On Tue, Nov 11, 2008 at 03:53:54PM -0800, Vivek Ayer wrote:
[...]
# macros
[...]
carpdevs = { carp0 , carp1 }
[...]
# pass rules
[...]
pass in on $carpdevs inet proto tcp from any to ($ext_if) \
port $tcp_services flags S/SA keep state # Allow SSH Access from Outside
just from a quick
On Wed, Nov 12, 2008 at 7:47 AM, disintx [EMAIL PROTECTED] wrote:
For all the ports you are looking for, you need to check /etc/services and
you should read the man pages for whatever daemons you want to know about.
May I also recommend the excellent Building Firewalls with OpenBSD and
PF
On 2008-11-12, jul [EMAIL PROTECTED] wrote:
Pedro Martelletto wrote on 11/11/08 18:56:
What was the actual panic message?
sorry but the serial console was connected after crash, so i don't have
initial message.
This information is not in trace ? is there a command to recover it ?
show panic
On Wed, Nov 12, 2008 at 5:31 AM, Joseph Alten [EMAIL PROTECTED] wrote:
So there isn't really an option like I was describing? I was going to just
create my / partition on my boot hard drive like you mentioned, but I seemed
so close when I ran boot hd0a:/bsd -a at the boot prompt that I thought
On 2008-11-12, Ryan Flannery [EMAIL PROTECTED] wrote:
I'm having some strange problems with the symon (mon+mux) and rrdtool
packages after recently upgrading to a 4.4 snapshot (fresh install).
Seems like your Perl packages are not in-sync with the base perl.
Make sure they are all up-to-date
On Mon, Nov 10, 2008 at 09:19:18PM -0800, J.C. Roberts wrote:
On Tue, 11 Nov 2008 04:26:22 +
Jacob Meuser [EMAIL PROTECTED] wrote:
On Mon, Nov 10, 2008 at 08:08:59PM -0800, J.C. Roberts wrote:
general mplayer configuration suggestions
nah, it's probably an B-frame or trellis
On Wed, Nov 12, 2008 at 02:35:35PM +0100, Claer wrote:
Hey there,
I don't know if your isakmpd.conf is good or not. The general
part seems good. But I'm wondering why you are not using the new
configuration file (/etc/ipsec.conf) It's much easier to use and to
maintain over time. For your
Hello
At work here I have a PC which was loaded with OpenBSD 4.3
I have updated it to OpenBSD 4.4
After having installed it I downloaded from OpenBSD's ftp the
files sys.tar.gz and src.tar.gz which i did tar zxpf in
/usr/src
I then downloaded the latest 4.4.tar.gz patch file and applied
every
On Wed, Nov 12, 2008 at 02:35:35PM +0100, Claer wrote:
Hey there,
OK, so I've switched to ipsec.conf and it is alot easier!
However, I'm still struggling to use aes 256.
I have the following:
ike esp from 195.24.xxx.x/25 to 62.232.yyy.y/27 \
local 195.24.aaa.aa peer 62.232.bbb.bbb \
main auth
After a few upgrades; I noticed that new users added with useradd(8)
(using commands in upgradeXX.htm) are created with 13 asterisks in
passwd field. During a new install only one asterisk is placed in this
field for system users. I was curious about this difference and feeling
a bit
On Tue, 11 Nov 2008, Don Jackson wrote:
Today I began testing named on a freshly installed OpenBSD 4.4 amd64
machine, using my old named.conf file from 4.3 (which was still running
named version 9.4.2)
When the machine first boots after the install, /etc/rc determines there is
no rndc.key,
Hi list
I'm looking at the relay (not redirect) feature of relayd (4.4), but
cannot figure out how to use backups/fallbacks when doing relaying?
With redirect I just add another forward directive, but this doesn't
seem to work for relays? Cannot find anything in docs mentioning this
(with
Yes, sorry it is a typo, I used 4.4-snapshot (10/08), got the same error,
I'll try to test it on the release as soon as it gets out. If it keeps
crushing i'll fill a bug report.
Thanks for the info.
2008/11/11 Stuart Henderson [EMAIL PROTECTED]
On 2008-11-11, Johan Strvm [EMAIL PROTECTED]
I found another thread in french (I think, I am not good with french)
with a link that looks promising...
http://fixunix.com/bsd/87865-nat-ipsec-openbsd-pf-isakmpd.html
I will check out that solution and let you know if I still have problems.
On Wed, Nov 12 2008 at 18:13, Joe Warren-Meeks wrote:
Hey guys,
Hi,
I'm struggling to get isakpmd to talk to a checkpoint firewall
I need the following parameters
General IKE Properties = AES-256 with SHA1
IKE Phase 1 SA = Group2 (1024 bit)
IKE Phase 1 SA renegotiation = 1440
IKE Phase
On Tue, Nov 11, 2008 at 01:21:09PM -0800, T D wrote:
I'm not sure...I didn't think it had more than one, I will have to look into
this.
There are no extra cards on the system (only a rj45) - the motherboard
wouldn't have more than one music built in would it?.
unlikely
Think I better check
Hey guys,
I'm struggling to get isakpmd to talk to a checkpoint firewall
I need the following parameters
General IKE Properties = AES-256 with SHA1
IKE Phase 1 SA = Group2 (1024 bit)
IKE Phase 1 SA renegotiation = 1440
IKE Phase 2 SA renegotiation = 3600
The network layout looks as follows:
I need migrate a script to a OpenBSD server, this work ok, but in the
script the some input parameters must be completed without echo in the
terminal.
I not found this in ksh,
Thanks in advance!
--
# /dev/hdc
- OpenBSDeros.org
hdc [at] openbsderos [dot] org
Something like
stty -echo
read variable
stty echo
Regards,
Andreas
2008/11/12 HDC [EMAIL PROTECTED]:
I need migrate a script to a OpenBSD server, this work ok, but in the
script the some input parameters must be completed without echo in the
terminal.
I not found this in ksh,
On Wed, Nov 12, 2008 at 6:40 PM, HDC [EMAIL PROTECTED] wrote:
I need migrate a script to a OpenBSD server, this work ok, but in the
script the some input parameters must be completed without echo in the
terminal.
I not found this in ksh,
a couple of ideas
1) do
stty -echo
read foo bar
stty
Hello,
I succeed to do what I wanted using this :
http://fixunix.com/bsd/87865-nat-ipsec-openbsd-pf-isakmpd.html
Many thanks for the help !
--
Cordialement,
Pierre BARDOU
-Message d'origine-
De : Claer [mailto:[EMAIL PROTECTED]
Envoyé : dimanche 9 novembre 2008 12:39
À : BARDOU
On 2008/11/12 10:56, David Caro wrote:
Yes, sorry it is a typo, I used 4.4-snapshot (10/08), got the same error,
I'll try to test it on the release as soon as it gets out. If it keeps
crushing i'll fill a bug report.
a snapshot from October '08 is way past 4.4 release, which was
built in
hi ,,,
i follow tutorial from this site
http://blog.innerewut.de/2005/7/4/openvpn-2-0-on-openbsd
i try make PKI follow automatic script from openvpn not working ,
bellow detail log
# uname -a
OpenBSD log.mydomain.com 4.4 GENERIC#1021 i386
#
#mkdir /etc/openvpn
#cp -R
On Wed, Nov 12, 2008 at 6:54 AM, Stuart Henderson [EMAIL PROTECTED] wrote:
In gmane.os.openbsd.misc, you wrote:
On 2008-11-12, Ryan Flannery [EMAIL PROTECTED] wrote:
I'm having some strange problems with the symon (mon+mux) and rrdtool
packages after recently upgrading to a 4.4 snapshot (fresh
Hi!
I subscribed to security-announce a long time ago and thought I would
receive information about security annoucements, but contrary to what is
stated on http://openbsd.org/mail.html:
security-announce - Security announcements. This low volume list
receives OpenBSD security advisories
1) do
stty -echo
read foo bar
stty echo
though in case you hit ^c in that read, that may lead to a tty with no
echo. perhaps may be solved with trap.
This work fine whit stty traps!
Thanks!
--
# /dev/hdc
- OpenBSDeros.org
hdc [at] openbsderos [dot] org
Kenneth R Westerback wrote:
On Tue, Nov 11, 2008 at 03:03:19PM -0800, Brian Keefer wrote:
On Nov 11, 2008, at 2:01 PM, Administrator wrote:
Brian Keefer wrote:
On Nov 11, 2008, at 12:42 PM, Administrator wrote:
Nope, didn't help. There must be some other mistery. Now it stops
at DHCPOFFER
Support for specifying aes key sizes was added february 2008, thus 4.2
does not provide this.
On Wed, Nov 12, 2008 at 03:17:17PM +, Joe Warren-Meeks wrote:
On Wed, Nov 12, 2008 at 02:35:35PM +0100, Claer wrote:
Hey there,
OK, so I've switched to ipsec.conf and it is alot easier!
i don't think I understand. Clarify. you mean carpdev is like your
physical interface..eth0, re0, etc.?
On Wed, Nov 12, 2008 at 12:40 AM, Marco Pfatschbacher [EMAIL PROTECTED] wrote:
On Tue, Nov 11, 2008 at 03:53:54PM -0800, Vivek Ayer wrote:
[...]
# macros
[...]
carpdevs = { carp0 , carp1 }
I know there has been some interest on this list related to having a
BSD licensed C compiler used for OpenBSD. Anders Magnusson (Ragge,)
is the maintainer of PCC and is looking for some funding through BSD
Fund (tax deductible in the US) to get a V1.0 release out.
This is also on Undeadly, if
Yes, you are exactly right.
My OS install script renames the existing /var/named/etc directory, and
creates a new one pulled from version control, and in so doing, does not
restore
the correct ownership of the etc directory.
So later on, during the execution of /etc/rc, the rndc.key file gets
Hello,
Here is the log for relayd -dv.
When I try to relayctl reload I got a command failed and nothing in
relayd output.
# relayd -dv
warning: macro 'squid_adh' not used
warning: macro 'dns_adh' not used
warning: macro 'dns1_ext' not used
warning: macro 'dns2_ext' not used
warning: macro
In that case i'll make the bug report as soon as i get one machine idle
enough time to install openbsd 4.4 again.
2008/11/12 Stuart Henderson [EMAIL PROTECTED]
On 2008/11/12 10:56, David Caro wrote:
Yes, sorry it is a typo, I used 4.4-snapshot (10/08), got the same error,
I'll try to test
On 2008-11-12, Vivek Ayer [EMAIL PROTECTED] wrote:
i don't think I understand. Clarify. you mean carpdev is like your
physical interface..eth0, re0, etc.?
yes
On Wed, Nov 12, 2008 at 12:40 AM, Marco Pfatschbacher [EMAIL PROTECTED]
wrote:
On Tue, Nov 11, 2008 at 03:53:54PM -0800, Vivek
Hello misc@,
I'm having some strange problems with the symon (mon+mux) and rrdtool
packages after recently upgrading to a 4.4 snapshot (fresh install).
Previously I was running 4.3 with symon symux installed, and would
cron a script that created rrdtool graphs from some of the symux rrd
files,
Seems to me we are not looking at the good direction.
I seem to understand that the problem is multi-booting, with OSes
possibly on multiple
physical devices.
It also seems that the starting point is a Lunixish advocating of having
a /boot partition
handling *all* parameters for all OSes,
Hi!
(ok not really a Re: since i dont have the original message, but i
copy-pasted somewhat from archives to get some context, hope noone
minds :) http://www.nabble.com/relayd:-does-timeout-directive-limits-time-for-SSL-handshake--td19698613.html)
Just want to bring this back up, since I
On Tue, Nov 11, 2008 at 07:52:30PM -0800, Joseph Alten wrote:
Due to technical constraints, my setup requires that I have a separate
boot partition (basically the kernel and anything else critical for
booting), and then of course my root partition other data partitions on a
separate
On 2008-11-12, dermiste [EMAIL PROTECTED] wrote:
I'm backing ben here : OpenBSD / should be small enough to fit it
entirely into a boot partition.
/etc/{master.,}passwd and /etc/{s,}pwd.db can grow pretty large
on some systems...
2008/11/12 Mitja MuEeniD
[EMAIL PROTECTED]:
If you control the target box, the simplest solution by far is to assign a
deconficting alias address to it and then establish the VPN tunnel between
the 3rd party site and this alias address of yours. Everybody will be
accessing through the
then, what about this: pass on $carpdev proto carp keep state
Looks like it's filtering on the $carpdev, which is carp0 and carp1 in
this case. It's just what I read in the pf book. I'd like to resolve
this soon so I can go ahead an launch my website. I feel like there's
a lot of carp in the pf
On 2008/11/12 14:35, Vivek Ayer wrote:
then, what about this: pass on $carpdev proto carp keep state
the proto carp packets are all strictly on the parent interfaces,
that is the only place you need to pass them.
Looks like it's filtering on the $carpdev, which is carp0 and carp1 in
this
On 12 Nov 2008, at 17:57, Peer Janssen wrote:
Hi!
I subscribed to security-announce a long time ago and thought I
would receive information about security annoucements, but contrary
to what is stated on http://openbsd.org/mail.html:
security-announce - Security announcements. This low
On 12 Nov 2008, at 20:25, Mark Carlson wrote:
I know there has been some interest on this list related to having a
BSD licensed C compiler used for OpenBSD. Anders Magnusson (Ragge,)
is the maintainer of PCC and is looking for some funding through BSD
Fund (tax deductible in the US) to get a
On Thu, 13 Nov 2008, Simon Connah wrote:
On 12 Nov 2008, at 17:57, Peer Janssen wrote:
Hi!
I subscribed to security-announce a long time ago and thought I would
receive information about security annoucements, but contrary to what is
stated on http://openbsd.org/mail.html:
On Wed, Nov 12, 2008 at 06:57:19PM +0100, Peer Janssen wrote:
I subscribed to security-announce a long time ago and thought I would
receive information about security annoucements, but contrary to what
is stated on http://openbsd.org/mail.html:
security-announce - Security announcements.
On Wed, 12 Nov 2008 21:32:57 -0600
Emilio Perea [EMAIL PROTECTED] wrote:
I don't think it's a big deal
since there are other ways of getting the information.
Given that we usually sign up to a security-announce mailing list for
good reason, if the list isn't working as intended, or there is
I don't think it's a big deal
since there are other ways of getting the information.
Given that we usually sign up to a security-announce mailing list for
good reason, if the list isn't working as intended, or there is some
misunderstanding as to why the list exists, then I'd like to
On Wed, 12 Nov 2008 21:32:57 -0600, Emilio Perea wrote:
On Wed, Nov 12, 2008 at 06:57:19PM +0100, Peer Janssen wrote:
I subscribed to security-announce a long time ago and thought I would
receive information about security annoucements, but contrary to what
is stated on
On Wed, Nov 12, 2008 at 10:32 PM, Emilio Perea [EMAIL PROTECTED] wrote:
FWIW, I received the Welcome to the security-announce mailing list!
message on 9/4/2002 and nothing since. I don't think it's a big deal
since there are other ways of getting the information.
Maybe you mean 2008, because
On Wed, Nov 12, 2008 at 11:36:10PM -0500, Ted Unangst wrote:
On Wed, Nov 12, 2008 at 10:32 PM, Emilio Perea [EMAIL PROTECTED] wrote:
FWIW, I received the Welcome to the security-announce mailing list!
message on 9/4/2002 and nothing since. I don't think it's a big deal
since there are
On Wed, 12 Nov 2008 21:17:46 -0700
Theo de Raadt [EMAIL PROTECTED] wrote:
It does not work because noone who works on OpenBSD runs -stable.
Then every few months some of you come and yell at us.
Not yelling, honest; I was just curious.
So, basically, no one has the time or motivation to send
It does not work because noone who works on OpenBSD runs -stable.
Then every few months some of you come and yell at us.
Not yelling, honest; I was just curious.
So, basically, no one has the time or motivation to send out updates?
None of the developers are on the list.
Heck! More
.
.
.
out of all
the lies
said to mE
i love you
was my favouriTe
.
.
.
[EMAIL PROTECTED]
.
.
.
On Wed, Nov 12, 2008 at 2:21 PM, Raimo Niskanen
[EMAIL PROTECTED] wrote:
On Tue, Nov 11, 2008 at 07:52:30PM -0800, Joseph Alten wrote:
Due to technical constraints, my setup requires that I have a separate
boot partition (basically the kernel and anything else critical for
booting), and then
55 matches
Mail list logo