a) you're wrong
b) you don't know what problem he is trying to solve.
On Tue, May 14, 2013 at 5:28 AM, Salim Shaw salims...@vfemail.net wrote:
OpenBSD is a server/router/network service OS, it's not designed for
desktops. OpenBSD is the pre-eminent platform for Firewalling, IPsec, IPv6.
On Thu, Mar 14, 2013 at 10:22 PM, Jiri B ji...@devio.us wrote:
I'm aware of both. So what is this renaming of ifaces good
for?
On Windows it has it's advantages because by default you get stupid and
unhelpful names like Local Area Connection X.
It's pretty nice to be able to rename it to
On Sat, Feb 16, 2013 at 10:41 AM, Fil DiNoto fdin...@gmail.com wrote:
with something vaguely familiar to what they would encounter in the
other equipment like cisco or juniper they would be far less likely to
make a mistake that would result in an outage or security problem. So
as superficial
ntpd and sshd are only running if you enabled them when installing. For the
rest, just turn off inetd.
Why are they enabled by default? Search the mailing lists, it has been
asked and answered before.
Lars
In-tree dhcp most certainly support options because I am using them:
option autoproxy-script http://1.2.3.4/wpad.dat;;
Cheers,
Lars
On Mon, Dec 31, 2012 at 11:19 PM, Chris Smith obsd_m...@chrissmith.orgwrote:
Maybe it's a problem due to Unbound being a package and not part of
the core
Oh, you mean the space thing. Well, it probably doesn't but I Have never
needed that.
---
Lars
On Wed, Jan 2, 2013 at 6:50 PM, Lars Hansson romaby...@gmail.com wrote:
In-tree dhcp most certainly support options because I am using them:
option autoproxy-script http://1.2.3.4/wpad.dat
On Sat, Jul 21, 2012 at 1:29 AM, Alessandro Baggi
alessandro.ba...@gmail.com wrote:
Disabling mpbios see only one core and not smp.
I think that's the expected behavior if you disable mpbios. OpenBSD
runs great on a single core
in KVM anyway so why bother with SMP?
Cheers,
Lars
On Fri, Jun 29, 2012 at 7:20 PM, Eric Furman ericfur...@fastmail.net wrote:
I beg all true @misc followers
Search the archives for this shit eating moron's posts.
Funny, the only ones showing up when I search for useless posts are yours.
Cheers,
Lars
On Thu, Jun 28, 2012 at 6:40 AM, Nick Holland
n...@holland-consulting.net wrote:
Other than boring, no one has actually STATED a problem of the OpenBSD
website.
That's because there is no problem with it. Sure, it doesn't look like
the latest
whizz-bang sites (I have nothing against such sites,
Hmm..I get This post could not be found.
Cheers,
Lars
On Sat, Jun 9, 2012 at 1:55 AM, Chris Smith obsd_m...@chrissmith.org wrote:
... if you really want a firewall you need pfSense.
Also if you walk into any security experts convention and claim that
raw OpenBSD is a firewall, you will
On Thu, May 10, 2012 at 12:32 AM, Weldon Goree wel...@b.rontosaur.us wrote:
Right... because AutoSFTP and AutoSSH do not allow an administrator to
tamper with *them* at all?
I guess it's because they have Anti-Trojan capabilities so
presumably the binaries will detect if they have been tampered
On Thu, Apr 26, 2012 at 8:43 PM, Mihai Popescu mih...@gmail.com wrote:
This is interesting too (first paragraph), from the Ion author:
http://tuomov.iki.fi/software
Guess why Ion3 isn't in ports anymore.
---
Lars
On Thu, Apr 26, 2012 at 8:50 PM, Lars Hansson romaby...@gmail.com wrote:
On Thu, Apr 26, 2012 at 8:43 PM, Mihai Popescu mih...@gmail.com wrote:
This is interesting too (first paragraph), from the Ion author:
http://tuomov.iki.fi/software
Guess why Ion3 isn't in ports anymore.
Or more
On Mon, Mar 19, 2012 at 5:50 AM, Stuart Henderson s...@spacehopper.org wrote:
No idea how well OpenBSD does in xen.
Last time I tried OpenBSd in Xen ~2 years it worked like crap.
Couldn't get networking
to work at all and it was slow as a dog.
Cheers,
Lars
Disable mpbios.
Cheers,
Lars
On Fri, Mar 9, 2012 at 3:28 PM, Fredrik Staxeng fst...@update.uu.se wrote:
Do you want users at all? Or was Linus right?
Yes.
I dunno, I usually ignore his fire-brand rants.
---
Lars
On Fri, Mar 9, 2012 at 8:33 PM, Dmitrij D. Czarkoff czark...@gmail.com wrote:
So you state that the fact that if one chooses to use the whole disk,
the whole disk is used needs further documentation?
Well, since this is the one of the few (only?) destructive actions the
installer takes
I can
On Wed, Feb 29, 2012 at 10:44 AM, Nathan Stiles stiles.nat...@gmail.com wrote:
Also I've noticed that HTTPS isn't implemented on openbsd.org.
Why would it be? There is no user login or accout information
exchanged with openbsd.org.
Are you worrying that someone would, almost magically, insert
On Sun, Jan 22, 2012 at 3:35 AM, Anonymous cri...@ecn.org wrote:
I asked this before but I guess you didn't see it. So if you contribute
much more code to OpenBSD than someone else do you automatically get
license to insult people and post 100% noise as some kind of reward?
Since you're such
I notice you spend much more time scolding people than actually saying
anything worthwhile. You should work on yourself and find out why that is.
Perhaps you could benefit from some anger management training?
I notice that Henning is contributing much more code to OpenBSD than
you ever have
- how would you compare with facts and not flamewars OpenOSPFd against
Quagga or BIRD implementations?
This is not technical but...the openbsd ospfd tools does not pretend
to be Cisco and does not mimic the god-awful IOS cli and config
format.
Personally that is something I really, really
I run a number of 4.9 i386 boxes that functions as routers and are
logging to memory buffers.
Today I noticed that if I sighup the syslogd process the memory
buffers are no longer being logged to.
Below is the output from syslogd -d and I'm guessing the problem has
something to do with the Membuf
Uhm...ok, never mind. I'm an idiot. it does work. Sorry for that unneeded noise.
Cheers,
Lars
On Wed, Nov 23, 2011 at 3:14 AM, patrick keshishian pkesh...@gmail.com wrote:
Unless I'm misreading you, what you say doesn't make much sense.
It makes perfect sense and is in fact also the recommended way to run BIND.
The setup you suggest is more involved. Two servers: one resolving,
and
On Sat, Nov 12, 2011 at 4:57 AM, Amit Kulkarni amitk...@gmail.com wrote:
Antoine,
does this mean that we have to search for a way to disable automatic
indexing of files which KDE does? that's a daemon/service started by
KDE by default.
Nepomuk is started by KDE itself on log in and is not a
http://www.trollaxor.com/2010/06/why-i-left-openbsd.html
http://www.trollaxor.com/2010/06/why-i-almost-gave-openbsd-10-didnt.html
http://www.trollaxor.com/2011/10/why-i-uninstalled-openbsd.html
So pray tell, when DID you leave, really?
Cheers,
Lars Hansosn
Yeah, my bad too. Shouldn't have replied.
---
Lars
Since you didn't specify exactly what problem you have it's a bit
difficult to help. Still, it seems it's a KVM virtual server and
OpenBSD works just fine with KVM. The only thing I can think of that
would cause a problem is if you didn't disable mpbios.
Cheers,
Lars
and openbsd-misc isn't free tech support.
---
Lars Hansson
On Wed, Aug 31, 2011 at 2:59 AM, Anonymous Remailer (austria)
mixmas...@remailer.privacy.at wrote:
Call IBM support. You will have 10 technicians onsite in a week.
And 10 invoices in tomorrow's mail.
Use config:
[nembus]$ config -e -f /bsd
OpenBSD 4.9 (GENERIC) #671: Wed Mar 2 07:09:00 MST 2011
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
Enter 'help' for information
ukc find mpbios
352 mpbios0 at bios0 disable flags 0x0
ukc
Cheers,
Lars Hansson
If you're running under KVM then ACPI shutdown will not work unless
you disable mpbios. I always disable it with KVM since I don't
allocate more than one CPU to a VM anyway. I haven't noticed any
performance problems or other issues with it disabled.
Cheers,
Lars Hansson
If you want a comparison, I have run a small OpenBSD router under KVM
and it easily sustained 80Mbps. It was connected to a FastEthernet
switch so it couldnt actually go much higher. This was using the
emulated e1000 KVM device and OpenBSD 4.9 release with mpbios iic
disabled (disabling iic
phones complain that option 128 is missing (I take this to
mean that it have the wrong format or type since it's obviously there)
and goes no further.
I'm hoping it's just a matter of figuring out how to use the options
and format them correctly.
Cheers,
Lars Hansson
writing code. You know,
contributing to the project in a constructive and meaningful way.
---
Lars Hansson
and turns the PC on again
(just in case you might used it before this brave student..)...
You could do this in like 10minutes (max!).
10 minutes is a lot longer than seconds or even minutes.
---
Lars Hansson
On Feb 6, 2008 4:45 PM, Lars Noodin [EMAIL PROTECTED] wrote:
You've provided that data point yourself: MS Windows.
Since when is misc@ a Linux-esque anti-MS list?
---
Lars Hansson
on anything and he's not going
to change the opinion of anyone here.
It doesn't matter what I or anyone else here think of his ideas or how
hypocritical they may be or even if he was wrong or right. We're WAY past
the point where that mattered.
For everyones sanity just leave it alone.
---
Lars Hansson
(It may not be the very same words, but the intent is the
same).
Luckily for Linux RMS doesn't have a say in who works on the kernel. If he
had I guess Linux would now have been what GNU HURD is: unknown and
irrelevant.
---
Lars Hansson
, for example, can be, and is, used by governments to oppress
the people. Does that make working on OSS unethical?
---
Lars Hansson
On 12/17/07, David H. Lynch Jr. [EMAIL PROTECTED] wrote:
Yet you are seeking to deny the same freedom to Richard and everyone
else that disagrees.
No-one is trying to deny RMS the freedom to say and think whatever the
hell he wants, no matter how wacky.
---
Lars Hansson
?
If that does not matter then shut this thread down, because it is
pointless.
It was pointless from the start.
---
Lars Hansson
Can we please stop this thread now because it is
really not interesting at all.
---
Lars Hansson
implement pointless
security policies.
---
Lars Hansson
.
---
Lars Hansson
just might accept us
to licence it.
Yes, the discussion is in the archives and no he didnt. qmail had a
weird license.
---
Lars Hansson
On Nov 19, 2007 1:51 PM, Clint Pachl [EMAIL PROTECTED] wrote:
Does it even matter?
If you want to connect to networks that are using WEP, yes.
---
Lars Hansson
On Nov 17, 2007 8:35 AM, David Higgs [EMAIL PROTECTED] wrote:
I combined authpf with OpenVPN, using some big hints from some easily
google-able places. Even though WEP and WPA aren't supported by
OpenBSD,
OpenBSD supports WEP.
---
Lars Hansson
.
Yes.
---
Lars Hansson
users to mount
directories not owned by them. As it stands if you want to allow a
user to mount a cdrom drive, they each need thier own mount directory.
Right, so just mount them somewhere under your home directory. I dont
hink this is a problem in most cases.
---
Lars Hansson
On 10/25/07, Edd Barrett [EMAIL PROTECTED] wrote:
The workaround is to do something like this, with a shorter filename
or make sure you have a long filename in the root directory of the
partition or mount with -l.
---
Lars Hansson
.
As pointed out previously, the discussion was originally about the benefits
of separate application domains within an enterprise.
I'm sure there are benefits for certain situations.
---
Lars Hansson
code to understand that - the secuity benefits
are ovbious to everyone from the PHBs to the admins.
Actually they aren't. What are the obvious security benefits? I'm
not saying there aren't benefits, just that I can't see any obvious
security benefits.
---
Lars Hansson
) virtualizations won't require special OS
support. Xen is not a be-all-end-all.
---
Lars Hansson
in on $client_if from any to $adsl_client2_net queue adsl_client2_dn
Since you keep state (the default) you want to assign on the external
interface too, otherwise connections initiated from the outside
won't be assigned the correct queue.
---
Lars Hansson
distributions?
---
Lars Hansson
do.
It's amazing that in 2007 there are still so many mail operators and
relay-check sites that doesn't have a clue.
---
Lars Hansson
On 9/20/07, The One [EMAIL PROTECTED] wrote:
Sorry but I am just disagreed with Theo saying that OS X is buggy and
insecure.
Who gives a shit? This tread is more then FIVE months old and didnt
even belong here in the first place. Just stop.
---
Lars Hansson
not.
---
Lars Hansson
On 9/19/07, Lars Noodin [EMAIL PROTECTED] wrote:
By what method is shutdown then forced to wait until said processes have
cleaned up?
None. rc.shutdown is for those processes with slow/important shutdown
that needs waiting for.
---
Lars Hansson
freedt or runit from ports to
get those features.
---
Lars Hansson
Welcome to a really long time ago.
---
Lars Hansson
On 8/28/07, Die Gestalt [EMAIL PROTECTED] wrote:
Why doesn't he run the monitoring software in a virtual machine?
Because it would violate his parole? Who cares anyway?
If you can't do the time don't do the crime.
---
Lars Hansson
that polls your
dns caches and remove/add entries to the table. Agreed, it would be
very nice if hoststated supported DNS but currently it doesn't. It
does supported scripted checks though so that may also be an option.
---
Lars Hansson
?
I don't think think running Linux is a basic human right.
---
Lars Hansson
use a
login shell, for example, but that does not affect your DE/WM, only
xterm.
It's not hard to create, say, /etc/xprofile and just source that from
Xsession though.
---
Lars Hansson
are different though. The Xsession script
does not source any global files so you'll have to modify it to source
/etc/profile.
---
Lars Hansson
/profile can be overridden by the user in .profile so
setting the global defaults in /etc/profile works fine.
---
Lars Hansson
of
standards and best practices.
Lars Hansson
that can help a lot.
Help a lot with what?
---
Lars Hansson
Joco Salvatti wrote:
MAC is much more sophiscitated that DAC. Thus I would like to know
from you why OpenBSD does not implement this type of mechanism.
More sophisticated != better.
The longer answer is in the archives.
---
Lars Hansson
I ran into something a bit odd today.
If I put rtsol in my /etc/hostname.ural0 file I get the expected IPv6
autoconf: ural0 during boot BUT if I do sh /etc/netstart ural0 rtsol
is not run. Is this the intended behaviour?
I'm running current.
---
Lars Hansson
Here's a patch to fix it:
--- /etc/netstart.orig Tue Jun 19 11:12:42 2007
+++ /etc/netstart Tue Jun 19 11:49:36 2007
@@ -195,6 +195,23 @@
done /etc/bridgename.$1
}
+ip6start() {
+ if [ $ip6kernel = YES -a x$rtsolif != x ]; then
+ fw=`sysctl -n
Praveen wrote:
From the man page it appears that spamd relies on
static information about spam originators.
greylisting is pretty dynamic.
---
Lars Hansson
doesn't slowly go GNU/Linux in the spaghetti sense.
This is exactly what is avoided by not also having a standalone port of
expat.
---
Lars Hansson
Linden Varley wrote:
Anyone know of any load balancing software for OpenBSD that can do
direct-server return? (our load balancers (openbsd boxes) are co-located
and we pay for all data bandwidth).
hoststated?
---
Lars Hansson
. The majority of the people with
certification got it by going to a boot camp or buying one of them
examcram books thus end up with a certificate yet knowing nothing of value.
---
Lars Hansson
should just get/use
a free email account that you can control.
But, I'm glad that you appreciate what the lawyers and IS have come up
with.
Perhaps if they had actually used their brains they wouldn't have
implemented it in the first place.
Lars Hansson
Chris S wrote:
It might really be Ubuntu's modified version that is to blame... for
instance, the standard menu.lst features a quiet command that is
listed nowhere in the official GRUB documentation, AFAIR.
I use Ubuntu's GRUB and I dont have this problem.
---
Lars Hansson
?) you have way more pain
coming your way then making routed work.
---
Lars Hansson
Open Phugu wrote:
From a project that has always placed security before
everything, I do not understand the motivation behind not using a secure
algorithm such as SHA-256 or SHA-512.
Maybe they just understand the security implications better than you do.
---
Lars Hansson
Benoit Myard wrote:
By the way, is anyone aware of the reason why this option is not
present in OpenBSD's mount [2] (technical, security) ?
man sysctl, man mount. Look for usermount.
No idea if that works for NFS though.
---
Lars Hansson
anything before then.
and all you others: so is it not a punishment that you
have the cds and still can't use them? hypocrites, all of you!
Yeah, getting the CD's ahead of the official release date sure is a
heavy punishment. Seriously, how hard is this to understand?
---
Lars Hansson
Kian Mohageri wrote:
I could argue either way, but my preference is 'block drop' most of the
time.
Hopefully most of the time does not include ICMP.
---
Lars Hansson
questionable if that is a legal limitation. It's like Ford would
sell you a car but you could only drive to places Ford had approved of.
Just because it's in a license doesn't mean it's legally valid.
---
Lars Hansson
Paolo Supino wrote:
I appriciate your straight and forward replies :-) but the world isn't
black and white and sometime you have to create work arounds to overcome
other people's crap (well most of the time).
No, in this case it is black and white. There is NO WAY to reliably fix
this
chefren wrote:
Clearly not to death and people here are seriously interested in pro and
contra arguments.
People are interested in discussing a lot things but that doesn't mean
those discussions belong on [EMAIL PROTECTED]
---
Lars Hansson
, doesn't it?
Don't bother responding, I'm gone. Have fun with your Broadcom chips
No thanks, I don't buy from moronic companies.
---
Lars Hansson
Tobias Weisserth wrote:
Who the hell do you think you are that you can impose a definition of
free on me?
I dunno, who does RMS think he is imposing his definition of free on me?
---
Lars Hansson
Joachim Schipper wrote:
All in all, I might choose OpenVPN if it involved end users (lots of
NAT, Windows, and other crappy stuff),
OpenVPN isn't exactly awesome on Windows.
---
Lars Hansson
mail-lists wrote:
This would be great. However, I've yet to find an IPsec client that's
'easy' to set up.. ie. an end user can do it. Perhaps you know of a good
way to solve this issue? I'd love to hear it!
TheGreenbow.
---
Lars Hansson
WEP and WPA
are the only ways to secure your all your wireless traffic.
---
Lars Hansson
Jeremy Huiskamp wrote:
I'd like to hear an actual developer position on that statement.
Check the archives for Reyk's comments on WPA. It will be in OpenBSD one
day because, secure or not, it is gaining traction and is/will be
required by many AP's (especially enterprise AP's).
---
Lars
, it's not much but it does keep the average joe out. If you are
aware of WEP's weaknesses there's nothing wrong with using it.
---
Lars Hansson
?
While comparing Apples and Oranges is fun it's not accurate.
---
Lars Hansson
Maxime DERCHE wrote:
IMHO you should think to configure your AP to provide a WAP-based
encryption...
WAP-based encryption? Do you mean WPA?
---
Lars Hansson
/plugin (or
whatever the heck net-snmp call it).
---
Lars Hansson
. There was a patch for stable so you should try
3.9-stable or better yet, 4.0.
---
Lars Hansson
Pawel Jakub Dawidek wrote:
So isn't it rather hypocritical to claim GPL license is bad and BSD
license is good and ship operating system with GPLed code?
No.
How do you feel about having pro-GPL operating system?
I don't know, I run OpenBSD.
---
Lars Hansson
Wim Vandeputte wrote:
Did you contact http://www.genesis.com.hk/ in Hong Kong?
Or should we remove them from the list of resellers?
Probably, I don't think they've been alive for a good many years. I seem
to recall this being the case even back in 3.x days.
---
Lars Hansson
Rafael Almeida wrote:
OpenBSD site says there is one in Hong Kong:
http://www.openbsd.org/orders.html#asia
http://www.genesis.com.hk/
Uh, doesn't look like they're selling OpenBSD reallly...
---
Lars Hansson
1 - 100 of 333 matches
Mail list logo