Hi,
In OpenBSD 5.2, does this line : pass all tos lowdelay do the same
job that using altq/priq (see below)?
ext_if=kue0
altq on $ext_if priq bandwidth 100Kb queue { q_pri, q_def }
queue q_pri priority 7
queue q_def priority 1 priq(default)
pass out on $ext_if proto tcp from $ext_if to any
On Sun, Nov 04, 2012 at 02:46:55PM -0600, Aaron Poffenberger wrote:
Theo de Raadt dera...@cvs.openbsd.org writes:
Well I moved to position that booting with a passphrase and then
concatenate strong passphrase from an Yubikey configured with
static passphrase would be better solution than
I suppose boot(8) supporting now crypto volumes would face
same attack as truecrypt - Evil Mail[1]
Could be some easy _workaround_ for this? Such as copying boot
loader from fixed disks to an usb stick to prevent this kind of physical
hardware attack?
jirib
[1]
On Mon Nov 5 2012 12:15, Wesley wrote:
Hi,
In OpenBSD 5.2, does this line : pass all tos lowdelay do the same
job that using altq/priq (see below)?
No.
ext_if=kue0
altq on $ext_if priq bandwidth 100Kb queue { q_pri, q_def }
queue q_pri priority 7
queue q_def priority 1 priq(default)
On Mon, 5 Nov 2012 07:52:50 +0100, Joakim Aronius wrote:
* Kurt Mosiejczuk (kurt-openbsd-m...@se.rit.edu) wrote:
Jan Stary wrote:
Strangely, the only occurence of 2.139.201.210 in the last month's
maillog is just this; that's half an hour after it got WHITE.
What happend at Mon Oct 29
Le Fri, 27 Jul 2012 11:13:21 +0200,
Hrvoje Popovski hrv...@srce.hr a écrit :
On 26.7.2012. 18:31, Patrick Lamaiziere wrote:
Hello,
We have just noticed that pflow (v5) sometime (but often) uses a
StartTime value which is later than the EndTime.
So the duration is interpreted
On Mon, 5 Nov 2012 05:39:00 +0100
Tomas Bodzar tomas.bod...@gmail.com wrote:
Can you post pcidump -v for vga as well? Curious why dmesg shows not
configured (as Pineview devices are supported in system) and X is able
to choose driver. Maybe some different revision of device or something
like
After upgrade to latest snapshot I see strange lines in dmesg:
Constant TSC= yes
Invariant TSC [ITSC]= no
Architectural Performance Monitoring [PERF] = yes
eax_07-00: Version ID = 2
eax_15-08: Num. of
On Nov 5, 2012, at 2:50 AM, Jiri B wrote:
On Sun, Nov 04, 2012 at 02:46:55PM -0600, Aaron Poffenberger wrote:
Theo de Raadt dera...@cvs.openbsd.org writes:
Well I moved to position that booting with a passphrase and then
concatenate strong passphrase from an Yubikey configured with
static
I seem to be unable to boot from locally-compiled bsd.rd (i386). I
have triple-checked everything I'm doing against release(8)
instructions and tried both 5.2 -stable and release CVS tags; the
result is the same: panic: cannot open disk, 0x1100/0x2f02, error 22
It may be of note that the bsd.rd
I seem to be unable to boot from locally-compiled bsd.rd (i386). I
have triple-checked everything I'm doing against release(8)
instructions and tried both 5.2 -stable and release CVS tags; the
result is the same: panic: cannot open disk, 0x1100/0x2f02, error 22
Let me guess. You have
You guessed right. Apparently I don't understand the build process as
well as I thought. I skipped the userland + release steps, since
there hadn't been any -stable patches against those with 5.2.
Sorry for the noise.
--david
On Mon, Nov 5, 2012 at 8:51 AM, Miod Vallat m...@online.fr wrote:
Yes, that is expected from snaps right now.
2012/11/5 Sergey Bronnikov este...@gmail.com:
After upgrade to latest snapshot I see strange lines in dmesg:
Constant TSC= yes
Invariant TSC [ITSC]= no
Architectural Performance
On 11/04/2012 08:33 PM, Mihai Popescu wrote:
Hello there,
You need to post full dmesg and configuration files for wireless
letting out the sensitive data like wpakey or passwords, maybe domain
names too. This way you might get some help, because nobody likes to
guess what you have there.
Just
I noticed when populating my mirror with the 5.2 release, that the
packages for sh just end with the packages starting with 'g'. I just
double checked when writing this, and even ftp.openbsd.org has the same
incomplete set of packages for sh. Was there some glitch? Or is there
some
Theo de Raadt wrote:
Well I moved to position that booting with a passphrase and then
concatenate strong passphrase from an Yubikey configured with
static passphrase would be better solution than keydisk and
passphrase.
Although I don't have an Yubikey token now but as an Yubikey
token is
Hi,
I need to get serial access to my workstation at work but I have limited
real serial ports to work with.
Right now I have my two main servers connected by null modem cable to my
2 carped firewalls and that's all good.
Each of those servers also has a second serial port that is not
John Long codeb...@inbox.lv writes:
I'm trying to remember how I should know when to update -stable. Is the
errata web page the definitive source or is there some place else I should
keep an eye on?
I just have a cvs up in /etc/weekly.local. The next morning, I look at
the emailed output
On Mon, Nov 05, 2012 at 07:40:26AM -0600, Carson Chittom wrote:
John Long codeb...@inbox.lv writes:
I'm trying to remember how I should know when to update -stable. Is the
errata web page the definitive source or is there some place else I should
keep an eye on?
I just have a cvs up
I noticed when populating my mirror with the 5.2 release, that the
packages for sh just end with the packages starting with 'g'. I just
double checked when writing this, and even ftp.openbsd.org has the same
incomplete set of packages for sh. Was there some glitch? Or is there
some
On 2012-11-02, Andrew Klettke aklet...@opticfusion.net wrote:
Just upgraded to 5.2 on one of our backup firewalls, and we are having
issues with hosts that are being checked with ICMP:
This should have been fixed post-5.2, please try this diff against
/usr/src/usr.sbin/relayd and let me know
Applied the patch, compiled and installed the new version of relayd, and
everything looks good again. Thanks much!
Thanks,
Andrew Klettke
Systems Admin
Optic Fusion
On 11/05/2012 09:20 AM, Stuart Henderson wrote:
On 2012-11-02, Andrew Klettke aklet...@opticfusion.net wrote:
Just upgraded to
Rod Whitworth glis...@witworx.com writes:
I have had a stack of both sides of the invalid address email stuff for
some time.
I make all the ficticious addresses into spam traps. That way I punish
the fools whose servers return mail whence it came not. They just get
tarpitted and I don't
On 2012-11-03, Tomas Bodzar tomas.bod...@gmail.com wrote:
On Fri, Nov 2, 2012 at 9:07 PM, Dewey Hylton dewey.hyl...@gmail.com wrote:
for some of my remote customers, as well as my own office, i'm looking for
an out-of-band management solution that's cheaper than iLO or DRAC. remote
power
On 2012-11-01, Jan Stary h...@stare.cz wrote:
Anyway, it seems (some) spambots got less demented and actually do
resend, getting themselves whitelisted - thus working themselves
around the whole premise of greylisting.
Not the whole premise... A good part of it is to just delay the mail,
this
Got this panic while running halt -p to shut down my VMware system
this evening. First time I've seen it and haven't been able to
reproduce in several reboot since.
I can't see this being related to my mistakes this morning with
bsd.rd, but don't feel entirely confident it wasn't somehow my
Hi,
I just built a small firewall using OpenBSD 5.2
Advices are welcome... ;-)
Thank you very much.
So, 2 interfaces, with the following rules :
-Traffic only Ipv4
-Allow pings in/out
-Allow our lan to only have ftp/http and https
-Allow an access from anywhere to our RDP server
-Prioritizing
27 matches
Mail list logo