Re: recommended disk layout for small web/mail/db server

Francisco Valladolid Hdez. wrote: > I'm setting a small web/mail/db server for sell web hosting, it > run OpenBSD 4.4. I want to know the different view point > about the disk layout for this purpose. The partitioning depends on the usage. How much mail (# of messages and KB / message) do you ex

Re: HP DL180 hangs on boot

On 08-11-06 14.44, Alexander Hall wrote: Hi! I have issues booting a HP ProLiant DL180 G5 ("456830-421") [1] which I hope someone can shed some light on. [ While writing thie email I've done some more testing and realized that the behaviour is not really consistent, but what I describe below is

Re: Laptop keyboard pictures

On Fri, Nov 7, 2008 at 12:01 AM, Andrew Konkol <[EMAIL PROTECTED]> wrote: > Not sure if this is completely useful... but here is a comparison on the > size of the eee and an old fujitsu lifebook > > http://www.copyandwaste.com/2008/09/16/asus-netbook/ That's awesome, thanks. I loved my lifebook,

Re: recommended disk layout for small web/mail/db server

Thanks for the suggest, I thin begin with a 100GB hard disk, for managing users (web-mail-db) and allocate some dynamic web sites. I share the opinion about the split /var, in the past only /var/postgresql was split for me, is a good suggest /var/mail /var/mysql and /var/log Thanks and Best Re

Re: Laptop keyboard pictures

Heres a pic of a portion of the eee keyboard (excuse the crappy photo): http://www.copyandwaste.com/wp-content/uploads/2008/11/img_0055.jpg Not sure if this is completely useful... but here is a comparison on the size of the eee and an old fujitsu lifebook http://www.copyandwaste.com/2008/09/16/a

Re: Laptop keyboard pictures

On Thu, Oct 30, 2008 at 7:42 PM, Ted Unangst <[EMAIL PROTECTED]> wrote: > Can people with these new tiny notebooks send me a nice high res (1k x 1k is > good) pic showing the keyboard layout? Maybe with a quarter or euro to show > scale? Off list of course. I'd like to make a gallery because the

Re: tap devices on bridge cannot connect

On 17:37:11 Nov 06, Lord Sporkton wrote: > I am running Qemu with 2 virtual machines. I have put the tap devices > into a bridge with a trunk interface, the trunk acts as a gateway, > allowing a virtual network inside the host server which can nat to > public IPs and be firewalled. For some reason

Re: trunk(4), VLANs and MTU problems

On 2008-11-06, Johan Strvm <[EMAIL PROTECTED]> wrote: > Anyone know how common this problem with blocked ICMP packets is? Idiot firewall and router admins do it the world over. If you can work out who's filtering ICMP, you can attempt to apply a LART, but experience shows this is rarely successfu

tap devices on bridge cannot connect

I am running Qemu with 2 virtual machines. I have put the tap devices into a bridge with a trunk interface, the trunk acts as a gateway, allowing a virtual network inside the host server which can nat to public IPs and be firewalled. For some reason the 2 vmhosts cannot communicate. they will arp e

Re: no pg_dump?

On 2008-11-07, Stuart Henderson <[EMAIL PROTECTED]> wrote: > On 2008-11-06, Matthias Kilian <[EMAIL PROTECTED]> wrote: >> On Thu, Nov 06, 2008 at 05:53:17PM -0500, Charlie Farinella wrote: >>> http://www.openbsd.org/4.4_packages/i386/postgresql-client-8.3.3.tgz-contents >>> .html >>> >>> Thank you

recommended disk layout for small web/mail/db server

Hi Folks. I'm setting a small web/mail/db server for sell web hosting, it run OpenBSD 4.4. I want to know the different view point about the disk layout for this purpose. I don't have sufficient resources for buying three separate machines (web/mail/db) at this time. I hope your advices.! -

Re: openbsd fail2ban

One more vote for sshguard, I use it here with success, just need to create a rule like: block in on $ext_if proto tcp from to any port ssh And run sshguard, it will get any host trying random passwords with no success to the table. Don't know it there are any alternative more openbsd focu

Re: no pg_dump?

On 2008-11-06, Matthias Kilian <[EMAIL PROTECTED]> wrote: > On Thu, Nov 06, 2008 at 05:53:17PM -0500, Charlie Farinella wrote: >> http://www.openbsd.org/4.4_packages/i386/postgresql-client-8.3.3.tgz-contents >> .html >> >> Thank you. >> >> I have everything on the list except: >> >> /usr/local/b

Re: no pg_dump?

On Thu, Nov 06, 2008 at 05:53:17PM -0500, Charlie Farinella wrote: > http://www.openbsd.org/4.4_packages/i386/postgresql-client-8.3.3.tgz-contents > .html > > Thank you. > > I have everything on the list except: > > /usr/local/bin/pg_config > /usr/local/bin/pg_dump > /usr/local/bin/pg_dumpall >

Re: openbsd fail2ban

On 2008-11-06, Joachim Schipper <[EMAIL PROTECTED]> wrote: > On Thu, Nov 06, 2008 at 05:33:41PM +, Charlie Clark wrote: >> I have noticed that people constantly try to brute force sshd on my >> openbsd box, on my server I use fail2ban to prevent this and wondered if >> there is a similar so

Re: no pg_dump?

On 2008-11-06, Charlie Farinella <[EMAIL PROTECTED]> wrote: > On Thursday 06 November 2008, Pierre-Emmanuel Andri wrote: >> Le Thu, 6 Nov 2008 17:06:54 -0500, >> Charlie Farinella <[EMAIL PROTECTED]> a icrit : >> >> > I've installed postgresql client, server and contribs from packages >> > on a new

Re: no pg_dump?

On Thursday 06 November 2008, Pierre-Emmanuel Andri wrote: > Le Thu, 6 Nov 2008 17:06:54 -0500, > Charlie Farinella <[EMAIL PROTECTED]> a icrit : > > > I've installed postgresql client, server and contribs from packages > > on a new 4.4 OpenBSD machine and there is no pg_dump or pg_restore > > incl

Re: no pg_dump?

On Thursday 06 November 2008, Antoine Jacoutot wrote: > On Thu, 6 Nov 2008, Charlie Farinella wrote: > > > I've installed postgresql client, server and contribs from packages on a > > new 4.4 OpenBSD machine and there is no pg_dump or pg_restore included > > that I can find. Where can I get t

Re: no pg_dump?

Le Thu, 6 Nov 2008 17:06:54 -0500, Charlie Farinella <[EMAIL PROTECTED]> a icrit : > I've installed postgresql client, server and contribs from packages > on a new 4.4 OpenBSD machine and there is no pg_dump or pg_restore > included that I can find. Where can I get these tools? > > --charlie > h

Re: no pg_dump?

On Thu, 6 Nov 2008, Charlie Farinella wrote: > I've installed postgresql client, server and contribs from packages on a > new 4.4 OpenBSD machine and there is no pg_dump or pg_restore included > that I can find. Where can I get these tools? They should be under /usr/local/bin/ -- Antoine

Re: VPN Ipsec

On Thu, Nov 6, 2008 at 9:39 AM, Louis Opter <[EMAIL PROTECTED]> wrote: > Hello, > > I am trying to set up an ipsec vpn between two networks. But, I can't > figure out why it doesn't work. > > I get some errors like (here on the "malenfant gate", see network map > below) : > Plcy 30 keynote_cert_ob

Re: dhcpd on 4.4 is problematic

On Wed, Nov 05, 2008 at 08:16:01AM -0500, Kenneth R Westerback wrote: > On Wed, Nov 05, 2008 at 12:22:03PM +0800, Uwe Dippel wrote: > > Here is what Stuart requested. > > I hope the attachment goes through! > > > > 00f0: > > 0100:

no pg_dump?

I've installed postgresql client, server and contribs from packages on a new 4.4 OpenBSD machine and there is no pg_dump or pg_restore included that I can find. Where can I get these tools? --charlie -- Charles Farinell

Re: NAT + IPsec problem

This is something I have struggled myself and don't have a good solution to. I actually asked a similar question to yours couple days ago :-( http://marc.info/?l=openbsd-misc&m=122530349320838&w=2 Basically NATing stuff going through a VPN tunnel doesn't really work. I have followed the recipe

Re: fps between 10/28 and 11/2 snapshots

On Wed, 5 Nov 2008 14:37:06 -0600 "Neal Hogan" <[EMAIL PROTECTED]> wrote: > I've been running -current via snapshots and have had odd glxgears > output between the 10/28 snap and 11/02 snap. Back on the 10/02 > version I was getting 1000-1300 fps. On the 11/02 version I get > 100-130 fps. It's not

Re: Intel D201GLY2 install failure, OpenBSD 4.4

On Thu, Nov 6, 2008 at 11:49 AM, Jamie Cuesta <[EMAIL PROTECTED]> wrote: > I was hoping to include a dmesg via serial port capture (my box does not > include a floppy), but Use ftp.

Re: openbsd fail2ban

If you're just tired of the noise, consider moving SSH to a different port. It provides no greater security but helps with some of the annoyance. -HKS On Thu, Nov 6, 2008 at 2:34 PM, Joachim Schipper <[EMAIL PROTECTED]> wrote: > On Thu, Nov 06, 2008 at 05:33:41PM +, Charlie Clark wrote: >> I

Re: openbsd fail2ban

On Thu, Nov 06, 2008 at 05:33:41PM +, Charlie Clark wrote: > I have noticed that people constantly try to brute force sshd on my > openbsd box, on my server I use fail2ban to prevent this and wondered if > there is a similar solution for openbsd. Yes, but why would you want to do that? It

Re: openbsd fail2ban

2008/11/6, Charlie Clark <[EMAIL PROTECTED]>: > Hi, > > I have noticed that people constantly try to brute force sshd on my > openbsd box, on my server I use fail2ban to prevent this and wondered if > there is a similar solution for openbsd. Have you tried sshguard?

Re: openbsd fail2ban

You'd be free to do whatever you want with it. I'll see I can find the source. I'm pretty sure there's a copy on my old powerbook. It was written for linux and openbsd and we used for an ad-hoc authentication method to manage a remote machine over the unsecure internet. Never did any security aud

Re: openbsd fail2ban

On 17:33, Thu 06 Nov 08, Charlie Clark wrote: > Hi, > > I have noticed that people constantly try to brute force sshd on my > openbsd box, on my server I use fail2ban to prevent this and wondered if > there is a similar solution for openbsd. Have a look at this section of the FAQ: http://www.o

Re: HP DL180 hangs on boot

Christophe Rioux wrote: I had some similar issue on the HP DL 120 G5. Solution is: desactivate the RAID controler in the BIOS. If you need the use some raid, use raidctl which is working again in version 4.4 This server has only some kind of built-in raid which I suppose is of the software-ra

Re: openbsd fail2ban

Hi Marcus, If you come across this program again would I be able to steal it off of you, it will implement it as suggested before using pf state table tracking but your program sounds very interesting and I would still like to see it. Thank you everyone for your answers. Thanks, Charlie M

Intel D201GLY2 install failure, OpenBSD 4.4

I'm booting from CD as prelude to install, and during CD boot see (NOTE this is manually transcribed from the screen): : couldn't map interrupt sis0 at pci0 dev 4 function 0 "SiS 900 10/100BaseTX" rev 0x91pci_intr_map: bad interrupt line 19 : couldn't map interrupt pciide1 at pci0 dev 5 function

Re: openbsd fail2ban

I've written a small program about 5 years ago. It was a daemon that implemented a service similar to "port knocking" but entirely in user level, calling pfctl by exec() system calls to insert/remove remote IP addresses in a pf table holding machines able to connect to the ssh daemon via port 22.

Re: openbsd fail2ban

> -Urspr|ngliche Nachricht- > Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Im Auftrag von Charlie Clark > Gesendet: Donnerstag, 6. November 2008 18:34 > An: misc > Betreff: openbsd fail2ban > > > Hi, > > I have noticed that people constantly try to brute force sshd on my > openbsd box

Re: openbsd fail2ban

2008/11/6 Charlie Clark <[EMAIL PROTECTED]>: > I have noticed that people constantly try to brute force sshd on my openbsd > box, on my server I use fail2ban to prevent this and wondered if there is a > similar solution for openbsd. Yes. RTFAQ. Best Martin

openbsd fail2ban

Hi, I have noticed that people constantly try to brute force sshd on my openbsd box, on my server I use fail2ban to prevent this and wondered if there is a similar solution for openbsd. Regards, -- Charlie Clark Network Engineer Lemon Computing Ltd Unit 9 26-28 Priests Bridge London SW14 8

Re: NAT + IPsec problem

> -Urspr|ngliche Nachricht- > Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Im Auftrag von BARDOU Pierre > Gesendet: Donnerstag, 6. November 2008 15:30 > An: misc@openbsd.org > Cc: LOUIS Marc > Betreff: NAT + IPsec problem > > > Hello, > > I am trying to setup an IPsec connection. > He

Re: Panic. ciss0: dead (HP ProLiant DL360 G5)

PP0P2QP4P>P2 PP5P=P8Q
schrieb: Hello, all! I've got panic with ciss0 on my HP ProLieant DL360 G5. Everything works fine about month or so till this day. I forgot to enable SNMP trap on iLO2, but anyway, don't know is there something interesting from Integrated Lights-Out. Before installing O

Panic. ciss0: dead (HP ProLiant DL360 G5)

Hello, all! I've got panic with ciss0 on my HP ProLieant DL360 G5. Everything works fine about month or so till this day. I forgot to enable SNMP trap on iLO2, but anyway, don't know is there something interesting from Integrated Lights-Out. Before installing OpenBSD I've did hardware raid 1+0. An

Re: isakmpd routing woes

> -Urspr|ngliche Nachricht- > Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Im Auftrag von Carlos Laviola > Gesendet: Donnerstag, 6. November 2008 13:34 > An: misc@openbsd.org > Betreff: isakmpd routing woes > > > Hello, > > > > I have three /24 networks connected to each other through

Re: trunk(4), VLANs and MTU problems

Okay, I've done some reading up on the code. It seems the em driver (in 4.4) have its HW VLAN tagging capability disabled, and thus I cannot use that. Seems some changes have been commited since, I tried (without much hope of it working :P) to backport this into 4.4, but failed totally as expected

NAT + IPsec problem

Hello, I am trying to setup an IPsec connection. Here is the ipsec.conf : ike esp from 10.63.61.0/26 to 193.164.151.0/28 peer 193.164.151.35 \ main auth hmac-sha1 enc aes-256 \ quick auth hmac-sha1 enc aes-256 group modp1024 psk "" Tunnels go up well : flow esp in from 193.

Re: uvm_fault again...

Hello Tobias, On Wed, 2008-11-05 at 12:56 +0100, Tobias Ulmer wrote: > So you didn't test 4.4 and -current? > No, because it's a production machine, because I didn't have the time to do much testing while the machine was online and because now I have an *identical twin* machine up and running

Re: Xorg: ABI mismatch

Hi! On Thu, Nov 06, 2008 at 03:40:59PM +0100, giovanni wrote: >On Thu, Nov 6, 2008 at 3:35 PM, Owain Ainsworth <[EMAIL PROTECTED]> wrote: >> On Thu, Nov 06, 2008 at 09:18:13AM +0100, giovanni wrote: >[...] >> You should instead have removed the record, and trap extension from you >> config. Those

Re: Xorg: ABI mismatch

Hi! On Thu, Nov 06, 2008 at 02:35:30PM +, Owain Ainsworth wrote: >[...] >> (EE) Failed to load module "record" (module requirement mismatch, 0) >> (EE) Failed to load module "xtrap" (module requirement mismatch, 0) >> for taking away it I've temporary added >You should instead have removed

Re: Xorg: ABI mismatch

On Thu, Nov 6, 2008 at 3:35 PM, Owain Ainsworth <[EMAIL PROTECTED]> wrote: > On Thu, Nov 06, 2008 at 09:18:13AM +0100, giovanni wrote: >> just updated latest Xorg. apart from the sync-to-vblank intel's issue no >> troubles at all at first glance >> but I start seeing this in the logs (excerpt) >>

Re: Xorg: ABI mismatch

On Thu, Nov 06, 2008 at 09:18:13AM +0100, giovanni wrote: > just updated latest Xorg. apart from the sync-to-vblank intel's issue no > troubles at all at first glance > but I start seeing this in the logs (excerpt) > > (II) LoadModule: "record" > (II) Loading /usr/X11R6/lib/modules/extensions//l

Re: HP DL180 hangs on boot

I had some similar issue on the HP DL 120 G5. Solution is: desactivate the RAID controler in the BIOS. If you need the use some raid, use raidctl which is working again in version 4.4 -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de Alexander Hall Envoyi

Re: Xorg: ABI mismatch

Hi! On Thu, Nov 06, 2008 at 09:18:13AM +0100, giovanni wrote: >just updated latest Xorg. apart from the sync-to-vblank intel's issue no >troubles at all at first glance >but I start seeing this in the logs (excerpt) >[...] I have many more issues. For this issue, I regenerated the configurati

HP DL180 hangs on boot

Hi! I have issues booting a HP ProLiant DL180 G5 ("456830-421") [1] which I hope someone can shed some light on. [ While writing thie email I've done some more testing and realized that the behaviour is not really consistent, but what I describe below is a typical case ] 1. The machine takes loo

fjnews12-2008

FUNJET ASSOCIAZIONE SPORTIVA FUNJET www.funjet.it [EMAIL PROTECTED] FJNEWS 12/2008 Con la gara di Domenica 2 Novembre 2008, l'A.S.D. Funjet di Empoli chiude nel migliore dei modi una entusiasmante stagione agonistica. A Marina di Massa nell'ultima prova di Campionato Italiano Moto D'Acqua Endu

Re: PF: very simple question...

On 2008-11-06, Can Erkin Acar <[EMAIL PROTECTED]> wrote: > Parsing raw network > data, even from a file, provides an opportunity to inject incredible > amounts of malicious input to the parser. That is also one reason we do > not have ethereal/wire

isakmpd routing woes

Hello, I have three /24 networks connected to each other through multihomed OpenBSD 4.0 servers using isakmpd(8). Recently, new point-to-point links have been installed between each of those networks on separate interfaces, and I would like to make it so traffic coming from/through specific (

Re: SSL error

--- Doug Milam [Wed, Nov 05, 2008 at 07:58:39PM -0800]: --- > I've followed the SSL instructions in the FAQ, > http://www.openbsd.org/faq/faq10.html#HTTPS, but I get the following error in > Firefox (other browsers don't work either) > > "SSL received a record that exceeded the maximum permissi

OpenBSD Remote Access Server

Hi Misc@, In a few days I'm going to start new RAS project, and I'd like to use OBSD as ppp/pppoe server. Has anyone ever done this before? I'm looking to manage ppp clients access and bandwidth using radius server, but I had limited experiences with ppp server and radius. If anyone willing

Re: Duplicate incoming packets to multiple destinations using pf

Ok, Here are the first results I have set up loopback addresses with the same ip address on two receivers (for testing). (A.A.A.10) Each receiver has unique external ip adresses in the same subnet as the $nms_if First, I created this rule : pass in on $int_if dup-to ( $nms_if $nms_broadcastad

Re: PF: very simple question...

Limaunion wrote: Hi, for some reason my OpenBSD 4.4 firewall is been able to negotiate dhcp request although there are no rules that allow this operation. Thanks everyone for the explanation, I wasn't sure what was wrong with my configuration. Now it's clear. Best regards. JC

VPN Ipsec

Hello, I am trying to set up an ipsec vpn between two networks. But, I can't figure out why it doesn't work. I get some errors like (here on the "malenfant gate", see network map below) : Plcy 30 keynote_cert_obtain: failed to open "/etc/isakmpd/keynote//192.168.1.159/credentials" Default rsa

Xorg: ABI mismatch

just updated latest Xorg. apart from the sync-to-vblank intel's issue no troubles at all at first glance but I start seeing this in the logs (excerpt) (II) LoadModule: "record" (II) Loading /usr/X11R6/lib/modules/extensions//librecord.so (II) Module record: vendor="X.Org Foundation" comp

Re: OpenBSD 4.4 httpd reverse proxy

Yes I'm sure ! It is a weird problem... In fact httpd does not proxy anything even with a successful compilation. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of disintx Sent: jeudi 6 novembre 2008 03:05 To: misc@openbsd.org Subject: Re: OpenBSD 4.4 httpd