* Richard Procter richard.n.proc...@gmail.com [2014-01-25 20:41]:
On 22/01/2014, at 7:19 PM, Henning Brauer wrote:
* Richard Procter richard.n.proc...@gmail.com [2014-01-22 06:44]:
This fundamentally weakens its usefulness, though: a correct
checksum now implies only that the payload likely
* Geoff Steckel g...@oat.com [2014-01-28 03:20]:
It would be good if when data protected by a checksum is modified,
the current checksum is validated and some appropriate?
guess what: that is exactly what happens.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH
Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
seem you know what you are talking about. the cksum is dead
simple, if we had bugs in claculating or verifying it, we really had a
LOT of other problems. There is no undetected error rate, nothing
really changes there.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http
to
problems in reliability. For realistic security, you'd get far more by
choosing 1) a registrar without a history of compromises, and 2) a DNS
Provider that uses something other than BIND. NSD is in base.
wise advice.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http
interface would go through the
same queues!
yes, that's supposed to work.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http
* Илья Шипицин chipits...@gmail.com [2013-10-10 13:31]:
I am about to switch icmp timestamps off (security people are afraid
of that setting)
your security people have no clue regarding security.
they probably also block icmp, since it's so dangerous.
--
Henning Brauer, h...@bsws.de, henn
* Илья Шипицин chipits...@gmail.com [2013-10-11 04:52]:
I was just curious why that timestamping is enabled by default.
'cause there is no reason to disable it.
why is tcp enabled by default?
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full
my fault, fixed some days ago.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
* John Tate j...@johntate.org [2013-09-30 20:34]:
but Facebook is still not working
that's a feature.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
to remove altq after the 5.5 release, so that
release will have both and people have time to migrate.
I won't do such a huge parallel-backwards-compat circus again, it has
been a nightmare.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
creates some separate
queues?
prio doesn't create queues AT ALL.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http
worked, I have a vague idea where that
bug might sit; can't check deeper right now tho. oh how much i wish we
had a bug tracker.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers
/local/bin/ffmpeg -i $1 -strict -2 -vcodec copy ${1%%avi}mp4
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http
sorry ;)
*ALTQ's replacement..
Does it have a name yet, or are you sticking with; new super duper
simple prio queuer?
I'm not into marketing. It's just the new queueing subsystem.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
Secure
* hru...@gmail.com hru...@gmail.com [2013-09-16 21:33]:
It confirms that it supposes: A=B if hash(A)=hash(B).
which is fine even with a relatively poor hash like md5 when the size
is also checked.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full
* Andy a...@brandwatch.com [2013-09-10 11:38]:
PS; Thanks for your great work Henning (and others of course).
Hoping and keeping fingers crossed the new subsystem will make it
into 5.4 :)
queueing? no, looks like 5.5
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH
.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
://bulabula.org/diffs/newqueue.diff
manpage should make things clear.
I'm not a coder but I'm happy to contribute as and where I can :)
test test test
for some background, check http://bulabula.org/papers/2012/eurobsdcon/
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http
* noah pugsley noah.pugs...@gmail.com [2013-09-13 09:12]:
Gosh darn you Henning and your gigantic bavarian slides! Gosh darn you to
heck.
I'm not barb... erm, bavarian.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
Secure Hosting
is NOT proportional to # of packets.
Intel has been using a max of 8k int/s for their network chips for a
long time. the work per-interrupt is everything but constant.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services
tcpbench. or an ixia.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
that though.
I did when I wrote sloppy: teh performance difference between
full-blown and sloppy tracking is nil.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
* Михаил Швецов mishve...@rambler.ru [2013-08-07 14:55]:
How can i see that set prio works?
it just does.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
by definition; the pf host then
reassembles anyway.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
, openbgpd and openospfd to name to
the ones I have problems with when a cable is pulled/NIC reset etc.
you are attributing your issues to the wrong party.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services
MTRR support
vscsi0 at root
But I suppose it has nothing to do with APM/ACPI.
that's the floppy memorial minute.
usually disappears when the bios is correctly set to no floppy
present, but that is obviously bios dependent.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services
been told so
already.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
of the pfsync/pf code,
yeah, you made that obvious.
but I assume
aha.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http
that I manage or have helped with, besides the
99.999% I've never seen or heard of.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting
routers are not my border firewalls...
But maybe I am mistaking doing this ?
no.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http
* openda...@hushmail.com openda...@hushmail.com [2013-07-04 05:09]:
Why do we need FUSE anyway?
it's a firewall between filesystem code written by people who
shouldn't write filesystem code and our kernel.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de
* Theo de Raadt dera...@cvs.openbsd.org [2013-07-04 20:19]:
but henning, you just used the word firewall. you're going to be
mocked forever.
firewall? me? I write packet filter code :)
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
* Михаил Швецов mishve...@rambler.ru [2013-06-13 16:54]:
Does (pf set prio) work on Openbsd 5.3 x64 or i386?
of course.
Please can you write simple config for set prio in pf.conf?
match set prio 5
* Stuart Henderson s...@spacehopper.org [2013-05-15 21:54]:
per-packet load balanced ADSLs
don't do that.
per-packet is way too naive.
there is no better answer.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS
by an
experienced person who really understands pf.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
* Chris Smith obsd_m...@chrissmith.org [2013-06-19 16:20]:
On Wed, Jun 19, 2013 at 6:43 AM, Henning Brauer lists-open...@bsws.de wrote:
no
Thanks.
Any plans to implement this?
no.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure
* Chris Smith obsd_m...@chrissmith.org [2013-04-23 16:21]:
Seems that pf can enforce a min-ttl but can it explicitly set the ttl
on packets leaving an interface?
no.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail
* Fil DiNoto fdin...@gmail.com [2013-02-16 21:54]:
I prefer rule processing order
kinda funny, that is what I consider the biggest (and unfixable)
mistake in pf.
but that's all history.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
* Nick n...@holland-consulting.net [2013-03-02 04:09]:
Atom = low power consumption for low performance processing.
err, no. the current atoms are blazingly fast really. and
Crypto
they do for breakfast.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de
* Henning Brauer lists-open...@bsws.de [2013-06-05 20:05]:
* Nick n...@holland-consulting.net [2013-03-02 04:09]:
Atom = low power consumption for low performance processing.
err, no. the current atoms are blazingly fast really. and
ewps. I didn't mean to send this to the list. without
get that whining again.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
to refer to that
interface in the first place you'd only had to deal with the
hostname.if file, at least in many scenarios.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully
one is even worse and
removed the only reliable backend, ldbm.
once our own ldapd has replication support I should be able to get rid
of openldap eventually...
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS
#---
#pass in log on egress proto tcp from any \
#to egress port smtp modulate state
#pass out log on egress proto tcp to any port smtp modulate state
On Mon, Nov 19, 2012 at 01:47:09PM +0100, Henning Brauer wrote:
* Kapetanakis
would deliver better performance (this is critical for me).
I doubt there is any significant difference at all.
What you have to say.
use nginx.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services
.
as said, this is entirely guessed.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
them into
queue q_def, and if they have the lowdelay TOS flag set, put them into
queue q_pri, instead.
correct, and let me be the nitpicker here: the pass lowdelay is
relevant to the first packet only, to create state.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http
the prio syntax was not final whereever I could...
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
guided person here is you.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
gazillions of stupid
workarounds.
and guess what: in practice, accidental blackholing is extremely rare.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning
, and we're
supposed to implement their workaround hacks so that they can continue
to deploy shit? brilliant approach.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
. 5.3 is getting tough already.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
* Tyler Morgan tyl...@tradetech.net [2012-10-02 18:31]:
which links to: http://www.openbsd.org/faq/pf/filter.html#synproxy
which gets far from saying what Henning said.
this has been fixed.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
is there because it ca save your a** WHEN YOU ARE UNDER
ATTACK. it is not suitable for all-time all-case use, and can't be.
it once again comes down to think before pushing random buttons.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting
* David Diggles da...@elven.com.au [2012-10-02 13:51]:
but is this clear for newbies who read all the faqs?
On Tue, Oct 02, 2012 at 01:17:03PM +0200, Henning Brauer wrote:
it once again comes down to think before pushing random buttons.
this basic principle SHOULD not need documentation
a lot when (i. e. what release) you did that. things
changed. I don't remember the exact release, but roughly 2 years ago.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully
from 192.168.0.1 need more than 15s,
Windows XP client sync time successful from time.windows.com within 3s.
Why? May OpenNTPD improve?
why? maybe windows stupid?
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS
is the problem, nothing we can fix.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
suffice.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
and make sure it is on the in and out rule sets?
sounds about right for what you seem to want to achieve.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning
* Bahador NazariFard bahador.nazarif...@gmail.com [2012-06-26 20:35]:
unfortunately authpf does not delete nat state when user disconnected.
I believe I just committed the fix for this.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
on the caller/source,
enforces a pfctl -a anchorinquestion ...
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
choice of frontend/management around it.
something else? who knows?
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http
for specific
users to be able to edit specific anchor rulesets. could be as easy as
a file per anchor owned by the user in question and a little cronjob
that reloads your ruleset including anchors hourly or so.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full
at their locking changes with the goal to
get them over. but this way? pointless. sad.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting
don't make any sense.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
on topic, at least a little bit.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
the difference?
hmm, I am using the group based filters myself a lot and of course
they work just fine.
sure you're not misdiagnosing something here?
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services
yadda yadda yadda.
Upgrading takes much less downtime and work than randomly pushing
kernel config buttons. especialy if you don't understand them, which
you have already proven here:
net.bpf.bufsize=1048576# Internal kernel buffer for storing packet
q. e. d.
--
Henning Brauer, h
ways.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
, but I didn't expect this type of change in rc.conf ...
can you get over it now please instead of spamming the list with your
attempts to find someone but yourself to blame for your screwup? shit
happens, learn from it, done.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http
splicing.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
* Kostas Zorbadelos kzo...@otenet.gr [2012-06-09 18:02]:
Henning Brauer lists-open...@bsws.de writes:
string matching to more or less random packets' payload in the kernel?
that is beyond insane.
I am interested to know if this has caused problems in IPtables'
setups. It sounds dangerous
.
Is it possible for you to make the info that was written down about debugging
options for bgpd in the non-public list available here, as per the mail
below?
see guenther's mail, but that doesn't help in your case, since you
don't end up with the box crashing.
--
Henning Brauer, h
* Andre Keller a...@list.ak.cx [2012-06-06 16:05]:
is any body running OpenBSD as a XEN HVM guest?
nobody sane.
ddb trace
ddb dmesg
the actual panic is missing.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail
* Peter Kay syllops...@syllopsium.co.uk [2012-06-04 21:00]:
It seems to me it would be more sensible to stick a disklabel
inside a new OpenBSD GPT partition type.
go ahead, show your code, then we can talk about it.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http
: ntpd doesn't have a limit. adjtime() has limits.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
instrumentation of prio's operation at this time in
its evolution?
not yet.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http
* S. Scott 8f27e...@gmail.com [2012-05-29 10:38]:
On 29 May 2012 03:56, Henning Brauer lists-open...@bsws.de wrote:
* S. Scott 8f27e...@gmail.com [2012-05-29 01:44]:
After upgrading to 5.1, we de-configured all altq-priq queuing in
favor of the new prio queuing. The re-configuration
decision engine
terminated; signal 11
now that is bad. sig11 = segfault, Must Not Happen (tm).
can you get us a backtrace? stuart, can we document the steps to do so
somewhere we can point people to?
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full
/pub/OpenBSD/snapshots/$arch/
also, you'd do yourself much of a favor by using real hardware and not
some crappy emulation of garbage.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers
changes, which can result
in very rapidly increasing memory use.
this bug is hard to trigger and we have not been able to identify a
pattern here, except that it involves iBGP.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting
to make that available.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
this guy don, explain hom how his garbage
hurts the community, and makes him remove it.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http
advskew values don't really matter much, the difference
does. since that is a time in the end 1 could be a little too close.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully
, preferably 9.8 or in the future 9.9).
purely out of curiosity: why?
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http
almost everybody is running with them.
that is not your problem, something in your setup is very wrong. first
sanity check would be the clock, tho I have a hard time seeing how it
could jump repeatedly.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full
. of course
it eventually does.
if you're after the src address for locally initiated sessions, that
purely depends on the routes and thus the netmasks you configured on
carp and its carpdev.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure
the difference really?
the difference is that in one case the firmware is stored on the card,
in the other case it has to be uploaded to the card by the OS.
now that makes a huge difference for privacy et al...
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full
it.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
OSPF has stabalised. I don't see a nice clean place in the startup
process to do this though unless I hack /etc/netstart or similar which
I don't want to do.
as said, carp is demoted (to 128) until rc is done.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de
* Siju George sgeorge@gmail.com [2012-05-04 08:44]:
On Thu, Apr 12, 2012 at 3:44 AM, Henning Brauer
lists-openbsdt...@bsws.de wrote:
diffs are for current of course but should work for 5.1 as well -
dunno what you are trying.
I have upgraded my firewall to 5.1
could you please give ma
Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
- a lot. most of the time
with trunk in failover mode, but that shouldn't make a difference. You
might see a bug in your switch here.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root
disks and have two
machines.
I'm very happy with Supermicro X9SC* based systems, with Xeon E3-1220
and an Intel SSD. Check with your local supplier for exact model
options. Superior performance, 35W idle, no trouble whatsoever, fair
pricing.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS
* Sebastian Reitenbach sebas...@l00-bugdead-prods.de [2012-04-17 10:40]:
On Tuesday, April 17, 2012 09:35 CEST, Henning Brauer lists-open...@bsws.de
wrote:
* Marcin mig...@gmail.com [2012-04-17 08:59]:
I am looking for a hardware recommendation for a new OpenBSD based
firewalls. So
* Sebastian Reitenbach sebas...@l00-bugdead-prods.de [2012-04-17 11:45]:
On Tuesday, April 17, 2012 10:47 CEST, Henning Brauer lists-open...@bsws.de
wrote:
* Sebastian Reitenbach sebas...@l00-bugdead-prods.de [2012-04-17 10:40]:
On Tuesday, April 17, 2012 09:35 CEST, Henning Brauer
fishy. the referencing rules distinguish
between tables in the anchor and further up.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http
101 - 200 of 1518 matches
Mail list logo