Re: Problem with Realtek 8139 in very old machine

2005-12-01 Thread Giancarlo Razzolini
slot yet, i'll try that. I didn't putted the other nic yet, because i didn't made one work. It will be another realtek 8139, so, if one works, the other will be a walk in the park to configure (i hope so). Thanks, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware

Re: Problem with Realtek 8139 in very old machine

2005-12-04 Thread Giancarlo Razzolini
Ted Unangst wrote: put it in a different slot. On 12/1/05, Giancarlo Razzolini [EMAIL PROTECTED] wrote: Hi Folks, First of all, i would like to congratulate all the openbsd developers, because it's a very good OS. I'm a newcomer, from the Linux world, precisely slackware. I haven't

Re: Problem with Realtek 8139 in very old machine

2005-12-05 Thread Giancarlo Razzolini
, because i want to build a very low budget firewall, only for my home needs (5 machines). But thanks for the reply. -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current Snike Tecnologia em Informatica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85

Re: VPN: solutions that interoperate with win xp

2005-12-19 Thread Giancarlo Razzolini
to completely disable the flitering on the tun/tap interface and/or disabilitating filtering on the port that openvpn uses. Yes, that's another advantage, it use only ONE port, and is NAT friendly. So i always recomend openvpn. My regards, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo

Re: VPN: solutions that interoperate with win xp

2005-12-20 Thread Giancarlo Razzolini
, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current Snike Tecnologia em Informatica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85

Simple Question about PF

2006-01-09 Thread Giancarlo Razzolini
if some of you could clear the things up for me. Thanks in advance, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current Snike Tecnologia em Informatica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85

Re: [unclassified] Simple Question about PF

2006-01-10 Thread Giancarlo Razzolini
believe that no using keep state for some of my rules will do the trick. My regards, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current Snike Tecnologia em Informatica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85

Re: inet failover solution

2006-02-06 Thread Giancarlo Razzolini
regards, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current Snike Tecnologia em Informatica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85 [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]

Time filtering with PF

2006-02-15 Thread Giancarlo Razzolini
this inside the pf itself? Thanks in advance, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current Snike Tecnologia em Informatica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85 [demime 1.01d removed an attachment of type application/pgp-signature which had

Re: Time filtering with PF

2006-02-15 Thread Giancarlo Razzolini
Alec Berryman wrote: Giancarlo Razzolini on 2006-02-15 10:09:50 -0200: I do had some rules using the time patch in the iptables, and they worked well. Now that i migrated to openbsd, i want to do the same. I will have to use cron and anchors, as someone suggested once ago, or someone

Re: Serial Port Network

2007-04-10 Thread Giancarlo Razzolini
. but it should work with the ppp daemon also. My regards, -- Giancarlo Razzolini Linux User 172199 Red Hat Certified Engineer no:804006389722501 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Ubuntu 6.10 Edgy Eft Snike Tecnologia em Informatica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB

Re: ifstated and ping

2008-02-18 Thread Giancarlo Razzolini
. Do this to avoid the connections dying when the primary link backs up. I had this problems, as i do have 3 wan connections. Well, there is much more to do, but the principle is here. I can help you with more examples if you want. My regards, -- Giancarlo Razzolini Linux User 172199 Red Hat

Re: Using CVS to back up /etc

2008-02-19 Thread Giancarlo Razzolini
no point things that are chrooted like named and httpd that can't being a symlink to the tree. This is a very interesting debate, and there certainly lots of ways of accomplish this task. It would be nice if others enlighten us with the other methods they use. My regards, -- Giancarlo Razzolini

Re: openvpn client with tap device

2008-02-19 Thread Giancarlo Razzolini
statement: link0 up This should solve your problem. But, why use tap instead of tun? Routing is way more efficient than bridging. My regards, -- Giancarlo Razzolini Linux User 172199 Red Hat Certified Engineer no:804006389722501 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Ubuntu

Re: Why does pf work with last matching rule wins

2008-02-21 Thread Giancarlo Razzolini
match wins vs. last match wins. I would happyly start using the latter for writing my rule sets. This is a very interesting discussion, as the pf faq recommends using quick for better performance. My 2 cents, -- Giancarlo Razzolini Linux User 172199 Red Hat Certified Engineer no:804006389722501

Re: Cold Boot Attacks on Encryption Keys

2008-02-21 Thread Giancarlo Razzolini
, it would be pointless. The only problem is if tc keep the filename also in memory :(. Will investigate this matter. My regards, -- Giancarlo Razzolini Linux User 172199 Red Hat Certified Engineer no:804006389722501 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Ubuntu 7.04 Feisty

Re: Cold Boot Attacks on Encryption Keys

2008-02-21 Thread Giancarlo Razzolini
in my opinion. Even if it's simple (which i guess isn't very simple). My 2 cents, -- Giancarlo Razzolini Linux User 172199 Red Hat Certified Engineer no:804006389722501 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Ubuntu 7.04 Feisty Fawn Snike Tecnologia em Informatica 4386

Re: Cold Boot Attacks on Encryption Keys

2008-02-22 Thread Giancarlo Razzolini
tonight. :) My 2 cents, -- Giancarlo Razzolini Linux User 172199 Red Hat Certified Engineer no:804006389722501 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Ubuntu 7.04 Feisty Fawn Snike Tecnologia em InformC!tica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85 [demime 1.01d

Re: changing bash prompt escape sequences

2008-02-25 Thread Giancarlo Razzolini
used to change the root shell to bash in the past. This isn't as good as it sounds. I run into problems when upgrading. I prefer create a normal user with sudo privileges and this user having bash as shell. This is much better. My regards, -- Giancarlo Razzolini Linux User 172199 Red Hat Certified

Re: The Insecurity output - improving the SNR

2008-02-25 Thread Giancarlo Razzolini
, or could use the the Match directive to disable only for a user, group, host, etc. My regards, -- Giancarlo Razzolini Linux User 172199 Red Hat Certified Engineer no:804006389722501 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Ubuntu 7.04 Feisty Fawn Snike Tecnologia em

Re: pf tag goes missing post sshd tcp decapsulization

2008-03-03 Thread Giancarlo Razzolini
. My regards, -- Giancarlo Razzolini Linux User 172199 Red Hat Certified Engineer no:804006389722501 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Ubuntu 7.04 Feisty Fawn Snike Tecnologia em Informatica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85 [demime 1.01d removed

Re: pf tag goes missing post sshd tcp decapsulization

2008-03-03 Thread Giancarlo Razzolini
Henning Brauer escreveu: * Giancarlo Razzolini [EMAIL PROTECTED] [2008-03-03 14:35]: Tags are only visible while in the kernel. Once you send them to a application, unless it has the ability to set a tag, the tag will be lost. The ftp-proxy(8) AFAICR, since 4.1 has the ability to set a tag

Re: pf tag goes missing post sshd tcp decapsulization

2008-03-03 Thread Giancarlo Razzolini
? No, this is something that can be done. But instead i would recommend some kind of captive portal (wicap) or authpf to the wifi sessions. Thx. -Original Message- From: Giancarlo Razzolini [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: misc@openbsd.org Subject: Re: pf tag goes missing post sshd tcp

Re: floppy.fs

2008-03-05 Thread Giancarlo Razzolini
, it would be nice to have another image with more things in it, this image could even work as a rescue image. My regards, -- Giancarlo Razzolini Linux User 172199 Red Hat Certified Engineer no:804006389722501 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Ubuntu 7.04 Feisty Fawn

Re: floppy.fs

2008-03-05 Thread Giancarlo Razzolini
Stuart Henderson escreveu: On 2008-03-05, Giancarlo Razzolini [EMAIL PROTECTED] wrote: I do the installation using a pen drive, not a floppy, so it would be nice if there was another image, suited for a pen drive or other things bigger than floppy. Just do an OS

Re: floppy.fs

2008-03-05 Thread Giancarlo Razzolini
master, but will see if something can be done. Any relevant changes (if something work at all), i'll post to the list. Thanks for the reply. My regards, -- Giancarlo Razzolini Linux User 172199 Red Hat Certified Engineer no:804006389722501 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD

Re: select outgoing route depending on souce interface (net)

2008-03-05 Thread Giancarlo Razzolini
regards, -- Giancarlo Razzolini Linux User 172199 Red Hat Certified Engineer no:804006389722501 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Ubuntu 7.04 Feisty Fawn Snike Tecnologia em InformC!tica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85 [demime 1.01d removed

Re: select outgoing route depending on souce interface (net)

2008-03-06 Thread Giancarlo Razzolini
Jon Rubio escreveu: Giancarlo Razzolini wrote: Selective routing uses the route-to directive from pf. It's quite simple to use and, to achieve what you want, a simple rule like this should solve (the macros are wrong, was lazy to look them every time :): pass in on $dmz_if route

Re: how I can save ddb trace information.

2008-03-06 Thread Giancarlo Razzolini
Jorge Medina escreveu: Hi list: I have a panic with mp kernel, when panic launch me to ddb prompt I execute ps and trace but i don't know how save the dump information. I do enable booting from serial console and then use minicom, or something, to get it. My regards, -- Giancarlo Razzolini

Re: select outgoing route depending on souce interface (net)

2008-03-06 Thread Giancarlo Razzolini
look like this: pass in on $isp2_iface reply-to ($isp2_iface $isp2_gw) from any to $srv_web_001 port http keep state Wish you luck, -- Giancarlo Razzolini Linux User 172199 Red Hat Certified Engineer no:804006389722501 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Ubuntu 7.04

Re: ftp client behind pf firewall with ISP load balancing

2008-03-07 Thread Giancarlo Razzolini
, but without success. Anyone have some good info on this, beside route manual pages? My regards, -- Giancarlo Razzolini Linux User 172199 Red Hat Certified Engineer no:804006389722501 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Ubuntu 7.04 Feisty Fawn Snike Tecnologia em

Protocol testing

2008-03-10 Thread Giancarlo Razzolini
the internet works today (i know bgp has *everything* to do with it). My next study would be IPv6, since i only read about it, never put two machines to talk IPv6 only. But that's another history. Thanks in advance, -- Giancarlo Razzolini Linux User 172199 Red Hat Certified Engineer no:804006389722501

Re: dhcpd rc bug?

2008-03-14 Thread Giancarlo Razzolini
, -- Giancarlo Razzolini Linux User 172199 Red Hat Certified Engineer no:804006389722501 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Ubuntu 7.04 Feisty Fawn Snike Tecnologia em Informatica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85 [demime 1.01d removed an attachment of type

Re: [OT] Pursuing Management to adopt OpenBSD

2008-03-20 Thread Giancarlo Razzolini
the great things open is capable of. My regards, -- Giancarlo Razzolini Linux User 172199 Red Hat Certified Engineer no:804006389722501 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Ubuntu 7.04 Feisty Fawn Snike Tecnologia em Informatica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB

Problems with PF and ftp-proxy with 2 links

2006-03-01 Thread Giancarlo Razzolini
me using load balancing in full time. Thanks in advance, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Snike Tecnologia em Informatica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85 [demime 1.01d removed an attachment of type

Re: OBSD 3.8: bash, libiconv, libintl in rc.securelevel

2006-03-08 Thread Giancarlo Razzolini
using only sh features. So my script can run virtually in any unix, making none or little adjusts. But if you MUST use bash, i recommend installing the statically linked one, because you not only solve the libraries problems, but is more secure. My 2 cents, -- Giancarlo Razzolini Linux User 172199

Re: Which Hardware for Firewall

2006-04-11 Thread Giancarlo Razzolini
, i recommend buying a good machine for yourself and using the one you have for the firewall. My 3 cents, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Snike Tecnologia em Informatica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85

Openvpn plugin for passwd authentication

2006-04-12 Thread Giancarlo Razzolini
, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Snike Tecnologia em Informatica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85 [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]

Re: Openvpn plugin for passwd authentication

2006-04-12 Thread Giancarlo Razzolini
Eric Pancer wrote: On Wed, 2006-04-12 at 12:21:33 -0300, Giancarlo Razzolini proclaimed... I wrote a plugin for Openvpn that does authentication using the passwd or the shadow files. I wrote it cause the only authentication plugin for openvpn is the auth-pam, and i needed to do

Re: Openvpn plugin for passwd authentication

2006-04-12 Thread Giancarlo Razzolini
Eric Pancer wrote: On Wed, 2006-04-12 at 14:07:53 -0300, Giancarlo Razzolini proclaimed... Did you read my mail at all? The plugin authenticate itself from master.passwd on OpenBSD and from shadow on linux distributions. I mentioned PAM, case the only plugin that existed for authentication

Re: Openvpn plugin for passwd authentication

2006-04-12 Thread Giancarlo Razzolini
Lars Hansson wrote: On Wednesday 12 April 2006 23:21, Giancarlo Razzolini wrote: I wrote a plugin for Openvpn that does authentication using the passwd or the shadow files What would be even cooler is a bsd-auth plugin. Lars Hansson From the man of the OpenBSD getpwnam(3

Re: Openvpn plugin for passwd authentication

2006-04-13 Thread Giancarlo Razzolini
didn't knew about the auth_verify method. Sounds very interesting and much simpler than the getpwnam(3) method. I will study it, and, maybe, write the plugin. Do you know if the program calling these functions must be running with uid 0 or be part of any special group? Thanks, -- Giancarlo Razzolini

Re: Secure programming over openbsd

2006-04-24 Thread Giancarlo Razzolini
programs that are known to be secure. OpenSSH is a good start. Even if you can't understand what each function is doing, at least you'll see the implementations of some functions that will you want to use. My 2 cents, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware

Re: OpenBSD's LIBC C99 missing %a string format support

2006-04-28 Thread Giancarlo Razzolini
correctly, securely and portable. My 2 cents, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Snike Tecnologia em Informatica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85 [demime 1.01d removed an attachment of type application/pgp-signature

Re: www.openbsd.org defaults to Japanese

2006-05-02 Thread Giancarlo Razzolini
it was my encoding. -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Snike Tecnologia em Informatica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85 [demime 1.01d removed an attachment of type application/pgp-signature which had a name

Re: /var filled up and can't login locally or remotely

2006-05-10 Thread Giancarlo Razzolini
and cleaning some trash, might solve the problem. Also you might want to consider installing the bash-static. My 2 cents, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Snike Tecnologia em Informatica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB

Re: /var filled up and can't login locally or remotely

2006-05-10 Thread Giancarlo Razzolini
any serious reason to not, if you are a zealous system admin. My 2 cents, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Snike Tecnologia em Informatica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85 [demime 1.01d removed

Re: traffic shaping question.

2006-05-23 Thread Giancarlo Razzolini
delay pools, and they work greatly. My 2 cents, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Snike Tecnologia em InformC!tica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85 [demime 1.01d removed an attachment of type application/pgp

Re: ALTQ help

2006-05-26 Thread Giancarlo Razzolini
. There is an example there using the whole 100Mb. My regards, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Snike Tecnologia em Informatica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85 [demime 1.01d removed an attachment of type application

Re: load balance outgoing ftp connections

2006-05-29 Thread Giancarlo Razzolini
balancing traffic with source ip address of your border interfaces, the ones that go to the internet. But consider yourself warned, that it might not work. My regards, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Snike Tecnologia em

Re: openbsd on virtual machine

2006-06-05 Thread Giancarlo Razzolini
install the boot manager in the first sector of the partition. I had this problem several times. Just take care not to boot the same os that you are already booted (catastrophic). -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Snike

Weird problem with PF and Load Balancing

2006-06-13 Thread Giancarlo Razzolini
don't know if this work, because i can assign only 1 queue per rule. And, with round-robin, i don't know where the packet is going. Thanks in advance, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Snike Tecnologia em Informatica 4386 2A6F

What is the problem with sticky-address and round-robin?

2006-06-19 Thread Giancarlo Razzolini
, and saw that i can limit the number of source-tracks and/or states, etc. But i think that this isn't the right solution. Someone have a clue? Thanks in advance, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Snike Tecnologia em Informatica

Re: What is the problem with sticky-address and round-robin?

2006-06-19 Thread Giancarlo Razzolini
Berk D. Demir wrote: Giancarlo Razzolini [EMAIL PROTECTED] wrote: Hi all, [.. cut ..] Then, when i putted the sticky-address in the main firewall, strange things happened. The source-tracking states were created, but the machines, sometimes, were directed to the other link, not the one

Re: What is the problem with sticky-address and round-robin?

2006-06-19 Thread Giancarlo Razzolini
-mails because trust me: i searched the man pages, the faq, google, google/bsd, and many other sources before asking in this list. And thanks for the help, anyway. My regards, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Snike Tecnologia

Re: What is the problem with sticky-address and round-robin?

2006-06-20 Thread Giancarlo Razzolini
ADSL modems, each on an interface. Also, i want to know if trunk would solve my problem in this case. Thanks in advance, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Snike Tecnologia em Informatica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB

Re: named on udp ports only

2006-06-20 Thread Giancarlo Razzolini
elegant and not as likely to break stuff. Someone might even have already written one, but I think it's likely you'll have to do it yourself. Joachim This hack already exist. AFAIK, delegate http://www.delegate.org, can do this. My cent, -- Giancarlo Razzolini Linux User 172199

Re: T1 and DSL failover? redundancy?

2006-06-23 Thread Giancarlo Razzolini
routing too. My 2 cents, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Snike Tecnologia em Informatica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85 [demime 1.01d removed an attachment of type application/pgp-signature which had a name

Re: Mixing queues in pf

2006-06-30 Thread Giancarlo Razzolini
it, and pfctl complained that the queues had no parent. So i believe that it does not work the way you want. You can have any number of queues using cbq or hfsc, but, AFAIK, cant mix them. My 2 cents, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable

Re: set skip on interface rule doesn't show up in pfctl -sr

2006-07-03 Thread Giancarlo Razzolini
for the feedback. That's a mistake I will not repeat again! (; Daniel pfctl -sI -vv shows you if an interface is skipped or not. My 2 cents, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Snike Tecnologia em Informatica 4386 2A6F FFD4

Re: set skip on interface rule doesn't show up in pfctl -sr

2006-07-03 Thread Giancarlo Razzolini
Nick Guenther wrote: -w is not documented in pfctl(8). What does it do? It is not -w it is -v that stands for -v(erbose). If you use it twice (-vv) it increase the verbose level. It is in the pfctl man page. My regards, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002

Re: set skip on interface rule doesn't show up in pfctl -sr

2006-07-03 Thread Giancarlo Razzolini
the connection on behalf of the user. I need this to do qos. My regards, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Snike Tecnologia em Informatica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85 [demime 1.01d removed an attachment of type

Re: Problem with dhcpd

2006-07-04 Thread Giancarlo Razzolini
that it has assigned. On startup, after reading the dhcpd.conf file, dhcpd reads the dhcpd.leases file to refresh its memory about what leases have been assigned. My regards, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Snike Tecnologia em

Re: set skip on interface rule doesn't show up in pfctl -sr

2006-07-04 Thread Giancarlo Razzolini
Joachim Schipper wrote: On Mon, Jul 03, 2006 at 09:15:15PM -0300, Giancarlo Razzolini wrote: Henning Brauer wrote: skip steps and set skip have noting to do with each other. set skip basically disables pf on a per-interface basis. skip steps is an optimization in rule processing you can

Re: hints for scanning msdosfs patters?

2006-07-07 Thread Giancarlo Razzolini
, leaving just one of them. My 2 cents, -- Giancarlo Razzolini Linux User 172199 Moleque Sem Conteudo Numero #002 Slackware Current OpenBSD Stable Snike Tecnologia em Informatica 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85 [demime 1.01d removed an attachment of type application/pgp-signature

Re: boot install cd on pentium mmx

2008-06-22 Thread Giancarlo Razzolini
to install on a mmx machine too, but the bios wouldn't boot a cd. So i used it. Get it on: http://btmgr.sourceforge.net/download.html My regards, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https://www.redhat.com/certification

Re: Route ftp-proxy pasive mode to secondary Internet conection

2008-06-24 Thread Giancarlo Razzolini
will have to select the routes using pf. I recommend that you do things right and use -mpath. It can even help with failover and other things. My regards, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https

Re: queueing

2008-07-03 Thread Giancarlo Razzolini
better. My regards, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https://www.redhat.com/certification/rhce/current/ Moleque Sem Conteudo Numero #002 OpenBSD Stable Ubuntu 8.04 Hardy Herom 4386 2A6F FFD4 4D5F 5842 6EA0

Re: Vulnerability Note VU#800113 - Multiple DNS implementations vulnerable to cache poisoning

2008-07-09 Thread Giancarlo Razzolini
support in any kind. So take easy and watch very carefully what you write on this mailing list, cause people won't be very happy with messages like this. My 2 cents, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https

Re: sshd_config(5) PermitRootLogin yes

2008-07-10 Thread Giancarlo Razzolini
to yes. I don't see this as a security breach. Just pick a strong root password, create a user, edit sudoers, disable root login and you are done. My regards, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https

Re: CARP node crashing reproducibly (4.3-stable)

2008-07-11 Thread Giancarlo Razzolini
take a look to see if the avahi-daemon is running on the suse machine. If it is, shut it down and see it again. Also, try capturing some packets. My regards, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https

Re: Hardware recommendation for firewalls (more than 4 NICs)

2008-07-11 Thread Giancarlo Razzolini
cards. Also, their performance isn't hit that hard, because the intel one s are pci-e. My regards, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https://www.redhat.com/certification/rhce/current/ Moleque Sem Conteudo Numero

Re: pfctl

2008-07-14 Thread Giancarlo Razzolini
. Another RTFM thread. I think there should be more emphasis about how good and complete openbsd doc is, on the download page of the site, to avoid this kind of thread. My regards, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501

Re: pfctl

2008-07-15 Thread Giancarlo Razzolini
Vijay Sankar escreveu: On July 14, 2008 08:16:08 pm Giancarlo Razzolini wrote: Stuart Henderson escreveu: On 2008-07-14, Charlie Clark [EMAIL PROTECTED] wrote: I have noticed that you are unable to view the currently loaded options for pf using pfctl, even 'pfctl -sa

Re: pfctl

2008-07-16 Thread Giancarlo Razzolini
Nathan Rickerby escreveu: On Mon, Jul 14, 2008 at 10:16:08PM -0300, Giancarlo Razzolini wrote: Stuart Henderson escreveu: On 2008-07-14, Charlie Clark [EMAIL PROTECTED] wrote: I have noticed that you are unable to view the currently loaded options for pf using pfctl

Re: This is what Linus Torvalds calls openBSD crowd

2008-07-16 Thread Giancarlo Razzolini
, a linux and openbsd user, to see the linux kernel main developer, saying things like that. I think i might migrate my desktop machine to openbsd now. My 2 cents, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https

Re: This is what Linus Torvalds calls openBSD crowd

2008-07-16 Thread Giancarlo Razzolini
Marco Peereboom escreveu: Oh he now develops code? I thought that ended somewhere in in '95. On Wed, Jul 16, 2008 at 03:45:23PM -0300, Giancarlo Razzolini wrote: Denis Doroshenko escreveu: On Wed, Jul 16, 2008 at 8:33 PM, Siju George [EMAIL PROTECTED] wrote: http

Re: This is what Linus Torvalds calls openBSD crowd

2008-07-17 Thread Giancarlo Razzolini
. Plain simple like that. If i do not change, there will be technical reasons for that, like my sound card not working on openbsd, or something like that (mention to note, it does not work properly on linux). My regards, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat

Re: This is what Linus Torvalds calls openBSD crowd

2008-07-17 Thread Giancarlo Razzolini
Semaka artwork for 4.4. Definitively it should include monkeys. And amoebas too. My regards, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https://www.redhat.com/certification/rhce/current/ Moleque Sem Conteudo Numero

Re: ping: sendto: No buffer space available when using bittorrent or another p2p

2008-07-21 Thread Giancarlo Razzolini
. It was a hardware problem. I already had this sometimes, and only rebooting the machine solved the problem. My regards, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https://www.redhat.com/certification/rhce/current/ Moleque Sem

Re: Can't scp, ssh is slow to authenticate.

2008-07-21 Thread Giancarlo Razzolini
to dns issues. Also, some checks on permisssions on both hosts, try to see if the subsystem sftp-server is enable on the ssh server, check if you can execute the scp binary on both machines, things like this. Also, increasing the debug level at server side can also help. My regards, -- Giancarlo

Re: Can't scp, ssh is slow to authenticate.

2008-07-22 Thread Giancarlo Razzolini
it out on the ssh_config file. You can do this in /etc/ssh/ssh_config. Check if you have this line: GSSAPIAuthentication yes If it is yes (which isn't the ssh default), change it to no, then try again. My regards, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red

Re: Can't scp, ssh is slow to authenticate.

2008-07-22 Thread Giancarlo Razzolini
question, and i want to hear the solution prompt and ready to be used. If you do not like our suggestions, then your place isn't on this mail list. My regards, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https

Re: PF route-to syntax

2008-07-23 Thread Giancarlo Razzolini
ruleset that is wrong. Is your routing table that is wrong. This is why it load without error message, because, from pf syntax view, it's right. My regards, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https

Re: BIND and CNAME-ing

2008-07-24 Thread Giancarlo Razzolini
, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https://www.redhat.com/certification/rhce/current/ Moleque Sem Conteudo Numero #002 OpenBSD Stable Ubuntu 8.04 Hardy Heron 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85

Re: keyboard encoding

2008-07-28 Thread Giancarlo Razzolini
are listed. If called as kbd name, the keyboard encoding will be set to name and a short message will be printed to stdout. If the -q flag is present, kbd will be quiet unless an error occurs. OpenBSD 4.3 May 31, 20071 -- Giancarlo

Re: keyboard encoding [not worth reading sorry]

2008-07-28 Thread Giancarlo Razzolini
NEVER is the one that's in use in the ssh server. The machine you are using to access the OpenBSD machine is the one you must be changing the keyboard layout. My regards, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https

Re: named/bind says /dev/arandom: file not found in log

2008-07-30 Thread Giancarlo Razzolini
, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https://www.redhat.com/certification/rhce/current/ Moleque Sem Conteudo Numero #002 OpenBSD Stable Ubuntu 8.04 Hardy Heron 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85

Re: pkg_add and make via tor?

2008-08-03 Thread Giancarlo Razzolini
, is to install a proxyfing program, like dante then, configure it to use tor and call pkg_add trough it. This way, you don't have to mess with anything else. My regards, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https

Re: Redundant WAN connections on 2 openBSD firewalls

2008-08-21 Thread Giancarlo Razzolini
this. The modem/router/etc, can provide accurate information about the link, using snmp. I've been wanting to write a tutorial about using CARP+ifstated+pfsync+multi wan links. Didn't had time yet to do so. I can provide you some examples later, if you want. My regards, -- Giancarlo Razzolini http

Re: pkill -HUP httpd won't fork new children

2008-08-28 Thread Giancarlo Razzolini
, the commando to start apache with it is: apachectl startssl. My 2 cents, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https://www.redhat.com/certification/rhce/current/ Moleque Sem Conteudo Numero #002 OpenBSD Stable

Re: question on nat behaviour ....

2008-09-02 Thread Giancarlo Razzolini
don't recommend the use of the *pass* modifier unless you know exactly what you're doing. My regards, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https://www.redhat.com/certification/rhce/current/ Moleque Sem Conteudo

Re: question on nat behaviour ....

2008-09-03 Thread Giancarlo Razzolini
Stefan Sczekalla escreveu: Hello Giancarlo, Argh - rtfm - I tried to search on this topic but only in the OpenBSD FAQ. Thanks for pointig me to the right direction. Kind regards, Stefan -Original Message- From: Giancarlo Razzolini [mailto:[EMAIL PROTECTED] On Behalf

Re: Can OpenBSD run in 24 MB of RAM?

2008-09-04 Thread Giancarlo Razzolini
it for more than a year. OpenBSD is a very small footprint operational system. I believe it will run in 24MB with no problems. My regards, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https://www.redhat.com/certification/rhce

Re: Can OpenBSD run in 24 MB of RAM?

2008-09-09 Thread Giancarlo Razzolini
hardware machines with ISA Network Cards. Simply don't use. It will, sometime, consume all cpu. It's not even memory the problem, it's CPU. And my connection wasn't that fast. But it's interesting to listen about these experiences. -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User

Re: ntpd can hang on boot

2008-09-09 Thread Giancarlo Razzolini
, use rdate and it will timeout after 2 minutes. I don't like to use the -s option of ntpd exactly for this problem. When there wasn't a internet connection, it will simply hang. rdate will not hang (at least not indefinitely). My 2 cents, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux

Re: ntpd can hang on boot

2008-09-10 Thread Giancarlo Razzolini
never believed it wouldn't :-) but, from my experience, rdate timeout exactly after 2 minutes. Not *that* far away so. Just for curiosity, what are the dns routines differences between them? -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer

Re: ntpd can hang on boot

2008-09-10 Thread Giancarlo Razzolini
Henning Brauer escreveu: * Giancarlo Razzolini [EMAIL PROTECTED] [2008-09-10 15:43]: Henning Brauer escreveu: ntpd -s will time out eventually, but the 'eventually' might be painfully far away. it's the dns routines that block and cause these problems. i know how to fix

Re: Patching a SSH 'Weakness'

2008-09-11 Thread Giancarlo Razzolini
worse things to worry. -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https://www.redhat.com/certification/rhce/current/ Moleque Sem Conteudo Numero #002 OpenBSD Stable Ubuntu 8.04 Hardy Heron 4386 2A6F FFD4 4D5F 5842 6EA0

Re: Confused about bridge/gif/trunk failover

2008-09-11 Thread Giancarlo Razzolini
, -- Giancarlo Razzolini http://lock.razzolini.adm.br Linux User 172199 Red Hat Certified Engineer no:804006389722501 Verify:https://www.redhat.com/certification/rhce/current/ Moleque Sem Conteudo Numero #002 OpenBSD Stable Ubuntu 8.04 Hardy Heron 4386 2A6F FFD4 4D5F 5842 6EA0 7ABE BBAB 9C0E 6B85

  1   2   3   4   5   6   >