Possible and not-recommendable at the same time I'd say.
--
I will face my fear. I will permit it to pass over me and through me.
And when it has gone past I will turn the inner eye to see its path.
Where the fear has gone there will be nothing. Only I will remain.
http://www.atmnis.com/~proger/openkyiv/openkyiv2009_proger_sys.pdf
Wow Stuart, what a great doc. Is it listed in OpenBSD website papers
section? It should!
--
I will face my fear. I will permit it to pass over me and through me.
And when it has gone past I will turn the inner eye to see its
1. Assure your connectivity (PF, VPN... whatever)
2. Work with Postfix. A lot of good info out there.
--
I will face my fear. I will permit it to pass over me and through me.
And when it has gone past I will turn the inner eye to see its path.
Where the fear has gone there will be nothing. Only
El 2011-03-08 17.18, Joachim Schipper escribis:
On Tue, Mar 08, 2011 at 04:38:41PM +0100, Jordi Espasa Clofent wrote:
2011-03-08 10:31, Earin Gregor skrev:
I just wanted to know how the current development of opensmtp is going?
Is it ready for prime time or still considered as to early in
2011-03-08 10:31, Earin Gregor skrev:
Hello
I haven't been following the latest openbsd development very
closely...shame on me :-(
I just wanted to know how the current development of opensmtp is going?
Is it ready for prime time or still considered as to early in development?
http://www.open
I am not so educated as others, i use OBSD since 2001-2002, with many
dificulties, but i have undertood that there are only 2 different kind
of persons. Developers and users, developers work for them, and users
recive the collateral benefit using OBSD.
If you use OpenBSD since 2001-2002 I think
El 2011-02-07 21.41, patric conant escribis:
The last time someone brought up that there could be a bug in that the
system did not work in the manner in which it was documented on the website,
I believe something mature and well-thought-out like, "Oh, yeah, shut up."
was the response.
You're al
+1
Very happy and safe running my own mailserver.
--
I must not fear. Fear is the mind-killer. Fear is the little-death
that brings total obliteration. I will face my fear. I will permit it
to pass over me and through me. And when it has gone past I will turn
the inner eye to see its path. Where
I really love the motto ""Shut Up and Hack!".
Well, I'm not a hacker nor even a good coder. But I'm a sysadmin, so
I've decided to shut up and do something about:
http://wikileaks.minibofh.org/mirrors.html
Note than minibofh.org is one of my servers.
--
I must not fear. Fear is the mind-kill
El 07/11/2010 20:33, bsdmas...@hushmail.com escribiC3:
On Sun, 07 Nov 2010 13:52:19 -0400 Steve Shockley
wrote:
On 11/2/2010 3:13 PM, bsdmas...@hushmail.com wrote:
You've been warned.
That's awesome! I'm going to end all my messages with that now,
no
matter what the subject.
You've been w
How you use the OpenBSD as web servers and hosting platform?
Permanently catch and kill processes?
OpenBSD is a great solution as a web-hosting platform; no more to say:
it is. I've been involved for more than 3 years in web-hosting industry
and I know the facts and what are you talking about
Read again and again Claudio's responses until you really understand.
The key is there.
--
I will face my fear. I will permit it to pass over me and through me.
And when it has gone past I will turn the inner eye to see its path.
Where the fear has gone there will be nothing. Only I will remai
On 05/27/2010 10:51 AM, Landry Breuil wrote:
On Wed, May 26, 2010 at 7:51 PM, Carsten Otto
wrote:
Dear OpenBSD team,
we offer a new mirror for your project, hosted at RWTH Aachen University
in Germany:
http://ftp.halifax.rwth-aachen.de/openbsd/
ftp://ftp.halifax.rwth-aachen.de/openbsd/
rsync
http://www.openbsd.org/faq/faq1.html#Included
"Our improved and secured version of the Apache 1.3 web server. The
OpenBSD team has added default chrooting, privilege revocation, and
other security-related improvements. Also includes mod_ssl and DSO
support. "
The httpd included by default in
Hi all,
As the subject says, I've found a few lines like that in /var/log/messages:
[...]
/bsd: WARNING: mclpools limit reached; increase kern.maxclusters
[...]
The box is a 4.6 -STABLE with PF doing FW functions (moving 300/400Mbps)
and always has worked like a charm.
I've noticed when thes
http://www.openbsd.org/goals.html
--
I must not fear. Fear is the mind-killer. Fear is the little-death that
brings total obliteration. I will face my fear. I will permit it to pass
over me and through me. And when it has gone past I will turn the inner
eye to see its path. Where the fear has
mod_dosevasive maybe can helps.
This is weird, it is claimed that CDDL is going against the BSD
philosophy, yet both FreeBSD and NetBSD didn't have any problems
including it in their base...
1. Read a bit:
http://openbsd.org/policy.html
2. You're completely froo to move to another OS.
The weird thing is your ignorance and di
We are still talking just about backup/storage. ZFS has a lot of
features and it's used for about 4 years or so in production. Hammer
FS don't have so much features and is "stable" for about year. btrfs
is for those who want to experiment. Some cons - OpenSolaris has
terrible dev process, but you
On 02/13/2010 04:44 PM, Kapetanakis Giannis wrote:
I did a binary upgrade to latest snapshot and followed -current.
I've seen huge improvement on server-client performance on the
msk0 (internal side) but packet forwarding didn't change at all.
4.6-release:
server max in: 300Mbps
server max out:
Yes, our default window size limits download speed. It is known and there
is work ongoing to resolve this in a better way then just bumping the
limit.
Nice Claudio.
?Maybe something likeTCP frame buffer Autotuning available in FreeBSD
since 7.x (1)?
(1) http://fasterdata.es.net/TCP-tuning/Fre
Have you looked at man usermod? -p flag in particular.
Shame on me, indeed. It has been a game:
#!/bin/sh
PASSWORD=$(echo "my_new_password" | encrypt -b 6)
usermod -p $PASSWORD root
Thanks.
--
I must not fear. Fear is the mind-killer. Fear is the little-death that
brings total obliteration.
HI all,
?Is there any way t change the root password using a shell-script (aka
non-interactive mod as passwd uses)?
I've used pw in FreeBSD and chpasswd in Debian GNU/Linux to do it, bit
I've not found a way/command to do it with my OpenBSD boxes.
At present my approach will be install exce
On 01/23/2010 01:02 AM, Steve Shockley wrote:
On 1/22/2010 12:13 PM, Dan Harnett wrote
Nowhere in the article is proof provided that OpenBSD is insecure.
Sure there is; OpenBSD uses Sendmail and BIND, and they've had lots of
vulnerabilities!
http://www.openbsd.org/faq/faq1.html#HowAbout
http
http://openbsd.org/faq/current.html#20090902
--
I must not fear. Fear is the mind-killer. Fear is the little-death that
brings total obliteration. I will face my fear. I will permit it to pass
over me and through me. And when it has gone past I will turn the inner
eye to see its path. Where th
Hi all,
The subject is auto-descriptive ;)
After reading a while about wiping [1] I think there's not a unique way
to do it. Finally I've chosen a simple double-step method:
First,
$ dd if=/dev/urandom of=
and next
$ dd if=/deb/zero of=
?Do you think is it safe enough? I mean ?is it enough
ed threads. The needed info is out
here, sure.
In https://calomel.org/ you have a lot of very useful and clear
documents too.
As usual, we also have the main source: the code.
--
Thanks,
Jordi Espasa Clofent
People, it is time to get your browsers over to
http://www.openbsd.org/orders.html
and start running some money into the project.
Done.
+1
;)
--
Thanks,
Jordi Espasa Clofent
Official mainpage (althought it seems not available right now):
http://www.poolp.org/~gilles/smtpd/
A Camel doc (very nice and usefull as other Calomel docs):
https://calomel.org/opensmtpd.html
--
Thanks,
Jordi Espasa Clofent
I am worried about the numbers since this firewall is higly critical.
Since it protects Citrix hosted applications, I will get instantly killed if
delays are too long...
I use PF in front of networks segments of web-hosting company. An I
sleep very well...
--
Thanks,
Jordi Espasa Clofent
age
related to PF in your /var/log/messages you should considerate it
important (it's urgent!). See at pfctl man pages, -x flag.
--
Thanks,
Jordi Espasa Clofent
time ntpd[31006]: bad peer yes (not resolved)
(...)
But I think this is not related to the warning I commented in initial
message.
--
Thanks,
Jordi Espasa Clofent
--
Thanks,
Jordi Espasa Clofent
s.
?Any clues?
PD. Curiosly, when this warning appeas in /var/log/messages the server
reliability falls
(http://www.pool.ntp.org/scores/212.36.75.245#graph_explanation).
PD. I suspect a CPD connection issue....
--
Thanks,
Jordi Espasa Clofent
Sebastian,
You're really annoying for this planet.
Please, get a gun and shoot on your fucking head.
--
Thanks,
Jordi Espasa Clofent
resent with two presentations as NetBSD and FreeBSD.
;)
--
Thanks,
Jordi Espasa Clofent
The product (OpenBSD) speeks for itself.
+1
--
Thanks,
Jordi Espasa Clofent
versions of ntpd just do not log these messages
anymore.
;)
--
Thanks,
Jordi Espasa Clofent
ith PF-scrub intervention?
--
Thanks,
Jordi Espasa Clofent
Especial thanks to Janne Jonhansson and Alexander von Gernler for their
advices and help. And thanks also to my company directors board team to
donate the bandwidth to support OpenBSD project.
--
Thanks,
Jordi Espasa Clofent
setup?
It seems that tcpdump(1) in base doesn't support 'vlan' primitives.
?How can I see the VLAN traffic to debug the scenario?
--
Thanks,
Jordi Espasa Clofent
ry (I haven't decided which yet) separate from the
DragonFly repository. "
--
Thanks,
Jordi Espasa Clofent
Hi all,
I've sent a mail to www@ about some questions to build a mirror but no
response at moment.
?Who's behind this mail account?
--
Thanks,
Jordi Espasa Clofent
Hi Pau,
?Maybe Kismet [1] is what do you are looking for?
[1] http://openports.se/net/kismet
--
Thanks,
Jordi Espasa Clofent
Simple question, simple response.
Ok Damien
;)
--
Thanks,
Jordi Espasa Clofent
Hi misc@,
?Are there some plans to include python in base system (as Perl is at
present)?
--
Thanks,
Jordi Espasa Clofent
Hi Girish,
?Have you tried to contact with Yahoo! technical staff about it?
--
Thanks,
Jordi Espasa Clofent
a real and critical production system.
I've used softraid(4) solution in the past without problems, but I think
softraid(4) it's better designed and coded, so the logical way is trust
on it.
--
Thanks,
Jordi Espasa Clofent
Sorry, I mean "I've used raidframe in the past..."
--
Thanks,
Jordi Espasa Clofent
a real and critical production system.
I've used softraid(4) solution in the past without problems, but I think
softraid(4) it's better designed and coded, so the logical way is trust
on it.
--
Thanks,
Jordi Espasa Clofent
http://www.openbsd.org/cgi-bin/cvsweb/ports/x11/xfce4/xfce4-session/files/README.OpenBSD?rev=1.2
It says how to install all xfce4 things.
++
It's exactly the file I've used to install XFCE. Good info.
--
Thanks,
Jordi Espasa Clofent
Have you checked that AllowOverride on /var/www/htdocs/syweb is set to
(at least) AuthConfig ?
Hi Paco, nice to see you in OpenBSD misc@
;)
Runs fine now.
--
Thanks,
Jordi Espasa Clofent
.c
mod_actions.c
mod_userdir.c
mod_alias.c
mod_access.c
mod_auth.c
mod_so.c
mod_setenvif.c
mod_keynote.c
mod_ssl.c
suexec: disabled; invalid wrapper /usr/sbin/suexec
--
Thanks,
Jordi Espasa Clofent
:
* helps to OpenBSD community to choose the right hardware
* make good or bad publicity depending on real vendor's position
Anyway it's only an idea.
--
Thanks,
Jordi Espasa Clofent
thanks. I have looked also in the bios. SART is enabled per default.
It seems that the disk is fine.
Could it be the RAM? How to test?
Could be.
A deep memtest test should be enough.
--
Thanks,
Jordi Espasa Clofent
It seems that it runs fine but I don't get output from the "long"
test... Any hint?
?Why? It's very easy:
$ smartctl -h -t long /dev/wd0c
... wait the needed time and next
$ smartctl -l selftest /dev/wd0c
PD. "Adromina" it's a funny name (divertit, vaja)
:P
--
Thanks,
Jordi Espasa Clofent
5
inet6 fe80::230:48ff:fe8c:a112%em2 prefixlen 64 scopeid 0x3
?Will be enough to change the netmask with ifconfig(8) and modify the
/etc/hostname.em2 for future reebots/uses of /etc/network script?
--
Thanks,
Jordi Espasa Clofent
routines" means that the problem only appears if you use a ntp
server with DNS? ?Can you avoid the problem if you use an IP directly
instead of DNS record?
--
Thanks,
Jordi Espasa Clofent
Hi all,
As subject says, simply curiosity.
?Why 1.61 of ntpd.c [1]? I mean ?what is the improvement?
[1]
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/ntpd/ntpd.c.diff?r1=1.60&r2=1.61&sortby=date&f=h
--
Thanks,
Jordi Espasa Clofent
#x27;ve checked the config and all seems ok.
?Any clue?
--
Thanks,
Jordi Espasa Clofent
el gb (PCI Express)
NIC card with em(4); currently this box manages 200Mbps without problem:
the interrupts are around 40% of load.
--
Thanks,
Jordi Espasa Clofent
d server with -d flag (not daemonize, log on stderr)
* launch a 'tcpdump -i -n -vvv port 123' in clients
--
Thanks,
Jordi Espasa Clofent
liable and easy to manage
(congratulations to Henning and others).
According to symon, the old box is completely relaxed and all works fine
in any client.
?Can you attach some log/info from _server_?
--
Thanks,
Jordi Espasa Clofent
that's the CURRENT lenand almost always 0, becuase if it is not, we
don't switch to userland for sysctl to show it...
So, I understand it's a right value.
Note that net.inet.ip.ifq.maxlen=1024 means that I've 4 NICs (em (4)based)
in this box.
bump up.
M I'm not sure if I'm understo
I'm not sure how many packets your cards can put into ipintrq in one
int. 3000 might still be not enough. watch net.inet.ip.ifq.*,
especially len. teh question is wether you see bursts or constant
pressure.
Relating about that, I see:
$ sysctl net.inet.ip.ifq
net.inet.ip.ifq.len=0
net.inet.ip
ousands of new
sessions per second? They're high values I think the current highest
value in PF is 750k packets per second and all PF's
behaviour/performance will be conditioned by it.
Please, feel free to correct me if I'm wrong.
--
Thanks,
Jordi Espasa Clofent
But you Jordi, when you reply, you can be a little more soft ? Everybody
do mistakes, give a chance to all ;)
I will.
Spanish:
Esta es una lista inglesa; tu actitud es _muy_ desconsiderada.
English:
This is an english mail-list; your attitude is _very_ rude.
--
Thanks,
Jordi Espasa Clofent
Would you mind explaining me "i am just learning C applied in networking
area" ?
"I picked up a copy of TCPIP Illustrated, and am going through the
examples."
For example.
--
Thanks,
Jordi Espasa Clofent
PF is extremely flexible: you also can configure
every timeout value according your specific needs.
I recommend the reading of this precious resource:
http://undeadly.org/cgi?action=article&sid=20060927091645
--
Thanks,
Jordi Espasa Clofent
Yes, I know, it's completely a dumb question; but I'm curious about it.
I'm just learning C applied in networking area and I wonder what editor
is preferred by OpenBSD developers.
At present moment I use vim.
--
Thanks,
Jordi Espasa Clofent
rtner, Todd C. Miller,
Todd T. Fries, Tomoyuki Sakurai, Uwe Stuehler, Will Maier,
Wim Vandeputte, Xavier Santolaria, Joshua Stein
Congratulations and many thanks to all of you! OpenBSD is amazing
version by version.
--
Thanks,
Jordi Espasa Clofent
If the box was only doing pf stuff, then that would be correct. If you
were to put a bunch of ftp-proxys on there too, then MP would help, no?
I understand the same as you: in that specific case the MP could be useful.
--
Thanks,
Jordi Espasa Clofent
stion.
--
Thanks,
Jordi Espasa Clofent
RSTP without problems (I've tested it).
;)
--
Thanks,
Jordi Espasa Clofent
NTP is UDP and UDP does not have states associated with sockets.
I think I'm very tired today. Shame on me...
--
Thanks,
Jordi Espasa Clofent
0 *.37 *.*LISTEN
tcp6 0 0 *.13 *.*LISTEN
tcp6 0 0 *.113 *.*LISTEN
?
--
Thanks,
Jordi Espasa Clofent
my fault... I use the OpenBSD
default chrooted Apache, of course.
;)
--
Thanks,
Jordi Espasa Clofent
; maybe I've missunderstood the UTC.
The last goal was that symon shows the graphs in CEST (Europe/Madrid),
not in UTC. But if computer clock _SHOULD_ be UTC... really there's no
problem after all.
--
Thanks,
Jordi Espasa Clofent
ut the UTC system not...)
?????
--
Thanks,
Jordi Espasa Clofent
It's made to be secure, it's prone to be installed on a server not just
a fuckin desktop o.s.
Well, it depends. I use OpenBSD as a critical-mission server and as a
common daily desktop. I'm very happy in both cases.
A secure, funcional and free desktop, of course.
--
Thank
interface em0
* symux/symod using -d flag doesn't show any error
* $ tcpdump -i pflog0
tcpdump: listening on pflog0, link-type PFLOG
means that /dev/pf existes and is available...
?Any clue?
--
Thanks,
Jordi Espasa Clofent
Hi all,
I need a RAID-1 (mirroring) for production environment.
?Should I use RAIDFrame or softraid?
The reliability is the main request feature.
--
Thanks,
Jordi Espasa Clofent
Have you tried searching the archives? This was answered almost
precisely a month ago on this very list...
http://marc.info/?l=openbsd-misc&m=120328567228893&w=2
Yes, I did.
But in wrong way as you has demonstrated.
--
Thanks,
Jordi Espasa Clofent
OpenBSD?
Simply curiosity.
--
Thanks,
Jordi Espasa Clofent
aprox. 80-120 queries per second in each of the three DNS servers.
Despite of that, the improvement of network stack in 4.2 version has
been amazing.
--
Thanks,
Jordi Espasa Clofent
STSIZE PKG_PATH CVSROOT TERM
umask 022
alias su='su -l'
alias ll='ls -lah'
alias rm='rm -i'
fi
Maybe it will be useful for someone. Maybe not.
--
Thanks,
Jordi Espasa Clofent
sk(4), em(4) and even bge(4) are considered good.
--
Thanks,
Jordi Espasa Clofent
Touchi!
--
Thanks,
Jordi Espasa Clofent
rev 2.00/0.01, addr 2, iclass 3/1
ukbd0 at uhidev1: 8 modifier keys, 6 key codes
wskbd1 at ukbd0 mux 1
wskbd1: connecting to wsdisplay0
dkcsum: wd0 matches BIOS drive 0x80
root on wd0a swap on wd0b dump on wd0b
Maybe in next release it will work.
--
Thanks,
Jordi Espasa Clofent
lude this feature in amd64?
--
Thanks,
Jordi Espasa Clofent
ad. The switches are D-Link 3024.
* the bridge(4) configuration is bad.
--
Thanks,
Jordi Espasa Clofent
HISTFILE=.ksh_history
HISTSIZE="50"
Try it without double quotes on HISTSIZE value; and remember to export them.
--
Thanks,
Jordi Espasa Clofent
wn case).
I hope it will be useful for someone.
--
Thanks,
Jordi Espasa Clofent
o trace the error without success. But I've discovered an
strange point: if I attach again the CD-ROM device used in installation
process... the system reboots again!!! But if I remove the CD-ROM device
after the installation, I get the explained error.
?
--
Thanks,
Jordi Espasa Clofent
--
Thanks
Jordi Espasa Clofent
's opinion in interactive mode, then install default packages
that satisfy the dependencies."
I've tried with primary OpenBSD site and with a close mirrors.
??
--
Thanks
Jordi Espasa Clofent
the price/vendor it's not the first item. The main searched feature is
the performance.
--
Thanks,
Jordi Espasa Clofent
ort maybe I'll do it (if I've time enough,
of course)
--
Thanks
Jordi Espasa Clofent
3.3
version.
--
Thanks
Jordi Espasa Clofent
100 matches
Mail list logo