Re: Just want to say thanks to all OpenBSD developers

2015-10-29 Thread sonjaya
Dear Leonardo

Don't forget donate to keep rock and solid  :)

On Fri, Oct 30, 2015 at 9:01 AM, Leonardo Santagostini <
lsantagost...@gmail.com> wrote:

> Hello @all, today i have upgraded from 5.7 to 5.8 on a VPS with a WordPress
> for my personal site.
>
> Following the guide at http://www.openbsd.org/faq/upgrade58.html
> everything
> went fine.
>
> Wow i was surprised because documentation was 100% accurated and the
> process was staightforward 
>
> At work we use linux, and the upgrade process its a pain in the ass. So
> guys, you rock and OpenBSD for me its a breath of fresh air.
>
> Thanks thanks thanks.
>
> Kind regards, one happy user !
>
> PS: Sorry for my english but is not my mothers tongue.
>
> Saludos.-
> Leonardo Santagostini
>
> <http://ar.linkedin.com/in/santagostini>
>
>


-- 
best regards
sonjaya



installed java form ports

2011-03-18 Thread sonjaya
Dear all,
i try install java in openbsd 4.8 , i'm installed form port and get
error at bellow.
i try using powerdns with interface java

Here error i get :

Create /usr/ports/packages/i386/all/apache-ant-1.7.1p1.tgz
Link to /usr/ports/packages/i386/ftp/apache-ant-1.7.1p1.tgz
Link to /usr/ports/packages/i386/cdrom/apache-ant-1.7.1p1.tgz
===  apache-ant-1.7.1p1 depends on: javaPathHelper-* - found
===  apache-ant-1.7.1p1 depends on: jdk-=1.5.0|kaffe-* - not found
===  Verifying install for jdk-=1.5.0|kaffe-* in devel/jdk/1.5
===  jdk-1.5.0.16p2  is marked as broken:
 You must read and accept Sun's JRL license located
 at /usr/ports/devel/jdk/1.5/files/JavaResearchLicense.txt
 To indicate your acceptance of the JRL add ACCEPT_JRL_LICENSE=Yes
 to /etc/mk.conf and restart the build.
*** Error code 1

Stop in /usr/ports/devel/apache-ant (line 1765 of
/usr/ports/infrastructure/mk/b
sd.port.mk).
*** Error code 1

Stop in /usr/ports/devel/apache-ant (line 1611 of
/usr/ports/infrastructure/mk/b
sd.port.mk).
*** Error code 1

Stop in /usr/ports/devel/apache-ant (line 2116 of
/usr/ports/infrastructure/mk/b
sd.port.mk).
*** Error code 1

Stop in /usr/ports/java/junit (line 1765 of
/usr/ports/infrastructure/mk/bsd.por
   t.mk).
*** Error code 1

Stop in /usr/ports/java/junit (line 2168 of
/usr/ports/infrastructure/mk/bsd.por
   t.mk).
*** Error code 1

Stop in /usr/ports/java/junit (line 1580 of
/usr/ports/infrastructure/mk/bsd.por
   t.mk).
*** Error code 1

Stop in /usr/ports/java/junit (line 2136 of
/usr/ports/infrastructure/mk/bsd.por
   t.mk).
*** Error code 1

Stop in /usr/ports/java/junit (line 2116 of
/usr/ports/infrastructure/mk/bsd.por
   t.mk).
*** Error code 1

Stop in /usr/ports/java/junit (line 1611 of
/usr/ports/infrastructure/mk/bsd.por
   t.mk).
*** Error code 1

Stop in /usr/ports/java/junit (line 2116 of
/usr/ports/infrastructure/mk/bsd.por
   t.mk).
=== Exiting java/junit with an error
*** Error code 1

Stop in /usr/ports/java (line 135 of
/usr/ports/infrastructure/mk/bsd.port.subdi
  r.mk).
#

any clue ?

-- 
sonjaya
http://www.idadv.com



e-procurement application in openbsd

2010-11-22 Thread sonjaya
dear all,

i looking e-procurement who working  in OpenBSD also license is BSD or GPL


sonjaya
http://farmproxy.com



asterisk in openbsd

2010-11-19 Thread sonjaya
dear All
i have machine openbsd 4.5 , because hardware failuer i change with
another machine with same version ( openbsd 4.5 ) .
but i have trouble in asterisk i can't activate sip and extension ,
any body here where know to find solutions ?
before and after thanks
sonjaya



Re: Installing OpenBSD from Linux Xen VPS

2010-09-21 Thread sonjaya
i try install in my xen  at opensuse , when install success but when
reboot after finish installation blank and try againt same happen
againt.



On Tue, Sep 21, 2010 at 12:25 PM, Stephano Zanzin m...@zan.st wrote:
 Hello,

 I was wondering if anyone had installed OpenBSD from a Linux VPS running
 over a Xen hosting(like slicehost, linode, etc). So, someone tried it?

 --
 stephano





-- 
sonjaya
http://www.sharenupload.com
http://www.farmproxy.com



Re: Premature end of archive

2010-04-22 Thread sonjaya
i get solusion why this happent.

me using sonicwall ass gateway  ...
here i capture log in server and sonicwall
# wget
ftp://anga.funkfeuer.at/pub/OpenBSD/4.6/packages/i386/clamav-0.95.2.tgz
--2010-04-22 17:53:03--
ftp://anga.funkfeuer.at/pub/OpenBSD/4.6/packages/i386/clamav-0.95.2.tgz
   = `clamav-0.95.2.tgz.1'
Resolving anga.funkfeuer.at... 78.41.115.130, 2a02:60:1:1::9
Connecting to anga.funkfeuer.at|78.41.115.130|:21... connected.
Logging in as anonymous ... Logged in!
== SYST ... done.== PWD ... done.
== TYPE I ... done.  == CWD /pub/OpenBSD/4.6/packages/i386 ... done.
== SIZE clamav-0.95.2.tgz ... 1516336
== PASV ... done.== RETR clamav-0.95.2.tgz ... done.
Length: 1516336 (1.4M)

24% [
] 376,480 40.4K/s   in 9.6s

2010-04-22 17:53:18 (38.2 KB/s) - Data connection: Connection reset by
peer; Control connection closed.
Retrying.

--2010-04-22 17:53:19--
ftp://anga.funkfeuer.at/pub/OpenBSD/4.6/packages/i386/clamav-0.95.2.tgz
  (try: 2) = `clamav-0.95.2.tgz.1'
Connecting to anga.funkfeuer.at|78.41.115.130|:21... connected.
Logging in as anonymous ... Logged in!
== SYST ... done.== PWD ... done.
== TYPE I ... done.  == CWD /pub/OpenBSD/4.6/packages/i386 ... done.
== SIZE clamav-0.95.2.tgz ... 1516336
== PASV ... done.== REST 376480 ...
REST failed, starting from scratch.

== RETR clamav-0.95.2.tgz ... done.
Length: 1516336 (1.4M), 1139856 (1.1M) remaining

24% [
] 376,480 38.8K/s   in 9.6s

2010-04-22 17:53:34 (38.1 KB/s) - Data connection: Connection reset by
peer; Control connection closed.
Retrying.


then i check in sonicwall

12  UTC 04/22/2010 10:52:56.032 Alert Security Services Gateway
Anti-Virus Alert: Mytob.Crypter (Worm) blocked 78.41.115.130, 51671,
X3 192.168.xxx.10, 13305, X5

ha ha so the trouble maker is sonicwall 

On Thu, Nov 5, 2009 at 4:54 PM, J.C. Roberts list-...@designtools.org
wrote:
 On Wed, 4 Nov 2009 17:49:55 +0700 sonjaya sonj...@gmail.com wrote:

 Dear all
 i try install clamav from packages but  get error like this , how to
 solved ?
 - i try another mirror still same
 - try donwload to local pc still same

 # export PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/4.6/packages/i386/
 # pkg_add -i clamav
 Premature end of archive
 clamav-0.95.2: complete
 Adjusting sha for /usr/local/lib/libclamav.a from
 k3C2K5oQcz5KJ1wrU0uLgN9h6iZ1w6MYh5gIYM02On4= to
 orCLZWKfCRHFq1lVJcXljBP3QjUq2trZIlRJ49Np5zk=
 /usr/sbin/pkg_add: Installation of clamav-0.95.2 failed, partial
 installation recorded as partial-clamav-0.95.2
   ^

 You need to delete the *PARTIALLY* installed package. As for why this
 does not happen by default on all failed installation attempts, I don't
 know, but that fact that failed installation attempts leave non-working
 junk on the system can cause problems.

 $ sudo pkg_delete partial-clamav-0.95.2



 --
 J.C. Roberts




--
sonjaya
http://www.sharenupload.com
http://www.farmproxy.com



maia in openbsd 4.6

2010-04-21 Thread sonjaya
hi all ...

i have problem installed maia in openbsd 4.6 , problem module perl file(1).

Application/Module  Version   Status

Perl :   5.10.0 : OK
file(1)  :  N/A : NOT INSTALLED (required by Maia Mailguard)
Archive::Tar : 1.58 : OK

# file  -v
file-4.24
magic file from /etc/magic
# whereis file
/usr/bin/file
# ln -s  /usr/bin/file /usr/local/bin/

any clue how to solved this  ,

-- 
sonjaya
http://sicute.blogspot.com
http://www.pojokdomain.com(sell  buy domain with free )



Re: Blocking Teamviewer

2010-03-26 Thread sonjaya
i try update this threads

in my network using squid proxy for all internet access
after capture the access.log
teamviewer have several server

main server teamviewer
1. http://ping3.dyngate.com
2. masterxx.teamviewer.com
 where xxx = 1 until 17
 so become master1.teamviewer.com until master17.teamviewer.com

so i made block dst domain in squid.conf .
and teamviewer client can't working.
i try scan port was using for teamviewer server
# nmap ping3.dyngate.com

Starting Nmap 4.76 ( http://nmap.org ) at 2010-03-26 23:06 WIT
Warning: Hostname ping3.dyngate.com resolves to 4 IPs. Using 85.25.143.69.
Interesting ports on server340.teamviewer.com (85.25.143.69):
Not shown: 997 filtered ports
PORT STATE SERVICE
80/tcp   open  http
843/tcp  open  unknown
3389/tcp open  ms-term-serv

Nmap done: 1 IP address (1 host up) scanned in 17.25 seconds

# nmap master1.teamviewer.com

Starting Nmap 4.76 ( http://nmap.org ) at 2010-03-26 23:06 WIT
Interesting ports on master.dyngate.com (87.230.73.23):
Not shown: 998 filtered ports
PORTSTATE SERVICE
80/tcp  open  http
843/tcp open  unknown

ini hasil scan client teamviewer
# nmap 124.217.230.1xx

Starting Nmap 4.76 ( http://nmap.org ) at 2010-03-26 23:12 WIT
Interesting ports on server404.teamviewer.com (124.217.230.174):
Not shown: 997 filtered ports
PORT STATE SERVICE
80/tcp   open  http
843/tcp  open  unknown
3389/tcp open  ms-term-serv



Nmap done: 1 IP address (1 host up) scanned in 24.82 seconds

so add in pf for blockerd port 843  3389

just that and teamviewer client can't working
i hope this will be blocked teamviewer.

On Sat, Mar 20, 2010 at 1:22 AM, Siju George sgeorge...@gmail.com wrote:
 On Fri, Mar 19, 2010 at 10:14 PM, Steve Shockley steve.shock...@shockley.net
 Presumably you're trying to block it with an OpenBSD firewall.


 Yes :-)

Analyze the
 protocol, you can probably stop it with a transparent proxy that disallows
 CONNECT requests.


 Could you please explain?

 Or, http://lmgtfy.com/?q=teamviewer+blockl=1


 The first thing I did :-)

 thanks

 --Siju





-- 
sonjaya
http://www.sharenupload.com



reconfigure squid on packages

2010-03-25 Thread sonjaya
hi ...

i using squid in my openbsd box , i need reconfigure squid to support
useragent acl ( team viewer problem ) .
i'm installed from port.
how to do that to make squid working with acl useragent ?
can do that without  recomplie from source
-- 
sonjaya
http://www.sharenupload.com
http://www.airportindonesia.info



update packages error

2010-01-09 Thread sonjaya
 dev 31 function 0 Intel 82801DB LPC rev 0x02:
24-bit timer at 3579545Hz
pciide0 at pci0 dev 31 function 1 Intel 82801DB IDE rev 0x02: DMA,
channel 0 configured to compatibility, channel 1 configured to
compatibility
wd0 at pciide0 channel 0 drive 0: ST340015A
wd0: 16-sector PIO, LBA, 38166MB, 78165360 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5
pciide0: channel 1 disabled (no drives)
ichiic0 at pci0 dev 31 function 3 Intel 82801DB SMBus rev 0x02: irq 3
iic0 at ichiic0
iic0: addr 0x2f 00=01 01=07 02=01 03=00 04=07 05=00 06=08 07=00 14=14
15=62 16=03 17=02 words 00=01ff 01=07ff 02=01ff 03=00ff 04=07ff
05=00ff 06=08ff 07=00ff 08= 09= 0a= 0b= 0c=
0d= 0e= 0f=
spdmem0 at iic0 addr 0x50: 512MB DDR SDRAM non-parity PC2100CL2.5
spdmem1 at iic0 addr 0x51: 256MB DDR SDRAM non-parity PC3200CL2.5
auich0 at pci0 dev 31 function 5 Intel 82801DB AC97 rev 0x02: irq 3, ICH4 AC97
ac97: codec id 0x414c4780 (Avance Logic ALC658 rev 0)
ac97: codec features 20 bit DAC, 18 bit ADC, No 3D Stereo
audio0 at auich0
usb1 at uhci0: USB revision 1.0
uhub1 at usb1 Intel UHCI root hub rev 1.00/1.00 addr 1
usb2 at uhci1: USB revision 1.0
uhub2 at usb2 Intel UHCI root hub rev 1.00/1.00 addr 1
usb3 at uhci2: USB revision 1.0
uhub3 at usb3 Intel UHCI root hub rev 1.00/1.00 addr 1
isa0 at ichpcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: PC speaker
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
wbsio0 at isa0 port 0x2e/2: W83627THF rev 0x83
lm1 at wbsio0 port 0x290/8: W83627THF
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: 2.88MB 80 cyl, 2 head, 36 sec
biomask eb6d netmask ff6d ttymask ffef
mtrr: Pentium Pro MTRR support
softraid0 at root
root on wd0a swap on wd0b dump on wd0b

-- 
sonjaya
http://jenar.us(webproxy)
http://clienttracking.info(web proxy)



Re: update packages error

2010-01-09 Thread sonjaya
thank's for the info i think you right i must upgrade fully no only
packages 

On Sat, Jan 9, 2010 at 10:30 PM, Marc Espie es...@nerim.net wrote:
 On Sat, Jan 09, 2010 at 07:09:03PM +0700, sonjaya wrote:
 hi all
 i have openbsd 4.3 as mx server , i try update packages i try
 ^^^
 following this from this link
 http://www.openbsd.org/faq/upgrade44.html
 before update to new one i try update packages

 You have things backwards. Update your system first.

 Unknown element: @sha Xa85ahS78Iy3rRgoKHOU0sN1WHkU+5HDvW8OSf1Cm9w= in
 SCALAR(0x81180c9c),  at /usr/libdata/perl5/OpenBSD/PackingList.pm line

 We changed from md5 to sha256 in packages. You really need a new pkg_add
 for this to work.




--
sonjaya
http://jenar.us(webproxy)
http://clienttracking.info(webproxy)



Premature end of archive

2009-11-04 Thread sonjaya
Dear all
i try install clamav from packages but  get error like this , how to solved ?
- i try another mirror still same
- try donwload to local pc still same

# export PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/4.6/packages/i386/
# pkg_add -i clamav
Premature end of archive
clamav-0.95.2: complete
Adjusting sha for /usr/local/lib/libclamav.a from
k3C2K5oQcz5KJ1wrU0uLgN9h6iZ1w6MYh5gIYM02On4= to
orCLZWKfCRHFq1lVJcXljBP3QjUq2trZIlRJ49Np5zk=
/usr/sbin/pkg_add: Installation of clamav-0.95.2 failed, partial
installation recorded as partial-clamav-0.95.2

-- 
sonjaya
http://sicute.blogspot.com



Re: Premature end of archive

2009-11-04 Thread sonjaya
yes already pkg_delete  but still same  show up  that problem

On Wed, Nov 4, 2009 at 7:11 PM, Nick Guenther kou...@gmail.com wrote:
 On Wed, Nov 4, 2009 at 5:49 AM, sonjaya sonj...@gmail.com wrote:
 Dear all
 i try install clamav from packages but  get error like this , how to solved
?
 - i try another mirror still same
 - try donwload to local pc still same

 # export PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/4.6/packages/i386/
 # pkg_add -i clamav
 Premature end of archive
clamav-0.95.2: complete
 Adjusting sha for /usr/local/lib/libclamav.a from
 k3C2K5oQcz5KJ1wrU0uLgN9h6iZ1w6MYh5gIYM02On4= to
 orCLZWKfCRHFq1lVJcXljBP3QjUq2trZIlRJ49Np5zk=
 /usr/sbin/pkg_add: Installation of clamav-0.95.2 failed, partial
 installation recorded as partial-clamav-0.95.2


 Did you make sure to pkg_delete the partial install before trying again?




--
sonjaya
http://sicute.blogspot.com
http://www.pojokdomain.com(sell  buy domain with free )



Re: squid stabel 7

2009-10-20 Thread sonjaya
at the end back to aufs and working fine today , but how to make my
squid become parent cache  so i can control policy for one machine to
another machine .
Because i have several squid with openbsd in head n branch.
thank's



squid stabel 7

2009-10-16 Thread sonjaya
: bus 2 (PCI1)
acpiprt2 at acpi0: bus 5 (PCI2)
acpiprt3 at acpi0: bus 7 (PCI3)
acpiprt4 at acpi0: bus 9 (PCI4)
acpicpu0 at acpi0
bios0: ROM list: 0xc/0x8000 0xc8000/0x4000
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 ServerWorks CNB20-HE Host (GC-LE) rev 0x33
pchb1 at pci0 dev 0 function 1 ServerWorks CNB20-HE Host (GC-LE) rev 0x00
pci1 at pchb1 bus 2
bge0 at pci1 dev 8 function 0 Broadcom BCM5703X rev 0x02, BCM5703 A2
(0x1002): apic 13 int 13 (irq 1
1), address 00:09:6b:a5:d1:f3
brgphy0 at bge0 phy 1: BCM5703 10/100/1000baseT PHY, rev. 2
pchb2 at pci0 dev 0 function 2 ServerWorks CNB20-HE Host (GC-LE) rev 0x00
pci2 at pchb2 bus 7
fxp0 at pci0 dev 1 function 0 Intel 8255x rev 0x08, i82559: apic 13
int 0 (irq 10), address 00:90:27
:e6:c6:14
inphy0 at fxp0 phy 1: i82555 10/100 PHY, rev. 4
vga1 at pci0 dev 9 function 0 ATI Rage XL rev 0x27
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
piixpm0 at pci0 dev 15 function 0 ServerWorks CSB5 rev 0x93: polling
iic0 at piixpm0
spdmem0 at iic0 addr 0x50: 512MB DDR SDRAM registered ECC PC2100CL2.5
spdmem1 at iic0 addr 0x51: 512MB DDR SDRAM registered ECC PC2100CL2.5
pciide0 at pci0 dev 15 function 1 ServerWorks CSB5 IDE rev 0x93: DMA
ohci0 at pci0 dev 15 function 2 ServerWorks OSB4/CSB5 USB rev 0x05:
apic 14 int 11 (irq 11), version
 1.0, legacy support
pcib0 at pci0 dev 15 function 3 ServerWorks CSB5 LPC rev 0x00
pchb3 at pci0 dev 16 function 0 ServerWorks CIOB-X2 PCIX rev 0x05
pchb4 at pci0 dev 16 function 2 ServerWorks CIOB-X2 PCIX rev 0x05
pci3 at pchb4 bus 5
mpi0 at pci3 dev 7 function 0 Symbios Logic 53c1030 rev 0x07: apic
13 int 11 (irq 9)
scsibus0 at mpi0: 16 targets, initiator 7
sd0 at scsibus0 targ 0 lun 0: IBM-ESXS, DTN036C3UCDY10FN, S27P SCSI3
0/direct fixed
sd0: 34715MB, 512 bytes/sec, 71096640 sec total
sd1 at scsibus0 targ 1 lun 0: IBM-ESXS, DTN036C3UCDY10FN, S27P SCSI3
0/direct fixed
sd1: 34715MB, 512 bytes/sec, 71096640 sec total
safte0 at scsibus0 targ 8 lun 0: IBM, 02R0962a S320 1, 1 SCSI2
3/processor fixed
mpi0: target 0 Sync at 160MHz width 16bit offset 127 QAS 1 DT 1 IU 1
mpi0: target 1 Sync at 160MHz width 16bit offset 127 QAS 1 DT 1 IU 1
mpi1 at pci3 dev 7 function 1 Symbios Logic 53c1030 rev 0x07: apic
13 int 12 (irq 9)
scsibus1 at mpi1: 16 targets, initiator 7
pchb5 at pci0 dev 17 function 0 ServerWorks CIOB-X2 PCIX rev 0x05
pchb6 at pci0 dev 17 function 2 ServerWorks CIOB-X2 PCIX rev 0x05
pci4 at pchb6 bus 9
usb0 at ohci0: USB revision 1.0
uhub0 at usb0 ServerWorks OHCI root hub rev 1.00/1.00 addr 1
isa0 at pcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pms0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: PC speaker
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
mtrr: Pentium Pro MTRR support
softraid0 at root
root on sd0a swap on sd0b dump on sd0b


sonjaya



Re: OpenBSD as MX server

2009-10-01 Thread sonjaya
because mx server will be replace is production server in next time
will be use it like your recomended.
thank' for all recomendation

On Wed, Sep 30, 2009 at 3:44 PM, Stephan A. Rickauer
stephan.ricka...@startek.ch wrote:
 On Wed, 2009-09-30 at 13:30 +0700, sonjaya wrote:
 it will be helpful if want share  tutorial .

 man smtpd || man sendmail
 man spamd





--
sonjaya
http://sicute.blogspot.com
http://www.pojokdomain.com(sell  buy domain with free )



Re: ALIX and PC Engines CompactFlash

2009-10-01 Thread sonjaya
i using generic cf ( vgen) for obsd 4.5 and mother board via epia ,
main problem is only DMA and can handle it with setup manualy adn
problem missing.

On Fri, Oct 2, 2009 at 2:26 AM, Daniel Melameth dan...@melameth.com wrote:
 With the positive response of OpenBSD on this hardware, I'm considering
 purchasing these in preparation for a proof of concept.  As such, if anyone
 has purchased the 4GB COMPACTFLASH CARDS THAT PC ENGINES SELLS
 (http://www.pcengines.ch/cf4dp.htm or http://www.pcengines.ch/cf4slc.htm),
 would you please share the RELEVANT PORTION OF YOUR DMESG for the card (and
 your opinions if you'd like)?  I'm particularly interested in what's
 reported for x-sector PIO and related.

 While I know I can purchase CompactFlash cards from anywhere, I try to
 support those companies that support OpenBSD (that and it's easier just to
 get everything from one vendor).

 Thanks.





--
sonjaya



Re: OpenBSD as MX server

2009-10-01 Thread sonjaya
Dear Christ,

my linux box running postfix and amavisd and cbl for spam , but today
that box hard to manage and update it .
i see in obsd default have been tools to take care about spam that is
mine consern also security problem.
because this production server and log all email to trace and trace i
must make sure everything good enough before replace it.


On Wed, Sep 30, 2009 at 10:43 PM, Matthew Weigel uni...@idempot.net wrote:
 Chris wrote:

 Hi Sonjaya,

 You ask a very open-ended question here.  To get into specifics would
 be too difficult in one email.  But here is a rough outline to get you
 started.

 A rough outline of... something, certainly.  Definitely something mail
 related.  Setting up an MX server?  Not so sure.

   Some people use

 Dovecot, but the version included in 4.5 does not include encryption
 (though you could probably use stunnel to address that...).

 Wait, what?

 $ uname -mrsv
 OpenBSD 4.5 GENERIC.MP#108 i386
 $ grep imaps /etc/dovecot.conf
 # Protocols we want to be serving: imap imaps pop3 pop3s
 protocols = imaps pop3s
 $ pkg_info | grep dovecot
 dovecot-1.1.11p1-ldap compact IMAP/POP3 server

 Original author wants to replace a Linux MX with an OpenBSD MX?  I think
the
 logical approach is to - at least as a first step - look at what the Linux
 MX is doing now.  In all probability that involves using the same MTA as is
 already in use on the Linux machine, the same antispam software, and mostly
 the same configuration files.

 Learning about OpenBSD's spamd would be a good idea once that's done, but
at
 no point does it really involve dumping everything and just doing what
 someone on a mailing list said.
 --
  Matthew Weigel
  hacker
  unique  idempot . ent





--



OpenBSD as MX server

2009-09-30 Thread sonjaya
hi 

i try setup obsd 4.5 become MX  server , i have plan replace my linux
box with obsd.
i looking tutorial in kernel-panic.it i can found spamassin in
application package obsd 4.5.
my target is obsd 4.5 will become as mx server ( antivirus + antispam )
it will be helpful if want share  tutorial .

my regards
 sonjaya



slip cable

2009-09-21 Thread sonjaya
hi ...

i want using slip as my network interface,  for cable layout what kind
recomended and working in openbsd.
i search null modem cable rs232 a have some type:
- null  modem without handshaking
- null  modem with loop back  handshaking
- null  modem with partial  handshaking
- null  modem with full handshaking

which one compatible for openbsd network ?

my plan that cable  will be transfer file between openbsd  server ( 3
openbsd server ) for syncronise file each server at least  more than
10 G transfer with that cable every day.


sonjaya
http://idsale.blogspot.com



Re: slip cable

2009-09-21 Thread sonjaya
[snip]
On Mon, Sep 21, 2009 at 5:59 PM, Paul M l...@no-tek.com wrote:

 This has nothing to do with openbsd, it's determined by your hardware.

 Use a cable with full handshaking. The hw can then use it if it needs to.

thank's i will create null modem with full handshaking.if that best
options for all choice



Re: slip cable

2009-09-21 Thread sonjaya
[snip]
On Mon, Sep 21, 2009 at 5:25 PM, Paul de Weerd we...@weirdnet.nl wrote:

 10G/day is almost 1Mbit per second average (without encapsulation
 overhead). Not really suitable for serial lines (or do you want to
 bundle several 115kbit lines together for super serial speed ?). Why
 are you avoiding a dedicated ethernet interface (or VLAN) between the
 two machines ?

yes the best options is using switch and vlan , buat is my problem in
my place no switch support vlan also no pci socket avaliable for
another ethernet card.i have try using usb to network but have poor
link.



dma problem in VIA Nehemiah

2009-09-03 Thread sonjaya
# dmesg
OpenBSD 4.5-stable (LESCHACO) #0: Mon Aug 10 15:49:13 WIT 2009
r...@localhost:/usr/src/sys/arch/i386/compile/LESCHACO
cpu0: VIA Nehemiah (CentaurHauls 686-class) 1 GHz
cpu0: FPU,V86,DE,PSE,TSC,MSR,SEP,MTRR,PGE,CMOV,PAT,MMX,FXSR,SSE
real mem  = 502824960 (479MB)
avail mem = 477851648 (455MB)
mainbus0 at root
bios0 at mainbus0: AT/286+ BIOS, date 05/19/04, BIOS32 rev. 0 @
0xfb210, SMBIOS rev. 2.2 @ 0xf0800 (26 entries)
bios0: vendor Award Software International, Inc. version 6.00 PG
date 05/19/2004
bios0: VIA Technologies, Inc. VT8623-8235
apm0 at bios0: Power Management spec V1.2 (slowidle)
apm0: AC on, battery charge unknown
acpi at bios0 function 0x0 not configured
pcibios0 at bios0: rev 2.1 @ 0xf/0xdf44
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfded0/112 (5 entries)
pcibios0: PCI Exclusive IRQs: 5 10 11 12
pcibios0: PCI Interrupt Router at 000:17:0 (VIA VT8235 ISA rev 0x00)
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc/0xec00 0xd/0x8000!
cpu0 at mainbus0: (uniprocessor)
cpu0: RNG AES
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 VIA VT8623 PCI rev 0x00
viaagp0 at pchb0: v2
agp0 at viaagp0: aperture at 0xe600, size 0xe80
ppb0 at pci0 dev 1 function 0 VIA VT8633 AGP rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 VIA CLE266 rev 0x03
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
VIA VT6306 FireWire rev 0x80 at pci0 dev 13 function 0 not configured
uhci0 at pci0 dev 16 function 0 VIA VT83C572 USB rev 0x80: irq 11
uhci1 at pci0 dev 16 function 1 VIA VT83C572 USB rev 0x80: irq 12
uhci2 at pci0 dev 16 function 2 VIA VT83C572 USB rev 0x80: irq 10
ehci0 at pci0 dev 16 function 3 VIA VT6202 USB rev 0x82: irq 5
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 VIA EHCI root hub rev 2.00/1.00 addr 1
viapm0 at pci0 dev 17 function 0 VIA VT8235 ISA rev 0x00
iic0 at viapm0
spdmem0 at iic0 addr 0x50: 512MB DDR SDRAM non-parity PC2100CL2.5
pciide0 at pci0 dev 17 function 1 VIA VT82C571 IDE rev 0x06: ATA133,
channel 0 configured to compatibility, channel 1 configured to
compatibility
pciide0: channel 0 disabled (no drives)
wd0 at pciide0 channel 1 drive 0: ST320413A
wd0: 16-sector PIO, LBA, 19092MB, 39102336 sectors
wd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 5
auvia0 at pci0 dev 17 function 5 VIA VT8233 AC97 rev 0x50: irq 10
ac97: codec id 0x49434552 (ICEnsemble VIA VT1616i)
ac97: codec features headphone, 18 bit DAC, 18 bit ADC, KS Waves 3D
audio0 at auvia0
vr0 at pci0 dev 18 function 0 VIA RhineII-2 rev 0x74: irq 11,
address 00:40:63:dd:74:6a
ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 8: OUI
0x004063, model 0x0032
usb1 at uhci0: USB revision 1.0
uhub1 at usb1 VIA UHCI root hub rev 1.00/1.00 addr 1
usb2 at uhci1: USB revision 1.0
uhub2 at usb2 VIA UHCI root hub rev 1.00/1.00 addr 1
usb3 at uhci2: USB revision 1.0
uhub3 at usb3 VIA UHCI root hub rev 1.00/1.00 addr 1
isa0 at mainbus0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: PC speaker
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
viasio0 at isa0 port 0x2e/2: VT1211 rev 0x02, HM, WDG not activated
npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
biomask ff65 netmask ff65 ttymask 
softraid0 at root
root on wd0a swap on wd0b dump on wd0b
wd0a: aborted command, interface CRC error reading fsbn 24063776 of
24063776-24063807 (wd0 bn 24063839; cn 1591 tn 125 sn 44), retrying
wd0: transfer error, downgrading to Ultra-DMA mode 4
wd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 4
wd0a: aborted command, interface CRC error reading fsbn 24063776 of
24063776-24063807 (wd0 bn 24063839; cn 1591 tn 125 sn 44), retrying
wd0: transfer error, downgrading to Ultra-DMA mode 3
wd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 3
wd0a: aborted command, interface CRC error reading fsbn 24063776 of
24063776-24063807 (wd0 bn 24063839; cn 1591 tn 125 sn 44), retrying
wd0: soft error (corrected)
#

any clue to make this problem dma mising, i think problem of hard disk but not

sonjaya
http://idsale.blogspot.com



Fping smokeping 2.0 problem in obsd 4.5

2009-05-11 Thread sonjaya
Hi 
i success installed smokeping in openbsd 4.5.
i made some custom config as i need
when i try running always get error message  like this :
#smokeping --debug
Dropping privilges to _smokeping ...
ERROR: Fping must be installed setuid root or it will not work
at (eval 29) line 1

any ide to solved this problem
sonjaya
http://idsale.blogspot.com
http://videopingpong.blogspot.com



openbsd in virtualization

2009-03-18 Thread sonjaya
Hi...

My boss ask how to move current obsd server to virtualiaztion ( such
as  openvz, vmare , etc ) .
anyone in here sucsess moving obsd to Environment  virtualization (
openvz , vmware  etc ) , may be want share to me ?
So obsd become guest OS  ?

ps: i'm so sory to ask this because Efficiency  and reduce IT cost .
thank's



Re: openbsd in virtualization

2009-03-18 Thread sonjaya
what virtualization you use  (vmware , openvz , etc )?


On Wed, Mar 18, 2009 at 3:34 PM, Michiel van Baak mich...@vanbaak.info
wrote:
 On 15:13, Wed 18 Mar 09, sonjaya wrote:
 Hi...

 My boss ask how to move current obsd server to virtualiaztion ( such
 as  openvz, vmare , etc ) .
 anyone in here sucsess moving obsd to Environment  virtualization (
 openvz , vmware  etc ) , may be want share to me ?
 So obsd become guest OS  ?

 ps: i'm so sory to ask this because Efficiency  and reduce IT cost .
 thank's

 I'm running OpenBSD 4.4 and -current under KVM here at home.
 I wont run it in production tho. Real hardware is much more stable.
 --

 Michiel van Baak
 mich...@vanbaak.eu
 http://michiel.vanbaak.eu
 GnuPG key: http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x71C946BD

 Why is it drug addicts and computer aficionados are both called users?





--
sonjaya
http://sicute.blogspot.com
http://www.pojokdomain.com(sell  buy domain with free )



Re: openbsd in virtualization

2009-03-18 Thread sonjaya
ye that is my point , if i using obsd as guest os will be reduce
benefit of OBSD .

so now only two candidate
- XEN
- qemu
- vmware server  ( price is high 0
- virtualbox SUN

may be i will try taht candidate .

Thank's for all sharing :)

On Wed, Mar 18, 2009 at 4:01 PM, Daniel Ouellet dan...@presscom.net wrote:
 Hi...

 My boss ask how to move current obsd server to virtualiaztion ( such
 as  openvz, vmare , etc ) .
 anyone in here sucsess moving obsd to Environment  virtualization (
 openvz , vmware  etc ) , may be want share to me ?
 So obsd become guest OS  ?

 ps: i'm so sory to ask this because Efficiency  and reduce IT cost .
 thank's

 I run it under VMWare with MAC OSX as the host just for fun. Nothing real
 heavy and to do tests.

 My Son is running it under qemu on his MAC laptop and keep barging about it
 to me as I haven't done it yet. Well, to give him credit, I haven't figure
 out how to yet and didn't spend time doing it, but he is using it every day
 and created himself a workstation just like his mac under qemu with OpenBSD
 until he is happy with the final final results and then he will only use
 OpenBSD then. It's been pretty stable for about a year now or so.

 So, you can run it under about anything you want really, but you do loose
 the benefit of OpenBSD itself and become slave of the host OS as well as
the
 virtualization layer you use.

 In short I wouldn't use it, but again, there is plenty of comments on this
 same subject in the archive, so just use google and search for it.

 You will find plenty.

 Daniel





--
sonjaya
http://sicute.blogspot.com
http://www.pojokdomain.com(sell  buy domain with free )



IBM Xseries 235 and OBSD 4.4

2009-03-17 Thread sonjaya
Dear all

 i have old machine ibm Xseries 235 and storage with raid.
I try to install openbsd 4.4 but getting problem when intialize disk ,
obsd 4.4 instalation disk can't detect raid .
any clue how to make it working with raid ?



thank's

sonjaya
http://sicute.blogspot.com
http://www.pojokdomain.com(sell  buy domain with free )



Re: IBM Xseries 235 and OBSD 4.4

2009-03-17 Thread sonjaya
Thank's is working no

2009/3/17 Alexander Yurchenko gra...@disorder.ru:
 On Tue, Mar 17, 2009 at 06:02:07PM +0700, sonjaya wrote:
 Dear all

  i have old machine ibm Xseries 235 and storage with raid.
 I try to install openbsd 4.4 but getting problem when intialize disk ,
 obsd 4.4 instalation disk can't detect raid .
 any clue how to make it working with raid ?

 try this:
 ftp://ftp.openbsd.org/pub/OpenBSD/snapshots/i386/install45.iso




 thank's

 sonjaya
 http://sicute.blogspot.com
 http://www.pojokdomain.com(sell  buy domain with free )

 --
 Alexander Yurchenko




--
sonjaya
http://sicute.blogspot.com
http://www.pojokdomain.com(sell  buy domain with free )



error ping

2009-02-06 Thread sonjaya
Dear all

i have problem  when ping between server openbsd

below my diagram

internet1openbsd01|---lan1
   |switch|
internet2openbsd02|--lan02

have been 1 month like this , pf using only for nat and transparent proxy .

bellow result ping  ...


# ping 192.168.2.2
PING 192.168.2.2 (192.168.2.2): 56 data bytes
64 bytes from 192.168.2.2: icmp_seq=5 ttl=255 time=0.308 ms
64 bytes from 192.168.2.2: icmp_seq=11 ttl=255 time=0.189 ms
64 bytes from 192.168.2.2: icmp_seq=12 ttl=255 time=0.219 ms
64 bytes from 192.168.2.2: icmp_seq=21 ttl=255 time=0.191 ms
64 bytes from 192.168.2.2: icmp_seq=28 ttl=255 time=0.193 ms
64 bytes from 192.168.2.2: icmp_seq=29 ttl=255 time=0.191 ms
64 bytes from 192.168.2.2: icmp_seq=32 ttl=255 time=0.185 ms
64 bytes from 192.168.2.2: icmp_seq=34 ttl=255 time=0.185 ms
wrong data byte #19 should be 0xb but was 0xa
49 8b f4 7a 0 c aa 42 8 9 a a c d e f 10 11 12 13 14 15 16 17
18 19 1a 1b 1c 1d 1e 1f
20 21 22 23 24 25 26 27 28 29 2a 2b 2c 2d 2e 2f
64 bytes from 192.168.2.2: icmp_seq=37 ttl=255 time=0.188 ms
64 bytes from 192.168.2.2: icmp_seq=45 ttl=255 time=0.189 ms
64 bytes from 192.168.2.2: icmp_seq=48 ttl=255 time=0.202 ms
64 bytes from 192.168.2.2: icmp_seq=49 ttl=255 time=0.216 ms


-- 
sonjaya
http://sicute.blogspot.com
http://www.pojokdomain.com(sell  buy domain with free )



Generate CA Certificates key

2009-02-02 Thread sonjaya
dear all

how to generating certificates keys and CA in openbsd ?
i will use certificates and keys for server also for the client .
last time follow openvpn script not working.

-- 
sonjaya
http://idsale.blogspot.com
http://videopingpong.blogspot.com



E220 as 3G Internet Access

2009-01-08 Thread sonjaya
Dear all

i have E220 from Huawei for mobile internet connection . Now i want
using E220 as internet sharing from my obsd 4.4 box.
i have found good link  obsd 4.4 and E220  http://www.jensolsson.se/?p=123
when i try connect get error like this bellow :

Jan  9 13:54:15 bsd pppd[28000]: pppd 2.3.5 started by root, uid 0
Jan  9 13:54:20 bsd pppd[28000]: Connect: ppp0 -- /dev/ttyU0
Jan  9 13:54:23 bsd pppd[28000]: Could not determine remote IP address
Jan  9 13:54:23 bsd pppd[28000]: Connection terminated.
Jan  9 13:54:25 bsd pppd: Exit.

here my ppp conf :

# cat /etc/ppp/qiandra
/dev/ttyU0
crtscts
defaultroute
noauth
connect '/usr/sbin/chat -v -f /etc/ppp/qiandra.chat'
#
chat
# cat /etc/ppp/qiandra.chat
ABORT NO CARRIER
ABORT NO DIALTONE
ABORT ERROR
ABORT NO ANSWER
ABORT BUSY
ABORT Username/Password Incorrect
TIMEOUT 15
 ATZ
OK ATE1
OK ATQ0V1E1S0=0C1D2+FCLASS=0
OK 'AT+CGDCONT=1,IP,apnisp'
OK ATDT*99***1#
TIMEOUT 30
CONNECT \d\c
#
options

# cat /etc/ppp/options
modem
defaultroute
netmask 255.255.255.0
ipcp-accept-local
ipcp-accept-remote
noipdefault
lock
auth
usehostname
#
basic my isp using dhcp for ip address and  i must set static dns for tunning.

so how to solved my problem with E220 and OBSD 4.4 do i missing something ?



-- 
sonjaya
http://idsale.blogspot.com
http://videopingpong.blogspot.com -- learning trik play table tenis form expert



Re: voip card

2008-12-02 Thread sonjaya
have you try in openbsd 4.3 or 4.4   ?
I try make one small box for voip service with openbsd  4.3/4.4

thank's

On Tue, Dec 2, 2008 at 2:04 PM, Zafer Da:tan [EMAIL PROTECTED] wrote:
 Stuart Henderson yazm}~:
 On 2008-12-01, sonjaya [EMAIL PROTECTED] wrote:

 Dear all

 do you have anyone here using voip card ( digium , sangoma etc ) in
 openbsd , i will be thank's if someone share 



 no, but there are PSTN/SIP gateways which cost about the same as the
 cards (e.g. patton)


 I used Sangoma FXS/FXO+asterisk cards in 3.8 in experimental network and
 it worked well.  if zaptel is ported properly, I think there will be no
 problem. (one point voip cards are no longer supported for OpenBSD)

 --

 Zafer Da~tan

 *Z-Sistem*
 *]nternet Serv. Bili~im Tekno. Veri G|v. San Tic. Ltd. ^ti.*
 Adres : Beyler Cad. Dost Kent Yan} No:4 Gayyolu / ANKARA TR 06530
 Tel : +90 (0) 312 238 24 15
 Faks  : +90 (0) 312 238 24 18
 GSM  : +90 (0) 532 548 28 30
 http://www.z-sistem.com http://www.z-sistem.com/
 http://www.i-bekci.com http://www.i-bekci.com/





-- 
sonjaya
http://idsale.blogspot.com



openvpn error PKI on obsd 4.4

2008-11-12 Thread sonjaya
.

# This is OK for an SSL server.
# nsCertType= server

# For an object signing certificate this would be used.
# nsCertType = objsign

# For normal client use this is typical
# nsCertType = client, email

# and for everything including object signing:
# nsCertType = client, email, objsign

# This is typical in keyUsage for a client certificate.
# keyUsage = nonRepudiation, digitalSignature, keyEncipherment

# This will be displayed in Netscape's comment listbox.
nsComment   = Easy-RSA Generated Certificate

# PKIX recommendations harmless if included in all certificates.
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
extendedKeyUsage=clientAuth
keyUsage = digitalSignature

# This stuff is for subjectAltName and issuerAltname.
# Import the email address.
# subjectAltName=email:copy
# Copy subject details
# issuerAltName=issuer:copy

#nsCaRevocationUrl  = http://www.domain.dom/ca-crl.pem
#nsBaseUrl
#nsRevocationUrl
#nsRenewalUrl
#nsCaPolicyUrl
#nsSslServerName

[ server ]

# JY ADDED -- Make a cert with nsCertType set to server
basicConstraints=CA:FALSE
nsCertType  = server
nsComment   = Easy-RSA Generated Server Certificate
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid,issuer:always
extendedKeyUsage=serverAuth
keyUsage = digitalSignature, keyEncipherment

[ v3_req ]

# Extensions to add to a certificate request

basicConstraints = CA:FALSE
keyUsage = nonRepudiation, digitalSignature, keyEncipherment

[ v3_ca ]


# Extensions for a typical CA


# PKIX recommendation.
subjectKeyIdentifier=hash

authorityKeyIdentifier=keyid:always,issuer:always

# This is what PKIX recommends but some broken software chokes on critical
# extensions.
#basicConstraints = critical,CA:true
# So we do this instead.
basicConstraints = CA:true

# Key usage: this is typical for a CA certificate. However since it will
# prevent it being used as an test self-signed certificate it is best
# left out by default.
# keyUsage = cRLSign, keyCertSign

# Some might want this also
# nsCertType = sslCA, emailCA
# Include email address in subject alt name: another PKIX recommendation
# subjectAltName=email:copy
# Copy issuer details
# issuerAltName=issuer:copy

# DER hex encoding of an extension: beware experts only!
# obj=DER:02:03
# Where 'obj' is a standard or added object
# You can even override a supported extension:
# basicConstraints= critical, DER:30:03:01:01:FF

[ crl_ext ]

# CRL extensions.
# Only issuerAltName and authorityKeyIdentifier make any sense in a CRL.

# issuerAltName=issuer:copy
authorityKeyIdentifier=keyid:always,issuer:always
[ engine_section ]
#
# If you are using PKCS#11
# Install engine_pkcs11 of opensc (www.opensc.org)
# And uncomment the following
# verify that dynamic_path points to the correct location
#
#pkcs11 = pkcs11_section

[ pkcs11_section ]
engine_id = pkcs11
dynamic_path = /usr/lib/engines/engine_pkcs11.so
MODULE_PATH = $ENV::PKCS11_MODULE_PATH
PIN = $ENV::PKCS11_PIN
init = 0

so what should  i do  :)

any way any link to make PKI  for openvpn with working openssl.cnf for
openbsd  as gateway vpn.

thank's so sory  for basic question
-- 
sonjaya
http://idsale.blogspot.com
http://www.pojokdomain.com(sell  buy domain with free )



Re: Record for total number of rigs running OpenBSD

2008-10-19 Thread sonjaya
On Fri, Oct 17, 2008 at 11:42 PM, Vivek Ayer [EMAIL PROTECTED] wrote:
 Hi guys,

 Just wanted to let you folks know that my lab, due to my insistence,
 is now running OpenBSD on 5 rigs:

 2 CARP/pfsync firewalls
 1 DNS Server
 2 CARP/pfsync/load-sharing web servers (sparc64)

 I'm sure there's people out there that have more rigs running it. I'd
 just like to know. If things go smoothly with these, I'll definitely
 pitch in money for the 4.5 release (put 4.3 to the test first).

 Cheers from Berkeley, the birthplace of BSD,
 Vivek


hii ..

1 dns server on compaq desktop pro
2 gateway on compaq desktop pro
2 proxy  on compaq deskto pro
1 vpn gateway on compaq desktop pro
1 web server + proxy + database ( radius  mysql ) on mac  mini intel .



-- 
sonjaya
http://idsale.blogspot.com
http://www.pojokdomain.com(sell  buy domain with free )



obsd 4.3 for phpmotion

2008-09-15 Thread sonjaya
Dear all

who have successfully running phpmotion in obsd 4.3 machine , can i
get share story , i try always error  extension_dir does not exists
/var/www/lib/php/module

also phpmotion need
PHP 4.3 and above (including support of CLI)
  - MySQL database server
  - LAME MP3 Encoder
  - Libogg + Libvorbis
  - Mencoder and also Mplayer
  - FFMpeg-PHP
  - GD Library 2 or higher
  - CGI-BIN
  - Be able to run background processes

where i get memcoder
sonjaya
http://idsale.blogspot.com
http://www.pojokdomain.com(sell  buy domain with free )



Re: halt -p not working in mac mini

2008-09-10 Thread sonjaya
halt with option -ph is unknow option  , and shutdown -hp now still
not working always restart


On Tue, Sep 9, 2008 at 2:07 PM, ropers [EMAIL PROTECTED] wrote:
 2008/9/9 Lars Noodin [EMAIL PROTECTED]:
 sonjaya wrote:
 I have been susccess full install openbsd 4.3 at mac mini ( intel
 base), but i have problem when halt -p , the mac mini don't halt  and
 power off  only restart bellow dmesg from mac mini :

 Have you tried halt -ph ?

 -Lars

 That reminds me:
 Personally, I always derive enjoyment from typing shutdown -hp now.
 I'm easily amused.

 --ropers




--
sonjaya
http://sicute.blogspot.com
http://www.pojokdomain.com(sell  buy domain with free )



halt -p not working in mac mini

2008-09-08 Thread sonjaya
 codes
wskbd0 at ukbd0: console keyboard, using wsdisplay0
uhidev1 at uhub4 port 1 configuration 1 interface 1 Apple Computer
ADB device rev 2.00/19.65 addr 2
uhidev1: iclass 3/1
ums0 at uhidev1: 5 buttons
wsmouse0 at ums0 mux 0
uhidev2 at uhub3 port 1 configuration 1 interface 0 KYE Optical
Mouse rev 1.10/2.00 addr 2
uhidev2: iclass 3/1
ums1 at uhidev2: 3 buttons and Z dir.
wsmouse1 at ums1 mux 0
uhidev3 at uhub4 port 2 configuration 1 interface 0 Apple Computer,
Inc. IR Receiver rev 2.00/1.10 addr 3
uhidev3: iclass 3/0, 38 report ids
uhid0 at uhidev3 reportid 36: input=4, output=0, feature=0
uhid1 at uhidev3 reportid 37: input=4, output=0, feature=0
uhid2 at uhidev3 reportid 38: input=4, output=0, feature=0
uhidev4 at uhub3 port 2 configuration 1 interface 0 LITEON Technology
USB Keyboard rev 1.10/1.09 addr 3
uhidev4: iclass 3/1
ukbd1 at uhidev4: 8 modifier keys, 6 key codes
wskbd1 at ukbd1 mux 1
wskbd1: connecting to wsdisplay0
uhidev5 at uhub3 port 2 configuration 1 interface 1 LITEON Technology
USB Keyboard rev 1.10/1.09 addr 3
uhidev5: iclass 3/0, 2 report ids
uhid3 at uhidev5 reportid 1: input=1, output=0, feature=0
uhid4 at uhidev5 reportid 2: input=3, output=0, feature=0
softraid0 at root
root on wd0a swap on wd0b dump on wd0b
#


Best regards
sonjaya
http://idsale.blogspot.com
http://www.pojokdomain.com(sell  buy domain with free )



apc Back-UPS ES 525

2008-07-16 Thread sonjaya
Dear all,

i have small ups seri APC / Back-UPS ES 525 , how to joint and control
with openbsd , i try using apc-upsd when test  not working.
then i try nut but unknown driver.
if any sucsess story can share to me  :)


-- 
sonjaya
http://sicute.blogspot.com



acer aspire m1610

2008-07-14 Thread sonjaya
Dear all,

I have acer aspire M1610 and M1641 and try install openbsd 4.3  the result is :

- acer aspire M1610 can't detect the onboard landcard
- acer aspire M1641 is totaly blank after detect nvidia chipset .

and my question how to make it work acer Aspire M1610 ( working with
onboard lan card )  and for Acer Aspire  M1641 can use for Openbsd .


Thank's

-- 
sonjaya
http://sicute.blogspot.com



Re: openbsd with cf

2008-06-30 Thread sonjaya
wow great is working not show up the message ,

i found in manual link :

WD(4) OpenBSD Programmer's ManualWD(4)

NAME
 wd - WD100x compatible hard disk driver

SYNOPSIS
 wd* at wdc? flags 0x
 wd* at pciide? flags 0x

DESCRIPTION
 The wd driver supports hard disks which emulate the Western Digital
 WD100x.  This includes standard MFM, RLL, ESDI, IDE, and EIDE drives, as
 well as Serial ATA drives, and PCMCIA/CF storage media.

 The flags are used only with controllers that support DMA operations and
 mode settings (like some pciide(4) controllers).  The lowest order
 (rightmost) nibble of the flags define the PIO mode to use.  The next
 four bits indicate the DMA mode and the third nibble the UltraDMA mode.

 For each set of four bits, the 3 lower bits define the mode to use and
 the last bit must be set to 1 for this setting to be used.  For DMA and
 UltraDMA, 0xf () means ``disable''.  For example, a flags value of
 0x0fac ( 1010 1100) means ``use PIO mode 4, DMA mode 2, disable
 UltraDMA''.  The special setting 0x means ``use whatever the drive
 claims to support''.

But  PIO mode is more slowest than udma , how to chek perfomance  the
cf card in linux using hdparm how about in openbsd ( test  cf card ) .


On Mon, Jun 30, 2008 at 2:46 PM, Stuart Henderson [EMAIL PROTECTED] wrote:
 On 2008-06-30, sonjaya [EMAIL PROTECTED] wrote:
 I have  CF ( compact Flash ) Vgen 1G , and converter ide to cf . I try
 install openbsd 4.3 in cf and succesfully and try first boot i get
 error message like this bellow:
 how to solved  this ?

 Your CF card supports DMA transfers, but the adapter doesn't
 have the correct lines wired up.

 http://marc.info/?l=soekris-techm=117879934817861w=2

 pciide0:0:0: bus-master DMA error: missing interrupt, status=0x21
 wd0: transfer error, downgrading to PIO mode 4
 wd0(pciide0:0:0): using PIO mode 4
 wd0c: device timeout reading fsbn 0 (wd0 bn 0; cn 0 tn 0 sn 0), retrying
 wd0: soft error (corrected)
 root on wd0a swap on wd0b dump on wd0b

 Ah good, at least your card implements the RESET command so
 the automatic downgrade to PIO works.





-- 
sonjaya
http://sicute.blogspot.com



openbsd with cf

2008-06-29 Thread sonjaya
 1
wskbd1: connecting to wsdisplay0
uhidev1 at uhub0 port 2 configuration 1 interface 1 LITEON Technology
USB Keyboard rev 1.10/1.09 addr 2
uhidev1: iclass 3/0, 2 report ids
uhid0 at uhidev1 reportid 1: input=1, output=0, feature=0
uhid1 at uhidev1 reportid 2: input=3, output=0, feature=0
softraid0 at root
wd0(pciide0:0:0): timeout
type: ata
c_bcount: 512
c_skip: 0
pciide0:0:0: bus-master DMA error: missing interrupt, status=0x21
wd0c: device timeout reading fsbn 0 (wd0 bn 0; cn 0 tn 0 sn 0), retrying
wd0(pciide0:0:0): timeout
type: ata
c_bcount: 512
c_skip: 0
pciide0:0:0: bus-master DMA error: missing interrupt, status=0x21
wd0: transfer error, downgrading to PIO mode 4
wd0(pciide0:0:0): using PIO mode 4
wd0c: device timeout reading fsbn 0 (wd0 bn 0; cn 0 tn 0 sn 0), retrying
wd0: soft error (corrected)
root on wd0a swap on wd0b dump on wd0b


-- 
sonjaya
http://sicute.blogspot.com



3g Modem

2008-06-29 Thread sonjaya
Dear all

I'm looking modem 3G  ( hsdpa,usb ) compatible for openbsd 4.3 ?

thank's

-- 
sonjaya
http://sicute.blogspot.com



Re: replacement pix firewall with pf

2008-05-12 Thread sonjaya
i want make NAT from ip public   to server inside ( with non Ip public
)/dmz  without make ip alias.
replacement PIX Fw cisco with PF in openbsd the main point .



On Mon, May 12, 2008 at 12:35 PM, Almir Karic [EMAIL PROTECTED] wrote:
 On Mon, May 12, 2008 at 6:40 AM, sonjaya [EMAIL PROTECTED] wrote:
 so i have some question :
 - In PIX FW cisco i just make translate ipublic to  ip dmz , so how do
 it in pf without ip alias in wan interface?


 AFAIK you can't. why would you want to do that?

 --
 For far too long, power has been concentrated in the hands of root
 and his wheel oligarchy. We have instituted a dictatorship of the
 users. All system administration functions will be handled by the
 People's Committee for Democratically Organizing the System (PC-DOS).




-- 
sonjaya
http://sicute.blogspot.com



Re: replacement pix firewall with pf

2008-05-11 Thread sonjaya
i try using binat :

###   interface  ##
## wan interface ( ip public-01 )##
ext_if=fxp0

 LAN Interface ( 192.168.0.0/24) 
prv_if=fxp1

 DMZ Interface ( 192.168.2.0/24) 
dmz_if=xl0

 ip public   LAN ##
ext_ad01=ipublic-01
ext_ad02=ipublic-02
prv_ad=192.168.1.0/24
dmz_ad=192.168.2.0/24


# DMZ server ip 
dmz_www_ad =192.168.0.2/32
dmz_mail_ad =192.168.0.3/32
#
# NAT section 
nat log on $ext_if  from $prv_ad  to any  - $ext_if
nat log on $ext_if  from $dmz_ad  to any  - $ext_if

binat on $ext_if from $dmz_www_ad to any - $ext_ad01
binat on $ext_if from $dmz_mail_ad to any - $ext_ad02

---cut--

I made some test :

1. NAT from ipublic01 to 192.168.0.2/32 succsess .
2. NAT from ipublic02 to 192.168.0.3/32 not succses event no respond ?

so i made change make ip alias( ipublic02) in interface fxp0  and
made tes againt  :

1. NAT from ipublic01 to 192.168.0.2/32 succsess .
2. NAT from ipublic02 to 192.168.0.3/32 succsess.

so i have some question :
- In PIX FW cisco i just make translate ipublic to  ip dmz , so how do
it in pf without ip alias in wan interface?

thank's ...


On Fri, May 9, 2008 at 5:27 PM, Mikel Lindsaar [EMAIL PROTECTED] wrote:
 On Fri, May 9, 2008 at 6:46 PM, sonjaya [EMAIL PROTECTED] wrote:
 i have old pix firewall ( End Of Lifetime ) and now i want replacement
 with openbsd .
 bellow my network layout :
 |---lan[192.168.1.0/24]
 internetpix-fw
 |-DMZ[192.168.0.0/24]

 Bassicly nat from interface ip public  to server (dmz zone)

 what should i use nat,binat or rdr .
 i have 5 ip public for 5 server with 1 obsd server. any exsample and
 good start point .

 The FAQ?

 http://www.openbsd.org/faq/pf/index.html

 Mikel




-- 
sonjaya
http://sicute.blogspot.com



replacement pix firewall with pf

2008-05-09 Thread sonjaya
Dear all

i have old pix firewall ( End Of Lifetime ) and now i want replacement
with openbsd .
bellow my network layout :
 |---lan[192.168.1.0/24]
internetpix-fw
 |-DMZ[192.168.0.0/24]

Bassicly nat from interface ip public  to server (dmz zone)

what should i use nat,binat or rdr .
i have 5 ip public for 5 server with 1 obsd server. any exsample and
good start point .
thq



Re: Just for info and for dreaming :-) Vaio UX and OpenBSD

2008-05-06 Thread sonjaya
How about Thomas donate for Obsd so the dream will be come true  :)

On Tue, May 6, 2008 at 3:15 PM, Tomas Bodzar [EMAIL PROTECTED] wrote:
 Hi,

  Someone tried OpenBSD on this beast?

  http://www.sonystyle.com/webapp/wcs/stores/servlet/CategoryDisplay?catalogId=
  10551storeId=10151langId=-1categoryId=577parentCategoryId=16154


  I think,that it will be real killer-terminal-pocketPC with Puffy :-)

  PS: Some pages from Google search looks like nobody tried it.Maybe it's
  problem of price as for me :-)





-- 
sonjaya
http://sicute.blogspot.com



cacti on obsd 4.2

2008-04-14 Thread sonjaya
Dear all

 I try install cacti 0.8.7b in my obsd 4.2 , i using rrdtool 1.0.49
and get error in cacti like this bellow:
RRDTool Version 
ERROR: Installed RRDTool version does not match configured version.
Please visit the Configuration Settings and select the correct RRDTool
Utility Version.

then i try update with cvsup to rrdtool 2.0 with port , bellow my
cvsup-config  :
 # cat /root/cvsup-port
# Defaults that apply to all the collections
*default release=cvs
*default delete use-rel-suffix
*default umask=002
*default host=anoncvs1.usa.openbsd.org
*default base=/usr
*default prefix=/usr
*default tag=OPENBSD_4_2

# If your network link is a T1 or faster, comment out the following line.
# *default compress

OpenBSD-ports
#OpenBSD-all
#OpenBSD-src
#OpenBSD-www
#OpenBSD-x11
#OpenBSD-xenocara
#

after finish update the port i chek is still using rrdtool 1.0.49
then i chek in  openports.se already using rrdtool 2.0 .

my question how to update rrdtool to 2.0 ?

thank's
-- 
sonjaya
http://sicute.blogspot.com



OOT: Read hardisk Mac OS on Openbsd

2008-04-09 Thread sonjaya
Dear all

How to make Openbsd 4.2 can read hardisk contain Mac OS-X, i need to
read data in Harddisk which installed Mac OS-X

Thank's for the sharing ..
-- 
sonjaya
http://sicute.blogspot.com



openbsd ( ipsec ) with clinet nokia IP40

2008-04-02 Thread sonjaya
Dear all

Anyone here sucsess implemention ipsec in obsd 4.2 with nokia ip40 (
appliacne vpn client).
Now i have obsd 4.2 and ipsec and try with  obsd 4.2 as client working
fine , but with nokia ip40 isn't
beloow simple ipsec.conf  in my obsd  4.2

a_lan=192.168.1.0/24
b_lan=192.168.2.0/24
vpn_gw=202.93.222.32
ike esp from $b_lan to $a_lan peer $vpn_gw psk mypassword
ike esp from egress to $a_lan peer $vpn_gw psk mypassword
ike esp from egress to $vpn_gw


-- 
sonjaya
http://sicute.blogspot.com



Re: openbsd ( ipsec ) with clinet nokia IP40

2008-04-02 Thread sonjaya
=   LIFE_QUICK_MODE

 [QM-ESP-AES-128-SHA-PFS-XF]
 TRANSFORM_ID=   AES
 ENCAPSULATION_MODE= TUNNEL
 AUTHENTICATION_ALGORITHM=   HMAC_SHA
 GROUP_DESCRIPTION=  MODP_1024
 KEY_LENGTH= 128
 Life=   LIFE_QUICK_MODE

 [QM-ESP-AES-128-SHA-TRP-XF]
 TRANSFORM_ID=   AES
 ENCAPSULATION_MODE= TRANSPORT
 AUTHENTICATION_ALGORITHM=   HMAC_SHA
 KEY_LENGTH= 128
 Life=   LIFE_QUICK_MODE

 # AES-192

 [QM-ESP-AES-192-SHA-XF]
 TRANSFORM_ID=   AES
 ENCAPSULATION_MODE= TUNNEL
 AUTHENTICATION_ALGORITHM=   HMAC_SHA
 KEY_LENGTH= 192
 Life=   LIFE_QUICK_MODE

 [QM-ESP-AES-192-SHA-PFS-XF]
 TRANSFORM_ID=   AES
 ENCAPSULATION_MODE= TUNNEL
 AUTHENTICATION_ALGORITHM=   HMAC_SHA
 GROUP_DESCRIPTION=  MODP_1024
 KEY_LENGTH= 192
 Life=   LIFE_QUICK_MODE

 [QM-ESP-AES-192-SHA-TRP-XF]
 TRANSFORM_ID=   AES
 ENCAPSULATION_MODE= TRANSPORT
 AUTHENTICATION_ALGORITHM=   HMAC_SHA
 KEY_LENGTH= 192
 Life=   LIFE_QUICK_MODE

 # AES-256

 [QM-ESP-AES-256-SHA-XF]
 TRANSFORM_ID=   AES
 ENCAPSULATION_MODE= TUNNEL
 AUTHENTICATION_ALGORITHM=   HMAC_SHA
 KEY_LENGTH= 256
 Life=   LIFE_QUICK_MODE

 [QM-ESP-AES-256-SHA-PFS-XF]
 TRANSFORM_ID=   AES
 ENCAPSULATION_MODE= TUNNEL
 AUTHENTICATION_ALGORITHM=   HMAC_SHA
 GROUP_DESCRIPTION=  MODP_1024
 KEY_LENGTH= 256
 Life=   LIFE_QUICK_MODE

 [QM-ESP-AES-256-SHA-TRP-XF]
 TRANSFORM_ID=   AES
 ENCAPSULATION_MODE= TRANSPORT
 AUTHENTICATION_ALGORITHM=   HMAC_SHA
 KEY_LENGTH= 256
 Life=   LIFE_QUICK_MODE

 # AH

 [QM-AH-MD5-XF]
 TRANSFORM_ID=   MD5
 ENCAPSULATION_MODE= TUNNEL
 AUTHENTICATION_ALGORITHM=   HMAC_MD5
 Life=   LIFE_QUICK_MODE

 [QM-AH-MD5-PFS-XF]
 TRANSFORM_ID=   MD5
 ENCAPSULATION_MODE= TUNNEL
 GROUP_DESCRIPTION=  MODP_1024
 Life=   LIFE_QUICK_MODE

 [Sample-Life-Time]
 LIFE_TYPE=  SECONDS
 LIFE_DURATION=  3600,1800:7200

 [Sample-Life-Volume]
 LIFE_TYPE=  KILOBYTES
 LIFE_DURATION=  1000,768:1536ISAKMP-peer-west]





On Wed, Apr 2, 2008 at 1:31 PM, sonjaya [EMAIL PROTECTED] wrote:
 Dear all

  Anyone here sucsess implemention ipsec in obsd 4.2 with nokia ip40 (
  appliacne vpn client).
  Now i have obsd 4.2 and ipsec and try with  obsd 4.2 as client working
  fine , but with nokia ip40 isn't
  beloow simple ipsec.conf  in my obsd  4.2

  a_lan=192.168.1.0/24
  b_lan=192.168.2.0/24
  vpn_gw=202.93.222.32
  ike esp from $b_lan to $a_lan peer $vpn_gw psk mypassword
  ike esp from egress to $a_lan peer $vpn_gw psk mypassword
  ike esp from egress to $vpn_gw


  --
  sonjaya
  http://sicute.blogspot.com




-- 
sonjaya
http://sicute.blogspot.com



DNSRBl

2008-03-30 Thread sonjaya
Dear all

haloo everyone, how to make my openbsd machine working like opendns or
rbldns ...


-- 
sonjaya
http://sicute.blogspot.com



minimac on openbsd

2008-03-23 Thread sonjaya
Dear all
anyone have implementation openbsd 4.2 in minimac ( intel proc ), i
have plant to install as internet server ( web, mail, simple firewall
n database), because problem in electricity in my place to need
install server with low power.
Also default minimac is only 1 ethernet  how to add another ethernet
can support in minimac and openbsd.


-- 
sonjaya
http://sicute.blogspot.com



Re: minimac on openbsd

2008-03-23 Thread sonjaya
any other device sugesstion?


On Sun, Mar 23, 2008 at 8:34 PM, Jussi Peltola [EMAIL PROTECTED] wrote:
 On Sun, Mar 23, 2008 at 08:15:34PM +0700, sonjaya wrote:
   Also default minimac is only 1 ethernet  how to add another ethernet
   can support in minimac and openbsd.

  USB? Slow, but works pretty well if there's a driver (see the lists on
  the man pages).





-- 
sonjaya
http://sicute.blogspot.com



ifstated

2008-03-03 Thread sonjaya sonjaya
Dear all

i have been implentated equal-cost multipath routing , i see the
manual more efficient combine with ifstated.
i read manual , ifstated  sample is using crap .
my question is do i must implentation carp too if want using ifstated
to chek link ?
also anybody have a sample ifstated for equal-cost multipath routing ?

thq a lot



pararels server

2008-02-09 Thread sonjaya
Dear all

anyone here suscess implemention openvz or any can pararels kernel ...
in Openbsd
Because i see almost pararels server only working in linux family not BSD.


-- 
sonjaya
http://sicute.blogspot.com



Re: ucasterisk in openbsd

2007-12-18 Thread sonjaya
i mean porting to packages of openbsd . :)

On Dec 18, 2007 5:22 PM, Stuart Henderson [EMAIL PROTECTED] wrote:
 On 2007/12/18 09:19, sonjaya wrote:
  Any  possible to join ucasterisk in openbsd system .

 What do you mean by join?

 I haven't heard of it before but google tells me that uCasterisk
 (you-see-Asterisk) is a set of scripts, makefiles and patches to build
 Asterisk for uClinux.





-- 
sonjaya
http://sicute.blogspot.com



smokeping in obsd 4.2

2007-12-18 Thread sonjaya
Dear all
i have ready installed  packages smokeping from packages bellow my steep :
# pkg_add smokeping-2.1.1p1.tgz
smokeping-2.1.1p1: complete
--- smokeping-2.1.1p1 ---
To have smokeping start at boot time, you have to adapt
/etc/smokeping/config and insert the following into /etc/rc.local.

if [ -x /usr/local/bin/smokeping ]; then
install -d -o _smokeping /var/run/smokeping
echo -n ' smokeping';   /usr/local/bin/smokeping
fi
#

then i edit the smokeping config
# cat /etc/smokeping/config | more
# Note that all IP addresses in this file are false, to prevent some
# machine falling under a deadly DOS storm because all users keep
# the same addresses in their config.

*** General ***

owner= me and may domain
contact  = [EMAIL PROTECTED]
mailhost = 192.168.1.2
sendmail = /usr/sbin/sendmail
imgcache = /var/www/htdocs/noc/smokeping/img/
imgurl   = /smokeping/img/
pagedir  = /var/www/htdocs/noc/smokeping/
datadir  = /var/db/smokeping
piddir  = /var/run/smokeping
cgiurl   = http://192.168.1.1/smokeping/smokeping.cgi
smokemail = /etc/smokeping/smokemail
tmail = /etc/smokeping/tmail
# specify this to get syslog logging
syslogfacility = local0
# each probe is now run in its own process
# disable this to revert to the old behaviour
# concurrentprobes = no

*** Alerts ***
to = [EMAIL PROTECTED]
from = [EMAIL PROTECTED]

+bigloss
type = loss
# in percent
pattern = ==0%,==0%,==0%,==0%,0%,0%,0%
comment = suddenly there is packet loss
-
Then running the smokeping and get email confirmation about smokeping .
But where i must  access and see the image.

i sett some folder create by smokeping
/var/db/smokeping -- result of rrdtools in config smoke ping
/var/www/smokeping/cgi-bin/smokeping.cgi

i see in smokeping.cgi :
use lib qw(/usr/pack/rrdtool-1.0.33-to/lib/perl);
and
use lib qw(/home/oetiker/public_html/smokeping/lib);
and
Smokeping::cgi(/home/oetiker/.smokeping/config);
where i can find all taht file , when i try access direct  page not
found  ( http://localhost/cgi-bin/smokeping.cgi or
http://localhost/smokeping/cgi-bin/smokeping.cgi

thq
-- 
sonjaya
http://sicute.blogspot.com



Re: ucasterisk in openbsd

2007-12-18 Thread sonjaya
i interest obsd for embeded device plus voip(ucasterisk) machine, i
see ucastersick have been support fro small device .  :)

On Dec 18, 2007 7:07 PM, Stuart Henderson [EMAIL PROTECTED] wrote:
 On 2007/12/18 17:59, sonjaya wrote:
  i mean porting to packages of openbsd . :)

 Why would we want a package for a uClinux port of asterisk 1.2?





-- 
sonjaya
http://sicute.blogspot.com



ucasterisk in openbsd

2007-12-17 Thread sonjaya
Dear all

Any  possible to join ucasterisk in openbsd system .


-- 
sonjaya
http://sicute.blogspot.com



route to vpn network by vpn link

2007-12-12 Thread sonjaya
Dear all

I have 3 subnetwork in my lan ( 192.168.1.0/24 ( net_a),
192.168.2.0/24(net_b), 172.16.0.0/16(net_c)).
I made vpn tunelin from net_a to net_b also to net_c.

net_b--(vpn-client_b_to_a)--internet
---((vpn_gw_a)net_a)---lan--(vpn_client_a_to_c)---internet--((net_c)vpn_gw_c)

Bellow network skema:

- vpn_client_b_to_a :
ip: 192.168.2.1
ipsec.conf :
a_lan=192.168.1.0./24
b_lan=192.168.2.0./24
vpn_gw=my ip pubcli vpn_gw
ike esp from $b_lan to $a_lan peer $vpn_gw pask mypassword
ike esp from egress to $a_lan peer $vpn_gw pask mypassword
ike esp from egress to $vpn_gw
static routing :
route add 192.168.1.0/24 192.168.2.1
---

- vpn_gw_a :
ip: 192.168.1.5
ipsec.conf :
a_lan=192.168.1.0./24
b_lan=192.168.2.0./24
vpn_gw=my ip pubcli vpn_gw
ike esp from $a_lan to any srcid  $vpn_gw pask mypassword

static routing :
route add 172.16.0.0/16 192.168.1.3
---

- vpn_client_a_to_c :
ip: 192.168.1.3
Nokia-ip60 (setup vendor )
static routing :
route add 192.168.2.0/24 192.168.1.5
---
==
I can akses comp in net_a from net_b ( ping running application etc)
I can remote comp in net_b from net_a ( ping , remote , print (
jetdirect ), etc )
I can remote desktop citrix in net_a to net_c
===
Then i want net_b can acces remote citrix in net_c , so i made static routing :
--- 192.168.1.3 ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 3.759/3.906/4.054/0.160 ms

#route add 172.16.0.0/16 192.168.1.3
#error network can be reached

so how i cant made net_c access able from net_b ?

for detail my network please see in
http://sonjaya.web.id/boboko/vpnsitensite.pdf



-- 
sonjaya
http://sicute.blogspot.com



obsd for storage hosting

2007-10-19 Thread sonjaya
dear all

 i try setup my obsd 4.1 to storage hosting i need advice :
- how to limit user to use server  enveroment
- how to quota , they any quota system web base .
- any thing else  ?

thq


sonjaya
http://sicute.blogspot.com



looking some package

2007-10-09 Thread sonjaya
Dear all
 i looking this package :
- clamav-0.9.1.1.tgz
- smtp-gated-1.4.15.1.tgz
- dansguardians-2.9.8.5.clamd.tgz
-imspector-0.3.tgz
-pmacct-0.11.4.tgz

This package need for comixwall , i try  using comix in i386 because
the source is amd64

-- 
sonjaya
http://sicute.blogspot.com



help ipsec

2007-09-11 Thread sonjaya
Dear all

 i try follow the tutorial
http://www.openbsd.org/papers/asiabsdcon07-ipsec/mgp00065.html but
still no working .
i need sample ipsec.conf  for vpn gw   client with client dynamic ip
such as adsl connection
site to site

192.168.0.0/24-vpn(gw)---internet---obsd(dynamic-ip)192.168.3.0/24


sonjaya
http://sicute.blogspot.com



ipsec.conf error

2007-07-31 Thread sonjaya
hi all

i try follow this tutorial :
http://openbsd.org/papers/asiabsdcon07-ipsec/mgp00065.html

what i want ask :
1. what mean egress  ?
2. why user [EMAIL PROTECTED] ( this user or name host) ?
3.  when i try  parse in laptop get error ( config error), where is wrong ?
4.  here my net plan

(b_lan)---vpn-client--adsl---internet--vpn-gw---(a_lan)


--snip --
my laptop
# cat /etc/ipsec.conf
vpn_gw=ip-public-vpn-gw
a_lan=192.168.0.0/24
b_lan=192.168.2.0/24

ike esp from egress to $a_lan peer $vpn_gw \
srcid [EMAIL PROTECTED] dstid  $vpn_gw

my vpn -gw

# cat /etc/ipsec.conf
gw_vpn=my-ip-public-vpn-gw
a_lan=192.168.0.0/24
b_lan=192.168.2.0/24

ike dynamic esp from $a_lan to any srcid $gw_vpn

here log mesage
Jul 31 14:53:49 secure isakmpd[28167]: udp_create: no address
configured for peer-default
Jul 31 14:53:49 secure isakmpd[28167]: exchange_establish: transport
udp for peer peer-default could not be created



-- 
sonjaya
http://sicute.blogspot.com



Re: ipsec.conf error

2007-07-31 Thread sonjaya
ok i change , how about laptop script still error when parse..


On 7/31/07, Stuart Henderson [EMAIL PROTECTED] wrote:
 On 2007/07/31 14:55, sonjaya wrote:
  hi all
 
  i try follow this tutorial :
  http://openbsd.org/papers/asiabsdcon07-ipsec/mgp00065.html
 
  what i want ask :
  1. what mean egress  ?
  2. why user [EMAIL PROTECTED] ( this user or name host) ?
  3.  when i try  parse in laptop get error ( config error), where is wrong ?
  4.  here my net plan
 
  (b_lan)---vpn-client--adsl---internet--vpn-gw---(a_lan)
 
 
  --snip --
  my laptop
  # cat /etc/ipsec.conf
  vpn_gw=ip-public-vpn-gw
  a_lan=192.168.0.0/24
  b_lan=192.168.2.0/24
 
  ike esp from egress to $a_lan peer $vpn_gw \
  srcid [EMAIL PROTECTED] dstid  $vpn_gw
 
  my vpn -gw
 
  # cat /etc/ipsec.conf
  gw_vpn=my-ip-public-vpn-gw
  a_lan=192.168.0.0/24
  b_lan=192.168.2.0/24
 
  ike dynamic esp from $a_lan to any srcid $gw_vpn
 
  here log mesage
  Jul 31 14:53:49 secure isakmpd[28167]: udp_create: no address
  configured for peer-default
  Jul 31 14:53:49 secure isakmpd[28167]: exchange_establish: transport
  udp for peer peer-default could not be created


 Wrong way round. The laptop should be dynamic, the gateway
 should not.




-- 
sonjaya
http://sicute.blogspot.com



Re: VPN site to site with ipsec

2007-07-24 Thread sonjaya

yhx have been working now ,  my notebook antivirus blocking ping request .
but how i can make the server vpn in host(a) can accepy any connection
from dynamic ip , and mobile user .
thx

On 7/23/07, John Jackson [EMAIL PROTECTED] wrote:

Have you tried tcpdumping on the enc0 interface on both gateways to see
what happens on when pinging?  tcpdump -n -s 1600 -i enc0

Is there a firewall enabled on the non-responsive end hosts?  I've seen
recent versions of Windows block or drop icmp echo requests, maybe some
recent service pack release?  I know our Windows admins swear they
didn't do it themselves.


On Mon, Jul 23, 2007 at 04:40:40PM +0700, sonjaya wrote:
 thx daniel , i have follow the link and still get ping reply from
 pc(a) to pc(b) , below my ipsec.conf and pf.conf
 in host(a)
 # cat /etc/ipsec.conf
 ike esp from 192.168.0.0/24 to 192.168.2.0/24 peer host(b)
 ike esp from host(a) to 192.168.2.0/24 peer host(b)
 ike esp from host(a) to host(b)
 #
 # cat /etc/pf.conf
 ext_if=xl0
 int_if=xl1
 set skip on { lo0 $int_if enc0 }
 nat on $ext_if from !($ext_if) - ($ext_if:0)
 block in
 pass out keep state
 pass quick on $ext_if from host(b)

 in host(b)
 # cat /etc/ipsec.conf
 ike esp from 192.168.2.0/24 to 192.168.0.0/24 peer host(a)
 ike esp from host(b) to 192.168.0.0/24 peer host(a)
 ike esp from host(b) to host(a)
 #

 # cat /etc/pf.conf
 ext_if=xl0
 int_if=xl1
 set skip on { lo0 $int_if enc0 }
 nat on $ext_if from !($ext_if) - ($ext_if:0)
 block in
 pass out keep state
 pass quick on $ext_if from host(a)

 i try traceroute at both host
 #pc(b) to pc(a)
 c:\Document and Settings\User.notebook\tracert 192.168.0.4
 Tracing route to 192.168.0.4 over  a maximun of 30 hops

 1.  1ms1ms   1ms  192.168.2.1
 2.  2 ms 1 ms  1 ms host(b) [219.83.xx.xx]
 3.  2 ms 1 ms  2 ms 192.168.0.4

 #pc(a) to pc(b)
 [EMAIL PROTECTED] root]# traceroute 192.168.2.12
 traceroute to 192.168.2.12 (192.168.2.12), 30 hops max, 38 byte packets
 1  192.168.0.151 (192.168.0.151)  0.226 ms  0.181 ms  0.136 ms
 2  host(b) (219.83.xx.xx)  1.742 ms  1.736 ms  1.591 ms
 3  * *

 so where is wrong , my pf / my ipsect ...?

 all fresh installed from obsd 4.1 .




 On 7/23/07, Daniel Ouellet [EMAIL PROTECTED] wrote:
 sonjaya wrote:
  http://www.openbsdsupport.org/vpn-ipsec.html
 
 May be you could also have a look at this nice presentation that show
 many changes done on OpenBSD.
 
 You can start here to see some OpenBSD suggestions, but you can look it
 all as well as it's nice. (;
 
 http://openbsd.org/papers/asiabsdcon07-ipsec/mgp00057.html
 


 --
 sonjaya
 http://sicute.blogspot.com


 !DSPAM:1,46a479a0220011806319350!







--
sonjaya
http://sicute.blogspot.com



VPN site to site with ipsec

2007-07-23 Thread sonjaya

Dear all

i have network lite this

pc(b)host(b)---internet-host(a)-pc(a)

i follow tutorial from this link :

http://www.openbsdsupport.org/vpn-ipsec.html

then i try test :

1. Ping from host(b) to host(a) or  host(a) to host(b) working ( reply ) .
2. Ping from pc(b) to host (a) reply , mean working .
3. Ping from pc(b) to pc(a) reply , mean working .
4. Ping from pc(a) to host(b) reply , mean working .
5. Ping from pc(a) to pc(b) not  reply

here my ipsec.conf
in host(a)
# cat /etc/ipsec.conf
ike esp from 192.168.0.0/24 to 192.168.2.0/24 peer host(b)
ike esp from host(a) to 192.168.2.0/24 peer host(b)
ike esp from host(a) to host(b)
#
in host(b)
# cat /etc/ipsec.conf
ike esp from 192.168.2.0/24 to 192.168.0.0/24 peer host(a)
ike esp from host(b) to 192.168.0.0/24 peer host(a)
ike esp from host(b) to host(a)
#

my question :
- how i can ping and get reply both  from pc(a) and pc(b)  ?
- i install as fresh install from openbsd 4.1


sonjaya
http://sicute.blogspot.com



Re: VPN site to site with ipsec

2007-07-23 Thread sonjaya

thx daniel , i have follow the link and still get ping reply from
pc(a) to pc(b) , below my ipsec.conf and pf.conf
in host(a)
# cat /etc/ipsec.conf
ike esp from 192.168.0.0/24 to 192.168.2.0/24 peer host(b)
ike esp from host(a) to 192.168.2.0/24 peer host(b)
ike esp from host(a) to host(b)
#
# cat /etc/pf.conf
ext_if=xl0
int_if=xl1
set skip on { lo0 $int_if enc0 }
nat on $ext_if from !($ext_if) - ($ext_if:0)
block in
pass out keep state
pass quick on $ext_if from host(b)

in host(b)
# cat /etc/ipsec.conf
ike esp from 192.168.2.0/24 to 192.168.0.0/24 peer host(a)
ike esp from host(b) to 192.168.0.0/24 peer host(a)
ike esp from host(b) to host(a)
#

# cat /etc/pf.conf
ext_if=xl0
int_if=xl1
set skip on { lo0 $int_if enc0 }
nat on $ext_if from !($ext_if) - ($ext_if:0)
block in
pass out keep state
pass quick on $ext_if from host(a)

i try traceroute at both host
#pc(b) to pc(a)
c:\Document and Settings\User.notebook\tracert 192.168.0.4
Tracing route to 192.168.0.4 over  a maximun of 30 hops

1.  1ms1ms   1ms  192.168.2.1
2.  2 ms 1 ms  1 ms host(b) [219.83.xx.xx]
3.  2 ms 1 ms  2 ms 192.168.0.4

#pc(a) to pc(b)
[EMAIL PROTECTED] root]# traceroute 192.168.2.12
traceroute to 192.168.2.12 (192.168.2.12), 30 hops max, 38 byte packets
1  192.168.0.151 (192.168.0.151)  0.226 ms  0.181 ms  0.136 ms
2  host(b) (219.83.xx.xx)  1.742 ms  1.736 ms  1.591 ms
3  * *

so where is wrong , my pf / my ipsect ...?

all fresh installed from obsd 4.1 .




On 7/23/07, Daniel Ouellet [EMAIL PROTECTED] wrote:

sonjaya wrote:
 http://www.openbsdsupport.org/vpn-ipsec.html

May be you could also have a look at this nice presentation that show
many changes done on OpenBSD.

You can start here to see some OpenBSD suggestions, but you can look it
all as well as it's nice. (;

http://openbsd.org/papers/asiabsdcon07-ipsec/mgp00057.html




--
sonjaya
http://sicute.blogspot.com



dev tap

2007-07-12 Thread sonjaya

how to create device tap  ( for openvpn bridge mode )  in OBSD 4.1


--
sonjaya
http://sicute.blogspot.com



Re: dev tap

2007-07-12 Thread sonjaya

i try bridge mode but i think not support in obsd 4.1 , below log

Thu Jul 12 14:56:45 2007 notebook/202.93.xx.xxx:62358 write to TUN/TAP
: Address family not supported by protocol family (code=47)
Thu Jul 12 14:56:46 2007 notebook/202.93.xx.xxx:62358 write to TUN/TAP
: Address family not supported by protocol family (code=47)

#ifconfig
enc0: flags=0 mtu 1536
tun0: flags=8051UP,POINTOPOINT,RUNNING,MULTICAST mtu 1500
   groups: tun
   inet6 fe80::250:daff:fe80:63e1%tun0 -  prefixlen 64 scopeid 0x6
#cat /etc/openvpn/bridgemode.conf
dev tun0
dev-type tap
server-bridge 192.168.2.1 255.255.255.0 192.168.2.2 192.168.2.3



On 7/12/07, Claudio Jeker [EMAIL PROTECTED] wrote:

On Thu, Jul 12, 2007 at 01:50:51PM +0700, sonjaya wrote:
 how to create device tap  ( for openvpn bridge mode )  in OBSD 4.1


Man tun(4) and look for link0 or layer 2 mode. For openvpn the magic is:
dev tun0
dev-type tap

--
:wq Claudio





--
sonjaya
http://sicute.blogspot.com



openvpn on openbsd 4.1

2007-07-02 Thread sonjaya

Dear all

i have installed  openvpn from ports  dan i try follow manual like this :
# pwd
/etc/openvpn/easy-rsa/2.0
# ./vars
NOTE: If you run ./clean-all, I will be doing a rm -rf on
/etc/openvpn/easy-rsa/2.0/keys
# ./clean-all
# ./build-ca
 Please edit the vars script to reflect your configuration,
 then source it with source ./vars.
 Next, to start with a fresh PKI configuration and to delete any
 previous certificates and keys, run ./clean-all.
 Finally, you can run this tool (pkitool) to build certificates/keys.
#
where is wrong ?


beloow my config
# cat vars
export EASY_RSA=`pwd`
export KEY_CONFIG=$EASY_RSA/openssl.cnf
export KEY_DIR=$EASY_RSA/keys
echo NOTE: If you run ./clean-all, I will be doing a rm -rf on $KEY_DIR
export KEY_SIZE=1024
export CA_EXPIRE=3650
export KEY_EXPIRE=3650
export KEY_COUNTRY=CA
export KEY_PROVINCE=USA
export KEY_CITY=california
export KEY_ORG=IT
export KEY_EMAIL=[EMAIL PROTECTED]
#
# cat clean-all
#!/bin/sh
export KEY_DIR=$EASY_RSA/keys
if [ $KEY_DIR ]; then
   rm -rf $KEY_DIR
   mkdir $KEY_DIR  \
   chmod go-rwx $KEY_DIR  \
   touch $KEY_DIR/index.txt  \
   echo 01 $KEY_DIR/serial
else
   echo 'Please source the vars script first (i.e. source ./vars)'
   echo 'Make sure you have edited it to reflect your configuration.'
fi
#
# cat build-ca
#!/bin/sh
#
# Build a root certificate
#
export EASY_RSA=${EASY_RSA:-.}
$EASY_RSA/pkitool --interact --initca $*
#




--
sonjaya
http://sicute.blogspot.com



Re: openvpn on openbsd 4.1

2007-07-02 Thread sonjaya

the all script is working when i try  input manual env , all in vars .


On 7/2/07, Mike Erdely [EMAIL PROTECTED] wrote:

On Mon, Jul 02, 2007 at 07:19:23PM +0700, sonjaya wrote:
 i have installed  openvpn from ports  dan i try follow manual like this :
 # pwd
 /etc/openvpn/easy-rsa/2.0
 # ./vars
 NOTE: If you run ./clean-all, I will be doing a rm -rf on
 /etc/openvpn/easy-rsa/2.0/keys
 # ./clean-all
 # ./build-ca
  Please edit the vars script to reflect your configuration,
  then source it with source ./vars.
  Next, to start with a fresh PKI configuration and to delete any
  previous certificates and keys, run ./clean-all.
  Finally, you can run this tool (pkitool) to build certificates/keys.
 #
 where is wrong ?

Try running . ./vars so that the vars get read into your environment.

-ME




--
sonjaya
http://sicute.blogspot.com



Re: openvpn on openbsd 4.1

2007-07-02 Thread sonjaya

yes i have ready run it , but i see in my env not show , so i put all
manual in vars.

On 7/2/07, Cezary Morga [EMAIL PROTECTED] wrote:

 Dear all

 i have installed  openvpn from ports  dan i try follow manual like this :
 # pwd
 /etc/openvpn/easy-rsa/2.0
 # ./vars

type
source ./vars
or
. ./vars

(note the dot and the space)

Regards,
--
Cezary Morga czarek(at)morga.net.pl cezarym(at)data.pl
GG# 169903 ICQ# 328-700-565
Jabber therek(at)jabber.autocom.pl; therek(at)jabber.therek.net
[=- http://www.therek.net/ -=][=- http://freebsd.therek.net/ -=]




--
sonjaya
http://sicute.blogspot.com



obsd 4.1 plsu squid

2007-05-30 Thread sonjaya

Dear all

I will developt new  server for my proxy server ,  i will try using
squid with transparent with snmp .
But i want know does squid-transparent-snmp support for delay_pools
anda mac address acl ?

Thx a lot


sonjaya
http://sicute.blogspot.com



Re: obsd 4.1 plsu squid

2007-05-30 Thread sonjaya

here error :
# squid -k reconfigure
2007/05/31 01:39:34| parseConfigFile: line 3895 unrecognized: 'delay_pools 2'
2007/05/31 01:39:34| parseConfigFile: line 3896 unrecognized: 'delay_class 1 2'
2007/05/31 01:39:34| parseConfigFile: line 3897 unrecognized:
'delay_access 1 allow limited '
2007/05/31 01:39:34| parseConfigFile: line 3898 unrecognized:
'delay_access 2 allow fileblok'
2007/05/31 01:39:34| parseConfigFile: line 3899 unrecognized:
'delay_parameter 2 4000/4000  -1/-1 2000/4000'
#

that mean do not support delay_pools ?


On 5/30/07, sonjaya [EMAIL PROTECTED] wrote:

Dear all

I will developt new  server for my proxy server ,  i will try using
squid with transparent with snmp .
But i want know does squid-transparent-snmp support for delay_pools
anda mac address acl ?

Thx a lot


sonjaya
http://sicute.blogspot.com




--
sonjaya
http://sicute.blogspot.com



Re: vpn in OBSD 4.1

2007-05-11 Thread sonjaya

so  i must using ipsec for security reason ,  how about the client (
such us Microsoft ) can they use ipsec too.


On 5/11/07, Lars D. Noodin [EMAIL PROTECTED] wrote:

On Fri, 11 May 2007, Adam Hawes wrote:
 You're well advised to go do some reading on your own.  If you had
 you would have discovered that OpenVPN ahs a tutorial page for
 configuring the server, as does the readily available PPTP server.

It's not a funny joke to be recommending PPTP to anybody.  Some may miss
the sarcasm and actually try to deploy it.

Any further amount of reading (if done) would reveal that PPTP can't
really be called secure and should be avoided.  Its successor, L2TP, can
be improved somewhat, at least the connections, by tunnelling over SSL.
But then why not cut out the middleman and use SSL to begin with?  Fewer
parts that way.

IPsec and SSL are your two options:
http://www.vpnc.org/vpn-standards.html

I'm wondering that since IPsec is part fo IPv6, the equivalent to an
IPsec-on-IPv4 VPN could be made using IPv6 instead.  Maybe that would  be
smarter in the long run.

-Lars

Lars Noodin ([EMAIL PROTECTED])
 Ensure access to your data now and in the future
 http://opendocumentfellowship.org/about_us/contribute



--
sonjaya
http://sicute.blogspot.com



vpn in OBSD 4.1

2007-05-10 Thread sonjaya

Dear all

i looking  tutorial  for install vpn in  obsd 4.1  with client
microsoft xp  or mac  also support netbios for file or  print sharing

so what can i use  openvpn , ipsec , vpn ?

--
sonjaya
http://sicute.blogspot.com



chillispot in OBSD 4.0

2007-03-01 Thread sonjaya

Dear all

i try install chillispot in OBSD 4.0 , it try follow step in
http://www.geeklan.co.uk/?p=72
i try patch -p1  nothing show , so i try  compile manualy

# ./configure --prefix=/usr/local/chillispot
# make
make  all-recursive
Making all in src
if gcc -DHAVE_CONFIG_H -I. -I. -I.. -D_GNU_SOURCE -fno-builtin
-DSBINDIR='/usr/local/chilli/sbin' -g -O2 -MT chilli.o -MD -MP -MF
.deps/chilli.Tpo -c -o chilli.o chilli.c;  then mv -f
.deps/chilli.Tpo .deps/chilli.Po; else rm -f .deps/chilli.Tpo;
exit 1; fi
chilli.c: In function `process_options':
chilli.c:734: warning: passing arg 2 of `inet_aton' from incompatible
pointer type
chilli.c:802: warning: passing arg 2 of `inet_aton' from incompatible
pointer type
chilli.c:820: warning: passing arg 2 of `inet_aton' from incompatible
pointer type
if gcc -DHAVE_CONFIG_H -I. -I. -I.. -D_GNU_SOURCE -fno-builtin
-DSBINDIR='/usr/local/chilli/sbin' -g -O2 -MT tun.o -MD -MP -MF
.deps/tun.Tpo -c -o tun.o tun.c;  then mv -f .deps/tun.Tpo
.deps/tun.Po; else rm -f .deps/tun.Tpo; exit 1; fi
tun.c:369:29: missing binary operator before token defined
tun.c:427:2: #error Unknown platform!
tun.c:448:28: missing binary operator before token defined
tun.c:500:28: missing binary operator before token defined
tun.c:508:2: #error Unknown platform!
tun.c:588:28: missing binary operator before token defined
tun.c:649:2: #error Unknown platform!
tun.c:677:28: missing binary operator before token defined
tun.c:690:2: #error Unknown platform!
tun.c:725:28: missing binary operator before token defined
tun.c:824:2: #error Unknown platform!
*** Error code 1

Stop in /root/chillispot-1.1.0/src.
*** Error code 1

Stop in /root/chillispot-1.1.0 (line 268 of Makefile).
*** Error code 1

Stop in /root/chillispot-1.1.0 (line 173 of Makefile).
#


i try looking in port not found  ?

sonjaya
http://sicute.blogspot.com



Re: OBS 4.0 at Device

2007-02-28 Thread sonjaya

may be remaster obsd 4.0 to for  device  or something like that

On 2/28/07, Joachim Schipper [EMAIL PROTECTED] wrote:

On Wed, Feb 28, 2007 at 11:05:32AM +0700, sonjaya wrote:
 Dear all

 any change to make OBSD 4.0 running in device , such as wrt54G (linksys ).

Definitely possible in theory, and OpenBSD already runs on some
appliances - Soekris and WRAP are mentioned often, and a lot of work is
being done on the Landisk architecture.

Joachim





--
sonjaya
http://sicute.blogspot.com



OBS 4.0 at Device

2007-02-27 Thread sonjaya

Dear all

any change to make OBSD 4.0 running in device , such as wrt54G (linksys ).



sonjaya
http://sicute.blogspot.com



hot spot with OBSD 4.0

2007-02-22 Thread sonjaya

Dear all

Very newbie question :
How to setup OBSD 4.0 become hotspot machine , any link to start over
beside google.

Thx
-sonjaya-
http://sicute.blogspot.com



Re: hot spot with OBSD 4.0

2007-02-22 Thread sonjaya

ok i will be waiting good news from your.Thx before

On 2/22/07, Andreas Maus [EMAIL PROTECTED] wrote:

On 2/22/07, sonjaya [EMAIL PROTECTED] wrote:
 more secure more better , i would happy if you want share to all .
Thats the right attitude! ;)

O.K. I will dump my /dev/brain into a documentation and put it online
today or tomorrow.

Andreas.

--
Hobbes : Shouldn't we read the instructions?
Calvin : Do I look like a sissy?





-sonjaya-
http://sicute.blogspot.com



Re: squid , apache n PF

2007-02-16 Thread sonjaya

sory have been solved , only set need set in squid.conf

On 2/16/07, sonjaya [EMAIL PROTECTED] wrote:

Dear all

I have machine running squid  n  apache at OBSD also set as
transparent proxy with pf .
Now i have limit who can use that proxy ( of course limit by ip in squid conf).
The problem show when ip non allow acces the proxy  access webserver
at  that machine proxy always  get denied.

int---proxy (192.168.0.8)-ip allow
int---proxy(192.168.0.7)-ip allow2

ipallow2 using gateway = 192.168.0.7
ipallow using gateway = 192.168.0.8

here my squid.conf
acl parno url_regex -i /usr/local/squid/etc/parno.txt
acl ipallow src /usr/local/squid/etc/ip-allow.txt
http_access deny parno
http_access allow  ipallow
http_access deny  all


then i change squid.conf  like this :
acl ipallow2 src /usr/local/squid/etc/ip-allow2.txt
acl parno url_regex -i /usr/local/squid/etc/parno.txt
acl ipallow src /usr/local/squid/etc/ip-allow.txt
http_access allow ipallow2
http_access deny parno
http_access allow  ipallow
http_access deny  all

with second squid.conf that is working , but another problem show ,
when ipallow2 change  ip gateway to 192.168.0.8 they can access
internet by proxy in 192.168.0.8.

so how to configure ipallow2 can access the webserver in 192.168.0.8
without allow ipallow2  using proxy when change the gateway to
192.168.0.8


-sonjaya-
htpp://sicute.blogspot.com




--
-sonjaya-



squid , apache n PF

2007-02-15 Thread sonjaya

Dear all

I have machine running squid  n  apache at OBSD also set as
transparent proxy with pf .
Now i have limit who can use that proxy ( of course limit by ip in squid conf).
The problem show when ip non allow acces the proxy  access webserver
at  that machine proxy always  get denied.

int---proxy (192.168.0.8)-ip allow
int---proxy(192.168.0.7)-ip allow2

ipallow2 using gateway = 192.168.0.7
ipallow using gateway = 192.168.0.8

here my squid.conf
acl parno url_regex -i /usr/local/squid/etc/parno.txt
acl ipallow src /usr/local/squid/etc/ip-allow.txt
http_access deny parno
http_access allow  ipallow
http_access deny  all


then i change squid.conf  like this :
acl ipallow2 src /usr/local/squid/etc/ip-allow2.txt
acl parno url_regex -i /usr/local/squid/etc/parno.txt
acl ipallow src /usr/local/squid/etc/ip-allow.txt
http_access allow ipallow2
http_access deny parno
http_access allow  ipallow
http_access deny  all

with second squid.conf that is working , but another problem show ,
when ipallow2 change  ip gateway to 192.168.0.8 they can access
internet by proxy in 192.168.0.8.

so how to configure ipallow2 can access the webserver in 192.168.0.8
without allow ipallow2  using proxy when change the gateway to
192.168.0.8


-sonjaya-
htpp://sicute.blogspot.com



set obsd 3.9 as dns server

2007-01-23 Thread sonjaya

Dear all

i have obsd 3.9 , i want setup as dns name for my ip public and
mydomain , i try follow step in
openbsdsupport.org , but until now always get error lame server and
etc , so where i get good tutorial about setup obsd as name server for
my public ip and my domain .

-sonjaya-
http://sicute.blogspot.com



2 gateway in OBSD 4.0

2007-01-23 Thread sonjaya

Dear All

Any posible way to using 2 gateway in n out without  using routed
protcol such as bgp/osf
Because i have two connection to Internet
basic  diagram
 |-gw01---|
internet   | obsd 4.0 |---Lan
 |---gw02--|

- 2 Ip public
- 1 server obsd  4.0 with 3 Networkcard
- 2 box gw

I plan obsd 4.0 for :

1. ns server who have 2 ip public from 2 isp

question  iwant ask , how to set 2 gw without  have bgp/osf  access ?

-sonjaya-



pf+altq

2007-01-17 Thread sonjaya

Dear All
here my altq+pf
##---queue+alq---###
altq on $ext_if cbq bandwidth 100Kb queue{q_std}
queue q_std bandwidth 100% cbq \
 {q_def,q_pri,q_web,q_msc,q_dat,q_gms}
queue q_def bandwidth 25% priority 1 cbq(borrow default red ecn)
queue q_dat bandwidth 10% priority 0 cbq(red)
queue q_web bandwidth 25% priority 5 cbq(borrow)
queue q_msc bandwidth 15% priority 4 cbq(borrow)
queue q_gms bandwidth 25% priority 6 cbq(borrow)
queue q_pri priority 7

when i try to use it always get error :
demorate# pfctl -f /etc/pf.conf
pfctl: the sum of the child bandwidth higher than parent q_std
demorate#

when i try use this :
#queue q_pri priority 7
is working .
-sonjaya-
http://sicute.blogspot.com



Re: pf+altq

2007-01-17 Thread sonjaya

as far i know min bw 5,59 kbps .
now is working , i got from other queue.
i try to use cbq n hfsc witch better in shaping .

On 1/17/07, Lawrence Horvath [EMAIL PROTECTED] wrote:

Try defining q_pri with a bandwidth, you might even be able to set it as:

 queue q_pri bandwidth 0% priority 7 cbq(borrow)

This way it wouldnt reserve any bandwidth but it shouldnt cause issues
with the bandwidth math either. If you get that working, please let me
know.



On 1/17/07, sonjaya [EMAIL PROTECTED] wrote:
 Dear All
 here my altq+pf
 ##---queue+alq---###
 altq on $ext_if cbq bandwidth 100Kb queue{q_std}
  queue q_std bandwidth 100% cbq \
   {q_def,q_pri,q_web,q_msc,q_dat,q_gms}
  queue q_def bandwidth 25% priority 1 cbq(borrow default red ecn)
  queue q_dat bandwidth 10% priority 0 cbq(red)
  queue q_web bandwidth 25% priority 5 cbq(borrow)
  queue q_msc bandwidth 15% priority 4 cbq(borrow)
  queue q_gms bandwidth 25% priority 6 cbq(borrow)
  queue q_pri priority 7

 when i try to use it always get error :
 demorate# pfctl -f /etc/pf.conf
 pfctl: the sum of the child bandwidth higher than parent q_std
 demorate#

 when i try use this :
  #queue q_pri priority 7
 is working .
 -sonjaya-
 http://sicute.blogspot.com




--
-Lawrence
-Student ID 1028219
-CCNA




--
-sonjaya-



webserver in OBS

2007-01-16 Thread sonjaya

Dear all

I ussually use public html to allow user have space in out webserver,
how to set in openbsd 3.9 because default i chroot.

thx for advice



Re: webserver in OBS

2007-01-16 Thread sonjaya

Thx is working, but how to set every i adduser have automatic add in
/var/www/user/simbloic link .
thx

On 1/16/07, Gilles Chehade [EMAIL PROTECTED] wrote:

sonjaya a icrit :
 Dear all

 I ussually use public html to allow user have space in out webserver,
 how to set in openbsd 3.9 because default i chroot.

 thx for advice
Look at UserDir in httpd.conf

I usually create my web accounts as follow:

1- create /var/www/accounts/username and
/var/www/accounts/username/public
2- link /var/www/users/username to /var/www/accounts/username/public
3- link ~username/www to /var/www/accounts/username

that way each user has a www subdirectory in his home directory. files
that are
in ~/www are accessible inside the apache chroot but not through web access
(nice for databases and configuration files), whereas files in
~/www/public are
visible through web access.

++ Gilles Chehade





--
-sonjaya-



squid for OBSD 4.0

2007-01-09 Thread sonjaya

Dear all

I want create proxy server with OBSD 4.0 , what kind squid version support :

- mac Address acl
- delaypools

also how to tuning OBSD 4.0 for proxy server with squid .


-sonjaya-



squid for OBSD 4.0

2007-01-09 Thread sonjaya

Dear all

I want create proxy server with OBSD 4.0 , what kind squid version support :

- mac Address acl
- delaypools

also how to tuning OBSD 4.0 for proxy server with squid .


-sonjaya-


-
-sonjaya-



Re: squid for OBSD 4.0

2007-01-09 Thread sonjaya

thx have been respond quick

can i use diskd for cache , last time i use diskd for cache is more
speed-up squid and
if i using pkg-add  they don't support acl mac address .



On 1/9/07, Scott Radvan [EMAIL PROTECTED] wrote:

On Tue, 9 Jan 2007 17:19:48 +0700
sonjaya [EMAIL PROTECTED] wrote:

 Dear all

 I want create proxy server with OBSD 4.0 , what kind squid version
 support :

 - mac Address acl
 - delaypools

 also how to tuning OBSD 4.0 for proxy server with squid .


 -sonjaya-



The following site will help, read it from beginning to end, you will
be much wiser:

http://www.kernel-panic.it/openbsd/proxy/


--
Scott Radvan




--
-sonjaya-



not working php5 + apache in OBSD 4.0

2006-12-07 Thread sonjaya

dear all

i installl php by port with pkg_add , i follow all steep  include put
addtype in my httpd.conf
than i try  little script to know php working or not .

?
phpinfo();
?

when i try browse from my web browser nothing show .
Then i try using server-status
they show have been installed php5
and try make some script
?
echo tes;
?

same nothing hapen when open from my internet browser
so what is the problem ?

nb : using Openbsd 4.0 adn install all with pkg_add
--
-sonjaya-



how to redirect port to other server

2006-11-14 Thread sonjaya

Dear all

I try to redirect  port from server to  comp in lan with pf , beloow
my script :
# xl0 interface to public
IntIf =xl1
Extif=xl0
remotesrv=192.168.0.4/32

rdr on xl0 inet proto tcp from any to any port = https - $remotesrv port 22


when i try remote from public always network error connection timeout


-
-sonjaya-



update automaticly

2006-10-19 Thread sonjaya

i have script for update automaticly here:
# cat /root/update_part1.sh
#!/bin/csh
cd /usr/src
setenv CVS_CLIENT_PORT -1
setenv CVSROOT [EMAIL PROTECTED]:/cvs
cvs -d $CVSROOT -q up -rOPENBSD_3_9 -Pd
date  /root/update_part1.log

when i try run that script get error such like this :
# sh /root/update_part1.sh
/root/update_part1.sh[3]: setenv: not found
/root/update_part1.sh[4]: setenv: not found
cvs update: CVSROOT -q must be an absolute pathname
cvs [update aborted]: Bad CVSROOT.

please tell me to fix it .


--
-sonjaya-



please chek my pf

2006-09-28 Thread sonjaya

i have bsd machine run as gateway + proxy ( running for internet acces
n dns forom my lan )
i want create rule , all internet request by proxy working fine , but
i see in pftop some protocol such as p2p aplication pass my gateway ,
how to block it .
p2p=edonkey and bittorent

bellow my script pf

ext_if=xl0
int_if=xl1
int_ip=127.0.0.1
ip_limited=192.168.0.50
tcp_allow={ 22, 80, 8080, 443, 113}
udp_allow={ 53, 113}
icmp_types=echoreq
set block-policy return
set skip on lo
scrub all
nat on $ext_if from !($ext_if) - ($ext_if:0)
nat-anchor ftp-proxy/*
rdr-anchor ftp-proxy/*
rdr pass on $int_if proto tcp to port 80 - $int_ip port 8080
rdr pass on $int_if proto tcp to port ftp - 127.0.0.1 port 8021
rdr on $ext_if proto tcp from any to any port 110 - 192.168.0.1
block all
pass out keep state
pass in on $ext_if inet proto tcp from any to {$ext_if} \
   port $tcp_allow flags S/SA keep state
pass in on $ext_if inet proto udp from any to {$ext_if} \
   port $udp_allow  keep state
pass in inet proto icmp all icmp-type $icmp_types keep state
pass in quick on $int_if




-sonjaya-



Re: Delaypools not working in squid transparant n snmp openbsd 3.9

2006-08-09 Thread sonjaya

Thx for all respond and i complie from source using squid-2.5 stable
14 ( but not support acl arp ), i try squid-2.6 not working get error
...



Delaypools not working in squid transparant n snmp openbsd 3.9

2006-08-05 Thread sonjaya

dear all

i try activate my cache server ( squid 2.5 stable with tranparan
proxy n snmp from package ) in my openbsd 3.9 server :
here my spefication my server :
1. openbsd 3.9
   - squid transparan + snmp from package
2. here my squid.conf
# DELAY POLL curve ---
acl magic_words1 url_regex -i 192.168.
acl magic_words2 url_regex -i ftp .exe .mp3 .vqf .tar.gz .gz .rpm .zip
.rar .avi .mpeg .mpe .mpg .qt .ram .rm .iso .raw .wav
delay_pools 2
delay_class 1 2
delay_parameters 1 -1/-1 -1/-1
delay_access 1 allow magic_words1
delay_class 2 2
delay_parameters 2 5000/15 5000/12
delay_access 2 allow magic_words2
#
3. here my error log when i try :
# /usr/local/sbin/squid -k parse


2006/08/06 04:09:49| parseConfigFile: line 3576 unrecognized: 'delay_pools 2'
2006/08/06 04:09:49| parseConfigFile: line 3580 unrecognized: 'delay_class 1 2'
2006/08/06 04:09:49| parseConfigFile: line 3582 unrecognized:
'delay_parameters 1 -1/-1 -1/-1'
2006/08/06 04:09:49| parseConfigFile: line 3584 unrecognized:
'delay_access 1 allow magic_words1'
2006/08/06 04:09:49| parseConfigFile: line 3587 unrecognized: 'delay_class 2 2'
2006/08/06 04:09:49| parseConfigFile: line 3595 unrecognized:
'delay_parameters 2 5000/15 5000/12'
2006/08/06 04:09:49| parseConfigFile: line 3596 unrecognized:
'delay_access 2 allow magic_words2'



-sonjaya-



  1   2   >