Debug or find issue in IPSec site-to-site

Hi list. There is IPSec site-to-site configuration between five endpoint over Internet. IPSec configured with manual flows and manual SAs. All is working smooth for years. Except one new route/tunnel that looks like working fine, i.e. it delivers traffic between local nets (A and B) that are

Re: 4-ports router under $150

I haven't tried via serial because I used vga+usb keyboard. However I'll definitely try that lan-serial port. On 11/04/18 18:27, Todd C. Miller wrote: On Wed, 11 Apr 2018 10:49:54 +0300, lilit-aibolit wrote: Hi, I've been looking for more then one year to get something similar until I found

Re: 4-ports router under $150

Hi, I've been looking for more then one year to get something similar until I found this: https://pt.aliexpress.com/item/Celeron-J1900-Mini-pc-free-shipping-micro-sd-two-usb-and-four-lan-laptop-overwatch-Computer/32794678352.html?spm I already got and tested it and it work fine. On 08/04/18

Can't boot 6.2 on Intel Celeron J1900

I've found this cheap mini computer and installed 6.2 there: - http://www.xcyminipc.com/product/showproduct.php?lang=en=51 But after reboot it freezes quickly. I recorded a video: - https://www.youtube.com/watch?v=OLGblwGx5c0 What could be the issue?

Re: l2tp and openbsd 6.1

On 05/10/17 09:17, lilit-aibolit wrote: Hi, I've just try your suggestion and IPhone could connect but Windows gives new errors in log: ##here is Windows attempt Oct  5 09:08:16 gw isakmpd[19354]: message_parse_payloads: invalid next payload type in payload of type 5 Oct  5 09:08:16 gw

Re: l2tp and openbsd 6.1

Hi, I've just try your suggestion and IPhone could connect but Windows gives new errors in log: Oct  5 09:05:44 gw isakmpd[19354]: attribute_unacceptable: GROUP_DESCRIPTION: got MODP_1024, expected MODP_2048 Oct  5 09:05:46 gw npppd[10826]: l2tpd ctrl=6 logtype=Started RecvSCCRQ

Re: l2tp and openbsd 6.1

Hi, with l2tp I have situation when iOS  and Android devices could connect but Windows 7 and Windows 10 couldn't. Is it possible to adjust ipsec.conf somehow so it could accept connection from Windows clients too? Or is there a way to adjust some settings in Windows so it will work with current

Re: Access old PPTP behind OpenBSD 6.1

You need to have redirect rule to PPTP server for GRE protocol. However you'll have only one vpn session at same time. On 05/09/17 08:06, Lars Bonnesen wrote: Yes... I know... Don't run MS PPTP and that is why I am implementing OpenBSD. Untill OpenVPN is fully installed on every client,

Re: Help with server not accepting new connections but is still accessible through ONE existing open ssh-session

On 02/01/2017 03:41 PM, Erling Westenvik wrote: I have an OpenBSD 5.9 server at a colocation. It stopped accepting new connections (ping, ssh, http, whatever) yesterday night but fortunately I had one ssh session open from my workstation from which I can still access it. Did you think about

Re: IPSEC from behind NAT stage 2 failure

On 02/01/2017 10:21 PM, Yury Shefer wrote: Your behind-NAT IPsec client should use external IP (78.111.187.234) as IKE identifier (IDi/initiator id) to be able to establish the SA. IMHO, the better option for your remote clients would be a use of different ID type like ID_RFC822_ADDR. Thanks

Re: IPSEC from behind NAT stage 2 failure

On 12/06/2016 11:04 AM, Florian Ermisch wrote: And I guess that's the problem: the client goes "hi I'm 10.1.1.58 and I'd like to connect" and isakmpd doesn't know no 10.1.1.58. IKEv1 is very picky about those things: When it doesn't expect an ID no peer presenting one will be allowed to connect

Re: Skype issue with office behind PF

On 01/28/2017 12:13 PM, Stuart Henderson wrote: On 2017-01-27, lilit-aibolit<lilit-aibo...@mail.ru> wrote: Hi list, I have an office behind NAT with PF. There are mostly Win7 workstations with different Skype versions but mostly with 7.3x or the latest versions. Two days ago any skyp

Skype issue with office behind PF

Hi list, I have an office behind NAT with PF. There are mostly Win7 workstations with different Skype versions but mostly with 7.3x or the latest versions. Two days ago any skype call started to drop after few seconds without any voice from opposite side. I got skype support which remotely looked

Re: Build a new kernel for apcupsd

On 10/25/2016 04:47 PM, Stephen Bertoni wrote: Have you tried this instead? root@...[~]config -e -o /bsd.new /bsd OpenBSD 5.9-stable (GENERIC) #0: Thu May 7 23:16:45 CEST 2015 root@...***.org:/usr/src/sys/arch/i386/compile/GENERIC Enter 'help' for information ukc> disable upd

Re: Build a new kernel for apcupsd

On 10/20/2016 07:25 PM, Stuart Henderson wrote: On 2016-10-20, lilit-aibolit<lilit-aibo...@mail.ru> wrote: Hi list. In recent OpeBSD versions usb devices attached to upd driver. This is why apcupsd doesn't detect APC USB devices. After installing apcupsd there is statement how t

Build a new kernel for apcupsd

Hi list. In recent OpeBSD versions usb devices attached to upd driver. This is why apcupsd doesn't detect APC USB devices. After installing apcupsd there is statement how to deal with above situation:

Re: Change MTU for IPSec

On 04/25/2016 06:13 PM, Marc Peters wrote: Am 04/25/16 um 16:00 schrieb lilit-aibolit: Hi list. I've typical site-to-site IPsec tunnel. On rare occasions users got infinite loop in their browser while opening web-sites in opposite endpoints, however in same time ping works well from one network

Change MTU for IPSec

Hi list. I've typical site-to-site IPsec tunnel. On rare occasions users got infinite loop in their browser while opening web-sites in opposite endpoints, however in same time ping works well from one network to other. SSH connection to remote hosts looks like you're almost entered, but it

Re: sensorsd, upd, and state changes

I've tried to change low=1:high=2 to low=0:high=0 but I haven't got *Off* current state for this sensor from sensord: - hw.sensors.upd0.indicator2=On (ACPresent), OK Even for AC disconnected sensord repors that ACPresent is *On*, however when I look for - sysctl hw.sensors.upd0.indicator2 it

Re: sensorsd, upd, and state changes

Hi list, why I don't have extra line in output with sensor upd0.percent1(RemainingCapacity)? Is it related to model of my UPS? # usbdevs | grep UPS addr 4: Back-UPS ES 525 FW:851.t3.I USB FW:t3, American Power Conversion # sysctl hw.sensors hw.sensors.upd0.indicator0=Off (Charging), OK

Re: APC UPS & sensorsd - how?

On 03/22/2015 05:44 PM, T. Ribbrock wrote: Then, I re-applied power, but that, too, was never flagged by sensorsd. For some reason, it looks like sensorsd only ever detects a status change (for these rules) when it gets started - but not afterwards. Regards, Thomas Have you succeed with

Re: fsck_ffs mystic

On 02/15/2016 04:43 PM, Josh Grosse wrote: On 2016-02-15 09:08, lilit-aibolit wrote: On 02/15/2016 04:03 PM, Josh Grosse wrote: See the words "NO WRITE" in that message? This happens because you are attempting to fsck(8) a *mounted* file system. Yes, it's true. But I can't un

Re: fsck_ffs mystic

On 02/15/2016 04:03 PM, Josh Grosse wrote: On 2016-02-15 07:57, lilit-aibolit wrote: Hi list. After unclear shutdown I've booted in single user mode by typing "boot -s". I executed "fsck -fp" and "fsck -fy" few times and got no problem, see screensho

fsck_ffs mystic

Hi list. After unclear shutdown I've booted in single user mode by typing "boot -s". I executed "fsck -fp" and "fsck -fy" few times and got no problem, see screenshot here: http://i.piccy.info/i9/f7bced6083e3f77d29dc832102147bfd/1455540839/795750/999296/image1.jpg But after reboot with normal

ipsec between three networks

Hi list. Currently I'm using a simple config to connect two networks over the Internet, ipsec.conf from $net2 side looks like this: net1 = "{ 192.168.1.0/24, 192.168.11.0/24 }" net2 = "{ 192.168.2.0/24, 192.168.22.0/24, 192.168.33.0/24 }" flow esp from $net2 to $net1

Re: openbsd's complete packages size

On 05/06/2015 02:26 PM, elvis wrote: Hi guys I'd like to know the size of the whole packages.. In particular for the i386 architecture. I really don't know where to get this info.! Thnks..!! Enviado desde mi BlackBerry de Movistar . Download them :)

Re: dhcpd log issues

On 11/07/2014 12:48 PM, Marc Peters wrote: Hi misc@, after upgrading our pair of dhcpd servers to 5.6(-stable), i am seeing strange DHCPACKs in our logs (in both of them): Nov 7 09:28:34 dhcpd2 dhcpd[9269]: DHCPINFORM from 192.168.20.251 Nov 7 09:28:34 dhcpd2 dhcpd[9269]: DHCPACK onnull

Re: How to Selectively route DESTINATIONS via wan1_gw and via wan2_gw

On 01/14/2015 07:19 AM, Indunil Jayasooriya wrote: Hi misc, I have /etc/ip_list1 file containing some destinations. format of /etc/ip_list1 is given below. 1.2.3.4 1.6.3.0/24 I want to route ALL DESTINATIONS listed in /etc/ip_list1 via wan1_gw. The rest of trafficc , I want to route via

IPSec stopped working accidently

Hi list. I have two gateways which were working fine two years. And suddenly I couldn't reach remote network behind both gateways from other sides. Nothing changed in configs. Both gateways seems to works as expected except VPN. Both gateways have identical setup like this. How to debug and

Re: IPSec stopped working accidently

On 08/18/2014 12:40 PM, lilit-aibolit wrote: Hi list. When I star ping from 192.168.2.0/24 network to 192.168.5.0/2: C:\Users\userping 192.168.5.251t -t Pinging 192.168.5.251 with 32 bytes of data: Request timed out. Request timed out. Request timed out. I got packets on gateway from 2.0/24

Unable to stop nfsen

# ps -ax |grep nfsen | grep -v grep 16371 ?? I 0:27.89 /usr/local/bin/nfcapd -w -D -p -u _nfcapd -g www -B 20 -S 1 -P /var/db/nfsen/r 1333 ?? Is 2:17.70 perl: /usr/local/bin/nfsend-comm (perl) 6030 ?? Is 63:05.79 /usr/bin/perl -w /usr/local/bin/nfsend 19674 ?? I

Re: Get statistics of websites visited without proxy/squid

On 04/25/2014 06:18 PM, James Records wrote: I posted this on reddit a while back, i've been doing this on pfsense for a while don't see why it wouldn't work with OBSD: http://www.reddit.com/r/PFSENSE/comments/1vn51f/monitoring_question_analysis_of_uris_by_ip_address/ basically install httpry

Get statistics of websites visited without proxy/squid

Hi misc, I know this is not truly OpenBSD related, but I'd like to know if there is any possibility to collect such statistics. I'm using NAT with PF for my LAN and I don't have any proxy applications like squid. I have already started collecting traffic statistics with nfsen, but it collect

Find last month abbreviation

This works in linux: $ date --date=last month +%b Mar In OpenBSD i tried # MonthCurrent=`date +%m` # MonthPrevious=`expr $MonthCur - 1` # echo $MonthPrevious 3 But I need month's abbreviation.

Re: PF NAT statistic per month per IP

On 04/15/2014 09:51 PM, Stefan Sieg wrote: Hello, with the already mentioned netflow solution you will not see connections that are not expired. So you will not see long live connections like vpn or ssh in your statistics at the appointed date. Maybe pf labels is for you ... lan = {

Re: PF NAT statistic per month per IP

On 04/15/2014 05:34 PM, Peter N. M. Hansteen wrote: lilit-aibolitlilit-aibo...@mail.ru writes: tablelan { 192.168.5.0/24 } match out on $ext_if inet proto tcp fromlan to any nat-to em1 pass in on $int_if inet proto tcp fromlan to any port pass out on $ext_if inet proto tcp from em1 to

PF NAT statistic per month per IP

Hello misc. Please provide any hints how to get amount of Internet traffic per each IP in LAN for period of time month. Suppose I have such simple rules to share Internet connection for lan: table lan { 192.168.5.0/24 } match out on $ext_if inet proto tcp from lan to any nat-to em1 pass in on

Re: Accept two vlans (Solved)

Martin, Christian, Kent thank you all for explanation. It was more than enough to understand things.

Accept two vlans

Hello misc. I'd like to setup guest Wi-Fi in my LAN to prevent access to local resources. I have OpenBSD gateway with em NIC connected to LAN. LAN based on switches with VLAN support. Suppose I have created two VLANs and added ports from my network to vlan1 and wi-fi AP to vlan2. What should I

Re: nut-2.7.1 (Solved)

On 07/30/2013 01:52 PM, Stuart Henderson wrote: On 2013-07-29, lilit-aibolitlilit-aibo...@mail.ru wrote: Using existing bestuferrups.8 manual page, since 'asciidoc' was not found. Using existing bestups.8 manual page, since 'asciidoc' was not found. Using existing bestfcom.8 manual page, since

nut-2.7.1

Does someone have compiled i386 package for current nut? https://github.com/networkupstools/nut Or walkthrough how to build it on 5.3. The reason for install development version it's added Riello UPS support. This is my step: # git clone https://github.com/networkupstools/nut.git # pkg_add

Re: nut-2.7.1

On 07/29/2013 11:31 AM, Marios Makassikis wrote: ln -s /usr/local/bin/python3.2 /usr/local/bin/python Thanks. It helped a bit, but now # rm /usr/local/bin/python # ln -s /usr/local/bin/python2.7 /usr/local/bin/python # pwd /root/nut # export AUTOMAKE_VERSION=1.13.1 # export

Re: nut-2.7.1

On 07/29/2013 12:13 PM, lilit-aibolit wrote: On 07/29/2013 11:31 AM, Marios Makassikis wrote: ln -s /usr/local/bin/python3.2 /usr/local/bin/python Thanks. It helped a bit, but now # rm /usr/local/bin/python # ln -s /usr/local/bin/python2.7 /usr/local/bin/python # pwd /root/nut # export

Re: wireless ethernet (ralink) not working

On 03/25/2013 11:08 AM, lilit-aibolit wrote: On 03/24/2013 12:13 AM, Riccardo Mottola wrote: Hi, On 03/23/13 20:13, Peter N. M. Hansteen wrote: Riccardo Mottola riccardo.mott...@libero.it writes: But i am connecting to a WEP protected network, not WPA. typical hostname.if for a wep network

Re: wireless ethernet (ralink) not working

On 03/24/2013 12:13 AM, Riccardo Mottola wrote: Hi, On 03/23/13 20:13, Peter N. M. Hansteen wrote: Riccardo Mottola riccardo.mott...@libero.it writes: But i am connecting to a WEP protected network, not WPA. typical hostname.if for a wep network: media autoselect nwid wepnetwork nwkey

Re: altq: upsteam and downstream

On 03/04/2013 10:17 PM, Martin Pelikan wrote: Hello. Thanks for your reply. I need to guaranty bandwidth for selected host (abu, ali) and pass all other traffic to bulk queue, but I have a lot of filter rules and don't know how to do it. I have applied queues to some pass rules and lost

Re: em(4) watchdog timeouts on 5.0-release

On 11/09/2011 10:27 PM, Jussi Peltola wrote: You can ignore the clueless parts in my previous message :) I can set up remote access to one of these machines if needed. This made the ems work again: --- if_em.c.origWed Nov 9 21:37:39 2011 +++ if_em.c Wed Nov 9 21:39:01 2011 @@

Re: em(4) watchdog timeouts on 5.0-release

On 03/07/2013 01:10 PM, mxb wrote: What about 5.2? Same issues? //mxb I don't know. This is remote host1 and it holds IPSec with another host2. When issue come - network behind host2 can't reach resources behind host1.

altq: upsteam and downstream

Hello misc, I'm a bit confusion with understanding such things. I have a symmetrical channel to the Internet with 20 Mbits and openbsd5.2 as gateway, with NAT. Imagine I defined ALTQ on $ext_if and on $int_if. Am I right that: 1) ALTQ on $ext_if will be applied for upstream channel (i.e. upload

named not answer on external query

This is weird trouble. Years ago I did authoritative server on openbsd 4.x and it's just works for both - local network and queries from Internet. But now it doesn't. I know - this is my issue, please help to resolve. ###named.conf### // $OpenBSD: named-simple.conf,v 1.10 2009/11/02 21:12:56

Re: named not answer on external query

On 01/17/2013 11:27 AM, Vadim Zhukov wrote: At first, find where the flow gets stopped: enable debug logging on resolver and add match log (matches) to port 53 rule as first one in your firewall. Then probably you'll see the problem yourself. Oh, and please, if you get no packets seen

Re: named not answer on external query

On 01/17/2013 04:05 PM, Michael Lambert wrote: On 17 Jan 2013, at 06:44, lilit-aibolit wrote: On 01/17/2013 11:27 AM, Vadim Zhukov wrote: At first, find where the flow gets stopped: enable debug logging on resolver and add match log (matches) to port 53 rule as first one in your firewall

Re: tftp - no route to host

On 05/01/2011 10:13 AM, Henning Brauer wrote: * Emille Blancsar...@sarlok.com [2011-04-30 19:56]: since TFTP uses UDP, pf won't create a state wrong. Hello, I'm stuck again with no route to host # uname -a OpenBSD gw 5.2 GENERIC.MP#339 i386 # ls -la /usr/tftpboot/ total 12728 drwxrwxrwx 2

Re: tftp - no route to host (Solved)

On 01/10/2013 05:24 PM, lilit-aibolit wrote: On 05/01/2011 10:13 AM, Henning Brauer wrote: * Emille Blancsar...@sarlok.com [2011-04-30 19:56]: since TFTP uses UDP, pf won't create a state wrong. Hello, I'm stuck again with no route to host # uname -a OpenBSD gw 5.2 GENERIC.MP#339 i386 # ls

how to save /home during reinstall

Hello misc. I have a /home at old system and I want to install new one from scratch. But I need to save all data in /home without moving it out of box. As I understood I need to stop at this point: Use (W)hole disk or (E)dit the MBR? [whole] and select Edit instead of Whole (which erase all

Re: how to save /home during reinstall

On 12/27/2012 12:29 PM, Wesley wrote: Le 2012-12-27 14:15, lilit-aibolit a écrit : Hello misc. I have a /home at old system and I want to install new one from scratch. But I need to save all data in /home without moving it out of box. As I understood I need to stop at this point: Use (W)hole

Re: how to save /home during reinstall

On 12/27/2012 02:24 PM, Nick Holland wrote: On 12/27/12 05:57, lilit-aibolit wrote: On 12/27/2012 12:29 PM, Wesley wrote: Le 2012-12-27 14:15, lilit-aibolit a écrit : Hello misc. I have a /home at old system and I want to install new one from scratch. But I need to save all data in /home

rum0: device timeout

network is visible but not working or temporary working after reboot. # tail /var/log/messages Dec 11 10:00:01 gw syslogd: restart Dec 11 12:00:01 gw syslogd: restart Dec 11 14:00:01 gw syslogd: restart Dec 11 14:13:38 gw /bsd: rum0: device timeout Dec 11 14:13:39 gw /bsd: rum0: could not

what's wrong with /etc/netstart rum0 on 5.2

There is no problem with executing on 5.0 # sh /etc/netstat rum0 But when I change wpa key in my /etc/hostname.rum0 on 5.2 inet 192.168.55.254 255.255.255.0 NONE -inet6 media autoselect mode 11g \ mediaopt hostap chan 8 nwid namewifi \ wpa wpaprotos wpa2 wpaakms psk wpakey xx and

restart relayd with new config

Scenario: I'm using relayd as transparent proxy and block some sites in work time, so I have two configs: # cat /etc/relayd.conf prefork 5 http protocol httpfilter { tcp { nodelay, sack, socket buffer 65536, backlog 1000 } return error request header filter *youtube.com*

Re: restart relayd with new config

On 11/29/2012 01:04 AM, Sebastian Benoit wrote: lilit-aibolit(lilit-aibo...@mail.ru) on 2012.11.28 15:58:42 +0200: Scenario: I'm using relayd as transparent proxy and block some sites in work time, so I have two configs: # cat /etc/relayd.conf prefork 5 http protocol httpfilter { tcp

Re: low signal strength hostap (Solved)

On 11/04/2012 08:33 PM, Mihai Popescu wrote: Hello there, You need to post full dmesg and configuration files for wireless letting out the sensitive data like wpakey or passwords, maybe domain names too. This way you might get some help, because nobody likes to guess what you have there. Just

low signal strength hostap

Description: I have two very identical box with integrated wlan. One of them have ral device and there is no problem with it: ral0 at pci1 dev 0 function 0 Ralink RT3090 rev 0x00: apic 2 int 16, address 00:12:0e:b1:6e:c7 ral0: MAC/BBP RT3071 (rev 0x0213), RF RT3020 (MIMO 1T1R) I'm able to work

Re: kvm and Openbsd 5.1

On 07/21/2012 01:50 PM, Holger Glaess wrote: Hi list, today I've installed OpenBSD 5.1 amd64 on a kvm (linux slackware) kvm version is 1.0.1. Starting machine with 4 core, and bsd.mp it crash. Disabling mpbios see only one core and not smp. Then, I've updated kvm to 1.1.1 but the results are

Re: ftp in both direction through pf

On 08/21/2012 08:48 PM, Maurice Janssen wrote: On 08/21/2012 10:15 AM, lilit-aibolit wrote: On 08/20/2012 09:49 PM, Maurice Janssen wrote: On 08/20/2012 04:43 PM, lilit-aibolit wrote: I have internal ftp-server. To give access for it from Internet I use ftp-proxy: ftpproxy_flags=-R

Re: ftp in both direction through pf (SOLVED)

In above letter I had a mistake. I did pass in on $int_if inet proto tcp from tlv_lan to port ftp divert-to 127.0.0.1 port 8021 and in same time allow { ftp, 49151 } for internal host on which I tested connection to remote ftp. I deleted that ports and now internal client can connect to

Re: ftp in both direction through pf

On 08/20/2012 09:49 PM, Maurice Janssen wrote: On 08/20/2012 04:43 PM, lilit-aibolit wrote: I have internal ftp-server. To give access for it from Internet I use ftp-proxy: ftpproxy_flags=-R ftp_server -p 21 -b ext_ip and rules: anchor ftp-proxy/* pass in on $ext_if inet proto tcp from any

ftp in both direction through pf

I have internal ftp-server. To give access for it from Internet I use ftp-proxy: ftpproxy_flags=-R ftp_server -p 21 -b ext_ip and rules: anchor ftp-proxy/* pass in on $ext_if inet proto tcp from any to (em1) port ftp pass out on $int_if inet proto tcp from any to ftp_server port ftp user

Re: Dilemma: between OpenBSD and NetBSD

On 08/10/2012 05:17 PM, Francois Pussault wrote: In computer file systems, soft updates is an approach to maintaining disk integrity after a crash or power outage. They are an alternative to journaling file system. Why softdep not enabled by default?

/etc/mygate not work

there is strange behaviour in 5.1. before reboot: # cat /etc/mygate 192.168.2.80 # ls -la /etc/mygate -rw-r--r-- 1 root wheel 13 Jul 30 13:15 /etc/mygate # ifconfig -a lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33196 ... em0: flags=28843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,NOINET6 mtu

ipsec between 5.0 5.1

Hi misc. is it possible?

is application goes to sleep?

Hi misc, please send me to the right way. I have java-application: https://bitbucket.org/sdorra/scm-manager/wiki/Home It has stoped answering after one week from the start, but application is listening tcp port and present in process list. Seems, that no one has touched it in that time ... and

pf: interface in parentheses

Hi misc. Simple question to fully understanding: I have DHCP on WAN interface. Can I use macros for this interface in rules? like this: ext_if = em1 antispoof quick for { em1 } or { (em1) } match out on $ext_if inet from admin to any nat-to (em1) pass in on $ext_if inet proto tcp from any to

opensmtpd php_mail /usr/sbin/sendmail

Hello misc. There are many web applications that used php_mail function, which points to /usr/sbin/sendmail on localhost. In some case sendmail used with smart_host+masquerade options to deliver email via gmail for example. Configure sendmail to work with gmail (SMTP AUTH/TLS) is hard for me. The

Re: opensmtpd php_mail /usr/sbin/sendmail

30.05.2012 10:23, Gilles Chehade P?P8QP5Q: You can configure opensmtpd to work with gmail relatively easily: /etc/mail/gmail-credentials.txt: mail.google.com user:password /etc/mail/smtpd.conf: map gmail source plain /etc/mail/gmail-credentials.txt accept

Re: kqemu in 5.1

04.05.2012 13:28, Weldon Goree P?P8QP5Q: On 05/04/12 06:12, Jes wrote: Hi all: I can't find kqemu between snapshots packages, ports, or even in 5.1 packages. I think I've read something about kqemu is deprecated in newer versions of qemu (1.0.1) Is this correct? Because performance without

Re: Intel ICH9R compatibility with OpenBSD

12.03.2012 18:01, Axton P?P8QP5Q: On Mon, Mar 12, 2012 at 9:44 AM, lilit-aibolitlilit-aibo...@mail.ru wrote: Hello misc, please give me some advice to buy low-power and low-noise HW. My selection - is: http://www.supermicro.nl/products/system/1U/5015/SYS-5015A-PHF.cfm?typ=E that have Intel

Re: SSH, root can repeat commands with up arrow, others cannot

11.03.2012 21:43, Chris Bennett P?P8QP5Q: This started for me a while back. Login as root, I can repeat older commands with up down arrows. History command shows history. su -l otheruser Cannot use up down arrows to access history. History command shows correct history. Login remotely as

Intel ICH9R compatibility with OpenBSD

Hello misc, please give me some advice to buy low-power and low-noise HW. My selection - is: http://www.supermicro.nl/products/system/1U/5015/SYS-5015A-PHF.cfm?typ=E that have Intel ICH9R chipset. But in supported hardware it is absent: - Intel 82801

Re: disk management

13.01.2012 17:22, Stuart Henderson P?P8QP5Q: On 2012/01/13 16:55, lilit-aibolit wrote: 13.01.2012 16:11, Stuart Henderson P?P8QP5Q: a: 1.0G 63 4.2BSD 2048 163841 # / b: 1.2G 2097215swap c:37.3G

Re: NFS : RPC: Program not registered

19.01.2012 13:29, Giridhari P?P8QP5Q: HELO. I am following http://openbsd.org/faq/faq6.html#NFS and have the server running, and showmount shows an export but on the client when I get to the line in the faq # mount -t nfs 10.0.0.1:/work /mnt and adapt it to the setup I have here I get the

Re: NFS : RPC: Program not registered

19.01.2012 16:23, Jan Stary P?P8QP5Q: On Jan 19 13:02:33, David Coppa wrote: On Thu, Jan 19, 2012 at 12:29 PM, Giridharigiridh...@live.com.au wrote: HELO. I am following http://openbsd.org/faq/faq6.html#NFS and have the server running, and showmount shows an export but on the client when

disk management

Hi misc. Here is newbee question. I have disk with unused space: # disklabel -p g wd0 16 partitions: #size offset fstype [fsize bsize cpg] a: 1.0G 63 4.2BSD 2048 163841 # / b: 1.2G 2097215swap c:

Re: disk management

13.01.2012 14:28, Francois Pussault P?P8QP5Q: With a so huge /var 90% is anormal, you should already look for a logrotate solution or choose a new partition map you will use on next update of the machine. First of all, thanks all for your replies. As I said /var is used for www-aplication

Re: disk management

13.01.2012 16:11, Stuart Henderson P?P8QP5Q: a: 1.0G 63 4.2BSD 2048 163841 # / b: 1.2G 2097215swap c:37.3G0 unused d: 2.6G 4683375 4.2BSD 2048 163841 # /tmp

Re: NPPPD/L2TP IPsec problems

29.09.2011 16:30, YASUOKA Masahiko P?P8QP5Q: On Mon, 26 Sep 2011 15:20:50 +0200 Martin Poulsenmar...@dividebyzero.dk wrote: I have been playing around a little with the npppd daemon having setup a L2TP server for test and learning purposes. The connection is running in an IPsec tunnel and it

pptpd - connect external win-client to local net

hello misc! I need to realize vpn-connections between external Win-clients and local Win-servers via openbsd-box. ext_win - Internet - OpenBSD 4.8 - local net - win-server main problem: - after establish connections do not work Internet on ext_win_client and work connections to local_net, - if

pptpd - connect external win-client to local net

hello misc! I need to realize vpn-connections between external Win-clients and local Win-servers via openbsd-box. ext_win - Internet - OpenBSD 4.8 - local net - win-server main problem: - after establish connections do not work Internet on ext_win_client and work connections to local_net, - if

Re: tftp - no route to host

Janne Johansson PI[ET: 2011/4/29 pavel pocheptsov lilit-aibo...@mail.ru mailto:lilit-aibo...@mail.ru openbsd 4.8 # cat /etc/pf.conf | grep tftp pass in on $int_if inet proto udp from any to $int_if port tftp # tftp 127.0.0.1 127.0.0.1 would not be on the $int_if, would it?

Re: tftp - no route to host

Evgeniy Sudyr P?P8QP5Q: Pavel, 1) Are you sure that you uncommented tftpd in inetd.conf ? Is inetd started ? 2) netstat -na | grep 69 3) tcpdump -ni lo port 69 4) check PF rules as Janne wrote before (maybe you need to pass or just skip on lo). Btw, does it make any sense to use TFTP on

Re: pptpd reload config

Gregory Edigarov P?P8QP5Q: On Tue, 26 Apr 2011 22:02:19 +0300 lilit-aibolit lilit-aibo...@mail.ru wrote: I made changes in /etc/pptpd.conf and do kill -HUP `cat /var/run/pptpd.pid` but pptpd isn't reload their config, it die:( I start again /usr/local/sbin/pptpd and nothing change

pptpd reload config

I made changes in /etc/pptpd.conf and do kill -HUP `cat /var/run/pptpd.pid` but pptpd isn't reload their config, it die:( I start again /usr/local/sbin/pptpd and nothing change for remote client - they are still receive old IP settings from /etc/pptpd.conf what is wrong?

Re: Routing all traffic through IPSEC VPN

Matt S P?P8QP5Q: Hello @misc: I am up against a stumper. I have a Site-to-Site IPSEC VPN working beautifully. However, I would like the remote site to route all of its traffic through the VPN. After googling, I seemed to come up with a suggestion to do a route change -net 0.0.0.0/0

IPSec between 4.8 and 4.9

I have IPSec with manual flow between two 4.8 box, and all is work great. I can't in one moment setup two 4.9, and I want to ask: can I change one side of IPSec on 4.9?

Re: kern.maxcluster

Tomas Bodzar P?P8QP5Q: On Fri, Mar 25, 2011 at 3:37 AM, Kleber Rocha kli...@gmail.com wrote: And may be of some interest to know where did you get those recommendations? Smells like calomel.org or similar why so many people hate calomel.org?

Re: pf rules for Load Balance Incoming Connections for webservers

Indunil Jayasooriya P?P8QP5Q: Hi list, I have 3 web servers running on port 8080 behind PF firewall. I am trying to load balance these incoming connections to these web servers. I wrote rules as below. Pls pay attention to *highligthed BOLD* rules . they are the once I have written. But, I

how to NAT IP-phones

Hello misc. I have PBX samsung office serv 7400 with VOIP module. SIP-provider give out small privat /29 network to connect to their sip-server directly. So I need to include in this network my OBSD box to translate IP-phone from my own private /24 network. All work is fine with only one

Re: pf question: multiple multihomed machines

gwes ohxer: What is the recommended pf.conf to get symmetrical routing for incoming and outgoing connections using a dual-homed gateway and internal hosts with static IPs on both WANs? I'm assuming route-to and reply-to are the correct tools to use. I've looked at the FAQ,

route show

Hi folks! I have a little problem with route show command. after I type this command and press Enter on first machine - all is done: # route show Routing tables Internet: DestinationGatewayFlags Refs Use Mtu Prio Iface defaultNS UGS

virtualhost and httpd -U output

Good day! I'm OpenBSD's newbie, that live in strange country,called Ukraine. I have an OpenBSD 4.7 and uncomment httpd_flags=. Section VirtualHost in httpd.conf looks like this: ## NameVirtualHost *:80 VirtualHost *:80 ServerAdmin

  1   2   >