Hello,
while going through the upgrade guide for 5.5 I found two typos on the website:
In upgrade55.html it shoud read and remove them from /etc/inetd.conf
instead /etc/identd.conf
In faq4.html in section 4.3.4 (creating a bootable install flash drive)
I found another typo. The raw device in
Am 13.08.2012 09:42, schrieb C. L. Martinez:
Hi all,
I am trying to do some tests with OpenBSD 5.1 and FreeBSD 9.1 beta in
my laptop virtual lab based on vmware workstation 8. But I have found
a problem when I try to configure OpenBSD vms: I can't use e1000
driver with these OpenBSD vms. I
Am 30.11.2011 09:22, schrieb Peter Hallin:
Hello,
I have some issues with pf.conf and includes that perhaps someone could
shed some light on.
Where I work, we use bridging firewalls with multiple tagged vlans
passing the bridges, and filtering is done on the vlan interfaces.
Normally
Am 24.11.2011 05:16, schrieb Brian Hechinger:
On Nov 23, 2011, at 19:45, Josh Grosse j...@jggimi.homeip.net wrote:
On Wed, Nov 23, 2011 at 04:41:09PM -0500, Brian Hechinger wrote:
Anyone know where I should be looking here to figure out why this
isn't working?
Brian, I don't know if
Hello,
2 weeks ago I updated a virtual openbsd test machine from 4.8 to 4.9. It
came with the new vmt driver from dlg@ which is is a nice and useful
feature.
But now I saw that it does not work properly with functions in vSphere
which uses automated snapshots. (I testet it with VMware Data
Am 06.11.2010 03:23, schrieb James A. Peltier:
Problem Description:
I'm trying to filter VLANs on the bridge. However, when enabling VLAN
devices on the em1 interface the bridge does not work.
Hello
Test Setup:
The 2910AL-24G port 19 has its ports configured as TAGGED
Axel Rau schrieb:
Am 18.05.2010 um 14:11 schrieb Guido Tschakert:
I would say your Server is __the__ single point of failure (sure the
switch is also a spof but normally I'm more worried about servers then
switches)
Yes, but it has 2 power supplies and redundant disks. If the mini pwr
Axel Rau schrieb:
Hi all,
I have a pair of redundant firewalls (obsd 4.6) and a server (fbsd 8.0):
+---+ +--+
| | | |
+fw1+--+ +-+ |
carp0| |carp1 | | em0| |
| |
Guido Tschakert schrieb:
John Arnold schrieb:
It isn't worth using it. The overhead is too high.
OK, thanks for the response.
That being the case, can anybody give me any advice on what hardware I would
need to achieve gigabit VPN throughput (aes/3des md5/sha1) with ipsec?
And yes I
Hello everybody,
Just want to put my 2 cents in this discussion:
some weeks ago, I thought that it would be time to pre-order 4.5.
But then the following comes to my mind: in the last years I seldom used
the CDs, most time I used ftp. The CDs themself were lying on the shelf.
Actually I do not
Markus Hennecke schrieb:
Guido Tschakert wrote:
the question is: do you use the vmware-tools from server 2.0 and if
you do so, how did you manage it?
No, we are running server 1.0.8 for our OpenBSD vmware installations. We
have some laptops with our Windows client software that needs fast
Markus Hennecke wrote:
On Wed, 18 Mar 2009, Markus Hennecke wrote:
Laurens Vets wrote:
Markus Hennecke wrote:
On Wed, 18 Mar 2009, Laurens Vets wrote:
Laurens Vets wrote:
Doesn't work for me. Vmware-guestd doesn't want to run and the
message Abort trap is printed...
Btw, this is on
sonjaya schrieb:
what virtualization you use (vmware , openvz , etc )?
Hi,
as Michiel wrote, he uses kvm (this is something in the linux kernel)
OpenVZ will not work. (Its up to you to find out why ;-) )
I use OpenBSD in Vmware Server 2.0 and if you search the archives you
will find a lot
Linus Swdlas schrieb:
On Wed, 18 Mar 2009 14:45:44 +0100, Laurens Vets laur...@daemon.be wrote:
Laurens Vets wrote:
Alexandre Verriere wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Laurens Vets a icrit :
My boss ask how to move current obsd server to virtualiaztion ( such
as
Linus Swdlas schrieb:
On Wed, 18 Mar 2009 14:45:44 +0100, Laurens Vets laur...@daemon.be wrote:
Laurens Vets wrote:
Alexandre Verriere wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Laurens Vets a icrit :
My boss ask how to move current obsd server to virtualiaztion ( such
as
Key Aavoja schrieb:
Hello,
Hello,
first thing: I do not have any experience with multicast traffic.
But what you have build seems very strange to me. First you use vlan to
separate the networks an then you put them alltogether with a bridge.
I do not see the use of the vlans.
Wouldn't it be
ro...@cs.wisc.edu schrieb:
I recently started using a VPN with my laptop for when I travel(which is
quite often) and I have noticed a detectable degradation when going
through the VPN especially when using streaming video. My laptop is a few
years old and the problem isn't that big a deal but
Guido Tschakert schrieb:
ro...@cs.wisc.edu schrieb:
I recently started using a VPN with my laptop for when I travel(which is
quite often) and I have noticed a detectable degradation when going
through the VPN especially when using streaming video. My laptop is a few
years old and the problem
Laurens Vets schrieb:
Laurens Vets wrote:
Good morning,
Hello
have you read man compat_freebsd and tried the suggestions (i.e.
download libc.so.1 from somewhere and also ldd and some other files)
I was not aware of that man page... I've been trying to set things up
using it as a guide,
Hi,
have you read man compat_freebsd and tried the suggestions (i.e.
download libc.so.1 from somewhere and also ldd and some other files)
guido
Laurens Vets schrieb:
Hi list,
I'm trying to get the FreeBSD version of the VMware Tools installed in
OpenBSD 4.4 under VMware Server 2.0
Hello,
what about /etc/resolv.conf on your OpenBSD System.
Have you configured which DNS to use?
guido
Linyin schrieb:
Installed openbsd,configure network.When I try ping ip address its
ok,but use the doname is looks down.
The dns server is ok,i try ping doname under winxp:
C:\Documents
Jordi Espasa Clofent schrieb:
Hi all,
As post subject says, it's a clear question ?Is it softraid(4) ready for
a production system?
I have to build a authentication (with OpenLDAP) system and I want to do
it with OpenBSD; I absolutely tust on Marco's good job, but I must to
know if
Peter N. M. Hansteen schrieb:
Harald Dunkel [EMAIL PROTECTED] writes:
maybe you can use something like this in your script:
int_if=xx:xx:xx:xx:xx:xx
ext_if=yy:yy:yy:yy:yy:yy
int_if=`ifconfig|grep -e $int_if|awk '{print $1}'`
ext_if=`ifconfig|grep -e $ext_if|awk '{print $1}'`
This will not
]
--
Mit freundlichen Gr|_en,
Guido Tschakert
_
SRC Security Research Consulting GmbH
Graurheindorfer Str. 149 a Tel: +49-228-2806-138
53117 Bonn Fax: +49-228-2806-199
http://www.src-gmbh.de Mob: +49-160
to be mainstream, I'm assuming that backup and restore
procedures aren't mainstream (e.g. have the kinks worked out) either.
That assumption could be invalid.
Doug.
--
Mit freundlichen Gr|_en,
Guido Tschakert
_
SRC Security
new_guy schrieb:
I know. Longest uptime is silly, macho, pointless stuff... but I ran across
an old SunOS 2.6 box that had been up for 387 days. It had been hacked. The
only reason it was not an open mail relay is that /var was full. So, I
thought to myself, I bet I could run an OpenBSD box
J.C. Roberts schrieb:
On Wednesday 15 October 2008, ropers wrote:
I don't know if it is possible to use --surrounding physical space
permitting-- 64bit cards in 32 bit slots (and have them run w/
reduced performance). IIRC, something like that used to be possible
back when it came to the
Stuart Henderson schrieb:
I think I probably see the same thing on RT2860, but you've got further
tracking down what's happening than me (my debugging is hampered by the
AP being about 2 hour's drive away..)
In gmane.os.openbsd.misc, you wrote:
Hi,
I 'm running OpenBSD 4.4-current
Hi Folks,
just a few minutes ago a packet from Wim arrived in my office.
may the source be with us
guido
Juan Miscaro schrieb:
2008/9/17 Diana Eichert [EMAIL PROTECTED]:
On Wed, Sep 17, 2008 at 08:56:07AM +, Stuart Henderson wrote:
On 2008-09-17, Juan Miscaro [EMAIL PROTECTED] wrote:
Has anyone any experience running OpenBSD on this puppy:
http://www.commell-sys.com/Product/IPC/EMB-564.htm
Stuart Henderson schrieb:
On 2008-07-24, Mike Shaw [EMAIL PROTECTED] wrote:
Regarding the cache poisoning patch (which I see for 4.3). Are there
any effective workarounds for OpenBSD 4.0/4.1?
The 4.2 patch should also work for 4.1
I can confirm that the 4.2 patch works with 4.1 (at
Duncan Patton a Campbell schrieb:
On Thu, 17 Jul 2008 21:37:27 +0200
Marc Balmer [EMAIL PROTECTED] wrote:
* Shizzle Cash wrote:
On Jul 17, 2008, at 8:42 AM, Giancarlo Razzolini wrote:
agreed. I barely can wait to see Ty Semaka artwork for 4.4. Definitively
it should include monkeys. And
Yes I know its experimental... ;-)
I bought a ASUS WL-130N, installed the latest snapshot (from July 2nd)
and tried WPA
I build the pre-shared key
# wpa-psk ZELDA start123
0x763b94d25e9800f80f926fcc26d7fdf52b3b565209456bd0aa31973fbd8d5ce2
and put it in my /etc/hostname.ral0
# cat
giovanni schrieb:
well, I'm not alone
same behaviour as stated in:
http://marc.info/?l=openbsd-miscm=121396323512149w=2
moreover if I do not use any wpa it does not panic. did you try this?
Hi Giovanni,
no, I did not really tested it, I only tried out wpa and saw that it
worked with wpa
Hello folks
short:
will 2 (or more) dhcrelay work on one router without problems
long:
I have a router connected to 3 networks:
a.b.1.0/24 connected to if1,
a.b.2.0/24 connceted to if2,
a.b.3.0/24 connected to if3.
Lets say I have a dhcpd on a.b.1.1
Is it possible to start the two dhcrelay
Guido Tschakert schrieb:
Hello folks
short:
will 2 (or more) dhcrelay work on one router without problems
long:
I have a router connected to 3 networks:
a.b.1.0/24 connected to if1,
a.b.2.0/24 connceted to if2,
a.b.3.0/24 connected to if3.
Lets say I have a dhcpd on a.b.1.1
Antonio Lobato schrieb:
Hi all!
I read http://openbsd.org/security.html (and stable.html), but could
not make
sure about my question.
If today I download old versions (say /pub/OpenBSD/4.0/i386/cd40.iso) of
openbsd, does it already includes the fixes listed in
Hi,
I wonder why pf works from top to bottom in filtering with last matching
rule wins but in adress translation from top to bottom with first
matching rule wins.
Sure, I can use quick on every rule in filtering to have first
matching rule wins.
Me thinks it would be better if both filtering
Steve B wrote:
Has anyone seen a manufacturer that sells an appliance style chassis? I'd
like to slim down my current 4U/OBSD box to a 1U form factor using a VIA C7
board. Ideally I'd like to have a chassis that has the Ethernet ports on the
front, along with a serial port. Something like an
Hello,
for those of you who are interested,
Asus has released the source code of their linux drivers for the EeePc.
http://support.asus.com/download/Download.aspx?SLanguage=en-us
Sorry, no direct link and I also don't know if it is blob free.
Maybe someone of you wants to look deeper in the
Marc Balmer schrieb:
Jacob Winther wrote:
On 14/11/2007, at 6:55 AM, Andreas Maus wrote:
Did anyone try to run OpenBSD on Asus new small eeePC?
Just fired up a flashboot image from usb running 4.1 bsd.rd:
nice to see you have one. can you boot -current and mail the dmesg to
[EMAIL
Gerald Thornberry schrieb:
How about an external CDROM drive connected to a parallel port? Micro
Solutions used to make one (called BackPack) that could connect via
USB, PCCard, and Parallel Port. Once you loaded the drivers under
Windows I'm pretty sure you could boot from it.
Hmm,
what
Hello Webmasters :-)
Theres is a Typo on http://www.openbsd.org/errata41.html :
Me thinks it should read 011:SECURITY FIX: October 10,2007
and not: 018:SECURITY FIX: October 10,2007
guido
stan schrieb:
I have a new laptop.
It came with Vista on it. I used gpartd to resize those partions, and added
Ubuntu. Now I want to add OpenBSD, and FreeBSD. I'd like to do OpenBSD
next.
When I boot the 4.1 CD, I get to the partioning step, and I am confused.
Since I can't figure out
Peter N. M. Hansteen wrote:
Anton Karpov [EMAIL PROTECTED] writes:
People who don't know each other but wears PUFFY, should salute each other.
It's an OpenBSD thing. You wouldn't understand ;-)
obviously the salute would need to be clearly specified or at least
set to sensible defaults
Ronnie Garcia wrote:
Hey,
I was expecting to stop pfsync with :
ifconfig pfsync0 down
Hi
pfsync is a pseudo-device (see man pfsync)
To stop a pseudo-device you have to destroy it:
ifconfig pfsync0 destroy (see man ifconfig and search for pseudo-device)
hth
guido
But it did not.
I
Jacob Yocom-Piatt wrote:
i am forced to use windows at work and am trying to get a vmware openbsd
VM to recognize the non-virtual interfaces, so as to have openbsd as the
router for the windows system. this is using the free vmplayer v1.0.3.
i've read and followed
Subcommander l0r3zz wrote:
On 2/28/07, *Guido Tschakert* [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] wrote:
Jacob Yocom-Piatt wrote:
i am forced to use windows at work and am trying to get a vmware
openbsd
VM to recognize the non-virtual interfaces, so as to have
James Blasius wrote:
I have not been able to figure out (for months) how to attach
configure NUT to find an UPS on a USB port. The dmesg shows it to be
on uhidev0. Thanks.
Hi,
I have the same problem
http://archives.neohapsis.com/archives/openbsd/2006-11/2133.html
but unfortunely never
Hello,
while reading the discussion about spamd, I decided to learn a little
bit about it and have a look in the manual, but man spamd yields to the
manual of spamd - daemonized version of spamassassin what is not
exactly what I was looking for. (I installed p5-Mail-SpamAssasin from
Jason McIntyre wrote:
On Tue, Feb 20, 2007 at 10:19:31PM +0100, Guido Tschakert wrote:
The first and the last entry are both spamd (8), but spamassassin from
ports has overwritten /usr/local/man/man8/spamd.8 from the system (which
I am looking for)
I don't know if there is an easy solution
Jan Izary wrote:
Brian wrote:
I'm having trouble connecting to my OpenBSD wireless router with my
Nintendo DS handheld.
http://nate.my-balls.com/reference/?content=wirelessmenu=network does
have a working configuration with ural, try it's set up and of course,
configure your ds to make
Hello,
I'm trying to connect to my Eaton Pwoerware 5110 with usb.
I have installed OpenBSD 4.0 and nut-2.0.3.
The dmesg part for the UPS reads:
ugen0 at uhub0 port 2
ugen0: Powerware Powerware UPS, rev 0.20/0.50, addr 6
I tried to configure /etc/nut/ups.conf
[UPS]
driver = bcmxcp_usb
Damian Wiest wrote:
On Tue, Oct 31, 2006 at 11:08:15AM +0100, Guido Tschakert wrote:
Hello,
after reading through the ralink broken after last update thread and
seeing that Bruno is using an Nintendo Wifi Connector
I wonder if someone has connected a Nintendo DS via an OpenBSD Box
Johan L wrote:
Karsten McMinn skrev:
On 9/27/06, Jason Dixon [EMAIL PROTECTED] wrote:
Think about it. How would sshd communicate with you without an IP
address? Seems to defy the laws of TCP/IP.
I'd concede that its more akin to bending than defying laws (RFCs).
with enough will and
Stuart Henderson wrote:
On 2006/09/06 13:19, Cedric Brisseau wrote:
I think spamd can't help a lot since mails aren't received directly.
oh, what do you mean by aren't received directly?
I think he means, the mail are fetched from their provider with a
mechanism similar to fetchmail and
Paul de Weerd schrieb:
On Tue, Aug 15, 2006 at 02:20:05PM -0500, Matthew R. Dempsky wrote:
| On Sun, Aug 13, 2006 at 01:19:31PM -0400, Nick Guenther wrote:
| I think you're looking for ifconfig(8). Wait, doesn't linux have
| ifconfig? What's ip for?
|
| ip is from the iproute2 package.
openbsd misc schrieb:
Hello,
I'm looking for a smtp proxy. The idea is, that the proxy checks the
smtp session (if everything is valid and forward the information to an
exchange-server). The forwards should happen step-by-step (the smtp
proxy should be able to drop to be able to deny
finley_it schrieb:
Hi Guido,
Maybe you are interested in knowing that Suse 10.1 handle quit well asix
ax88772, while previous 9.3 doesn't
bue
Finley
Yeah, I know, (i also tested the D-Link Crap with SuSE10.1) and had a
look in the sources of the usbnet driver. But it didn't work out of
ello,
I have searched the net and what I found isn't that good.
From the linux people I found that AX88772 L should be supported by
their usbnet driver.
On the other side I found a guy (using linux) having the same device
(and thus the same problem as I have)
At asix I found the
Guido Tschakert schrieb:
ello,
I have searched the net and what I found isn't that good.
From the linux people I found that AX88772 L should be supported by
their usbnet driver.
On the other side I found a guy (using linux) having the same device
(and thus the same problem as I have
Guido Tschakert schrieb:
Guido Tschakert schrieb:
Hello,
don't know if this is the right place, but I post it anyway.
I bought an D-Link DUB-E100 which should work on OpenBSD accordingly to
the web site.
But it doesn't. Our lovely vendor D-Link changed the chipset and called
it H/W Ver
an
advantage. This way the user is forced to work with the properly implemented
things and doesn't have to waste time with crap.
CL
--
Mit freundlichen Gr|_en,
Guido Tschakert
_
SRC Security Research Consulting GmbH
Graurheindorfer Str. 149
Jonathan Gray schrieb:
**snip**
Hello,
here is what I've done.
installed an openbsd
put src.tar.gz on it
made an cvs-update
A snapshot would have been easier for this bit.
applied the diffs (by hand, as it were just a few lines and I didn't
find the right way to do this with
Jonathan Gray schrieb:
On Thu, Jul 06, 2006 at 04:14:12PM +0200, Guido Tschakert wrote:
Guido Tschakert schrieb:
Hello,
don't know if this is the right place, but I post it anyway.
I bought an D-Link DUB-E100 which should work on OpenBSD accordingly to
the web site.
But it doesn't. Our
Jonathan Gray schrieb:
On Thu, Jul 06, 2006 at 04:14:12PM +0200, Guido Tschakert wrote:
Guido Tschakert schrieb:
Hello,
don't know if this is the right place, but I post it anyway.
I bought an D-Link DUB-E100 which should work on OpenBSD accordingly to
the web site.
But it doesn't. Our
[EMAIL PROTECTED] schrieb:
Hello everybody,
Lately I switched to a new ISP in germany wich provides much more bandwith
(~18Mbit) then my old ISP (~2Mbit).
Until now I use the pppD and not the kernel-pppoe.
I read somewhere that the kernel-pppoe may should be better with such fast
Hello,
don't know if this is the right place, but I post it anyway.
I bought an D-Link DUB-E100 which should work on OpenBSD accordingly to
the web site.
But it doesn't. Our lovely vendor D-Link changed the chipset and called
it H/W Ver.:B1
here comes the part of the dmesg
ugen0 at uhub4 port
Michael Lechtermann schrieb:
Falk Husemann wrote:
No doubt my name is anyone. I'd be angry.
It's not about hitting Return one more time, it's integrating something
new into the Installation Floppy. And you REALLY don't want to drop
Floppy Installation support or favor CDs.
If you had
Federico Giannici schrieb:
Matthias Kilian wrote:
On Tue, Jun 20, 2006 at 10:59:58AM +0200, Federico Giannici wrote:
[...]
The pc freezes (but only occasionally) during dumps of the entire
filesystem, using the system dump program. The dump is done while
the system is in use, so files may
Adrian Close schrieb:
On Tue, 20 Jun 2006, Justin Blackmore wrote:
Im running several OpenBSD 3.9 VM's on a GSX server and the clocks on
the OBSD vm's drift pretty bad, the real time host hardware clock is
How much drift? The guest hardware clock generally won't be stable
enough for NTP
sonjaya schrieb:
some email detect spam also most importan email ,so how to restore
email in /var/virusmail/xxx because taht email is important.
also any body have some tip to make amavisd-new in openbsd 3.9 most
faster working because they a lot delay when send and receive with
attachment.
Stuart Henderson schrieb:
On 2006/05/18 10:06, Guido Tschakert wrote:
I also run a memorytest over a weekend with the only result that the
memory seems to be ok.
What else could freeze an OpenBSD box
Other hardware problems can occur that memtest won't show.
Some are fixable (e.g
Jacob Meuser wrote:
On Fri, Feb 03, 2006 at 10:35:16AM +0100, Guido Tschakert wrote:
Jacob Meuser wrote:
On Fri, Feb 03, 2006 at 12:04:20PM +0500, Dmitry Slobodchikov wrote:
Growisofs don't work too neither -Z nor -M arguments
/home/zoosman-dvd+rw-format -blank /dev/dvd
* DVDRW/-RAM
Jacob Meuser wrote:
On Fri, Feb 03, 2006 at 12:04:20PM +0500, Dmitry Slobodchikov wrote:
Growisofs don't work too neither -Z nor -M arguments
/home/zoosman-dvd+rw-format -blank /dev/dvd
* DVDRW/-RAM format utility by [EMAIL PROTECTED], version 4.10.
:-( unable to open(/dev/dvd): Invalid
Armand Chen wrote:
Hi all :-)
After I switched to OpenBSD, there are still some data in my old NTFS
partition. I've made the NTFS support into kernel, and successfully
mounted the NTFS partision.
The problem is, some filename of the data is encoded other than
ISO8859-1. In other UNIX-like
Zoong PHAM wrote:
Does anyone know if a Zaurus 3100 can work with any VGA
monitor/projector?
And where can I buy a VGA adapter for Zaurus 3100?
Thanks,
Zoong
Hello,
maybe you have a look here
http://www.trisoft.de/zxgacf.htm (sorry it's German)
and here:
Daniel Ouellet wrote:
Sorry for this off topic question. Looking at the archive, SK (Henning
love them! (;) is what look likes the best Ethernet cards to use, a few
months ago anyway. The network cards are changing so quickly that what
was true 6 months ago, may well not be today.
For quad,
Andreas M|rdter wrote:
command groups does not exist on the soekris-box. but id.
this is the output after reboot.
---snip---
$ id admin
uid=1000(admin) gid=10(users) groups=10(users), 0(wheel)
$ su
Password:
Nov 9 16:23:26 sample su: BAD SU admin to root on /dev/tty00
Sorry
Nov 9
Kilaru Sambaiah wrote:
Hello All,
I am linux administrator and use iptables for firewall. I use
shorewall, which you
need to be setting up only policy based on your box is having one
interface or
two interfaces or three. Policy, zone, interfaces, rules these are all
I need to edit.
Is
Leonardo Marques wrote:
Hello people,
I wanna how to lock a user in his home, he cannot see any other
directory, just his home. Someone how can i do this?
Thanks for attention,
[]s
--
--
Leonardo Marques
http://www.analyx.org
--
Hmm,
Florian wrote:
ok, squid, but what about POP and SMTP ?
Hmm, Proxy for smtp?
What about sendmail, postfix, qmail, etc?
Almost every MTA should work as a smtp proxy (i.e. is a smtp proxy)
Proxy for pop?
Never used one of them
but have you looked at
balance-2.33.tgz
nylon-1.2.tgz
Hello
On 8 Sep 2005, at 13:55, Stephan A. Rickauer wrote:
Thanks to the kind help on this list, my test firewall successfully
runs OpenBSD 3.7 and is basically configured. I now need to think
about migrating my existing netfilter rule set to pf and would like
to ask also some general
Joco Salvatti wrote:
Hi all,
I have a firewall with a xl0 at pci0 dev 9 function 0 3Com 3c905 100Base-TX
rev 0x00: irq 11, address 00:60:97:d3:77:85 network interface card, and I'd
like to know how to activate SMNP under my OpenBSD system to capture the
informations and generate the input to
Jonathan Schleifer wrote:
I don't see where you set the MTU/MSS? Are you sure you have set them
somewhere else? eBay is known to have problems with bad/wrong MTU/MSS.
Try adding scrub out on $ext_if max-mss 1414 to your pf.conf and adding
-mtu 1454 to the route. Also take a look at pppoe(4)
Nick Holland wrote:
Guido Tschakert wrote:
Jonathan Schleifer wrote:
I don't see where you set the MTU/MSS? Are you sure you have set them
somewhere else? eBay is known to have problems with bad/wrong MTU/MSS.
Try adding scrub out on $ext_if max-mss 1414 to your pf.conf and adding
-mtu 1454
Guido Tschakert wrote:
Ok, after digging in the archives I found the thread
pf reassemble tcp problem in latest snapshot?
and it seems there is no real solution for this problem in OpenBSD/pf.
provocation on
I found that somewhat poor, because with Cisco IOS and Linux iptables
this problem
,
Guido Tschakert
_
SRC Security Research Consulting GmbH
Graurheindorfer Str. 149 a Tel: +49-228-2806-138
53117 Bonn Fax: +49-228-2806-199
http://www.src-gmbh.de Mob: +49-160-3671422
openvpn is easy to set up, but I don't want to deal with
the lower mss/mtu. (But on the other hand openvpn is my fallback
solution.)
TIA
--
Mit freundlichen Gr|_en,
Guido Tschakert
89 matches
Mail list logo
