephrase the question:
Just about every userland utility has the ability to specify source
transmit addresses (bind(4) function)
If not, we can add it.
Today I was dumping files from a wd0 disk to a mountpoint on sd0 disk
(external USB). I accidently unplugged the power cable of sd0 disk and
That is generally considered the proper / pragmatic behavior.
FreeBSD Foundation is sponsoring development to change this behavior to
to some sort of
On Mon, 2008-10-20 at 14:19 -0700, Vivek Ayer wrote:
So far, I can't ssh into the carp from the outside, can't ntp from the
Try:
% sudo tcpdump -ttt -e -vvv -n -i pflog0 -s 1024
--
Brian A. Seklecki [EMAIL PROTECTED]
Collaborative Fusion, Inc.
IMPORTANT: This message contains
On Mon, 2008-10-06 at 16:39 +1100, Sunnz wrote:
Is it possible?
Say I have a few nics of the same group... dc0 dc1 dc2 dc3... which
all belong to a group dc.
Sunnz
Do you mean a shared queue where downstream bandwidth from a single
upstream interface is proportionally divided into two
[Long Message Disclaimer]
All:
I was just looking over Peter Hansteen's PF book -- It's a great
reference, but the coverage on QUEUING is limited (6 pages of ~150).
I was hoping to find an answer to a question there-in, that I had back
in 2006 when I filed system/4574 -- but with behind me, I
On Fri, 2008-10-10 at 19:52 +0200, raven wrote:
I'm thinking how my users into an ldap db can login into my openbsd
One would need NSS_LDAP and PAM_LDAP, which requires PAM and NSS
infrastructure in-tree.
Likely you'd want to sponsor development for something like that.
~BAS
--
Brian
What *would* you recommend?
In addition to the listed duties, I am looking for stability,
For a mail server appliance, Axiomtek units are the only way to fly.
Try the NA-820. We've been nothing but pleased, and of all the cheap
Award/AMI BIOS's, theirs has been the best performing so far,
with lots of known-good-working
isakmpd(8) / isakmpd.conf(5) examples.
~BAS
I think i have seen some sample config before but i cant seem to find any
now..
Any help would be appreciated..
/Daniel
--
Brian A. Seklecki [EMAIL PROTECTED]
Collaborative Fusion, Inc.
IMPORTANT: This message
On Fri, 2008-08-08 at 13:59 +0200, Miod Vallat wrote:
Until the cd-rom are actually created and the release is announced,
tags are
Just trying to be helpful in reporting a build-problem during the releng
cycle.
If there's a better venue for such reports, lets have it :)
~BAS
IMPORTANT:
On Wed, 2008-08-06 at 13:58 -0700, Chris Cappuccio wrote:
spend your money on a motherboard with serial console. like a supermicro
board or something. you'll be happier.
No offense but: No. No you wont. Unless you have IPMI or something
like Dell's DRAC (4, not 5 -- 5 sux big time).
The
Am I reading this right?
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config?rev=1.80content-type=text/x-cvsweb-markup
I dont have a fresh install anywhere -- but I want to say that it doesnt
default to PermitRootLogin yes after the install.
I remember that I filed PRs with
On Thu, 10 Jul 2008, Brynet wrote:
The keyword here is *default*.
Say you installed OpenBSD on a soekris, it's nice having root enabled
temporarily.
That way you can login at a later time, create a lesser privledged account,
On Soekris, does the first boot console access not function
afterboot(8) covers this
Works for me, I guess. =/
~BAS
http://www.openbsd.org/cgi-bin/man.cgi?query=afterbootapropos=0sektion=0ma
npath=OpenBSD+Currentarch=i386format=html
the rationel why the rest of the projects changed it.
~~BAS
On Thu, Jul 10, 2008 at 10:35:06AM -0400, Brian A. Seklecki wrote:
Am I reading this right?
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config?rev=1.80content-type=text/x-cvsweb-markup
I dont have a fresh install
types worry because they don't really understand security.
On Thu, Jul 10, 2008 at 01:38:22PM -0400, Brian A. Seklecki wrote:
On Thu, 10 Jul 2008, Marco Peereboom wrote:
Of course it is enabled by default. Why do I want a box that is
freshly installed and unreachable?
No -- I just find
] [host] UCD-DISKIO-MIB::diskIOTable
The sensor stuff should be committed into the Ports version of Net-SNMP
by now. I can get it committed to Pkgsrc if not. Its just not been at
the top of my priority list.
--
Brian A. Seklecki
Collaborative Fusion, Inc
;
[EMAIL PROTECTED]:12$ /usr/local/libexec/nagios/check_ntp_time -H ntp
NTP OK: Offset -0.002711469308 secs|offset=-0.002711s;
60.00;120.00;
so, it can work.
--
Brian A. Seklecki [EMAIL PROTECTED]
Collaborative Fusion, Inc.
at
the top of my priority list.
--
Brian A. Seklecki [EMAIL PROTECTED]
Collaborative Fusion, Inc.
On Mon, 2008-03-31 at 12:36 -0400, Dan Brosemer wrote:
But should you need to stop and start it, just kill off the [sn]mbd
processes and fire them off manually.
Use /etc/rc.local as your command line flag/switch reference point.
~BAS
IMPORTANT: This message contains confidential
one month of Blockbuster
Total Access, No Cost.
http://tc.deals.yahoo.com/tc/blockbuster/text5.com
--
Brian A. Seklecki [EMAIL PROTECTED]
Collaborative Fusion, Inc.
On Wed, 2008-03-26 at 09:32 -0400, G 0kita wrote:
Hello all! I'm having some trouble with getting an OpenBSD box to properly
tag packets via 802.1Q.
I'm setting up an OpenBSD4.2 router pulling data off a trunk port on a Cisco
2960 switch. I can see the packets traverse the stack upwards but
On Wed, 2008-03-26 at 10:01 -0400, G 0kita wrote:
---
Nah, a /29 is the smallest WAN space you can use for a CARP - CARP (or
HSRP/VRRP) Ethernet WAN transport.
If you have that budget and business need, then you can afford the
hardware and IP space.
Remember, you can always use _RFC1918 private
--
Brian A. Seklecki [EMAIL PROTECTED]
Collaborative Fusion, Inc.
IMPORTANT: This message contains confidential information and is intended only
for the individual named. If the reader of this message is not an intended
recipient (or the individual responsible for the delivery of this message
On Wed, 2008-03-05 at 09:55 -0800, Joe wrote:
Perhaps you got a bad board in your past?
I've had 10 years of bad VIA chipsets (pciide(4), etc.)
Anyone who has been on the lists for a few years knows the same old
story. Results 1-10 of about 3,170 for bsd VIA ATA dma error
~BAS
On Sun, 2008-03-02 at 09:04 +0100, Joerg Zinke wrote:
This will be my first VIA Board, will see how it works...
That's great news. I run some VIA -- not at all bad. But they've still
got a long way to go before they re-earn the community's trust. A
decade of problems doesn't just go away
On Mon, 2007-12-24 at 13:29 +0100, Joerg Zinke wrote:
Hi,
I'm looking for hardware to install an openbsd based dsl-router.
I already searched the list archives and looked at WRAP and Soekris,
but it seems that they do not match my requirements:
- fanless
- as small as possible
- Soekris
It would be in the base.tgz in release 3.9
You may have upgraded and an old binary may be linked against the old
version. Try making a symlink.
On Sat, 2008-02-23 at 14:07 -0500, Jay Hart wrote:
On base OpenBSD 4.2.
What package should I install to get the above library?
Thanks,
Jay
On Sat, 2008-02-23 at 12:30 -0700, Theo de Raadt wrote:
No, do not make a symbolic link.
Right, for the record and mail archives, a symlink would only be a temp
solution and is not guaranteed (likely even) to solve the problem.
Obviously, Jay is not working on in a production environment,
On Sat, 2008-02-23 at 12:15 -0800, Jon wrote:
I'm using dd to clone a drive. How can I watch the progress of this or
see the transfer rate in real time?
http://www.openbsd.org/cgi-bin/cvsweb/src/bin/dd/dd.c?rev=1.15content-type=text/x-cvsweb-markup
main(int argc, char *argv[])
On Sat, 2008-02-23 at 12:15 -0800, Jon wrote:
I'm using dd to clone a drive. How can I watch the progress of this or
see the transfer rate in real time?
It should accept SIGINFO (control+G) on most terminals.
You may also be able to compile progress(1)
~BAS
IMPORTANT: This message
On Sat, 2008-02-23 at 13:46 -0800, Jon wrote:
on some learning paths here. This mailing list is awesome. Thank you.
just remember that when 4.3 CD pre-release-sales are announced :)
IMPORTANT: This message contains confidential information and is intended only
for the individual named. If
syslog-ng + transport mode IPSec (or tunnel, if you have infrastructure
on either end).
use pf(4) to ensure that only IPSec peers can write.
~BAS
On Tue, 2008-02-19 at 21:42 -0700, Steve B wrote:
and whether you are doing it over SSH or IPSEC? I have looked at
various
read the man page i810(4):
Option MonitorLayout anystr
Allow different monitor configurations. e.g. CRT,LFP
will configure a CRT on Pipe A and an LFP on Pipe B. Regardless of
the primary headsb pipe it is always configured as
PIPEA,PIPEB.
maybe
and *BSD vlan(1) wont transmit VLAN 1 as tagged (per spec)
Correct -- Thank you. I misspoke.
It _will_ transmit it tagged as VLAN1 (if vlan1 interface is defined),
but whether the receiving VLAN1 interface on the PowerConnect can ever
receive is anyone's guess.
I suppose it
On Sun, 2008-01-20 at 00:11 +, Mike wrote:
Hey Brian,
I read your post about removing dell switches from your network.
Just curious which models are you referring to?
PowerConnect 27xx Managed Entry-Level. Everything else is a
re-branded Cisco with a crippled ISO version. ~BAS
On Fri, 2008-01-18 at 11:49 -0200, John Nietzsche wrote:
Dear gentleman,
i am starting with vlan topic right now. I am in need to get two dell
powerconnect 2724 switches to implement 3 vlan. I know how to
The Dee PC2724 cant move its mgmnt vlan from VLAN1, and *BSD vlan(1)
wont transmit VLAN
On Fri, 2007-12-28 at 17:16 -0600, Alan Hamlett wrote:
Currently running OpenBSD i386 3.8 with one 20GB IDE drive at wd0a and
one 250gb IDE drive all partitioned for bsd.
Trying to install OpenBSD i386 4.2 from install42.iso by trading the
250gb drive for a cd-rom drive.
I keep getting
On Thu, 2007-12-20 at 15:31 +1100, Dave Harrison wrote:
Because carp doesn't log it's state changes etc, I've been writing the
Over Christmas, I may backport the FreeBSD carp(4) logging improvements
and submit them with kernel/5512.
~BAS
critical patches, and those should be pulled into 4.2-stable.
Unfortunately, it isn't that easy. Some updates imply updates of
depending ports (e.g. poppler and evince), which may imply further
updates of dependencies. So you'll end up with -current -- more or
less, including more
ports.
Personnaly, I use -current (base+packages) everywhere.
But this is just me.
--
Brian A. Seklecki [EMAIL PROTECTED]
Collaborative Fusion, Inc.
IMPORTANT: This message contains confidential information and is intended only
for the individual named. If the reader of this message
On Sun, 2007-12-02 at 01:14 -0800, Jake Conk wrote:
Hello,
I have pfsync setup between two servers and they're connected to each
The command that you're look for is:
$ sudo netstat -s state | grep -A 17 pfsync
pfsync:
0 packets received (IPv4)
0 packets received (IPv6)
On Sun, 2007-12-02 at 19:08 -0500, tim wrote:
my current pf configuration and add the use of the IPSEC bridge to
that set up.
Just check tcpdump -vvv -n -s 192 -i pflog0. Probably pass quick
proto ipencap all etc.
Updated diff, ISO image, build instructions.
http://people.collaborativefusion.com/~seklecki/obsd_wRAIDFrame.html
Note: There's a small problem with my regex in install.sub that prevents
scanning of RAIDFrame boot lines in dmesg.boot.
The work-around from the bsd.rd shell is to:
$ export
On Fri, 30 Nov 2007, Khalid Schofield wrote:
Hi,
I'd like to make a VPN Concentrator using openbsd. I want users to be
able to authenticate using usernames and passwords and to either nat
the users or give them an ip from our main dhcp server via a bridge.
That's a tall order. In Cisco-land
On Fri, 30 Nov 2007, Jake Conk wrote:
Hello,
I have my /var partitioned out to be 150mb which I thought was a
You're probably getting a lot of log hits on a default block log all at
the end of your rules. You can prevent a lot of crud by doing block
quicks w/o log statements for the
On Wed, 21 Nov 2007, Insan Praja SW wrote:
Date: Wed, 21 Nov 2007 18:45:47 +0700
From: Insan Praja SW [EMAIL PROTECTED]
To: misc@openbsd.org misc@openbsd.org
Subject: snmpd on current
Hi all,
I'm currently running 4.2-current and installing net-snmp-5.4.1 from ports
(updated). Something is
On Thu, 22 Nov 2007, Shohrukh Shoyoqubov wrote:
Date: Thu, 22 Nov 2007 09:46:54 +0500
From: Shohrukh Shoyoqubov [EMAIL PROTECTED]
To: misc@openbsd.org
Subject: Re: Site-to-site IPSec VPN between OpenBSD and Cisco PIX 515E
From which machine do I have to do ping -I A.B.C.D E.F.G.H
pf has
I have cut and pasted the output from ifconfig and dmesg below.
I do have a non tulip nic I might try tomorrow.
Try a -current kernel. If it occurs, obtain a backtrace / kernel core
dump and post it. Possibly file a PR if it is warranted. It might not
get fixed quickly, so grab an
On Tue, 2007-11-13 at 14:17 -0200, Kleber Rocha wrote:
10.1.1.78 tries to access the ip 10.1.100.210 on port 8080, the
If xl0 faces 10.1.1.0 (outside) and bge0 faces your local (inside)
10.1.100.0/24, then your pass in statement will create a state
associated with inbound traffic.
However, it
On Mon, 2007-11-12 at 22:40 -0500, C Thala wrote:
What would cause an 4.1 machine running on a Dell PowerEdge 1950 to see only
3,220,439,040 bytes of RAM as opposed to the 4GB that it really has
(confirmed by BIOS)?
A little something-something called PAE.
You're probably running 4.1/i386?
On Mon, 2007-11-05 at 10:49 -0500, Peter Fraser wrote:
get updates on the virus signatures. I was going to put
Well how many local patches are there? Did you try to bump the port to
the version you want? Just update the Makefile distinfo and see if the
patches apply cleanly.
~BAS
Ok, just tried rebooting with your suggestion of:
boot -c
disable fdc*
boot
Actually, I had to quit instead of boot
It stopped at the same place: fd0 at fdc0 drive 0: 1.44MB 80cyl, 2 head, 18
sec
Enable verbose in ukc. It often shows silent probes that fail and
lock the system
On Mon, 2007-11-05 at 07:23 +0100, Martin Toft wrote:
On Mon, Nov 05, 2007 at 01:29:05AM +0100, Cabillot Julien wrote:
Have you try openbsd 4.2 ? PF have been really improved in this
release.
pf(4) has nothing to do with isakmpd(8), except as it relates to recent
addition of routing tags.
-
On Sat, 2007-11-03 at 00:20 +0300, VP wrote:
Hello!
I have a network with 100 users and 7 servers and current firewall
need to be replaced. I want to by brand server due to company policy.
Brand as in put your company name on the hardware
It can be SPARC or x86.
But vendors don't
On Sat, 3 Nov 2007, Martin Schrvder wrote:
You don't need one computer with two discs and two psus; instead get
two systems and use carp to get HA. Also 2GB for a firewall is
overkill. Spend the money on the NICs instead.
If he's going to be doing local processing of pcap(4) data into some
If he's going to be doing local processing of pcap(4) data into some
pcap(3), of course, is what I meant :}
On Fri, 2007-11-02 at 20:21 +, Stuart Henderson wrote:
On 2007/11/02 14:45, Jason Murray wrote:
I have a 4.1 box that uses RAIDFrame so I need to compile a customer kernel
in order to upgrade. I know this is not supported, but it has worked (minus
the one gotcha) for me from 3.6 until
On Sat, 2007-11-03 at 00:42 +0300, VP wrote:
It can be SPARC or x86.
But vendors don't officially support OpenBSD with their hardware.
We need tower server with 1 proccessor, 2 gigs of RAM, 2 SCSI disks
and 2 power supply. Does anyone recommend brand server which supports
For a
Since I can't connect
successfully via ssh is there anything else I could be doing remotely?
...you could be researching a Lights-out-Management solution for your
server (Dell DRAC, Sun LOM). Best all-around solution is a PC-Weasel
(realweasel.com) connected to the system next to it (Or a
On Wed, 2007-10-31 at 14:51 +, Tomas Bodzar wrote:
And still one thing
When I was try OpenBSD (I think that was 3.8),I use WindowMaker,Xmms and lots
Some *BSD systems are adjusting PCM driver support to allow multiple
process to open /dev/dsp / /dev/audio multiple times in-exclusively,
On Mon, 2007-10-22 at 12:04 +0200, Henning Brauer wrote:
* Claudio Jeker [EMAIL PROTECTED] [2007-10-22 08:17]:
Fragment Reassembly does not happen in the forwarding plane, it happens on
the end system. By doing flow based forwarding on the router you're no
longer able to do all the
first try to enable acpi and see what happens.
Thanks. Enabling acpi did not make a difference, but then I disabled
apm and it's working.
Right -- all of the example ukc output shows how to enable acpi0 but no
one ever shows how to disable apm0.
~BAS
Abdul
HTH,
Stijn
On Thu, 2007-10-25 at 10:50 +0200, Dominik Zalewski wrote:
Dear All,
I have a machine with two Maxtor 160GB hard disks. I've installed OpenBSD 4.2
on first one and I would like to use second one as a mirror.
If you really want to kick as the dead horse, I can probably roll a 4.2
install
On Thu, 2007-10-25 at 14:39 -0700, Don Jackson wrote:
no channels at
tached
Well, no channels attached tells me its a hardware issue
(cables`n`shit), or the software failing to properly probe the hardware.
Does it work in another system under another platform (Linux LiveCD,
etc.).
I use
On Tue, 2007-10-23 at 01:42 -0700, Reza Muhammad wrote:
Hi all,
I just recently purchased a brand new HP Pavilion
G3035L Desktop PC (spec:
http://www.anugrahpratama.com/product/21/1092/HP-Pavilion-G3035L-Desktop-PC).
It's using Intel Core Duo processor. I tried to
install OpenBSD's
pciide0 at pci0 dev 15 function 2 AMD CS5536 IDE rev 0x01: DMA, channel 0
wired to compatibility, channel 1 wired to compatibility
wd0 at pciide0 channel 0 drive 0: Turbo Industrial CF Card
wd0: 1-sector PIO, LBA, 1983MB, 4062240 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
On Mon, 2007-10-22 at 00:12 +0100, Tony Sarendal wrote:
On 10/21/07, Henning Brauer [EMAIL PROTECTED] wrote:
I'll throw this out there since its been something on my mind for a
while:
Hardware VLAN tagging, TOE offload, IP/UDP/TCP Checksum offload,
interface polling are all ways to accelerate
PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Brian A. Seklecki
Sent: Thursday, October 18, 2007 2:02 AM
To: misc@openbsd.org
Subject: ipsec(4) routing for a branch offices
On a variety of 3rd party platforms, I often establish an SA
between two IPSec devices with a /16 of RFC 1918
On Thu, 18 Oct 2007 14:16:59 +0100
Tony Sarendal [EMAIL PROTECTED] wrote:
Just a 5 minute quick test, nothing too scientific.
Thanks! What was your IXIA platform? RHEL with gig interface or an appliance?
~BAS
--
Brian A. Seklecki [EMAIL PROTECTED]
IMPORTANT: This message contains
!
--
Brian A. Seklecki [EMAIL PROTECTED]
Collaborative Fusion, Inc.
IMPORTANT: This message contains confidential information and is intended only
for the individual named. If the reader of this message is not an intended
recipient (or the individual responsible for the delivery
x.east.verizon.net
vpncxxx.pub.collaborativefusion.com spi 0x0ACAEE17 seq 89 len 116
ICMP packets giving me the old slip-a-roo out the back door :}
--
Brian A. Seklecki [EMAIL PROTECTED]
IMPORTANT: This message contains confidential information and is intended only
for the individual named
*
-lava (Brian A. Seklecki - Pittsburgh, PA, USA)
http://www.spiritual-machines.org/
On Fri, 2007-10-05 at 18:50 -0400, Rod Dorman wrote:
On Friday, October 5, 2007, 15:14:41, Jeff Simmons wrote:
On Friday 05 October 2007 01:17, Claer wrote:
The Cisco client license forbids explicitely to connect to anything but
Cisco Hardware.
You could rip the ISA controller out of a Pix
On Fri, 2007-10-05 at 12:14 -0700, Jeff Simmons wrote:
On Friday 05 October 2007 01:17, Claer wrote:
The Cisco client license forbids explicitely to connect to anything but
Cisco Hardware.
If that's so, then legal forgot to tell marketing. ;-)
The Cisco VPN 3002 Hardware Client works
.
~BAS
On Wed, 2007-10-03 at 20:32 -0700, Jeff Simmons wrote:
3002
--
Brian A. Seklecki [EMAIL PROTECTED]
Collaborative Fusion, Inc.
IMPORTANT: This message contains confidential information and is intended only
for the individual named. If the reader of this message is not an intended
On Thu, 2007-10-04 at 15:24 +0200, Marc Balmer wrote:
Tang Tse wrote:
Just one question regarding VPNs OpenBSD and HW, is there any recomendation
for hardware? i mean, i want to setup a VPN between 2 offices and i need
some reasonable speed.. with a computer with some recent hardware do i
On Thu, 2007-10-04 at 17:54 +0200, Piotrek Kapczuk wrote:
2007/10/4, Brian A. Seklecki [EMAIL PROTECTED]:
I'm demo'ing some 1U P4-class network appliance hardware that will
probably fit your needs well. See URLs below.
[...]
http://code.google.com/p/bsd-appliance/wiki
Timo Schoeler [EMAIL PROTECTED] wrote:
On an semi-related note, I recently tested the vpn1411 in a
significantly faster (2.8GHz P4 Celeron D):
des3/3des:
w/ acceleration:
# time dd if=/dev/zero bs=1m count=100 | openssl des3 -pass pass:test
-engine cryptodev -out /dev/null
engine cryptodev
To get debugging info out of pf(4):
$ sudo pfctl -x loud
Also check netstat -s for layer 3/4 errors, and netstat -m for
kernel memory resource consumption, and ifconfig -i(?) for layer 2
errors.
~BAS
On Tue, 2007-10-02 at 14:20 +0700, dika wrote:
Dear teams,
Im using OpenBSD4.1 for my
Also:
1) Does the documentation in ipsec(4) / isakmpd.conf(5) /
sasyncd.conf(5) imply that all policies / security associations should
be between the CARP HA L3 address?
2) Is your isakmpd(8) binding to wildcard address?
3) Did this problem evolve with the implementation of sasyncd(8) or did
. The other
side is in passive mode.
Thanks for the replies.
Patrick
Brian A. Seklecki schrieb:
Also:
1) Does the documentation in ipsec(4) / isakmpd.conf(5) /
sasyncd.conf(5) imply that all policies / security associations should
be between the CARP HA L3 address?
2) Is your
I know it is a lot faster but would that solve the parity problem on
boot completely? 'man bio' doesn't seem to answer that.
For a variety of reasons, hardware raid controllers handle ungraceful
shutdown better -- onboard batteries for the HBA's RAM/Cache, etc.
Hardware RAID almost never goes
raid(4) hasn't been touched in a while (years), so short answer: No.
NetBSD is still actively committing to it, though, and has functional
background parity recalculation.
I understand there is interest in replacing RAIDFrame instead of
resynchronizing the subtree.
In the mean time, find a
Ok, it's running now. The cause was not the move from 4.0 - 4.1, but
the move from a diskful to a diskless setup: The machine mounts its root
fs via nfs.
WHAT?!?!?! What the heck kind of security-minded sanity check would
fail based on the underlying VFS?
Did you eventually get a PR open
Any word on the degraded performance of fork operations inside the
vmware server guest? Or am I imagining that thread of e-mails?
~BAS
On Sat, 2007-07-07 at 10:04 -0500, Todd Pytel wrote:
On Sat, 2007-07-07 at 10:44 -0400, Nick Holland wrote:
There's the answer to your question: For your
Safe to ignore - most i810 devices have duplicate PCI bus entries for
the internal and external video. Both are drive by the same logical
GPU, though.
~BAS
On Sun, 2007-07-01 at 00:21 +0800, Alex Kwan wrote:
Hello!
When I exit from the X, I got following warning message:
I810: No matching
Try to 'tar tzvf [file]' each member. Do any of them exit with
Unexepected EOF ? That means that the download never completed that the
file is truncated (which leads to the SHA1 and Size mismatch)
~BAS
On Sun, 19 Aug 2007, Chris wrote:
I downloaded all the packages put them in
This is the expected behavior for a failure on a CCD component. Try
cutting the SATA cable to a live system some time; watch the kernel
panic there as well. Suddenly it cant stat() / or read/write from swap.
You're playing with fire with CCD anyway: RAID0. The stuff in 4.1
wasn't touched for
and has a quick
one-line fix such as this. (only to get a you're not running GENERIC
response)
I know there are people out there running embedded environments who were
testing 4.1 during -current.
~BAS
--
Brian A. Seklecki [EMAIL PROTECTED]
Collaborative Fusion, Inc.
IMPORTANT: This message
1 - 100 of 213 matches
Mail list logo