is anyone aware of such a nice little device with low power consumption
and ECC memory? The alternatives mentioned so far just offer normal RAM
options...
Kubernetes' philosophy quite contradicts to OpenBSDs. Also, Kubernetes
builds upon Linux technologies. Porting that stuff alone to OpenBSD
would mean a great deal of work, and again does not really fit OpenBSDs
developers ideas. The resources of OpenBSD is just a tiny fraction of
that of
On 12.04.22 15:26, Łukasz Moskała wrote:
I remember talking with network engineer at one company I used to work at.
We used fortigate firewalls, and I asked why are we using SSLVPN instead of
ipsec-based vpn, as both were supported.
He said something along the lines of "ipsec does not work
imho benchmarking only makes sense for your scenario, so I recommend
benchmarking the ruleset you intend to use on that device.
Also: what are you benchmarking against, and what is your setup (nat,
bridge etc.)?
On 04.04.22 21:50, Nicolas Goy wrote:
Hello,
I'd like to make some 10gbit/s
I agree with Janne. Almost always it is more of a compliance topic than
a technical topic.
I did work for where we provided crypto/digital signature
stuff to government and institutions I won't name, and e.g. the
constraint for choosing an operating system for a platform was almost
always
On 28.11.20 05:51, Nick Holland wrote:
> I've heard that from a lot of people.
> And yet, those same people, when pressed, will tell you that a ZFS-equipped
> system will crash much more often than simpler file systems. That's one
> heck of a real penalty to pay for a theoretical advantage.
>
>
We have ~30,000 entries in our table blocking networks and
single ip addresses, all in all at the moment exactly 169,471,974 hosts
being blocked. No idea what your criteria is for "performance impact",
but we have no issues.
On 12.08.20 14:11, Alan McKay wrote:
> Hey folks,
>
> This is one that
this is probably due to the recent social discussion about the black
lives matter movement. engineers around the world show their support to
this movement against racism by various measurs, e.g. adjusting their
code of conduct/rules etc. In many cases, "blacklist" should not relate
to something
that's aweseome! Thanks!
On 16.07.20 15:43, Ben Jahmine wrote:
>> Is there somewhere to get higher resolution OpenBSD artwork?
>>
>> I see the stuff on the website, and it's great, but on my 8k screen it's
>> kind of like a postage stamp in the middle.
>>
>> Do higher Res copies exist
also: you can use the app termux if you want some nice terminal programs
... I rsync all my files from my phone to my computer.
On 14.07.20 13:11, Abel Abraham Camarillo Ojeda wrote:
> On Tue, Jul 14, 2020 at 5:07 AM Jan Stary wrote:
>
>> On Jul 13 14:39:35, justinkm...@gmail.com wrote:
>>>
it seems you skipped the firewall part of the document you were
referring, you need NAT connections.
On 05.06.20 18:50, Richard Ulmer wrote:
> Hi,
> I got myself an APU2E2 and am trying to set it up as a router. To learn
> how to do this I'm mostly following the "Building a Router" FAQ [1]. For
I just don't get it why some people put so much energy into bashing a
free product instead of just ignoring it if they really hate it. The
time would have been better spent on supporting/improving OpenBSD or
another project.
On 28.05.20 13:20, Ian Darwin wrote:
> On Thu, May 28, 2020 at
the shutdown because
the system is trying to boot /bsd.upgrade again which of course
vanished. (so use /bsd in vm.conf again and start the vm)
So for manual upgrade editing the boot config in grub menu is simple, if
you do automated upgrades going via the vm.conf stuff might be preferable.
Hi,
just for info: Upgrading from 6.6 to 6.7 worked without flaws on my
OpenBSD VMs on Linux/KVM and FreeBSD/bhyve hypervisors! 6.7 feels faster
and snappier! Thanks to you all for your hard work!
Regards,
infoomatic
,
infoomatic
what exactly are you trying to achieve, or: why not use azure firewall?
On 26.04.20 17:27, 4642 wrote:
> Hi, I have created a OpenBSD 6.6 VM in the Azures cloud that I plan to use as
> a Firewall, I had planned on using carp but I can't get it working in Azure
> so I think I can use an
some questions do arise:
1.) is the device which you intend to use under your control?
2.) how would you like to access systems in your home network
as for me I have a VPN service on my server so I can access all my
systems from a device I own when I am on the road. This saves me from
not reachable for days now in Austria, Germany, Czech Republic
On 13.04.20 11:01, SP2L Tom wrote:
> Greetings.
>
>
> It was and it is still up
> At least, I can reach OpenBSD site.
>
>
> Best regards.
> Tom
>
> W 13 kwietnia 2020 10:23:18 Sebastien Marie napisał:
>
>> On Mon, Apr 13, 2020 at
I suggest you read on the documentation instead of throwing one-line
questions to the mailing list.
The documentation is excellent, just look for the information you need.
https://man.openbsd.org/
https://openports.se/
On 11.04.20 15:58, Nikita Stepanov wrote:
> Does Intel driver supports
No. But a lot of the software you might know from Linux is available via
ports and packages.
On 11.04.20 11:57, Nikita Stepanov wrote:
> Can openbsd run Linux binaries?
On 09.04.20 11:55, Rudolf Leitgeb wrote:
> As soon as your server does anything useful, it will
> present an attack vector to the outside world, and one needs to
> be aware of it.
>
just to add to your argument: your server does not even have to do
anything ... the interface driver or just the
varnish does not bring down the network latency if users are sitting on
the other end of the world...
On 17.03.20 08:48, Wayne Oliver wrote:
On 2020/03/16 12:26, Flipchan wrote:
Hey all,
My company needs to put up a cdn for fast hosting of javascript,
images and css for websites, and then i
what do you want to achieve?
If you want to access the array from OpenBSD then I see no possibility
with this configuration.
If you want a dual-boot system I suggest you configure the 4-disk raid
in OpenBSD and in arch linux you could use a VM and use hardware
passthrough to access the data.
just out of curiosity: did you do the FreeBSD test on ZFS with
compression enabled?
Am 09.01.20 um 15:22 schrieb Hamd:
Joe, are you a joke? Please stop insulting me, this is not
my/your_personal_fancy_forum.
This will be my last post here in misc.
Default setups, no config. changes.
Just
1.) OpenBSD never stated that ultimate performance is their goal, but
clean maintainable code is, and thus in case of a compromise the
developers will choose clean code over performance.
2.) to quote Breandan Gregg: "All benchmarks are wrong until proven
otherwise"
3.) It's 2020 and you quote a
I can recommend using queues in pf ... very simple and effective.
https://man.openbsd.org/pf.conf#QUEUEING
Am 02.01.20 um 15:12 schrieb radek:
Hello,
I have the following scenario:
[box_rac][fw_rac] <--iked site-to-site--> [fw_krz]--[box_krz]
[box_rac] pulls (rsync) "big data" from
here is another version:
https://github.com/notqmail/notqmail
I switched to postfix long time ago, never looked back.
Am 30.12.19 um 14:09 schrieb Gustavo Rios:
Is qmail dead ?
Does anyone here use openbsd with qmail+ldap ?
thats good news, thanks Philip for the info! In the meantime I disabled
swap (as well as ntopng) on my firewalls - this is of course not needed
on a firewall and was just a left-over from the initial default install.
regards,infoomatic Gesendet: Freitag, 27. April 2018 um 13:50 Uhr
Von: "P
does not handle
any tcp/ip or icmp connections any more until the swap space is fully freed
(which, in my case when ntopng used 3 out of 4GB swap, lastet for nearly 20
minutes). IMHO, unswapping a process should not influence network connectivity
that much.
Regards,
infoomatic
> Gesen
have now disabled ntopng. I kindly ask the devs to take a look at this! If
you need a testsetup for this or if I can do anything, just contact me.
Regards,
infoomatic
> Gesendet: Mittwoch, 25. April 2018 um 15:25 Uhr
> Von: Infoomatic <infooma...@gmx.at>
> An: misc
re to look for a bug. Any tipps how to deal
with this matter in the future?
TIA and regards,
infoomatic
[1]
OpenBSD 6.3 (GENERIC.MP) #107: Sat Mar 24 14:21:59 MDT 2018
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 4238319616 (4041MB)
avail mem = 41027952
12. Januar 2018 um 12:48 Uhr
> Von: "Stefan Fritsch" <s...@sfritsch.de>
> An: Infoomatic <infooma...@gmx.at>
> Cc: misc@openbsd.org
> Betreff: Re: Performance issues as KVM guest?
>
> Hi, I don't see this issue on my Debian system, but please try two thin
Same problem here.
While we did have significant differences in cpu usage between FreeBSD and
OpenBSD (basic OS without configuration: FreeBSD ~ 33min CPU time, OpenBSD ~
474min CPU time - both started at the same time), with the latest kernel
patches for Ubuntu 17.04 (our test environments all
e.g. "multiple pptp pass-through on pf" from 2007 and others about
10 years back.
Whats the current state of this? Do I really need a proxy like poptop?
thanks in advance,
infoomatic
I have tried the latest snapshot and ... thanks for fixing this! reboot and
shutdown are now working again on my 16 year old notebook!
> Gesendet: Freitag, 12. Mai 2017 um 22:06 Uhr
> Von: Infoomatic <infooma...@gmx.at>
> An: "OpenBSD Misc" <misc@openbsd.org>
&g
Hi,
As nowadays I read quite a lot of projects being fuzzy tested or
vulnerabilities detected by fuzzy testing, I am quite curious: what is the
status of OpenBSD kernel/base system concerning fuzzy testing?
Is there a plan on using the Google fuzzer? thanks
regards,
infoomatic
...") , it now ignores also
/etc/mygate.
Adding "ifconfig vether0 inet alias XXX netmask XXX" and "route add default
XXX" to /etc/rc.local was the workaround, however, I think this is not expected
behaviour.
regards,
infoomatic
> Gesendet: Dienstag, 09. Mai 2
> iwi(4) was entirely broken since the WPA security patch for 6.0.
> I made it work again for 6.1 but also saw these firmware errors occasionally.
> But I thought these errors were already present in 6.0 and before. It looks
> like that's not the case, and there is even more left to fix...
OK,
I wanted to try to resolve the issue I just posted and tried to reboot, however
the machine hangs and shows:
syncing disks... done
ehci0: reset timeout
rebooting...
even pushing the power button long does not switch off the machin, I have to
unplug the powersupply and remove the battery.
hi,
I upgraded my old notebook to 6.1. However, I am experiencing hickups with wifi
(no problems with 6.0)
some lines in dmesg:
iwi0 at pci1 dev 13 function 0 "Intel PRO/Wireless 2200BG" rev 0x05: irq 11,
address 00:
.
iwi0: fatal firmware error
iwi0: timeout waiting for master
iwi0: fatal
> > > does it work when you put - inet alias X.X.X.Y 255.255.255.255 ?
> >
> > unfortunately not. It's the same effect as with 255.255.255.224: working
> > locally on the subnet, but not when routing is involved.
> > Thanks anyway for this idea!
>
> Guess I was to fast! After a few minutes it
> > does it work when you put - inet alias X.X.X.Y 255.255.255.255 ?
>
> unfortunately not. It's the same effect as with 255.255.255.224: working
> locally on the subnet, but not when routing is involved.
> Thanks anyway for this idea!
Guess I was to fast! After a few minutes it was working
> Von: "Hrvoje Popovski"
> > /etc/hostname.vether0:
> > up media autoselect
> > inet X.X.X.X 255.255.255.224 NONE
> > inet alias X.X.X.Y 255.255.255.224
>
>
> does it work when you put - inet alias X.X.X.Y 255.255.255.255 ?
unfortunately not. It's the same effect as with
the
alias statement), and then manually do a "ifconfig vether0 inet alias X.X.X.Y
netmask 255.255.255.224" everything is fine and works as expected.
I am curious in this matter, and would really appreciate someone sharing
his/her knowlegde to enlight a newcomer, thanks!
Kind regards,
infoomatic
I can confirm this for the https site
> Gesendet: Dienstag, 04. April 2017 um 11:04 Uhr
> Von: "Luke Small"
> An: openbsd-misc
> Betreff: I can't connect to openbsd.org in most cases.
>
> I have an openbsd vm on a windows 7 host, windows 7 asus, iPhone,
Hi,
I have not experienced any problems virtualizing OpenBSD with KVM, Xen,
HyperV, VMware.
I have done various performance tests over the years and found KVM to be the
best performing, most stable platform for our environment.
Those non-scientific tests simulated some of our typical workloads -
> Gesendet: Freitag, 03. März 2017 um 15:53 Uhr
> This is known behaviour from current.
>
OK, thanks for the info. I have no problem with the load so far, just did not
have an idea where it did come from since vmstat did not show anything unusual
compared to running -stable.
nt, the load average jumped
from about 0.2 to 1.7. There hasn't been changes in our userbase (<10 users) or
anything else, is this a known problem? I use the MP kernel.
regards,
infoomatic
> At least two bugs leading to this panic have been fixed post 6.0. I'd
> suggest you to upgrade to -current where it should work as expected. If
> not, please send a new bug report to bugs@.
Thanks a lot! This is awesome, you manage to fix bugs faster than I can report
them ;-)
I guess I
thing to support a dev to
fix this problem.
regards,
infoomatic
[1] https://postimg.org/image/5ogvhmc45/
[2] https://postimg.org/image/mmx6f1nxv/
[3] https://postimg.org/image/687wqsh8j/
Hello,
I hope someone could point me in the right direction with my problem I am
facing with openiked on a 64bit OpenBSD 6.0-stable. I want to connect two
bridged firewalls, however, it seems the connection cannot be fully
established. I tried with pf disabled but that did not change anything.
> Do you get any more output if you do "rcctl -f -d start iked"?
the output is:
doing _rc_parse_conf
doing _rc_quirks
iked_flags empty, using default ><
doing _rc_parse_conf /var/run/rc.d/iked
doing _rc_quirks
doing rc_check
iked
doing rc_pre
configuration OK
and then the terminal is blocked
> On Mon, Sep 26, 2016 at 02:17:35PM +0200, Infoomatic wrote:
> > also, the already running endpoint did not receive any packets.
>
> Nobody on this list can run ifconfig, route, and tcpdump on *your* box
> to figure out where you're losing packets...
this is not a connectivity
> On Mon, Sep 26, 2016 at 01:56:20PM +0200, Infoomatic wrote:
> > ipsec=YES in rc.conf.local does not change anything, and appending
> > "ikelifetime 60" to iked.conf neither.
>
> ipsec=YES and /etc/ipsec.conf are for use with isakmpd.
>
> iked does not us
es of which the
external one has the (simulated) external ip address and the internal
interface has an internal ip addres, both only ipv4.
The system is Openbsd 6.0 -stable including the patches until (and
including) 006.
I am quite sure this is just a minor detail I have overseen, however,
I would really appreciate your help! Thanks!
infoomatic
55 matches
Mail list logo