Re: ndp for ND (ipv6) proxying on /64 prefix is failing cryptically.

When I was with Vultr—keyword there being “was”—I simply set up NAT66 for Wireguard to work. I believe that if you want NDP proxying to work you need something like ndppd (https://github.com/DanielAdolfsson/ndppd). Personally, depending on how big of an IPv6 “snob” you are, I would leave Vultr

Re: TCP FIN hangups in encrypted ESP tunnel

Hi, not sure if related but my Linux box (also in Hetzner) also started to have flaky connection lately. -- Regards, Ville On Wed 7. Jul 2021 at 19.58, Peter J. Philipp wrote: > Hi, > > My VPS at Hetzner has very weird behaviour: > > last week it started hanging up scp'ing of large backups,

TCP FIN hangups in encrypted ESP tunnel

Hi, My VPS at Hetzner has very weird behaviour: last week it started hanging up scp'ing of large backups, so I worked hard to get these encrypted if it was a hangup attack. Well surprise to me too the hangups are back. I have tcpdump'ed the enc0 from both sides and the FIN does originate from

Re: pkg_add multiple package install weird output

I have another instance of this, maybe someone can look if it really is of interest. Somehow, the current package name is messed up. geda-0.1p1:gerbv-2.7.0p0: 184/194 geda-0.1p1:tcl-8.5.19p4: 185/199 geda-0.1p1:tk-8.5.19p1: 186/199 geda-0.1p1:gtkglext-1.2.0.20191219: 187/199 geda-0.1p1:gd-2.3.2:

ndp for ND (ipv6) proxying on /64 prefix is failing cryptically.

Hello, everyone I am running an OpenBSD 6.9 Vultr node. Vultr is issuing /64 prefixes with SLAAC. I have a few machines behind this node, connected via wireguard. For simplicity, let us say that vio0 is the default interface, configured the way Vultr suggests: hostname.vio0 dhcp

PF annoying messages

HI All, I am setting up a firewall with PF. The strategy used is quite common: set block-policy return set loginterface none set skip on lo0 match in all scrub (random-id reassemble tcp) block log Then some rules are used to pass the

Re: Adding Password Protection to Single User Mode

Hi Valdrin, On Wed, Jul 07, 2021 at 06:44:46AM +, Valdrin MUJA wrote: | Thanks for suggestions, | I removed the "secure" from /etc/ttys but I can still use "boot -s" | without password. Is this about console connection? Please carefully read https://man.openbsd.org/ttys.5: > secure If on

Re: Adding Password Protection to Single User Mode

Thanks for suggestions, I removed the "secure" from /etc/ttys but I can still use "boot -s" without password. Is this about console connection? Updated ttys file; # cat /etc/ttys | grep 115200 tty00 "/usr/libexec/getty std.115200" vt220off From: Paul de

Re: how to use OpenBSD firewall (pf) to protect Ooma Telo VOIP phone system

Hi Stuart, On Tue, Jul 06, 2021 at 08:23:06AM +1000, Stuart Longland wrote: > One thing the OpenBSD host cannot know, is what specific port in that > 1:3 range, is being used at any particular time. I note they > don't ask you to expose port 5060/udp, so presumably the device is > _not_