Re: Single partition fs layout

2024-02-13 Thread Frank Habicht 

On 13/02/2024 16:52, Odhiambo Washington wrote:

Thanks a million for such a nice explanation.
Let me now ask Google about those flags.

 ^^
you misspelled "the man pages"

Frank

Re: PF rules to block out every IP from a given country

2022-12-07 Thread Frank Habicht 

Hi,

On 07/12/2022 18:36, Peter N. M. Hansteen wrote:
...> and can now be found at 
https://nxdomain.no/~peter/ripe2cidr_country.sh.txt --

as it says in the script itself, a trivial hack.

And I might add, it comes with *NO* warranties of any kind.


I think instead of :
grep allocated
in the two important lines, it should be :
egrep '(allocated)|(assigned)'

coz both can go to countries.

Frank

Re: Unbound Problems (Reverse Direction)

2020-07-10 Thread Frank Habicht 
Hi,

On 09/07/2020 20:44, ken.hendrick...@l3harris.com wrote:
> stub-zone:
> name:  30.24.172.in-addr.arpa.
   good
> stub-addr: 127.0.0.1@53053
> stub-zone:
> name:  2.168.192.in-arpa.arpa.
   typo
> stub-addr: 127.0.0.1@53053
> stub-zone:
> name:  224.in-addr.arpa.
> stub-addr: 127.0.0.1@53053
> stub-zone:
> name:  255.in-addr.arpa.
> stub-addr: 127.0.0.1@53053

Frank

bridge: filter on ethertype??

2009-09-06 Thread Frank Habicht 
Hi,

a bridge can filter on mac addresses. good.
PF can filter on all things IP. good.

can anything filter on ethertype like eg filtering out PPPoE?
or other garbage seen in the wild.
'man brconfig' didn't give me any hints.
other than the more global blocknonip.


it's on a OpenBSD 4.5 GENERIC.MP for i386
on amd64 capable hardware, with a fix of bge, fxp and xl cards

if newer can do better, i'd like to know.

Thanks,
Frank

Re: How to find available wifi access points?

2009-03-20 Thread Frank Habicht 

man ifconfig:

chan [n]
  Set the channel (radio frequency) to be used for IEEE
  802.11-based wireless network interfaces to n.

  With no channel specified, show the results of an access point
  scan.  In Host AP mode, this will dump the list of known nodes
  without scanning.

Frank

On 03/20/09 10:12, Matt wrote:

Hi,

Happily running a laptop on OpenBSD - but I am a first time wifi-er.

I have no trouble connecting to a _known_  SSID, but I would like to 
find out which wifi networks are within my reach.
I did man/search archives but no luck there - I've seen monitoring mode 
- can set my card to it, which seems a good direction towards my goal.

But I simply not have a clue what to do next... ?

All I need to be able to do is see what networks are available when out 
and about, nothing more.
Obviously I am not the only user with this wish - so I am probably 
missing something extremely obvious :-(


(Running 4.5 snapshot with onboard iwi0 - but also have external rum0 
and ral0 cards available).


Thanks!

Matt

multiple bgpd ?

2008-07-13 Thread Frank Habicht 
Hi misc,

is it possible to run multiple bgpd instances on the same box?
with different sockets (-s) and non-overlapping listen on and only one with
fib-update yes  ?

doesn't seem to work here.
no error message,
all sessions only Active

Thanks,

Frank

Re: IPv6 LAN - IPv4 Internet

2008-03-19 Thread Frank Habicht 

Barry Commander wrote:

I basically want the IPv6 clients on my LAN to be able to access IPv4
servers on the
internet transparantly - the router doing the IPv6-IPv4/IPv4-IPv6
conversion.
I was under the impression those tunnel brokers simply allow the IPv4
interface on my
router to access the limited IPv6 sites/servers
Thanks
Barry




They did that at recent NANOG and APNIC(APRICOT) meetings:
switch off ipv4 (wireless) LAN and have everyone struggle with ipv6.
see: http://www.civil-tongue.net/6and4/


you need 2 things:
a DNS proxy that will give our clients a ipv6 () answer even if 
there's none in the real world - one is totd 
(ftp://ftp.dillema.net/pub/users/feico/totd-latest.tar.gz)


and the protocol translator
software (on linux) used mentioned here 
(http://www.civil-tongue.net/6and4/wiki/Linux%20NAT-PT%20Configuration) 
but leads to parked domain :-(


(in cisco they did like this: 
http://www.civil-tongue.net/6and4/wiki/APRICOT2008-Router)



Frank

Re: httpdv6

2007-12-08 Thread Frank Habicht 
On 12/8/2007 4:55 PM, Henning Brauer wrote:
 * Marc Balmer [EMAIL PROTECTED] [2007-12-08 09:51]:
 httpd with IPv6 support uses IPv6 addresses for ambigious constructs.
 That is documented in the httpd(8) manpage.
 
 that is completely wrong and disqualifies this patch.
 you are fucking everybody for no good reason, as suddenly their httpds 
 will only listen on v6.
 

so the new httpd should, if there's no Listen in httpd.conf, behave same
way as if there was
Listen :: 80
Listen 0.0.0.0 80

right?
Frank

httpdv6

2007-12-07 Thread Frank Habicht 
Hi misc,

[i guess misc is better than ports for that..]

I ran the patched httpdv6 with the stock httpd.conf
- it was only bound to v6

README.v6 suggests _for_Vhost_operation_ one needs
Listen :: 80
Listen 0.0.0.0 80

my test suggests even without vhosts these are needed to run both v4 and v6.

can anyone confirm?
( if so i'd send diff for README.v6 - anything else? )

system is current (1day old), httpd.conf.orig from
http://www.openbsd.org/cgi-bin/cvsweb/~checkout~/src/usr.sbin/httpd/conf/httpd.conf?rev=1.21content-type=text/plain

Thanks,
Frank

PS: if someone can tell me how to replace the 'lsof' - will be appreciated ;-)


[EMAIL PROTECTED] /var/www/conf $ sudo cp httpd.conf.orig httpd.conf

[EMAIL PROTECTED] /var/www/conf $ sudo apachectl restart
/usr/sbin/apachectl restart: httpd restarted
[EMAIL PROTECTED] /var/www/conf $ sudo lsof -i -n -P | grep httpd
httpd 3912  www   17u  IPv6 0xd8663008  0t0  TCP *:80 (LISTEN)
httpd 7887  www   17u  IPv6 0xd8663008  0t0  TCP *:80 (LISTEN)
httpd 9134  www   17u  IPv6 0xd8663008  0t0  TCP *:80 (LISTEN)
httpd21258  www   17u  IPv6 0xd8663008  0t0  TCP *:80 (LISTEN)
httpd22168  www   17u  IPv6 0xd8663008  0t0  TCP *:80 (LISTEN)
httpd23865  www   17u  IPv6 0xd8663008  0t0  TCP *:80 (LISTEN)

# vi httpd.conf

[EMAIL PROTECTED] /var/www/conf $ diff httpd.conf httpd.conf.orig

188,189d187
 Listen :: 80
 Listen 0.0.0.0 80
[EMAIL PROTECTED] /var/www/conf $ sudo apachectl restart
/usr/sbin/apachectl restart: httpd restarted
[EMAIL PROTECTED] /var/www/conf $ sudo lsof -i -n -P | grep httpd
httpd11048  www   16u  IPv4 0xd8663008  0t0  TCP *:80 (LISTEN)
httpd11048  www   17u  IPv6 0xd8663328  0t0  TCP *:80 (LISTEN)
httpd11430  www   16u  IPv4 0xd8663008  0t0  TCP *:80 (LISTEN)
httpd11430  www   17u  IPv6 0xd8663328  0t0  TCP *:80 (LISTEN)
httpd15586  www   16u  IPv4 0xd8663008  0t0  TCP *:80 (LISTEN)
httpd15586  www   17u  IPv6 0xd8663328  0t0  TCP *:80 (LISTEN)
httpd20686  www   16u  IPv4 0xd8663008  0t0  TCP *:80 (LISTEN)
httpd20686  www   17u  IPv6 0xd8663328  0t0  TCP *:80 (LISTEN)
httpd23160  www   16u  IPv4 0xd8663008  0t0  TCP *:80 (LISTEN)
httpd23160  www   17u  IPv6 0xd8663328  0t0  TCP *:80 (LISTEN)
httpd27443  www   16u  IPv4 0xd8663008  0t0  TCP *:80 (LISTEN)
httpd27443  www   17u  IPv6 0xd8663328  0t0  TCP *:80 (LISTEN)
[EMAIL PROTECTED] /var/www/conf $