stuff please help us out by cloning WIP
and contributing.
--
Mathieu Sauve-Frankel
can rename the key to match the value of your ISAKMP Phase1-ID.
For example, if your Phase1-ID is ID-type=IPV4_ADDR and Address=10.10.10.10
the corresponding key file would be /etc/isakmpd/private/10.10.10.10
Hoep this helps
--
Mathieu Sauve-Frankel
that are associated to the carp interfaces ?
I am curious to see if you are running into an issue I ran across a short
while ago. Also, dmesg output from the machines in question would be very
useful ?
--
Mathieu Sauve-Frankel
Sauve-Frankel
On Fri, Dec 21, 2007 at 05:02:05PM +0800, CF Wang wrote:
Hi, all
I run OpenBSD on ThinkPad X31 with an LCD monitor and UltraNavi
Keyboard. My main working environment is on X windows.
My problem is that when I typing with keyboard, my fingers sometimes
touch the touchpad so I would like
On Thu, Dec 20, 2007 at 04:37:34PM +0530, Selva Raj wrote:
Hi all,
I am looking for a HP or IBM server which can run OpenBSD Operating System
out of the box?
we're using G5 HP DL360 and DL380 with no problems whatsoever.
--
Mathieu Sauve-Frankel
I made a mistake I actually looked on a manpage in a Linux system. But there
is still a problem, in which manpage on OpenBSD 4.0 is the sockaddr_in
described, then? I tried various ones like ip, socket, bind, and couldn't
find any.
inet(4)
--
Mathieu Sauve-Frankel
don't need to write this tool. It already exists in the ports tree.
sysutils/tabled. Thank mbalmer@ for that.
--
Mathieu Sauve-Frankel
discontinued the zaurus, zaurii are not
exactly what I would call reliable hardware, especially not in an
outdoor deployment scenario.
--
Mathieu Sauve-Frankel
completely losing one out of a every 150 queries. Switching to the
stable version of OpenLDAP and bdb solved his problem.
--
Mathieu Sauve-Frankel
Do anyone have japanese fonts and input working on uxterm with
ports/inputmethods/uim/ ? I'd really like to know how you got it
working.
--
Mathieu Sauve-Frankel
.
I don't this is FUD.
Don't forget to also configure your firewalls to block traffic with the
evil bit set. :-)
--
Mathieu Sauve-Frankel
by
issuing M active into the fifo with echo. Don't forget to load your rules
before you issue this command.
If you are not going to use sasyncd, don't use -S.
--
Mathieu Sauve-Frankel
if [ -x /root/reboot_notification ]; then
You probably want to use -f here, not -x. man test.
--
Mathieu Sauve-Frankel
pissed myself laughing when I saw that. Needless to say, we didn't
purchase their product.
--
Mathieu Sauve-Frankel
to this command. for example.
# export ftp_proxy=http://user:[EMAIL PROTECTED]:8080/
--
Mathieu Sauve-Frankel
PROTECTED] :/home/cgb]$ sudo ipsecctl -vnf /etc/isakmpd/isakmpd.conf
...
OMG! running ipsecctl -f /etc/pf.conf doesn't work EITHER...
maybe you should start by reading the documentation.
--
Mathieu Sauve-Frankel
Could you guys please take this completely useless discussion off-list ?
It has absolutely zero value to anyone running or developing OpenBSD.
--
Mathieu Sauve-Frankel
?
In the future could you please post the full output of
ipsecctl -nvf /etc/ipsec.conf as well as your ipsec.conf with these reports
to save us some time.
--
Mathieu Sauve-Frankel
(ike_delete_config(r, stdout));
else
--
Mathieu Sauve-Frankel
Try adding flags S/SA to all of your tcp rules and reload your
ruleset.
--
Mathieu Sauve-Frankel
I have had similar experiences using ral in 802.11b mode.
Forcing 802.11G mode seems to help alot.
Could people in this thread please mention whether they are using ral in
b or g mode ?
--
Mathieu Sauve-Frankel
and
sticks them in the SAD.
You're wrong. Look at src/sys/netinet/ip_spd.c.
You can manipulate the spd by using static flow esp rules and using the type
keyword.
flow esp from 192.168.0.0/24 to 192.168.1.0/24 peer 192.168.0.2 type require
--
Mathieu Sauve-Frankel
So I was just wondering, is there something I've missed which is needed to
get them to self-configure at startup?
you could start by reading the man page.
pay attention to the examples in hostname.if(5), it should be pretty obvious
what you've done wrong.
--
Mathieu Sauve-Frankel
commands
that ipsecctl will write to /var/run/isakmpd.fifo, you can also
get a dump of isakmpd's config state by running pkill -USR1 isakmpd
and looking at /var/run/isakmpd.report
--
Mathieu Sauve-Frankel
ipsecctl or up.
ike passive esp from any to any main auth hmac-sha1 enc 3des-cbc \
quick auth hmac-sha1 enc 3des-cbc group modp1024 \
psk sharedsecret
--
Mathieu Sauve-Frankel
enc 3des-cbc group modp1024 \
psk sharedsecret
--
Mathieu Sauve-Frankel
and run tcpdump. if tcpdump shows esp packets
well you can assume the tunnel is working. If the tunnel shows icmp
packets your tunnel probably doesn't work.
--
Mathieu Sauve-Frankel
output of '/sbin/isakmpd -SKvd' give no output on either host.
Don't use -S. It should ONLY be used when running two ipsec gateways
in failover mode with carp and sasyncd.
--
Mathieu Sauve-Frankel
Now VPN-A has this in ipsec.conf:
ike passive esp from any to any srcid [EMAIL PROTECTED] dstid
[EMAIL PROTECTED]
If you need to support more than one user in you roadwarrior setup.
Then don't set dstid.
--
Mathieu Sauve-Frankel
M$ is notoriously crappy when it comes to VPN software, IMO. openvpn is
probably
I really wish people would stop advocating this garbage on our mailing lists.
--
Mathieu Sauve-Frankel
lately, I don't really
see why I should share my work with you. You don't deserve any help.
--
Mathieu Sauve-Frankel
networking(4)
getifaddrs(3)
--
Mathieu Sauve-Frankel
that Ships w/ OpenBSD?
Yes. C, INTERCAL, ksh.
Any application that follows the cgi protocol.
But remember, PHP will corrupt your precious bodily fluids.
Gentelmen, you can't fight in here! This is the WAR room!
--
Mathieu Sauve-Frankel
? The content of the file seems to be
unchanged when I look at it.
did you read the man page ?
$ man motd
$ grep motd /etc/rc
--
Mathieu Sauve-Frankel
Sauve-Frankel
-in \
/etc/isakmpd/private/${new_cert}.csr -CA $CA_crt -CAkey $CA_key \
-CAcreateserial -extfile /etc/ssl/x509v3.cnf -extensions \
x509v3_UFQDN -out /etc/isakmpd/certs/${new_cert}.crt
--
Mathieu Sauve-Frankel
Is there any centralized place for these sort of details?
http://google.com/bsd
--
Mathieu Sauve-Frankel
[IPSec-Clients]
Phase= 2
Configuration= Default-quick-mode
Local-ID= default-route
Remote-ID= dummy-remote
Remove Remote-ID
--
Mathieu Sauve-Frankel
.
--
Mathieu Sauve-Frankel
On Tue, Oct 11, 2005 at 12:42:08PM +0200, Runo Forrisdahl wrote:
Can I add a second net to the remote end like this:
Remote-ID= net-remote, net-remote2
no you can't.
ifconfig vlan0 vlan 11 vlandev em0
ifconfig carp0 inet 10.0.0.1 netmask 255.255.255.0 vhid 1 carpdev vlan0
--
Mathieu Sauve-Frankel
are run everytime /etc/netstart is run.
--
Mathieu Sauve-Frankel
On Sun, Jul 03, 2005 at 03:47:36PM +0200, Federico Giannici wrote:
Is there any SIP software phone working with OpenBSD i386?
I have found none into the ports...
not currently. I've heard of a few people working on some.
--
Mathieu Sauve-Frankel
be at a OpenBSD specific fm.
I don't understand the question.
--
Mathieu Sauve-Frankel
On Fri, May 27, 2005 at 10:13:05AM -0700, Michael Favinsky wrote:
Does anyone know of anything in/on OpenBSD that delivers funtionality
similar to the Peribit or Expand Network Optimizers/Accelerators?
no
--
Mathieu Sauve-Frankel
note.
--
Mathieu Sauve-Frankel
47 matches
Mail list logo