Re: Recommendation for firewall appliance running of and OpenBSD

Tito Mari Francis H. Escaño wrote on 11/24/16 13:15: Hi everyone, Can somebody please recommend me a firewall appliance that can run OpenBSD and pf, and can be upgradeable to the latest version? It would be a great plus if the appliance can also be configured as part of CARP firewall group.

OpenBSD and you

Hello everybody, As I did see any mention around here, I was boosted to post this great presentation by Peter N . M. Hansteen. https://home.nuug.no/~peter/blug2016/ Individually my sincerely grateful for each developer of OpenBSD the true reliable and high secure operating system. Regards,

iked.conf - ikelifetime?

Hello: What are the units for "ikelifetime" in iked.conf? Per the man page, for "lifetime," it states: lifetime time [bytes bytes] ... Several unit specifiers are recognized (ignoring case): ‘m’ and ‘h’ for minutes and hours, and ‘K’, ‘M’ and ‘G’ for kilo-, mega- and gigabytes accordingly.

Re: -current

On Fri, 25 Nov 2016 16:55:03 -0700 ch...@ccmach14.org wrote: > Hello - Where can I get sys.tar.gz -current? Thanks! Chuck > Greetings Chuck, You can use the sys.tar.gz and src.tar.gz from the latest release (at the moment 6.0) and use "cvs update -rHEAD" on it.

Re: -current

Thanks tj. The cvs is well documented. On 2016-11-25 17:08, tj wrote: there isn't one, use cvs

Re: -current

On Fri, Nov 25, 2016 at 7:01 PM, sven falempin wrote: > Just send 500$ to Theo in Cash and we ll arrange it > DISCLAIMER this email is not engaging anyone into anything --

Re: -current

Just send 500$ to Theo in Cash and we ll arrange it On Fri, Nov 25, 2016 at 6:55 PM, wrote: > Hello - Where can I get sys.tar.gz -current? Thanks! Chuck > > --

-current

Hello - Where can I get sys.tar.gz -current? Thanks! Chuck

OpenBSD's binutils

Hi all, Well, my experiments with loongson have proven fruitful, except for the need of a web browser. Part of this is due to the webkit browsers needing the libav gstreamer plug-in. Now, this fails to build because of the assembler not recognising some op codes generated by gcc. I found I got

Re: trouble adding user to a chroot sandbox

On Fri, November 25, 2016 4:24 pm, trondd wrote: > On Fri, November 25, 2016 2:01 pm, Dave Cohen wrote: >> I'm new to `chroot`. Trying to make sandbox where I can build and run >> untrusted code without affecting the base system. >> >> Following instructions from >>

Re: trouble adding user to a chroot sandbox

On Fri, November 25, 2016 2:01 pm, Dave Cohen wrote: > I'm new to `chroot`. Trying to make sandbox where I can build and run > untrusted code without affecting the base system. > > Following instructions from >

Re: mailx as root ignores set keep

On Fri, Nov 25, 2016 at 01:13:17PM -0500, trondd wrote: > On Fri, November 25, 2016 12:36 pm, Walter Alejandro Iglesias wrote: > > Hello trondd, > > > > On Fri, Nov 25, 2016 at 11:03:49AM -0500, trondd wrote: > >> On Fri, November 25, 2016 4:17 am, Walter Alejandro Iglesias wrote: > >> > Is this

trouble adding user to a chroot sandbox

I'm new to `chroot`. Trying to make sandbox where I can build and run untrusted code without affecting the base system. Following instructions from https://www.ibm.com/developerworks/community/blogs/karsten/entry/openbsd_chroot?lang=en, I am at the point where I can `doas chroot

Re: mailx as root ignores set keep

On Fri, November 25, 2016 12:36 pm, Walter Alejandro Iglesias wrote: > Hello trondd, > > On Fri, Nov 25, 2016 at 11:03:49AM -0500, trondd wrote: >> On Fri, November 25, 2016 4:17 am, Walter Alejandro Iglesias wrote: >> > Is this on purpose? >> > >> > I've tried adding 'set keep' to /etc/mail.rc

Re: Recommendation for firewall appliance running of and OpenBSD

Looks nice. Like a Soekis x2 + Kerberos case. What I miss on all those boards is dedicated IPMI. Else, with IPMI, those are perfect products for remote small office. //mxb > On 25 nov. 2016, at 15:01, Bob Jones wrote: > > Try the NetBoard A-10 and any

Re: mailx as root ignores set keep

Hello trondd, On Fri, Nov 25, 2016 at 11:03:49AM -0500, trondd wrote: > On Fri, November 25, 2016 4:17 am, Walter Alejandro Iglesias wrote: > > Is this on purpose? > > > > I've tried adding 'set keep' to /etc/mail.rc and /root/.mailrc > > but mail(1) still removes empty mailbox files before

Re: mailx as root ignores set keep

On Fri, November 25, 2016 4:17 am, Walter Alejandro Iglesias wrote: > Is this on purpose? > > I've tried adding 'set keep' to /etc/mail.rc and /root/.mailrc > but mail(1) still removes empty mailbox files before quiting. > Worked here. How exactly are you reading mail?

help with pf queueing in ipsec over gre

Hi, I'd like to do limit bandwidth on gre tunnel protected with ipsec in transport mode. I've set single default queue on gre interface, matched everything that goes out to that queue, and finally passed everything out that interface: # SNIP queue mother on gre204 bandwidth 25M min 25M max 25M

Re: alternative method for "gtar --delete"

Aaron, Thank you for putting me down this path. A few flags aside, this is the solution I was looking for. BTW, OpenBSD's man pages are a cut above the rest; and I'd like to thank everyone involved in the project for such an awesome OS. All the best, Keith Larsen CPS Coatings On Mon, 21 Nov

Re: Recommendation for firewall appliance running of and OpenBSD

Try the NetBoard A-10 and any of the products built on top of it : https://www.deciso.com/ Comes with a version of FreeBSD running on it, but you can get OpenBSD on there via the console port, no probs.

Re: IPSec

Am 24.11.2016 22:58 schrieb Damian McGuckin: Can you mix the use of 'isakmpd.conf' and 'ipsec.conf'? You can.. ipsecctl just translates ipsec.conf syntax into isakmpd.conf style and injects that (or removes with -d) into the running isakmpd. Just take a config-dump after loading with

mailx as root ignores set keep

Is this on purpose? I've tried adding 'set keep' to /etc/mail.rc and /root/.mailrc but mail(1) still removes empty mailbox files before quiting.