Re: Logging daemon message in a specific file

Hello, man syslog.conf is your friend. /!!prog/ causes the subsequent block to abort evaluation when a message matches, ensuring that only a single set of actions is taken. /!*/ can be used to ensure that any ensuing blocks are further evaluated

Re: pf synproxy

Don't know what are you trying to see here, but what that rules does is simple passing the traffic on any interface to your $front_smtp4 hosts on port 25, with synproxy. If you trying to forward traffic from the firewall to your $fornt_smtp4 servers, you are missing stuff.

Re: Remote LAN access from local IPSec Gateway

Hi Dante, It was an dirty hack if I recall, you'll need an static route to destination network to the LAN:Address. Regards, Rosen Dante F. B. Colò wrote on 3/28/2017 11:52 AM: Hi everyone, i configured an ipsec network using isakmpd on both sides, access between local networks are ok

Re: Squid proxy

Hi Alessandro, Transparent proxy will not be useful for HTTPS connections. To handle HTTPS you'll need not-transparent proxy. Provisioning users / computers, you should give more information about the OS those users are using. In our environment, I have about 400 workstations running windows,

Re: Nginx, FCGI and C programs

Ville Valkonen wrote, On 10/4/2012 1:34 PM: On 4 October 2012 20:36, Jiri B ji...@devio.us wrote: On Thu, Oct 04, 2012 at 08:20:43PM +0300, Ville Valkonen wrote: Hi, I've configured Nginx and FCGI to run some C/C++ apps, well almost. When navitaging to

Re: Reverse-proxy PF ?

You should try nginx. R hvom .org wrote, On 6/6/2011 3:54 AM: Hi all I look the doc, ftp-proxy, no reverse-proxy PF ?. Varnish, ultimate soluce ? Cordialy

Re: OpenBSD users.

San Jose, Costa Rica Rosen Luis F Urrea wrote, On 7/21/2010 12:05 PM: Central America San JosC), Costa Rica On Wed, Jul 21, 2010 at 1:43 AM, riwanlkyriwan...@mcojaya.com wrote: Riwan, Jakarta, Indonesia Mateusz Gierblinski wrote: Hi misc@ I'm just wondering. Where are you

Re: 4.6: load balancing and active/active

Hi Federico, Did you try to change the balancing mode to ip-unicast or ip-stealth? from man carp(4) IP balancing is activated by setting the *balancing* mode to /ip/. This is the recommended default setting. In this mode, carp uses a multicast MAC address, so that a switch sends incoming

Re: rotate logs

syslogd does not rotate the logs. check newsyslog(8) cheers x03 wrote: hello folks! Have way to add an entry to syslogd just for rotation? I mean use syslogd to rotate all kinds of logs in /var/log/* Thanks a lot

Re: Trouble ticket system suggestions

Hi Ivo, You have to install xbaseXX.tgz first to be able to install gd and alike. Rosen Ivo Chutkin wrote, On 12/28/2008 6:46 AM: Hello Guys, Thank you for your suggestions. I will give a try to RT first. Although, it does not install on my 4.4 stable :-) Exits with Error code 1 on other

Re: pf - queue filter directive sticky?

Why you just not use quick in the first rule? pass in quick on $int_if from 10.0.0.1 queue tens pass in on $int_if Rosen (private) HKS wrote, On 9/29/2008 1:29 PM: If the following two rules apply to a given packet in the order shown, will the packet be queued? pass in on $int_if from

Re: About Squid port for OpenBSD 4.2

Hi, I guess you didn't install openldap-client package? Rosen ComC(te wrote: Hi, i'm trying to recompile SQUID 2.6-STABLE13 port for OpenBSD 4.2 with LDAP auth helpers and ldap_group helpers support and get errors during the compilation. This is what i modified in the Makefile: ...

Re: apache/proxy - monitoring access to reverse proxy

Hi Frank, That has nothing to do with the Apache or OpenBSD at all. All the authentications are done at your web app. So, the question should be: Can my web app do that? Regards, Rosen Frank Bax wrote: I'm wondering if an OpenBSD box with apache can solve this problem... A website requires

Re: APACHE source modification

As per some of the patches, for example: ftp://ftp.openbsd.org/pub/OpenBSD/patches/4.0/common/001_httpd.patch rebuild and install httpd and its modules: cd usr.sbin/httpd make -f Makefile.bsd-wrapper obj make -f Makefile.bsd-wrapper cleandir make -f Makefile.bsd-wrapper depend make -f

Re: help with pf

Hi Aaron, The problem is that you pass base on src not destination: pass in on fxp3 inet proto tcp from $lan_net port { ssh www ntp https smtp imap imaps domain } to any it should be pass in on fxp3 inet proto tcp from $lan_net to port { ssh www ntp https smtp imap imaps domain } Also be

Re: Is this load balancing Idea for squid ok while using route-to or is there a better one?

Hi Siju, Are you running the squid on the same box where the firewall is? If so, tags will not be preserved on the outgoing connections from squid to the internet. Regards, Rosen Siju George wrote: Hi, QUITE UNFORTUNATELY THIS DOES NOT SEEM TO WORK :-( Could some one please let me see

Re: Internal loadbalancing

Hi Vladimir, You should post your pf.conf from 10.0.5.200. It seems that you block port 80 on 10.0.5.200. Vladimir wrote: dane johansen wrote: Probably you run into this situation: client (10.0.5.233 http://10.0.5.233) - firewall (10.0.5.200 http://10.0.5.200) - rdr - server (10.0.5.81

Re: keep state for http connections

I have OpenBSD 3.9 doing load balancing to a farm of web servers (11 web servers). In the pick hours the traffic jumps over 32Mbits and around 15,000 entries in the states table. You can check my graph at: http://www.ilievi.net/15days.jpg The firewall is running on: cpu0: Intel Pentium III

Re: pf examples needed

Hi Charles, If you try to access X.X.X.25 from within 192.168.100.x it will not work. Because of the NAT. The same apply for 192.168.200.x. It will be much easy to have two separate firewalls, one for browsing and one for servers. Rosen Charles Farinella wrote: Thanks to all for the help.

Re: mssql.so

Joachim Schipper wrote: On Sat, Jan 14, 2006 at 12:10:56AM -0200, Ricardo Lucas wrote: It's a stupid question but very useful for me, how can I install or find the mssql.so extension, or if it not existe what can I do instead? And if it not exist, why there is a line for that extension in

OT: Help wanted in Caracas, Venezuela

. Thank you, Rosen Iliev IT Department Manager www.betcris.com San Jose, Costa Rica Direct: + (506) 242-4927 Fax: + (506) 210.7828