Kevin,
I ran into this issue setting up zencart on OpenBSD. My guess is you need
to copy /etc/resolv.conf to /var/www/etc/resolv.conf.
You can verify that by chroot'ing yourself manually into /var/www and
trying to curl something.
Good luck!
-Matt-
On Tue, 20 Mar
Anyone know if there would be a negative affect on isakmpd if the
immutable flag was set on the file /var/run/isakmpd.fifo ?
On Sat, 17 Feb 2007, Matthew Closson wrote:
Hello,
I am experiencing the same problem. I am testing it to see if I can find
what is causing it. I am running
Hello,
I am experiencing the same problem. I am testing it to see if I can find
what is causing it. I am running OpenBSD 4.0-stable and I went to add a
new tunnel today and was greeted with a message the isakmpd.fifo did not
exist. I have isakmpd enabled in /etc/rc.conf with flags -K. Even
On Wed, 15 Nov 2006, Darrin Chandler wrote:
On Wed, Nov 15, 2006 at 08:24:16AM -0500, Marc Ravensbergen wrote:
Hi, is there any way I can find out the entire list of files (and
dependencies) needed before installing a given package? Let's say I
want to add "wget" to openbsd. I export the PKG_PA
On Thu, 9 Nov 2006, Cassio B. Caporal wrote:
Hey,
I have problems to print '%' in stdout... Suppose code below:
#include
main() {
char foo[] = "bar=30%\n";
fprintf(stdout, bar);
On Sun, 15 Oct 2006, Jean-Daniel Beaubien wrote:
Hi everyone,
I was just about to order the 4.0 CDs and I figured I'd get a book along with
it. I was thinking on getting 'Secure architecture with OpenBSD'.
My question is since it was written in 2004 is it still up-to-date? Also is
there a 2
On Sat, 14 Oct 2006, Richard P. Koett wrote:
I'm having throughput problems using a Soekris net4801 as a firewall
running OpenBSD 3.9. This is replacing a SonicWALL device that was
working fine from the user's perspective. (I want to replace it because,
among other things, I abhor SonicWALL's li
On Fri, 13 Oct 2006, Jason George wrote:
I can't believe people with PIIs and PIIIs even responded to this
thread, however. You GOT to be kidding me...That ain't old. That's
almost as new as I get!
Exactly.
Today on my way to work I found a Pentium 100mhz, 48MB EDO, 480MB hdd in a
ditch o
On Thu, 10 Aug 2006, Steve Glaus wrote:
Daniel Ouellet wrote:
Steve Glaus wrote:
Hello all,
I'm finally desperate enough to post this to a list...
I have been trying for two days to set up a basic VPN between my OpenBSD
box at home and my OpenBSD box at work.
The box at home is running 3.7
On Tue, 25 Jul 2006, Heinrich Rebehn wrote:
Matthew Closson wrote:
On Mon, 24 Jul 2006, Heinrich Rebehn wrote:
Hi list,
I am running into a strange problem with IPSec, MTU? fragmentation? which
i am unable to resolve.
My Setup:
@home i have one PC which connects to our institute network
On Mon, 24 Jul 2006, Heinrich Rebehn wrote:
Hi list,
I am running into a strange problem with IPSec, MTU? fragmentation? which i
am unable to resolve.
My Setup:
@home i have one PC which connects to our institute network with IPSec. The
PC connects to the internet via a DSL modem using Lin
On Tue, 4 Jul 2006, Stephen Bosch wrote:
Stephen Bosch wrote:
Hi, all:
I am configuring an IPsec tunnel like so:
local_internal_IP -> alias_IP ->remote_peer_IP -> remote_internal_IP
local host| openBSD | Cisco PIX | remote internal host
alias_IP is a carp alias. It is one end
On Wed, 28 Jun 2006, Stephen Bosch wrote:
Hi, Roy:
Roy Morris wrote:
Yes it does work! I guess I better hold on to these two boxes I have. Seems
they are the only ones that do! lol
I have
A. clients on each end behind a vpn/pf box
B. enc0 binat from internal client to public IP of other sid
On Mon, 26 Jun 2006, Damon McMahon wrote:
Greetings,
I have an OpenBSD 3.9-RELEASE wireless gateway using ral(4) in
Infrastructure mode to provide a wireless LAN secured using ESP. It is
connecting to the internet via IPv4 using kernel ppp(4) and pppd(8) -
not userland ppp(8) - and routing to I
On Tue, 20 Jun 2006, Roy Morris wrote:
ok, I know I've seen this before but can't seem to find the link. I am
setting up a vpn using isakmpd and for the regular net to net stuff it
works fine. I am trying to use an alias ip on each gateway and nat to
the internal host. The isakmpd.conf would us
On Mon, 29 May 2006, Uwe Dippel wrote:
I have tried the archives and google, but didn't find any good pointer
(maybe a problem of keywords ?):
After some 20 cycles of power outage / restore - that is some twenty
crashes - a database server of mine doesn't reboot any longer. It gets
stuck at
boo
On Mon, 24 Apr 2006, Toni Mueller wrote:
Hello,
I have a box that once had two IP addresses on one interface. I
deconfigured one of them using ifconfig -alias.
Now, when I want to use any (?) program on that box to go over this
interface, it wants to use the addresses which is no longer presen
On Wed, 19 Apr 2006, Joachim Schipper wrote:
On Tue, Apr 18, 2006 at 12:47:31AM +0200, xanadu wrote:
Hi,
I have to remote admin 54 OpenBSD firewalls.
What tools can help me for that (Monitoring, Updates or PF broadcasts,
getting firewalls logs, automate processes, ...), is there all in one ?
On Fri, 24 Mar 2006, Chet Uber wrote:
1. Read the damn FAQ's, newbies, and do a Google search on what you are
about to waste list bandwidth on. People on the project spend good time
getting this done for us.
2. Buy the CD, and quit bitching about it. For that matter be a good
neighbor and buy
On Tue, 21 Mar 2006, Peter wrote:
--- Damian Gerow <[EMAIL PROTECTED]> wrote:
Thus spake Peter ([EMAIL PROTECTED]) [21/03/06 01:46]:
: > Was the Win2k box connected first? Many (most?) Canadian cable
: > providers
: > cache the MAC address of the connected machine, and generally
: > speaking,
On Tue, 21 Mar 2006, Peter wrote:
--- Damian Gerow <[EMAIL PROTECTED]> wrote:
Thus spake Peter ([EMAIL PROTECTED]) [21/03/06 00:56]:
: Hi everyone. I am troubleshooting a client (running OpenBSD 3.8)
who
: cannot connect to a Canadian cable provider (videotron.ca) with
: dhclient. dhclient c
On Fri, 10 Mar 2006, Paolo Supino wrote:
Hi
I need to setup an IPSEC VPN between 2 locations. 1 location runs Cisco gear
(out of my control) and the other runs OpenBSD (my decision). I've never
setup a VPN between Cisco and OpenBSD before (I did between Cisco to Cisco
and OpenBSD to OpenBSD)
On Sat, 25 Feb 2006, Matthew Closson wrote:
On Sat, 25 Feb 2006, Joachim Schipper wrote:
On Sat, Feb 25, 2006 at 10:29:11AM -0500, Matthew Closson wrote:
Rather than have isakmpd bring up all tunnels when the daemon starts up,
is there a way to have it bring up the tunnels on demand? For
On Sat, 25 Feb 2006, Joachim Schipper wrote:
On Sat, Feb 25, 2006 at 10:29:11AM -0500, Matthew Closson wrote:
Rather than have isakmpd bring up all tunnels when the daemon starts up,
is there a way to have it bring up the tunnels on demand? For example.
host_a > route
Rather than have isakmpd bring up all tunnels when the daemon starts up,
is there a way to have it bring up the tunnels on demand? For example.
host_a > router_b <> router_c <- host_d
Is there a way to setup isakmpd so that if host_a tries to send a packet
to host_d, rou
Hello,
I have isakmpd setup talking to about 15 IKE peers and doing about 100
Phase 2 SA's. However, frequently I will attempt to initiate traffic over
one of the tunnels and will not get any response.
If I issue a command to the FIFO like so : echo S > /tmp/isakmpd.fifo
and then view the s
Maybe someone else has mentioned this already on the list, I happened to
go to Sera Systems site today while looking for some 1U OpenBSD boxes, and
I found this:
---
After many pleasurable years, we have decided to clos
Hello,
If you enable RFC3706 - Dead Peer Detection in isakmpd.conf, what is the
result of a peer-failing the DPD check. Will it Start over with Phase1
negotiations again for that ISAKMP peer, or will it simply remove the SA
and cookies and not try to renegotiate. If anyone know off hand, tha
Hello,
I'm setting up IPSEC between isakmpd and a Nortel Contivity Extranet
Switch and I haven't been able to get the Nortel device's admin to give me
this information. Does anyone know what the default IKE/IPSEC SA
Lifetime's are for a Nortel device? Thanks, if anyone knows. Sorry to be
a
On Sat, 11 Feb 2006, Dave Feustel wrote:
On Saturday 11 February 2006 10:59, Roman Hunt wrote:
Dude what is your major f*&^%! malfunction? Years ago this sh!^ would've
never been allowed to fly on this list.
Sorry. I don't intend to offend or to irritate. Just out of curiosity, how old
are
I was given some info off list and checked the webcvs, indeed this feature
has been added to -current. Thanks.
On Sun, 5 Feb 2006, Matthew Closson wrote:
http://archives.neohapsis.com/archives/openbsd/2005-09/0007.html
In summary, a user reported that isakmpd will not current teardown a
http://archives.neohapsis.com/archives/openbsd/2005-09/0007.html
In summary, a user reported that isakmpd will not current teardown a
Phase1 SA when recieving a 't ' command via the fifo user interface.
Hans replies that there is a patch for it, but it won't make 3.8 release.
Has this been im
Thanks for all the replies, that obviously worked fine.
On Wed, 25 Jan 2006, Otto Moerbeek wrote:
On Wed, 25 Jan 2006, Matthew Closson wrote:
Hello,
Is there a way to view how many inodes are still available on a partition.
I'm decompressing a ton of small files onto a 60Gb onto my
Hello,
Is there a way to view how many inodes are still available on a partition.
I'm decompressing a ton of small files onto a 60Gb onto my /dev/wd1a. And
I'm not really concerned about running out of space, but possibly out of
inodes, I just used the default parameters creating the filesystem
On Tue, 10 Jan 2006, Matthew Closson wrote:
Hello,
I'm trying to get sockd (A SOCKS4/5 proxy from the /usr/ports/security/dante
port) working with BSD username/password authentication. Currently it is
saying userauthentication failed. I have made sure it is not something
simple like
Hello,
I'm trying to get sockd (A SOCKS4/5 proxy from the
/usr/ports/security/dante port) working with BSD username/password
authentication. Currently it is saying userauthentication failed. I have
made sure it is not something simple like wrong password. Here is the
relevant info:
Here
Never mind on my previous post.
ip_forward() definition is in:
/usr/src/sys/netinet/ip_input.c
it's late, I missed it.
-Matt-
Where is the code for the ip_forward() function in 3.8?
I found the prototype in: /usr/src/sys/netinet/ip_var.h
voidip_forward(struct *mbuf, int);
but no function definition.
I also did a grep -sR "ip_forward" /usr/src
and all I found was the function being called several times
from /usr/s
On Sat, 24 Dec 2005, Dave Feustel wrote:
I hate to send this Christmas present to misc,
but there is definitely a security hole in Xwindows
which permits exploits to be committed at least
with user permissions, if not root permissions.
Since the problem appears to be in Xwindows,
using KDE may b
0.250 -dst a.b.c.d
-addr 192.168.20.0/24 192.168.60.0/24
Thanks,
-Matt-
And that worked fine for me. So you'll need to 'manually' add a Security
Association.
Kind regards,
--
Stephan
On 21-dec-2005, at 10:09, Matthew Closson wrote:
Hello,
I'm running
work= 192.168.60.0
Netmask= 255.255.255.0
Nick
On Wed, 2005-12-21 at 04:09 -0500, Matthew Closson wrote:
Hello,
I'm running into an issue which was brought up on the list
before, the
last reference I found was in 2004:
http://archive.openbsd.nu/?ml=openbsd-pf&a=2004-10&m=430206
I h
Hello,
I'm running into an issue which was brought up on the list before, the
last reference I found was in 2004:
http://archive.openbsd.nu/?ml=openbsd-pf&a=2004-10&m=430206
I have an OpenBSD 3.8 machine.
dc0 is an internal NIC assigned 192.168.20.250
fxp0 is an external NIC assigned a.b.c.d
given is an ipsec gateway (i think it's running some older openswan or
some other swan) to which i need to connect, establishing a net-net
tunnel. the parameters needed are "IKE rekeying 1440 minutes (24
hours), IPSEC 3600 seconds (1 hour), both with 3DES/SHA1, no PFS", and
these are carved in sto
Never mind, I found the solution and it is working properly now.
I am using an ifconfig alias on my dc0 interface as part of our internal
subnet. I just added a route from the 50.x.x.x/xx subnet to that internal
ip alias on my dc0 and now traffic is routed over the enc0 interface.
Thanks anyw
Hello,
I have an IPSEC tunnel on OpenBSD3.8 to a cisco3000 concentrator.
I am able to successfully reach several subnets through the tunnel,
however one of the sites I need to reach through the tunnel is in
the range of 50.0.0.0/8. So I setup a flow to it in my
/etc/isakmpd/ipsec.conf file, but
45 matches
Mail list logo
