pf outbound nat load balancing issue

Hi all, I have a very basic pf NAT setup for testing on my new firewall. The firewall has two PPPoE connections which are using multipath default routes to load balance. Load balancing works for non-NAT traffic, but NAT traffic is only going out via one link, not both. I am wondering what the

2 questions regarding carp and dhcp

Hello everybody, two questions regarding carp and dhcp, one running the firewall as a dhcp client, and one running as server. I want to provide dhcp from the firewall. Therefore I did setup the dhcp server on both hosts of the cluster. The firewall is configured as master/backup mode. The

Re: reliable, dd over simple ip network

On 21:28:56 Oct 15, Neko wrote: Good day to all of you, i have found a really dirty way of going around this, so im fishing for advices on finding a reliable way to dd over simple ip network with the generic bsd. could this be done in a straight pipe ? i have an ftp on the generic

Re: 4.4 arrived in New Zealand

Got mine today. Sydney Australia. Thanks to all the devs and supportive user community! Another brilliant set and release!

Re: RES: RES: Filtering outgoing connections in pf

But it can still be a router if it does not do natting, a router with only public IP's Cezary Morga wrote: Dnia Eroda, 15 paE:dziernika 2008, cgc napisaE: And any box that is doing packet filtering between 2 or more networks, eg. a private network and the internet, is a router as far as

Re: Funny linker error: relocation truncated to fit

Hello, On Wed, Oct 15, 2008 at 5:30 PM, Ted Unangst [EMAIL PROTECTED] wrote: On Wed, Oct 15, 2008 at 11:53 AM, Edd Barrett [EMAIL PROTECTED] wrote: Hi Guys, Does anyone know what this weird linker error means? xetexini.o(.text+0x4bc): In function `initialize': : relocation truncated to

Re: what exactly is enc0?

On Wednesday 15 October 2008, ropers wrote: I don't know if it is possible to use --surrounding physical space permitting-- 64bit cards in 32 bit slots (and have them run w/ reduced performance). IIRC, something like that used to be possible back when it came to the transition from 8bit ISA to

RES: RES: RES: Filtering outgoing connections in pf

Hi, I wanna allow local users ( 10.10.0.0/24 ) to Access internet just using port 80, 25 110 and 53 udp. I wanna allow full access to 10.10.20.0/24 to the internet. I mean, no restriction. Easy like that. I used openBSD 3.8 in the past and I was able to filter packets in $ext_if

Re: RES: RES: RES: Filtering outgoing connections in pf

That looks like it should work fine apart from the capital letters in your macro's Regards, Charlie Ricardo Augusto de Souza wrote: Hi, I wanna allow local users ( 10.10.0.0/24 ) to Access internet just using port 80, 25 110 and 53 udp. I wanna allow full access to 10.10.20.0/24 to the

Re: dmesg IBM x3650 OpenBSD 4.3

On Monday 13 October 2008, Artur Grabowski wrote: gm_sjo [EMAIL PROTECTED] writes: 2008/10/10 Theo de Raadt [EMAIL PROTECTED]: Wow. Good luck. Can't you see we've been down that road before with those bastards? But really. Good luck. You really are too optimistic, but sure, learn the

Shutdown with the power button

Hi list, Wondering if anyone knows how (or if it is possible) to be able to gracefully power down an OpenBSD box by hitting the power button on the server. Useful when you need someone to power down a system (like in a power failure situation) but there is no console attached. FreeBSD and linux

Re: Shutdown with the power button

On Thu, Oct 16, 2008 at 11:22 PM, Gregory Edigarov [EMAIL PROTECTED] wrote: Mikel Lindsaar wrote: Wondering if anyone knows how (or if it is possible) to be able to gracefully power down an OpenBSD box by hitting the power button on the server. Mine does clean shutdown on power button just

Re: Shutdown with the power button

It probably needs to be enabled in the bios. On Thu, Oct 16, 2008 at 11:30:02PM +1100, Mikel Lindsaar wrote: On Thu, Oct 16, 2008 at 11:22 PM, Gregory Edigarov [EMAIL PROTECTED] wrote: Mikel Lindsaar wrote: Wondering if anyone knows how (or if it is possible) to be able to gracefully

ral(4) stops generating traffic

Hi, I 'm running OpenBSD 4.4-current (RALDBG) #0: Fri Oct 10 16:56:50 CEST 2008, which is GENERIC with RAL_DEBUG, but I've seen this problem with previous kernels and without RAL_DEBUG, too. # dmesg | grep ral ral0 at pci0 dev 14 function 0 Ralink RT2860 rev 0x00: irq 10EEPROM rev=1, FAE=1

Re: KDE Question, Blank 'Kicker' at the bottom of the screen, missing menus

On Wednesday 15 October 2008, [EMAIL PROTECTED] wrote: I installed all of the relevant KDE packages and set it to start at boot time with KDM and it worked fine initially, for a couple days. Without my changing anything in particular, the equivalent of the windows taskbar at the bottom of the

Re: Shutdown with the power button

see /etc/rc.shutdown and set: powerdown=YES # set to YES for powerdown Good Luck. On Thu, Oct 16, 2008 at 11:30:02PM +1100, Mikel Lindsaar wrote: On Thu, Oct 16, 2008 at 11:22 PM, Gregory Edigarov [EMAIL PROTECTED] wrote: Mikel Lindsaar wrote: Wondering if anyone knows how (or if it is

Re: BSD Port from OpenJDK

On Tuesday 14 October 2008, Kurt Miller wrote: Quite frankly I'm pretty upset at all the 'Java sucks' banter on misc. If you and the other naysayers don't realize that porting Java to OpenBSD was a 'Good-Thing' then you are just UNINFORMED!

Re: Shutdown with the power button

hi, On Thu, Oct 16, 2008 at 11:30:02PM +1100, Mikel Lindsaar wrote: Hmm... here is the dmesg then any ideas? looks like you're missing an acpibtn (man acpibtn). -- CUL8R, Peter.

Re: what exactly is enc0?

* ropers [EMAIL PROTECTED] [2008-10-15 22:44]: (Personally, I've never even ever run across anything else but 5V PCI cards and slots. Probably because I've never owned a Soekris.) I'm pretty sure that your average pile of pci cards has way more 3.3v capable cards than 5v-only ones. ay more.

Re: VESA 1280x800

On Thu, Oct 16, 2008 at 2:30 AM, Jairo Souto [EMAIL PROTECTED] wrote: Would you, please, tell me how to add the card PCI id in the nv driver? Add: { 0x10DE0533, GeForce 7000M }, in xenocara/driver/xf86-video-nv/src/nv_driver.c, after line 391. (Sorry I can't generate a patch right now.

Re: reliable, dd over simple ip network

On Wed, Oct 15, 2008 at 09:28:56PM -0700, Neko wrote: since my partitions have 16% free on all systems, i cant tarball the drive sent it to target machine and uncompress, Tarball it up, pipe the output somewhere, eg via ssh (disclaimer: untested; concept only) [tar commands, to stdout] |

Re: Timeout on network interface

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2008-10-13, Stuart Henderson [EMAIL PROTECTED] wrote: There are not issues with re(4) which are being worked on which pertain to this issue. The problem mentioned by the original poster is an issue with the (emulated) RTL8139 driver provided by

Re: what exactly is enc0?

J.C. Roberts schrieb: On Wednesday 15 October 2008, ropers wrote: I don't know if it is possible to use --surrounding physical space permitting-- 64bit cards in 32 bit slots (and have them run w/ reduced performance). IIRC, something like that used to be possible back when it came to the

Re: Shutdown with the power button

On 15:41:27 Oct 16, Guillermo Bernaldo de Quiros Maraver Pedroche wrote: see /etc/rc.shutdown and set: powerdown=YES # set to YES for powerdown Try this. It might work. My /etc/sysctl.conf has the line machdep.kbdreset=1 # permit console CTRL-ALT-DEL to do a nice halt I

weird dmesg

I was preparing some information about my system to post my questions here and I saw that weird output in dmesg. Take a look. How can I avoid/fix this? # dmesg info.txt # vi info.txt [4] + Suspendedvi info.txt # # cat info.txt speaker lpt0 at isa0 port 0x378/4 irq 7

package ports tools, ftp and pf

I get no reply when I try to subscribe to the pf mailing list, so I'll ask here. I'm running OpenBSD 4.3 stable on amd64. I use what is in the pf faq to allow ftp from my internal lan via nat, which works, but I can't ftp from the computer that is running pf unless I use ftp -AaE as I read about

Re: reliable, dd over simple ip network

Maybe the simplest usage: tar cfz - /somedir | ssh somehost dd of=/somefile.tgz John On Thu, Oct 16, 2008 at 10:42:17AM -0400, Douglas A. Tutty wrote: On Wed, Oct 15, 2008 at 09:28:56PM -0700, Neko wrote: since my partitions have 16% free on all systems, i cant tarball the drive sent it

Re: pf outbound nat load balancing issue

Forgot to mention, i'm running 4.3 release. 2008/10/16 gm_sjo [EMAIL PROTECTED]: Hi all, I have a very basic pf NAT setup for testing on my new firewall. The firewall has two PPPoE connections which are using multipath default routes to load balance. Load balancing works for non-NAT

Get Popular Screensavers

Halloween Screensavers! Hundreds of wicked Halloween Screensavers! Spook your friends with one of our spooktastic screensavers this Halloween! They will love it! Our Screen Savers: Are totally Free! There are thousands of free photos exclusive 3-D animations to choose from Require NO

Re: what exactly is enc0?

The board's PCI slot has to be molded to support it. If not, a dremmel and a little precision will permit the card to sit in the slot with no problems. Shave a few mm off the PCI slot's side, don't cut the card. . On 10/16/08, J.C. Roberts [EMAIL PROTECTED] wrote: On Wednesday 15 October 2008,

Re: package ports tools, ftp and pf

Either switch to passive ftp, or open your ftp-data port. That should solve some of your problems. On 10/16/08, Kendall Shaw [EMAIL PROTECTED] wrote: I get no reply when I try to subscribe to the pf mailing list, so I'll ask here. I'm running OpenBSD 4.3 stable on amd64. I use what is in the

RES: weird dmesg

No ideas? -Mensagem original- De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Em nome de Ricardo Augusto de Souza Enviada em: quinta-feira, 16 de outubro de 2008 12:08 Para: misc@openbsd.org Assunto: weird dmesg I was preparing some information about my system to post my questions here

WPA Enterprise (openBSD 4.4)

Hello, being a new openBSD User, I encounter several problems, which I normally manage to solve by doing research and/or reading man files. Except for one thing. WPA Enterprise. At my university we have an WPA Enterprise Wlan, where students use to connect to the virtual world. Well, after

Re: reliable, dd over simple ip network

On Wed, Oct 15, 2008 at 10:28 PM, Neko [EMAIL PROTECTED] wrote: i have found a really dirty way of going around this, so im fishing for advices on finding a reliable way to dd over simple ip network with the generic bsd. could this be done in a straight pipe ? i have an ftp on the generic

whitelisting X DSL (dynamic IP)s

Hi, I am planning to setup a network with a OpenBSD/SPAMD firewall, and an internal POSTFIX server with SASL SMTP AUTH. While think about it, I realized that I have a problem here. Whenever a mobile user wants to send mail (relaying) through the POSTFIX server, he will have to go through the

Re: reliable, dd over simple ip network

Daniel Melameth escribis: On Wed, Oct 15, 2008 at 10:28 PM, Neko [EMAIL PROTECTED] wrote: i have found a really dirty way of going around this, so im fishing for advices on finding a reliable way to dd over simple ip network with the generic bsd. could this be done in a straight pipe ? i

Re: whitelisting X DSL (dynamic IP)s

On Oct 16, 2008, at 1:59 PM, Jose Fragoso wrote: So my question is: what is the best way to deal with this kind of situation. Should I reduce the value of whiteexp ? Has anybody thought of way of cleaning such road-warrior addresses on a daily basis ? To be fare, these address should not stay

Re: whitelisting X DSL (dynamic IP)s

Jose Fragoso wrote: Hi, I am planning to setup a network with a OpenBSD/SPAMD firewall, and an internal POSTFIX server with SASL SMTP AUTH. While think about it, I realized that I have a problem here. Whenever a mobile user wants to send mail (relaying) through the POSTFIX server, he will have

Re: WPA Enterprise (openBSD 4.4)

kabel wrote: Hello, being a new openBSD User, I encounter several problems, which I normally manage to solve by doing research and/or reading man files. Except for one thing. WPA Enterprise. As far as I know OpenBSD doesn't have 802.1X (The Enterprise part of WPA Enterprise) support. I have

Re: reliable, dd over simple ip network

wow thanks for your time, yes i already master dd, and i have to use it since im cloning two disk that are identical both disk with more that 5 partition / 6 os. i have no choice I HAVE TO binary copy the disk, and their is a catch since i want to update all my partitions in a fly, since many of

Re: reliable, dd over simple ip network

since tar can be a device, and ssh open a port can i use straight device to device using both engines ? --- On Thu, 10/16/08, John Jackson [EMAIL PROTECTED] wrote: From: John Jackson [EMAIL PROTECTED] Subject: Re: reliable, dd over simple ip network To: misc@openbsd.org Date: Thursday,

Re: reliable, dd over simple ip network

On 2008-10-16, Neko [EMAIL PROTECTED] wrote: yes i already master dd, and i have to use it since im cloning two disk that are identical both disk with more that 5 partition / 6 os. If you've mastered it, you'll know it can output or input data over a pipe to/from another program. Like ssh.

Re: ral(4) stops generating traffic

I think I probably see the same thing on RT2860, but you've got further tracking down what's happening than me (my debugging is hampered by the AP being about 2 hour's drive away..) In gmane.os.openbsd.misc, you wrote: Hi, I 'm running OpenBSD 4.4-current (RALDBG) #0: Fri Oct 10 16:56:50 CEST

Avviso di accredito

[IMAGE] Ultime da Poste Italiane: Gentile Cliente, Ci e' arrivata una segnalazione di accredito di Euro 216,31 ricevuta dal UFFICIO POSTALE di ROMA. L'accredito e' stato temporaneamente bloccato a causa dell'incongruenza dei suoi dati, potra' ora verificare i suoi dati e successivamente le sara'

Re: package ports tools, ftp and pf

On Thu, 2008-10-16 at 11:25 -0700, Johan Beisser wrote: Either switch to passive ftp, or open your ftp-data port. That should solve some of your problems. My problem seems to be similar to the thread Active FTP doesn't work through a 3.3 firewall. I do actually have entries in pflog which I

X not start

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi all! I'm trying to use KDE in OpenBSD but I'm having problems with the basic step: to obtain that X server works. I have this problem with OpenBSD 4.3. With snapshot of OpenBSD 4.4, X server works without problems. For both cases, I indicated

Re: X not start

On 00:55:38 Oct 17, Daniel Bareiro wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi all! I'm trying to use KDE in OpenBSD but I'm having problems with the basic step: to obtain that X server works. I have this problem with OpenBSD 4.3. With snapshot of OpenBSD 4.4, X server works

Re: ral(4) stops generating traffic

Stuart Henderson schrieb: I think I probably see the same thing on RT2860, but you've got further tracking down what's happening than me (my debugging is hampered by the AP being about 2 hour's drive away..) In gmane.os.openbsd.misc, you wrote: Hi, I 'm running OpenBSD 4.4-current