Re: Are there open source firewall distributions which are built on top of OpenBSD?

2019-03-14 Thread Kamil Monticolo
The only one project I found that is actively maintained is https://github.com/sonertari/UTMFW You may also consider ansible playbook to manage pf, for example:

what is the excellent USB wifi as wifi router made by openbsd

2019-03-14 Thread Tuyosi T
hi all . i made a wifi router by openbsd . but my USB wifi is too old , so slow speed . do you know some good USB wifis ? the next is my setting . i386# ./comment-out.bat /etc/rc.local /root/wifi-router.bat-rum0 /etc/rc.d/dhcpd -f restart i386# cat /root/wifi-router.bat-rum0

Re: Are there open source firewall distributions which are built on top of OpenBSD?

2019-03-14 Thread Marco Prause
>> A standard OpenBSD installation is somewhat susceptible to power failures >> though. Especially fail/back/fail again during the startup procedure while >> it's relinking libraries in random order. Not saying it can't be used but >> some thought is needed if you know that it's *likely* to be

Re: what is the excellent USB wifi as wifi router made by openbsd

2019-03-14 Thread Stefan Sperling
On Thu, Mar 14, 2019 at 06:42:07PM +0900, Tuyosi T wrote: > hi all . > > i made a wifi router by openbsd . > but my USB wifi is too old , so slow speed . > > do you know some good USB wifis ? Try https://www.raspberrypi.org/products/raspberry-pi-usb-wifi-dongle/

Re: Are there open source firewall distributions which are built on top of OpenBSD?

2019-03-14 Thread Aham Brahmasmi
Hi Stuart, > Sent: Wednesday, March 13, 2019 at 11:05 AM > From: "Stuart Henderson" > To: misc@openbsd.org > Subject: Re: Are there open source firewall distributions which are built on > top of OpenBSD? > > On 2019-03-13, Mehma Sarja wrote: > > My current setup is basic firewall with DHCP,

Re: TLS suddenly not working over IKED site-to-site - SOLVED?

2019-03-14 Thread Andrew Daugherity
On Thu, Dec 20, 2018 at 6:54 PM Theodore Wynnychenko wrote: > Then, I took the advice above, and disable ipcomp on the tunnel, and, BAHM, > https (and imaps) were working without an issue from openbsd, Windows 7, and > Macs! > > Just to be sure, I updated this am to the 12/19 amd64 snapshot. >

IPv6 on AWS fails after 30 seconds

2019-03-14 Thread Jordan Geoghegan
Hi Folks, I was able to get OpenBSD working on AWS thanks to an awesome script by ajacoutot@ : https://github.com/ajacoutot/aws-openbsd Everything seems to be working great, except I've had difficulty getting IPv6 working properly. AWS unfortunately uses DHCPv6 rather than slaac for IPv6

Re: TLS suddenly not working over IKED site-to-site - SOLVED?

2019-03-14 Thread Zhi-Qiang Lei
Mine is resolved by applying a smaller max-mss in pf and disabling ipcomp. Only disabling ipcomp didn’t work. > On Mar 15, 2019, at 3:15 AM, Andrew Daugherity > wrote: > > On Thu, Dec 20, 2018 at 6:54 PM Theodore Wynnychenko > wrote: >> Then, I took the advice above, and disable ipcomp on

How to monitor class usage/limits?

2019-03-14 Thread Joel Carnat
Hi, The Internet is full of "OpenBSD desktop works better when rising datasize/maxproc/openfiles/stacksize in login.conf". One thing I can't manage to find is how you can monitor those values? I'm Ok to set arbitrary recommended values depending on system configuration and general usecases (like