Re: OpenSSH release CDS

On 12/03/2009, at 5:43 PM, David Schulz wrote: Well i think it is not a bad Idea; purchasing a superb remote administration software on a CD for 25USD or whatever [cut] For $50CDN that's exactly what you get - and you even get a free operating system thrown in!

Re: OpenSSH release CDS

Well i think it is not a bad Idea; purchasing a superb remote administration software on a CD for 25USD or whatever sounds easy to sell; though i think its true, it will be a lot of work and trouble to get those CD's and Packaging Artwork and everything in low enough Quantities, and then turn it ov

Re: PF Seems To Reload Its Default Rules Unexpectedly

It happened again... 2009/3/9 J.C. Roberts : > As for whether or not the assigned IP address you get from your ISP via > DHCP will become a problem really depends on the netmask and default > route they give you along with the IP. > > If your internal network is 192.168.151.* > And your ISP gives

Re: 4.4 on ESXi 3.5 (was: vic(4) on amd64)

2009/3/12 : > I discovered a severe performance problem, wherein an OpenBSD guest would > run fine for some period of hours, and then become horribly bogged down > during disk operations, to the point of unusability. This was true even > when the guest was nearly idle and the VM host had abundan

Re: Quick question about an PF user's guide example

> Note that only the pf.conf directives that apply directly to the above policy > are present; nat, rdr, options, etc., are not shown. Yeah, I noticed that too =) But I don't know if that setup would work without NAT enabled. But then, I'm no network expert... > Bear in mind that while a queue i

Setting up a bidirectional (1:1) firewall

In my small company, we already have a SonicWALL firewall that handles all the workstation traffic to the Internet. We have an block of public IP Addresses, but the SonicWALL only allows us to make use of two of them. I am trying to setup a OpenBSD machine as a firewall for the rest of the IP add

compaq & sun drive caddies / sleds / trays for developers

Hello developers... I have several SCSI drive carriers/trays/caddys/caddies/sleds (whatever else you'd like to call 'em) I'd like to offer up for any developer who wants 'em for the bargain price of free if anyone has a need for such creatures. There are: 6 x 104663-001 80-pin SCSI Compaq sled

Re: Cardbus stops working after repeated card insertions

As a note, this is running on a Thinkpad X31.

Re: IP aliases: how many in one server with OpenBSD 4.4? Is it possible to change the limit?

On Wed, Mar 11, 2009 at 08:54:42PM +0100, Henning Brauer wrote: > * Alvaro Mantilla Gimenez [2009-02-19 02:52]: > > Anyways, the question is still valid: how many IP aliases we can reach in > > an OpenBSD system? which is the limit? > > in theory, there is none but memory. > > in practice, it is

Un site internet pour votre bien immobilier pour misc de openbsd.org

Content-Transfer-Encoding: 8bit Bonjour, Vendre ou louer un bien immobilier nest pas facile et peut couter rapidement tres cher en petites annonces qui ne restent visibles quune ou deux semaines avant de devoir payer a nouveau. Mais comment se distinguer de la masse dannonces en 4 ou 5 lign

Re: OpenBGP 4.3/4.4 Gotchas

* Dan Carley [2009-02-20 14:47]: > This behaviour was thankfully not replicated with 4.4 in the lab, so we'll > be upgrading promptly. But we were having issues with our 4.4 peers keeping > sessions open to each other. This was resolved with r1.13 of bgpd/timer.c. > I'm curious though whether this

Re: Quick question about an PF user's guide example

2009/3/11 Leonardo Rodrigues : > Hi everyone, > > I'm trying to build a PF / ALTQ ruleset that handles traffic between 3 > internal interfaces and 1 external, so that the internal interfaces > can have different priorities on the available bandwidth they can get > from the external interface. I don

Cardbus stops working after repeated card insertions

I'm running OpenBSD 4.4, and after I remove and reinsert my PCMCIA wireless card (an atheros 5212) several times (anywhere from 3 to 20), OpenBSD fails to recognize the card at all. No dmesg output, no lights on my card, nothing. Reinserting it continues to do nothing until reboot, after which the

"label" rule on pf

Hello, Is possible 'label' the matched rule in pf log? Im having this: Mar 11 20:50:57.307005 rule 0/(match) rdr in on fxp1: 209.85.220.166.57173 > 127.0.0.1.25: [|tcp] (DF) Mar 11 20:54:13.568475 rule 0/(match) rdr in on fxp1: 81.92.222.103.52011 > 127.0.0.1.25: [|tcp] (DF) I need (if exist)

Re: gem0 on Sun V120 goes dead in a few minutes with "gem0: device timeout" error on bsd 4.5, but works without issue on bsd.mp 4.5.

Daniel Ouellet wrote: Hi, With the 4.5 kernel on Sun V120, the Ethernet interface will go dead after a few minutes. May be 5 to 15 minutes. No consistence yet that I can see. When this happened, all access to the server is gone and no ping reply as well. The only way is to log via the console

Re: 4.4 on ESXi 3.5 (was: vic(4) on amd64)

On Wed, Mar 11, 2009 at 4:02 PM, wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Josh Archambault wrote: > >> I'm fairly confident that using anything other than the default "e1000" >> network device with 64-bit guests is discouraged by VMWare. > > It would appear that you're correct

strange load values

Hey there! I have a Compaq DL580 G1 with 4x700Mhz PIII, 2GB RAM, 2x36GB U320 SCSI on a HP SmartArray 5300 with 64MB BBU. It's a general purpose 'hobby' server. The average concurrent connections are 20-30, mostly resolv queries for bind. The load is always aroun 1.0 and frequenlty jumps up to 2. I

Re: IP aliases: how many in one server with OpenBSD 4.4? Is it possible to change the limit?

* Alvaro Mantilla Gimenez [2009-02-19 02:52]: > Anyways, the question is still valid: how many IP aliases we can reach in > an OpenBSD system? which is the limit? in theory, there is none but memory. in practice, it is a simple linked list, so things get slower at some point. -- Henning Brauer

Re: How to mount samba shares in OpenBSD?

On Wed, 11 Mar 2009, Shagbag OpenBSD wrote: 'running 4.4-RELEASE here. I've got SAMBA running on my Chuck Norris/kick-ass OpenWrt file server but I want to mount those shares onto my OpenBSD laptop. I've read the smbclient man page and I've googled. Is sharity-light the only (client) option? S

Re: openbsd - microsoft vpn interoperability

2009/3/11 Lars NoodC)n : > Juan Miscaro wrote: >> Thanks. B Yeah, I am going to push to have an OpenBSD portal installed >> on the remote end. B Thing is, how am I going to get it installed? > > http://openvpn.net/index.php/downloads.html > http://openvpn.net/howto.html#startup > > http://www.openb

Re: Nginx: filedescriptors, users and login.conf confusion

Matt wrote: If nginx is running as 'www' then you're building your own nginx rather than using the package? If so, then nginx is starting however you tell it, and without details it's impossible to say. It's installed through package and I use a startup as adviced in /etc/rc.local. However

How to mount samba shares in OpenBSD?

'running 4.4-RELEASE here. I've got SAMBA running on my Chuck Norris/kick-ass OpenWrt file server but I want to mount those shares onto my OpenBSD laptop. I've read the smbclient man page and I've googled. Is sharity-light the only (client) option?

Re: NFS or SAMBA ?

2009/3/9 Henning Brauer > * Guillermo Bernaldo de Quiros Maraver [2009-02-13 > 21:06]: > > if you have a shared network between WINDOWS and OpenBSD i recommend > > Samba if not, NFS > > > > NFS => Insecure > > SAMBA => Have a problems, but, it's more secure. > > that is the most ridicu

Re: openbsd - microsoft vpn interoperability

Juan Miscaro wrote: > Thanks. Yeah, I am going to push to have an OpenBSD portal installed > on the remote end. Thing is, how am I going to get it installed? http://openvpn.net/index.php/downloads.html http://openvpn.net/howto.html#startup http://www.openbsd.org/4.4_packages/i386/openvpn-2.1rc7

Re: openbsd - microsoft vpn interoperability

2009/3/11 Lars NoodC)n : > Juan Miscaro wrote: >> ... I'm here asking for comments >> on what people are actually doing and hopefully with pros and cons >> included. B So which solution? B OpenVPN or native IPSEC (isakmpd)? B ... > > MS products are not really designed for interoperability, rather

4.4 on ESXi 3.5 (was: vic(4) on amd64)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Josh Archambault wrote: I'm fairly confident that using anything other than the default "e1000" network device with 64-bit guests is discouraged by VMWare. It would appear that you're correct. Though the documentation does not make that clear, I

Re: openbsd - microsoft vpn interoperability

Juan Miscaro wrote: > ... I'm here asking for comments > on what people are actually doing and hopefully with pros and cons > included. So which solution? OpenVPN or native IPSEC (isakmpd)? ... MS products are not really designed for interoperability, rather the opposite. So you may wish to re

Re: vic(4) on amd64

I see that the vic(4) driver is still not in amd64/conf/GENERIC. Has anyone any recent experience with this driver+platform, or know whether its absence reflects a known problem or just lack of testing? For the record, it works fine for me on an i386 guest on ESXi 3.5 U3, with adaptor type "flexi

Re: Ramifications of blocking SYN+FIN TCP packets

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jason Dixon wrote: > On Wed, Mar 11, 2009 at 10:42:38AM -0400, Stuart VanZee wrote: >> I understand that this might annoy a few of you, If it does >> please accept my apologies. >> >> The place I work is required to have an external security scan >> fr

Re: How to break the httpd's 4G file size limit?

On Wed, Mar 11, 2009 at 1:21 PM, Alexey Suslikov wrote: > I can't recall exact code from httpd, but how about libexec/ftpd: > > ... > extern off_t restart_point; > ... you're looking at the wrong code. ftpcmd.y: restart_point = $4; /* XXX $4 is only "int" */

openbsd - microsoft vpn interoperability

Hi everyone. A web search only picked up antiquated information on this one. I'm talking about setting up a network to network VPN between Microsoft and OpenBSD gateways. I'm here asking for comments on what people are actually doing and hopefully with pros and cons included. So which solution?

Re: How to break the httpd's 4G file size limit?

On Wed, Mar 11, 2009 at 19:11, Ted Unangst wrote: > On Wed, Mar 11, 2009 at 12:01 PM, Alexey Suslikov > wrote: >> On Wed, Mar 11, 2009 at 17:56, Ted Unangst wrote: >>> If using a 64-bit machine fixes it, then the type in question is not off_t. >>> >> >> Maybe you should try to transfer (using st

Re: Nginx: filedescriptors, users and login.conf confusion

On Wed, Mar 11, 2009 at 06:01:31PM +0100, Matt wrote: >> If nginx is running as 'www' then you're building your own nginx rather >> than using the package? If so, then nginx is starting however you tell >> it, and without details it's impossible to say. >> > > It's installed through package and I u

Re: How to break the httpd's 4G file size limit?

On Wed, Mar 11, 2009 at 12:01 PM, Alexey Suslikov wrote: > On Wed, Mar 11, 2009 at 17:56, Ted Unangst wrote: >> If using a 64-bit machine fixes it, then the type in question is not off_t. >> > > Maybe you should try to transfer (using stock httpd) at least 3Gb file > on i386? I didn't say it was

Re: Ramifications of blocking SYN+FIN TCP packets

On Wed, Mar 11, 2009 at 01:04:34PM -0400, David Goldsmith wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Jason Dixon wrote: > > > > S/SAFR > > > > I just had to deal with this on our customer's PCI scan. Don't argue > > with the logic, just do it. :) > > Let me guess -- TrustKee

Re: Nginx: filedescriptors, users and login.conf confusion

If nginx is running as 'www' then you're building your own nginx rather than using the package? If so, then nginx is starting however you tell it, and without details it's impossible to say. It's installed through package and I use a startup as adviced in /etc/rc.local. However the 'user' i

Re: mouse cursor is gone after running xorgconfig with nv driver

On Tue, 10 Mar 2009, microlaser wrote: > Hi, I am running openbsd 4.4 on an amd64 with the "nv" driver, with an nvidia > gforce 6200. I used xorgconfig to reconfigure x and now the mouse cursor is > gone. anyone have any idea how to get it back? Thanks I don't know how your mouse gone. As you

Re: How long it should take for a fsck to check a 300GB hdd?

dmesg as promised: OpenBSD 4.4-stable (SQUID_DISKD) #9: Sat Jan 10 19:27:35 CET 2009 r...@pegasus.plan9.homeunix.net:/usr/src/sys/arch/i386/compile/SQUID_DISK D cpu0: AMD Sempron(tm) Processor LE-1150 ("AuthenticAMD" 686-class, 256KB L2 cach e) 2.01 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8

Re: How to break the httpd's 4G file size limit?

On Wed, Mar 11, 2009 at 06:48:49PM +0300, Alexander Yurchenko wrote: > On Wed, Mar 11, 2009 at 05:37:14PM +0200, Alexey Suslikov wrote: > > The limitation is 2Gb on 32-bit platforms because of off_t (man lseek). > > huh? > > [gra...@nohead tmp]$ cat x.c > #include > #include > > int main(vo

Re: How to break the httpd's 4G file size limit?

On Wed, Mar 11, 2009 at 17:56, Ted Unangst wrote: > On Wed, Mar 11, 2009 at 11:37 AM, Alexey Suslikov > wrote: >> The limitation is 2Gb on 32-bit platforms because of off_t (man lseek). > > off_t is always 64-bit. > >> Stock ftpd also has mentioned limitation (try to REST a file beyond 2Gb >> off

Re: How to break the httpd's 4G file size limit?

On Wed, Mar 11, 2009 at 11:37 AM, Alexey Suslikov wrote: > The limitation is 2Gb on 32-bit platforms because of off_t (man lseek). off_t is always 64-bit. > Stock ftpd also has mentioned limitation (try to REST a file beyond 2Gb > offset). > > Using any 64-bit platform will solve the problem due

Re: How to break the httpd's 4G file size limit?

On Wed, Mar 11, 2009 at 05:37:14PM +0200, Alexey Suslikov wrote: > Daniel A. Ramaley wrote: > > > On 2009-03-10 at 14:34:30, you wrote: > > >I want to set up the web server to share file, but i know apache-1.3.x > > >(which is openbsd default httpd) had the 4G file size limit, can i > > > break t

Re: How to break the httpd's 4G file size limit?

On Wed, Mar 11, 2009 at 05:37:14PM +0200, Alexey Suslikov wrote: > The limitation is 2Gb on 32-bit platforms because of off_t (man lseek). huh? [gra...@nohead tmp]$ cat x.c #include #include int main(void) { printf("size of off_t is %u bits\n", 8 * sizeof(off_t)); } [gra...@nohead tm

Re: How to break the httpd's 4G file size limit?

Daniel A. Ramaley wrote: > On 2009-03-10 at 14:34:30, you wrote: > >I want to set up the web server to share file, but i know apache-1.3.x > >(which is openbsd default httpd) had the 4G file size limit, can i > > break this limit? > > I don't know the correct answer to this question, but i thought

Re: Ramifications of blocking SYN+FIN TCP packets

On Wed, Mar 11, 2009 at 10:54:18AM -0400, Jason Dixon wrote: > On Wed, Mar 11, 2009 at 10:42:38AM -0400, Stuart VanZee wrote: > > I understand that this might annoy a few of you, If it does > > please accept my apologies. > > > > The place I work is required to have an external security scan > > f

Re: Ramifications of blocking SYN+FIN TCP packets

On Wed, Mar 11, 2009 at 10:42:38AM -0400, Stuart VanZee wrote: > I understand that this might annoy a few of you, If it does > please accept my apologies. > > The place I work is required to have an external security scan > from time to time and the latest scan says that we have failed > because t

Re: How to break the httpd's 4G file size limit?

On 2009-03-10 at 14:34:30, you wrote: >I want to set up the web server to share file, but i know apache-1.3.x >(which is openbsd default httpd) had the 4G file size limit, can i > break this limit? I don't know the correct answer to this question, but i thought of a possible work-around in the ev

Ramifications of blocking SYN+FIN TCP packets

I understand that this might annoy a few of you, If it does please accept my apologies. The place I work is required to have an external security scan from time to time and the latest scan says that we have failed because the firewall responded to a TCP packet that has the SYN and FIN flags set.

Re: Nginx: filedescriptors, users and login.conf confusion

Matt, On Wed, Mar 11, 2009 at 11:42:54AM +0100, Matt wrote: > I've been running Nginx with php-fastcgi and am sometimes experiencing > the 'too many files open' error messages. > Investigating the solution I am confused about which user (or userclass > in login.conf) I should give more filedescri

Re: might be slightly OT: `probability in PF'

--- Jeffrey 'jf' Lim [Wed, Mar 11, 2009 at 10:09:19PM +0800]: --- > On Wed, Mar 11, 2009 at 10:01 PM, jmc wrote: > > i say this might be slightly OT because i am asking more of a > > philosophical question, not a technical one. the excellent documentation > > has given me all i need to know about

Re: might be slightly OT: `probability in PF'

On Wed, Mar 11, 2009 at 10:01 PM, jmc wrote: > i say this might be slightly OT because i am asking more of a > philosophical question, not a technical one. the excellent documentation > has given me all i need to know about the probability directive. thanks, > devs, for that. > (just as a "hint"

Re: Quick question about an PF user's guide example

On Tue, Mar 10, 2009 at 9:16 PM, Leonardo Rodrigues wrote: > Hi everyone, > > I'm trying to build a PF / ALTQ ruleset that handles traffic between 3 > internal interfaces and 1 external, so that the internal interfaces > can have different priorities on the available bandwidth they can get > from

Re: OpenSSH release CDS

2009/3/11 patric conant : > I've repeatedly been in a position where we weren't making direct use > of OpenBSD, but were using OpenSSH, and if there were a recurring cost > associated with it (like purchasing a semi-annual CD) it would have > been relatively painless to get a rubber stamp approval

might be slightly OT: `probability in PF'

i say this might be slightly OT because i am asking more of a philosophical question, not a technical one. the excellent documentation has given me all i need to know about the probability directive. thanks, devs, for that. quick story: i have a couple dozen websites spread across two OpenBSD/base

Re: Bug OpenBGPD, IPv6 peer gets cleared, never gets up again

Hi, The patch is working. I have patched both the local testing setup and the production pilot. I tcpdumped the interface and got a nice IPv6 withdraw-packet: No. TimeSourceDestination Protocol Info 101 27.955719 2001:db8:1::a500:6777:1 2001:db8:1::

OpenSSH release CDS

I've repeatedly been in a position where we weren't making direct use of OpenBSD, but were using OpenSSH, and if there were a recurring cost associated with it (like purchasing a semi-annual CD) it would have been relatively painless to get a rubber stamp approval of such a cost, whereas purchasing

Re: x11 problems with lenovo w500

> pcidump -xx output for both cases. normally the more interesting result > anyway. > > oh, and the data you're passing on not to be MIME attached, the list > strips those. Ok, here we are: http://www.wiroth.net/error/x11/pcidump-xx.working http://www.wiroth.net/error/x11/pcidump-xx.NOT.working

mismatch output net-snmp -current

i found mismatch output from snmpwalk in -current net-snmp, sample bellow r...@cadangan[patches]# snmpwalk -v 1 -c public localhost .1.3.6.1.2.1.4.20.1.2 IP-MIB::ipAdEntIfIndex.10.100.0.1 = INTEGER: 1 IP-MIB::ipAdEntIfIndex.10.100.66.1 = INTEGER: 5 IP-MIB::ipAdEntIfIndex.10.100.67.1 = INTEGER: 6 I

Re: OpenBSD 4.4 amd64 bsd.mp can't detect 16GB memory

Prakshep Dineshchandra Patel wrote: > Hi every one, > > I have installed OpenBSD 4.4 amd64 on " Dell PowerEdge 1950" which > contain 16GB of ram. > > As in that kernel 'BigMem' is already set to 1. But during boot time I > can see 4GB instead of 16GB ram. > > When I use 'Top' command it will

Nginx: filedescriptors, users and login.conf confusion

Hello, I've been running Nginx with php-fastcgi and am sometimes experiencing the 'too many files open' error messages. Investigating the solution I am confused about which user (or userclass in login.conf) I should give more filedescriptors. Setup (single machine) - Nginx deamon running as

Re: halt -p does not powerdown ThinkPad X200 under 4.5beta

Linux & Windows halts successfully on HP Pavilion dv6312, while FreeBSD sometimes fails the same as OpenBSD. OpenSolaris rarely fails. On Tue, Mar 10, 2009 at 7:09 PM, Thomas Pfaff wrote: > On Tue, 10 Mar 2009 17:49:52 +0100 > Thomas Pfaff wrote: > > > On Tue, 10 Mar 2009 11:04:46 -0500 > > Mar

Re: Bug OpenBGPD, IPv6 peer gets cleared, never gets up again

On Tue, Mar 10, 2009 at 02:46:56PM +0100, Arnoud Vermeer wrote: > Hi, > > Elisa and I were looking at the production-pilot logs last night and > noticed the following: > I finally found some time to look into this and your dumps. The problem is actually with withdraws that are still totaly fuck