Re: routing question - why one way?

On Thu, 1 Sep 2005 01:01:08 -0400, Bill wrote: >OBSD 3.7 - new install > >I am building a router. And I am having a routing problem. I am not >doing any packet filtering, NAT or anything... its all strictly private >address space nets I also most definately have ip forwarding set in >sysctl > >R

Re: routing question - why one way?

Sorry for the confusion... I will try to summarize... I have a machine on each side of a router I am building (3.7). One one side it is a firewall connected to the internet (192.168.0.2/24) On the other side it is a linux notebook (10.4.50.1/16) >From linux I can ping any interface on the route

Re: routing question - why one way?

That was kind of hard to follow. Can you post traceroutes? --Bryan On 8/31/05, Bill <[EMAIL PROTECTED]> wrote: > OBSD 3.7 - new install > > I am building a router. And I am having a routing problem. I am not > doing any packet filtering, NAT or anything... its all strictly private > address

routing question - why one way?

OBSD 3.7 - new install I am building a router. And I am having a routing problem. I am not doing any packet filtering, NAT or anything... its all strictly private address space nets I also most definately have ip forwarding set in sysctl Right now I have the router installed with two active int

Engaging the IT Channel

Having trouble viewing our HTML mailer? View it online here. [IMAGE] You are receiving this email as a subscribed reader of eChannelLine Daily News. To modify your subscription, please visit here.

Re: [0dS] vulnerability in theo's asshole

[snipped stupid message] This should be reported to hushmail. As it was not directed toward me I did not do it. However I took the time to find the right place to do it. Here is the link : https://www.hushmail.com/contact/index.php?PHPSESSID=e784385b72dd436bb2affa3a4e020419 Try this one if the

Openbsd 3.7 Dial In server

Hi Guys and Girls, Im after some help in setting up an openbsd 3.7 dial in server. Basically I have a home network that is running an Ipcop firewall server on a 1.5mb connection and an openbsd mail / web server. Im wanting to setup an openbsd dial in server so I can dial in to my home network an

Re: MaxDB on 3.6? or just ndb_mgm[d ]?

> -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Spruell, Darren-Perot > Sent: Tuesday, August 30, 2005 1:11 PM > To: misc@openbsd.org > Subject: Re: MaxDB on 3.6? or just ndb_mgm[d ]? > > From: John N. Brahy [mailto:[EMAIL PROTECTED] > > I'm trying to

Re: panic w/ 3.8-beta (duplicate free)

I just got this panic too, but I am running a July 2 snapshot on this machine. I was running X when it happened, and the screen didn't update to show me the debugger, it just showed my frozen desktop. So all I could do was a boot dump. On reboot I got: savecore: reboot after panic: free: duplicat

xlock -mode stairs (was Re: 3.8 beta requests)

On 8/31/05, Christopher Linn <[EMAIL PROTECTED]> wrote: > On Wed, Aug 31, 2005 at 11:12:07AM -0600, Peter Valchev wrote: > > > I've been testing 3.8 on a couple of i386 systems (soon sparc also), > > > including installing more of the 3.8 beta packages than I would use > > > normally. So far I am

panic w/ 3.8-beta (duplicate free)

hi list, .. i recently upgraded my dsl-gw-box to 3.8-beta (from 22th aug) and today (after ~1week of uptime) it now paniced with a duplicate free. ddb> show panic free: duplicated free ddb> show proc PROC (squid) pid=8806 stat=onproc flags=4104 pri=53, usrpri=53, nice=20 forw=0xd05d1620,

Generic.MP panics on boot using Tyan GX28/S2882 (was: Re: LSI SATA 150-4 on Tyan GX28 / S2882)

Sorry about the recycle. I've cced the list and changed the topic to reflect a new (worse) problem. Just did a clean install using amd64 3.7. SP kernel is working just fine and I'm able to boot and play around without a problem. Upon trying to switch to the generic.mp kernel I

Re: OT: phone line 2 ethernet converters

At 07:39 PM 8/31/2005 +, you wrote: Although I am in Calgary, I have a hard time believing you can't get an unpowered, unloaded circuit from one of the American incumbents. How is Chubb supposed to monitor your business' alarm if this product is not available? 'Dry Circuits' went out of

Re: OT: phone line 2 ethernet converters

>> sorry for being off-topic, i am able to rent a pair of twist line (a >> circuit) between my home and and friends one. I wonder if there exist >> and ethernet extender device that could connect an ethernet cable to a >> phone line. It would do no special work, just a raw connection between >> 2 t

[0dS] vulnerability in theo's asshole

0d4y security advisory #1 vulnerability in theo's asshole discovered by: openbsd team introduction: theo's asshole suffers from a buffer overflow problem, when an excess of data is passed to his ring buffer it may leak packets. local: definately remote: yes how to exploit: blow your load in th

Re: ISC DHCPD Oddity

Okay, I've uncovered "what" is causing the problem, just not sure "how" to fix it (I've sent it off to the ISC dhcp list too, hopefully someone can figure it out :) ) The source of the problem seems to be the # of IPs assigned to fxp0 (currently 65). I removed about 40 of those, just to see if it

Re: 3.8 beta requests

On Wed, Aug 31, 2005 at 11:12:07AM -0600, Peter Valchev wrote: > > I've been testing 3.8 on a couple of i386 systems (soon sparc also), > > including installing more of the 3.8 beta packages than I would use > > normally. So far I am impressed by UP/MP performance, and have > > only found a couple

Re: window maker

ok, thanks Darrin. -- Deoxy.- Solo para locos... No para Cualquiera Mi Pagina http://spaces.msn.com/members/deoxy/

Re: Default domain not working

On Wed, Aug 31, 2005 at 02:34:53AM -0400, Bill wrote: > Thanks Otto and Killi Ehmm... don't thank me, I wrote kind of bullshit ;-) Ciao, Kili

Re: window maker

There are packages for windowmaker. Check http://www.openbsd.org/3.7_packages/, and read the man page for pkg_add(1) JAR wrote: > Hello. > > I am new in the world of OpenBSD, am of Chile and I do not speak > ingles very well, I hope that it is understood to me. > > I need to obtain data of like

window maker

Hello. I am new in the world of OpenBSD, am of Chile and I do not speak ingles very well, I hope that it is understood to me. I need to obtain data of like installing Mindow Maker in my OpenBSD 3,6, have looked for in Internet and I have not found information. Single that in xterm I write startx

Re: 3.8 beta requests

> I've been testing 3.8 on a couple of i386 systems (soon sparc also), > including installing more of the 3.8 beta packages than I would use > normally. So far I am impressed by UP/MP performance, and have > only found a couple of X applications (xtacy, xlock) failing on signal 11. the ports@ mai

Re: OT: phone line 2 ethernet converters

On Wednesday 31 August 2005 10:43, L. V. Lammert wrote: > One problem, however, is that the 100M distance limitation could make such > a connectio pretty impractical, even IF the line conditioning permitted > the connection. How about a wireless connection using at both ends Yagi antennas with th

Re: SBE wanPMC-xT3E3 support

On 8/31/05, Toni Mueller <[EMAIL PROTECTED]> wrote: > I have exactly the same problem, but think about using media converters > instead, speaking E3-something on the WAN side, and Ethernet on the LAN > side. > > When I tried to talk to SBEI, they were not very helpful. Allied Telesyn makes a DS3

Re: OT: phone line 2 ethernet converters

On Wed, Aug 31, 2005 at 08:44:08AM -0500, Gordon Grieder wrote: > On Tue, Aug 30, 2005 at 09:16:13PM -0700, J.C. Roberts wrote: > > > > Here in the US, a plain (uncoiled) circuit between two points is > > either called an "alarm circuit" or a "dry pair" if that's what you > > got, and you're withi

Re: OT: phone line 2 ethernet converters

On Tue, 30 Aug 2005, Gustavo Rios wrote: > Dear friends, > > sorry for being off-topic, i am able to rent a pair of twist line (a > circuit) between my home and and friends one. I wonder if there exist > and ethernet extender device that could connect an ethernet cable to a > phone line. It would

Re: sysctl tuning for maximum network performance

On Wed, 2005-08-31 at 12:05:48 -0300, Diego Augusto Dalmolin proclaimed... > Ok but... don4t you the default values like kern.somaxconn=128 > are too small for an OBSD router/nat with 2 x Gig lans + 2 x 4Mbps > internet conections Maybe, but don't expect support. That said, here's what we use on

Re: -current: problem with PPP (partially solved)

Hello, On Wed, 31.08.2005 at 11:50:34 +0200, Toni Mueller <[EMAIL PROTECTED]> wrote: > problem: On PPPoE, apparently no keep-alives (LCP echo requests + > answers) get send or received. Therefore, the connection gets reset by digging the man page and upping the logging noise revealed that LCP ech

Re: Compiling code with GLU and GLUT

On Wed, 31 Aug 2005, Sacha Ligthert wrote: I took for a test SDLgears from the SDL website and tried to configure and compile it. Configure halted with: checking for OpenGL support... no configure: error: Unable to find OpenGL headers and libraries You have to tell the configure script where t

Re: Win XP VPN

Oh I see, I previous message was meant as answer to original message from Steve Murdoch. XP with SP2 firewall on needs rules at all. If you have any other firewall you basically need to allow esp protocol and udp port 500 (isakmp) to your IPSec GW and vice versa. Regards Petr R. On 8/31/05, Nino

Re: sysctl tuning for maximum network performance

Ok but... don4t you the default values like kern.somaxconn=128 are too small for an OBSD router/nat with 2 x Gig lans + 2 x 4Mbps internet conections 2005/8/31, Diego Augusto Dalmolin <[EMAIL PROTECTED]>: > Where I could find a material for studding how to improve OBSD network > performance to max

Re: OpenBSD 3.7 on Soekris rebooting at random

On Tue, 23 Aug 2005 19:49:46 +0200 [EMAIL PROTECTED] wrote: > I haven't time in the next 10 days to play with it, but maybe Olivier > can give some feedback in case he tries the latest snapshot? I've just finished upgrading my router to 3.8-beta (GENERIC#119). I'm going to stress the machine a li

Re: Win XP VPN

so I introduced fw in front of XP workstation. Topology as follows: XP <--> BSD_FW1 <--> BSD_FW2 <--> BSD_Server - XP (ipsec client) connects through BSD_FW2 (ipsec GW) to BSD_Server just fine. - XP and BSD_FW2 are setup according to my document mentioned earlier - XP's IP address is nated on BS

Router-firewall seems to have trouble when there is a lot of connections

Hi, I've been using my little OpenBSD box as a router since 3.2 and never had any trouble. I use it to share the net within our 5 appartments building. Recently I found that my internet was having trouble, long delay opening web pages, lots of lost connectoin, horrible ping times and such. After

Re: sysctl tuning for maximum network performance

Quoting Diego Augusto Dalmolin <[EMAIL PROTECTED]>: > Where I could find a material for studding how to improve OBSD network > performance to maximum, using sysctl, kernel compilation, etc... > > > -- > Diego Augusto Dalmolin > (41) 9648-0882 > > Search the archives, this has been discussed not s

Re: Win XP VPN

Hi, so I introduced fw in front of XP workstation. Topology as follows: XP <--> BSD_FW1 <--> BSD_FW2 <--> BSD_Server - XP (ipsec client) connects through BSD_FW2 (ipsec GW) to BSD_Server just fine. - XP and BSD_FW2 are setup according to my document mentioned earlier - XP's IP address is nated on

Re: 2 Masters despite advskew

> Has anyone got *any* ideas why internally there's only one > master, yet > externally there are two? I had the same problem. Turned out to be a copy and paste error. I forgot to change the pasword when I copied hostname.carp1 to hostname.carp2 on one of the servers. Make sure that all passwords

Re: sysctl tuning for maximum network performance

On Wed, 31 Aug 2005 10:47:54 -0300 Diego Augusto Dalmolin <[EMAIL PROTECTED]> wrote: > Where I could find a material for studding how to improve OBSD network > performance to maximum, using sysctl, man sysctl > kernel compilation, etc... Well, simple, DON'T compile your own kernel. Because those

Re: OT: phone line 2 ethernet converters

On Tue, Aug 30, 2005 at 09:16:13PM -0700, J.C. Roberts wrote: > > Here in the US, a plain (uncoiled) circuit between two points is > either called an "alarm circuit" or a "dry pair" if that's what you > got, and you're within distance requirements (wire feet), you can do a > number of different th

sysctl tuning for maximum network performance

Where I could find a material for studding how to improve OBSD network performance to maximum, using sysctl, kernel compilation, etc... -- Diego Augusto Dalmolin (41) 9648-0882

Re: CARP/PFSYNC

Sorry my bad... A bit to quick in posting should have RTFM properly. The thing is I had enabled it but then rebooted and had forgotten to put it in sysctl.conf, so it was disabled :(... That what you get when sitting up 26 hours straight and configuring stuff, sleep serves a purpose, don't even wan

ISC DHCPD Oddity

Just swapped drives from one Compaq DL360 to another DL360 and now whenever I try to run the ISC DHCPD, which was working perfectly fine on the other box, it complains that it can't find the interface. The only difference, network wise, between the two boxes is that the old one had interfaces fxp0

Re: CARP/PFSYNC

[EMAIL PROTECTED] wrote: > If the machine fails all is well [ ;) ] and the traffic is routed over the other machine, however if only one interface fails, CARP notices this and the interface is moved to the otehr machien, however this still means that either ext_if or int_if is still leftt on the

Re: Newbie Problem: Can't ping carp device [SOLVED]

Turned out the problem is related to VMware's GSX server on which I experimented using virtual machines (which I didn't mention). Setting up CARP on 'real' hardware went fine without glitches. Stephan A. Rickauer schrieb: Don't think so: -bash-3.00# pfctl -s rules -bash-3.00# Jason Dixon sch

Re: CARP/PFSYNC

[EMAIL PROTECTED] schrieb: automatically should one fail but is there a better way? Can I somehow link the two CARP groups so that they are aware of each other adn should one group fail teh other downs as well? I have probably missed something very simple. Thanks for any tips. Shouldn't 'sysctl

Compiling code with GLU and GLUT

Hello misc@, First my appoligy for this intrusion, for I am a former member of this list. Second I am not sure if this has to go to ports@ or [EMAIL PROTECTED] I have installed 3.7 recently on my laptop allong with most SDL packages, GLU and GLUT from ports. The system further itself is pretty

Re: Win XP VPN

NAT-T should work out of the box as long as you have WinXP SP2 instaled (more details on the MS KB site - e.g. http://support.microsoft.com/default.aspx?scid=kb;en-us;818043 ). --Nino On Wed, 31 Aug 2005, Petr Ruzicka wrote: Fully open now. But I will add a firewall+NAT and let you know. P

Openbsd 3.7 Dial In server

Hi Guys and Girls, Im after some help in setting up an openbsd 3.7 dial in server. Basically I have a home network that is running an Ipcop firewall server on a 1.5mb connection and an openbsd mail / web server. Im wanting to setup an openbsd dial in server so I can dial in to my home netw

CARP/PFSYNC

Hello, I have a question reagarding CARP on OpeNSBD. I have setup a lab environment consisting of two machines with three interfaces each (ext_if, int_if, pfsync_if). Now I ahve two CARP groups; on for failover of ext_if and one for int_if. The problem is this. If the machine fails all is well

Re: Smart Array 6i RAID controller (ciss)

> I have installed -current on several systems with 5i, 53xx and 6xxx > controllers. I have not installed on a system with a 6i controller. I > have not had any problems other than seeing 'ciss0: cmd_stat 2 scsi_stat > 0x0' errors somewhat regularly. I have been running it on both x86 and > amd6

Re: Win XP VPN

Fully open now. But I will add a firewall+NAT and let you know. Petr R. On 8/31/05, Nino Margetic <[EMAIL PROTECTED]> wrote: > Petr, > > Just one question: how do you firewall your WinXP machine? Or is it just > fully open (i.e. no firewall at at all)?? > > --Nino > > On Mon, 29 Aug 2005, Petr

Re: Newbie Problem: Can't ping carp device

Don't think so: -bash-3.00# pfctl -s rules -bash-3.00# Jason Dixon schrieb: Do you have PF enabled? -- Stephan A. Rickauer Institut f|r Neuroinformatik Universitdt / ETH Z|rich Winterthurerstriasse 190 CH-8057 Z|rich Tel: +41 44 635 30 50 Sek: +41 44 63

Re: Win XP VPN

Petr, Just one question: how do you firewall your WinXP machine? Or is it just fully open (i.e. no firewall at at all)?? --Nino On Mon, 29 Aug 2005, Petr Ruzicka wrote: Just to let you know, I spend better part of night configuring my old setup in VMWare machines and everything work as expe

Re: BSD PPPoA Hardware

Just for interest, I've set this up successfully using a Zoom X4 (about #45) using half bridge but originally ran into problems getting the OBSD box to collect the address via DHCP on the external interface when in this mode (no such problems without half-bridge). Eventually, narrowed it dow

Re: Newbie Problem: Can't ping carp device

On Aug 31, 2005, at 5:13 AM, Stephan A. Rickauer wrote: Local ping on 172.16.3.223 does work. Remote ping on 172.16.3.220 does work. Remote ping on 172.16.3.223 does not work. Given that this is such a basic setup there must be something I am missing here. Shouldn't I be able to ping the

Re: cheap mini-pci ral(4) cards

On 31/08/05, Ben Hooper <[EMAIL PROTECTED]> wrote: > |The MSI MP54G4 (aka MSI MS-6833) seems to be readily available in > |the US now. I just picked one up from www.thenerds.net but a cheaper > |price can be found at newegg.com. It seems to work fine in my Sony > |SRX77. > | > |The trick is to se

-current: problem with PPP

Hello, I have a box running -current as of 27.8. and experience the following problem: On PPPoE, apparently no keep-alives (LCP echo requests + answers) get send or received. Therefore, the connection gets reset by the (Cisco) peer. While it is possible to deactivate PPP keepalives on the Cisco, i

Newbie Problem: Can't ping carp device

Hi list, I am experimenting with CARP on 3.7-STABLE. Unfortunately, I have problems with even setting it up. Maybe you have some ideas. Here's my _very simple_ config: -bash-3.00# ifconfig le1: flags=8b63 mtu 1500 address: 00:0c:29:4e:14:d8 inet6 fe80::20c:29ff:fe4e:14d8%le

Re: LSI Logic Ultra320 Scsi Raid Card

Apologies for my delay as things here have been a bit crazy. Unfortunatly we had to abandon OpenBSD for the boxen running the LSI 320-2E cards for other reasons, but I'll try to test out your diff to see if I get a successfull detection. On the subject of LSI cards tho I do have another question t

Re: SBE wanPMC-xT3E3 support

Hi, On Mon, 22.08.2005 at 12:16:19 -0700, andrew fresh <[EMAIL PROTECTED]> wrote: > Is there another T3 card that is supported by OpenBSD? I have exactly the same problem, but think about using media converters instead, speaking E3-something on the WAN side, and Ethernet on the LAN side. When I

Re: Moving from 3.7-release to -stable: make build fails (i386)

> > > > # export CFLAGS='-O3 -mcpu=athlon-xp -march=athlon-xp -mmmx > > > > -msse -m3dnow > > > > -mfpmath=sse' > So please tell us, where in FAQ it says to use those CFLAGS? Or any compiler > flags at all? I tried turning these off completely, of course. To no avail, however. (Actually, I only

Re: Moving from 3.7-release to -stable: make build fails (i386)

> > > # export CFLAGS='-O3 -mcpu=athlon-xp -march=athlon-xp -mmmx > > > -msse -m3dnow > > > -mfpmath=sse' [...] > I could do just 'make obj build' or something like that, but > I wanted to make clear that I'm not skipping any steps which > are required at the first rebuild, as it could be defini

Re: Moving from 3.7-release to -stable: make build fails (i386)

--On 31 August 2005 09:29 +0200, Roman Zilka wrote: > # export CFLAGS='-O3 -mcpu=athlon-xp -march=athlon-xp -mmmx > -msse -m3dnow -mfpmath=sse' Don't do this with OpenBSD, it's not recommended or supported.

Re: Moving from 3.7-release to -stable: make build fails (i386)

> >> > # export CFLAGS='-O3 -mcpu=athlon-xp -march=athlon-xp -mmmx > >> > -msse -m3dnow -mfpmath=sse' > > Don't do this with OpenBSD, it's not recommended or supported. OK, I'll try to keep my hands off it, thanks for the hint. (It doesn't solve my 'make build' problem in this case however.)

Re: Moving from 3.7-release to -stable: make build fails (i386)

> Is there any particular reason why you do all these steps: > > > # export DESTDIR=/ > > # export CFLAGS='-O3 -mcpu=athlon-xp -march=athlon-xp -mmmx > > -msse -m3dnow > > -mfpmath=sse' > > # export CXXFLAGS=$CFLAGS > > # cd etc > > # make distrib-dirs > > ... > > # cd .. > > When the only thing