[Sorry posted this to tech, found out that questions are meant for misc]
Hello,
I recently upgraded to -current because the intel graphics driver in the
4.8 release freezes my computer. I have a Core i3 with integrated
graphics, every time i boot my laptop with multiprocessor turned on i
get
Hi Gilles.
I've installed a snapshot from January 29 (first time ever - very painless):
uname -rvm
4.9 GENERIC#644 i386
An issue I had looks okay.
That is ...
accept for domain example.org relay
... and the explicit ...
accept from local for domain example.org relay
... both now work.
As far as
On Mon, Jan 31, 2011 at 04:28:28PM -0800, patrick keshishian wrote:
--- pf.conf.5 23 Jan 2011 23:34:18 - 1.488
+++ pf.conf.5 1 Feb 2011 00:01:05 -
@@ -127,7 +127,7 @@
the first time a packet matches a
.Ar pass
rule, a state entry is created; for subsequent packets
On Tue, Feb 1, 2011 at 6:43 AM, Josh Smith juice...@gmail.com wrote:
misc@,
I recently acquired a playstation 3 and have been running into some
difficulties playing it online behing my openbsd gateway. After doing
some research and testing I have been able to overcome most of these
problems
On 2011-01-31, Martin Schmitt m...@scsy.de wrote:
Now I'm in trouble! ;-)
I've been using IPv6 via tunnel for a while, with decent success.
Lately, I have found an ISP here in Germany who hands out free native
IPv6 access, which is to be used on top of the existing DSL line. And I
already
On 2011-01-31, Joachim Schipper joac...@joachimschipper.nl wrote:
Also, I've noticed that if I don't have X11 installed, I can't seem to
install certain packages (such as subversion) and certain ports
(EMACS, and even if I set FLAVOR=no_x11). What's up with that?
xbase is now mandatory for
On 2011-01-31, Josh Smith juice...@gmail.com wrote:
misc@,
I recently acquired a playstation 3 and have been running into some
difficulties playing it online behing my openbsd gateway. After doing
some research and testing I have been able to overcome most of these
problems by appending the
Hi list,
I have 3 web servers running on port 8080 behind PF firewall. I am trying
to load balance these incoming connections to these web servers.
I wrote rules as below. Pls pay attention to *highligthed BOLD* rules .
they are the once I have written. But, I can NOT login to these web
If I specify
MAILTO=email@my.domain
in roots crontab.
I'll recieve mail when cron runs what I've asked it to.
With
MAILTO=root
Mails are delivered to the local mailbox on the system
In /etc/postfix/aliases I have
root: email@my.domain
I've executed newaliases at the command
On Tue, Feb 01, 2011 at 10:53:26AM +0100, Leslie Jensen wrote:
If I specify
MAILTO=email@my.domain
in roots crontab.
I'll recieve mail when cron runs what I've asked it to.
With
MAILTO=root
Mails are delivered to the local mailbox on the system
In /etc/postfix/aliases I have
On Tue, Feb 01, 2011 at 02:22:25PM +0530, Indunil Jayasooriya wrote:
I have 3 web servers running on port 8080 behind PF firewall. I am trying
to load balance these incoming connections to these web servers.
I wrote rules as below. Pls pay attention to *highligthed BOLD* rules .
they are
Indunil Jayasooriya P?P8QP5Q:
Hi list,
I have 3 web servers running on port 8080 behind PF firewall. I am trying
to load balance these incoming connections to these web servers.
I wrote rules as below. Pls pay attention to *highligthed BOLD* rules .
they are the once I have written. But, I
I have found the problem, it came from the pf's states hard-limit, which by
default is 10k increasing it solved the problem
is there any way for pf to inform me about reaching limits thresholds?
Thanks in advance
From: Mindless Gr nomindles...@yahoo.com
To:
On 02/01/2011 11:10 AM, Mindless Gr wrote:
I have found the problem, it came from the pf's states hard-limit, which by
default is 10k increasing it solved the problem
is there any way for pf to inform me about reaching limits thresholds?
Thanks in advance
Their is a 'set debug' option which
On Tuesday, February 1, 2011, Henning Brauer lists-open...@bsws.de wrote:
* Joel Wiramu Pauling j...@aenertia.net [2011-02-01 01:40]:
The better option is to acquire IPv6 transit someway
getting ipvshit is never a better option.
Henning,
Why the negativity surrounding ipv6?
Thanks,
--
Josh
[IMAGE]
!Promociones Especiales para grupos!
Capacitacisn Impartida por: Mtro. Alberto Ledesma Gonzalez.
Pms Capacitacisn Efectiva de Mixico presenta:
Licitaciones Pzblicas para la Ley de CFE
Experto Consultor Mtro. Alberto Ledesma Gonzalez
Empresa Registrada ante la STPS Reg.
*match in on $ext_if inet proto tcp to $ext_if port 8080 rdr-to
$web_servers
\
round-robin sticky-address *
You need to pass the inbound traffic somehow (match doesn't do this).
Either change the 'match in' above to 'pass in',
YES, changed. It worked.
or add another rule
Hi,
I am testing openbgpd 4.7 as a route server with a pretty huge config file of
~20mb, with lots of filtering.
Doing some stress testing, I am announcing 40k routes to the route server, and
CPU shoot up to 99% and access to the route session got no output.
May I understand what is the cause
* Josh Smith juice...@gmail.com [2011-02-01 13:31]:
On Tuesday, February 1, 2011, Henning Brauer lists-open...@bsws.de wrote:
* Joel Wiramu Pauling j...@aenertia.net [2011-02-01 01:40]:
The better option is to acquire IPv6 transit someway
getting ipvshit is never a better option.
Why the
* Tay Chee Yong t...@cheeyong.org [2011-02-01 13:59]:
I am testing openbgpd 4.7 as a route server with a pretty huge config file of
~20mb, with lots of filtering.
there you go. filtering is not very efficient at the moment.
Does it means that when the cpu is high, RDE is busy calculating and
On Tue, Feb 01, 2011 at 02:38:18PM +0100, Henning Brauer wrote:
| * Josh Smith juice...@gmail.com [2011-02-01 13:31]:
| On Tuesday, February 1, 2011, Henning Brauer lists-open...@bsws.de wrote:
| * Joel Wiramu Pauling j...@aenertia.net [2011-02-01 01:40]:
| The better option is to acquire
Hi Gilles.
I noticed something that might be unexpected, in the works, maybe
worth documenting.
Maybe all the old sendmail hands expect this. :]
If I have this ...
listen on external_if
map aliases { source plain /etc/mail/aliases }
accept from all for domain example.org alias aliases deliver
You are hitting a workaround in the AML code. HP has BIOS' that have
AML with backwards dependencies. \\_PR_.CPU0._PPC is not in scope until
acpicpu runs, but we can't run acpicpu without acpiec. The best part is
that it doesn't need _REG so minus an ugly warning your machine should
be working
Hi,
I wanted to know what was the restriction on BPF devices and how to possibly
go around it. We are currently running a 4.8 GENERIC.MP system with 3
dhcrelay processes (and would need to run more very soon), along with ladvd
daemon for CDP and they are consuming pretty much all of the 10 BPF
Thanks Henning. Any plans to address efficiency of filtering in future
release?
i also noticed that the Prf/State seems to be showing the # of routes
received before the filter when the FIB is only showing 400+ routes (there
is only 1 session established at the moment). Is this normal?
x.x.x.x
* Cheeyong Tay t...@cheeyong.org [2011-02-01 16:16]:
Thanks Henning. Any plans to address efficiency of filtering in future
release?
yes. no promises tho. but obviously the big exchange points who do
filter want this.
i also noticed that the Prf/State seems to be showing the # of routes
Jacob Meuser jake...@sdf.lonestar.org writes:
foomatic is pretty easy to set up.
Thread hijacker here. I tried to setup a lpd/foomatic for a printer over
network and always end-up with this kind of message in
/var/log/lpd-errs:
--8---cut here---start-8---
Feb
With 10 bpf devices, I was no longer able to do a tcpdump on any interface.
#tcpdump -nnnvvvi bnx1 proto pfsync
tcpdump: Failed to open bpf device for bnx1: No such file or directory
Once I stopped ladvd, the tcpdump started working properly again.
#tcpdump -nnnvvvi bnx1 proto pfsync
tcpdump:
Marco Peereboom wrote:
You are hitting a workaround in the AML code. HP has BIOS' that have
AML with backwards dependencies. \\_PR_.CPU0._PPC is not in scope until
acpicpu runs, but we can't run acpicpu without acpiec. The best part is
that it doesn't need _REG so minus an ugly warning your
On Tue, Feb 01, 2011 at 03:59:02PM +0100, Manuel Giraud wrote:
Jacob Meuser jake...@sdf.lonestar.org writes:
foomatic is pretty easy to set up.
Thread hijacker here. I tried to setup a lpd/foomatic for a printer over
network and always end-up with this kind of message in
Dear list,
Recently I built a new VPN hub and it seems I reached a limit in ospfd.
The configuration is the following :
2 central OpenBSD (4.7 on production, 4.8 and latest snapshot in our
lab). they both run ospfd on LAN side.
49 OpenBSD clients, running IPSEC + gif encapsulation over to each
On Tue, Feb 01, 2011 at 09:01:26PM +0530, karthic kumaran wrote:
Marco Peereboom wrote:
You are hitting a workaround in the AML code. HP has BIOS' that have
AML with backwards dependencies. \\_PR_.CPU0._PPC is not in scope until
acpicpu runs, but we can't run acpicpu without acpiec. The
On Tue, Feb 01, 2011 at 09:23:05AM -0500, Steve Johnson wrote:
Hi,
I wanted to know what was the restriction on BPF devices and how to possibly
go around it. We are currently running a 4.8 GENERIC.MP system with 3
dhcrelay processes (and would need to run more very soon), along with ladvd
With 10 bpf devices, I was no longer able to do a tcpdump on any interface.
#tcpdump -nnnvvvi bnx1 proto pfsync
tcpdump: Failed to open bpf device for bnx1: No such file or directory
You need to create more bpf nodes in /dev; by default there are only ten
of them.
Miod
2011/2/1, Stuart Henderson s...@spacehopper.org:
presumably you are running this machine as a router
and therefore can't use rtsol.
Actually, you can. People were asking about this earlier on this list
and as it turned out, you get only a warning that router solicitation
isn't intended for
On Mon, Jan 31, 2011 at 04:28:28PM -0800, patrick keshishian wrote:
Also consider explaining what defines a state (protocol, family,
src/dst addr/port, rdomain).
note that there is a stateful filtering section that documents this
stuff in more detail.
Then continue fresh:
/usr/local/libexec/symux: can't load library 'libfontconfig.so.6.0'
OK, I figured this out: I must have accidentally gotten the wrong
xbase47.tgz fileset. problem solved.
For the archives:
You also get a missing library error if symux is run as a non root user
and can't write it's pid file
strange.
Quite frankly, the aliases expansion code does not work as it should
and there are many cases where it will fail expanding users as you'd
expect.
Good news is ... I rewrote it entirely and refactored various parts
of smtpd, I'm currently cleaning it up and testing before it can hit
the
Thanks. Pretty much what I had read on some older posts about limits of 10
but they were based on 4.1 and someone had replied that a lot had changed
since then, so I wanted to make sure that it was still indeed the case, and
that there should be no important impact in adding them.
Thanks for the
Hi,
I currently have a system that has no match rule in the ruleset, but that
uses tables for a big chunk of the traffic, including our monitoring station
that has a pretty high SNMP request rate. That system has a state table that
usually stabilizes between 15-20K sessions, with a session search
* Steve Johnson maill...@sjohnson.info [2011-02-01 20:35]:
I currently have a system that has no match rule in the ruleset, but that
uses tables for a big chunk of the traffic, including our monitoring station
that has a pretty high SNMP request rate. That system has a state table that
usually
On Tue, Feb 01, 2011 at 05:51:01PM +, Kevin Chadwick wrote:
/usr/local/libexec/symux: can't load library 'libfontconfig.so.6.0'
OK, I figured this out: I must have accidentally gotten the wrong
xbase47.tgz fileset. problem solved.
For the archives:
You also get a missing library
Ok, thanks for the tips. I did not have any ifq drops, but have still just
increased the net.inet.icmp.errppslimit to 1 (from the 1000 that was
before and shown below) and will see if that helps anything. Thanks also for
the clarification on the match counter.
I had forgotten to also include
On Tue, 1 Feb 2011 20:30:56 +0100
Joachim Schipper joac...@joachimschipper.nl wrote:
You also get a missing library error if symux is run as a non root user
and can't write it's pid file in /var/run
That seems unlikely, are you sure?
Tell a lie, sorry.
Symon does report errors about
2011/2/1 Henning Brauer lists-open...@bsws.de:
* Josh Smith juice...@gmail.com [2011-02-01 13:31]:
On Tuesday, February 1, 2011, Henning Brauer lists-open...@bsws.de wrote:
* Joel Wiramu Pauling j...@aenertia.net [2011-02-01 01:40]:
The better option is to acquire IPv6 transit someway
Hi folks,
I was running -current (dated some days before Christmas 2010, maybe 24th)
on my aspire one A110, and running smooth.
I decided, having one month passed to upgrade to latest -current, which is
now 4.9 (dated 20 Jan).
Already during operation with bsd.rd something strange happens,
On Tue, Feb 1, 2011 at 4:34 PM, Steve Johnson maill...@sjohnson.info wrote:
I had forgotten to also include the sysctl changes that I had made as well,
mostly based from calomel.org, which were the following:
net.inet.ip.ttl=254
I love this. Bigger is better!
Thank you all, I missed that tick in the prefs it did the trick :)
Sorry for the noise...
On Tue, Feb 1, 2011 at 5:07 PM, Martin Schrvder mar...@oneiros.de wrote:
So what will you tell your customers 2012 when you can't get ipv4 for them?
The same thing he told them in 2008.
[IMAGE]
Pms Capacitacisn Efectiva de Mixico
Presenta
Licitaciones Pzblicas para la Ley de PEMEX
18 de Febrero de 2011, Mixico D.F.
10 Horas de Capacitacisn Efectiva impartidas por nuestro
consultor Mtro. Alberto Ledesma Gonzalez
Smguenos en Twitter@pmscapacitacion o bien en Facebook PMS de
2011/2/1 Indunil Jayasooriya induni...@gmail.com
# macros
(...)
web_servers = { 192.168.x.64, 192.168.x.66, 192.168.x.67 }
lan_net=192.168.x.0/24
A table isn't better? I mean, we can control it without reloading the pf
rules and the matching algorithm is better.
I was running -current (dated some days before Christmas 2010, maybe 24th)
on my aspire one A110, and running smooth.
I decided, having one month passed to upgrade to latest -current, which is
now 4.9 (dated 20 Jan).
[...]
Built-in keyboard support on the Aspire One is known to be broken,
4.9 GENERIC#626 i386
I write a rule that says this:
pass in on $ext_if inet6 proto ipv6-icmp from any to 2620:0100:900f:c9::/56
and pfctl shows this:
pass in on em2 inet6 proto ipv6-icmp from any to 2620:100:900f::/56 keep
state
Maybe I'm crazy, but it seems 2620:100:900f:: would be /48
On Tue, Feb 01, 2011 at 10:51:00PM -0800, Brian Keefer wrote:
| 4.9 GENERIC#626 i386
|
| I write a rule that says this:
| pass in on $ext_if inet6 proto ipv6-icmp from any to 2620:0100:900f:c9::/56
|
| and pfctl shows this:
| pass in on em2 inet6 proto ipv6-icmp from any to 2620:100:900f::/56
On Feb 1, 2011, at 11:00 PM, Paul de Weerd wrote:
On Tue, Feb 01, 2011 at 10:51:00PM -0800, Brian Keefer wrote:
| 4.9 GENERIC#626 i386
|
| I write a rule that says this:
| pass in on $ext_if inet6 proto ipv6-icmp from any to
2620:0100:900f:c9::/56
|
| and pfctl shows this:
| pass in on
Daca aveti probleme cu vizionarea acestui email dati [click aici] pentru
a vizualiza varianta online!
[IMAGE]
[IMAGE]
Newsletter 01.02.2011
[IMAGE]
CaseFaraIntermediari.roUrmariti-ne pe Facebook!Urmariti-ne pe
Twitter!Urmariti-ne pe Blogger!
[IMAGE]
Ultimele anunturi adaugate
Vezi toate
56 matches
Mail list logo