On 07/12/2010 03:38 PM, Chris Bennett wrote:
On 07/12/10 14:10, bofh wrote:
And what is your opinion of people who run sshd on non-standard
poorts? I recently had to smack one of my guys for that momentary
brilliance.
OK, this is the second time I've seen someone say this.
What is the
On 07/12/2010 04:33 PM, Chris Bennett wrote:
On 07/12/10 15:01, J Sisson wrote:
On Mon, Jul 12, 2010 at 2:46 PM, Leonardo Carneiro - Veltrac
lscarne...@veltrac.com.br wrote:
I ONLY run the sshd that are allowed to connect from the Internet in
non-standard ports. Anyone that matters to know
... conscience to forgive me for the awful things I have done to the
Slashdot community.
AT 15:35
TAGS: TROLLING
On 07/02/2010 11:31 PM, Josh Rickmar wrote:
On Sat, Jul 03, 2010 at 10:21:00AM +0800, Brent Shumacher wrote:
On 06/17/2010 09:57 AM, Kevin Chadwick wrote:
On Wed, 16 Jun 2010 23:30:58 +0200
Martin SchrC6dermar...@oneiros.de wrote:
2010/6/16 Kevin Chadwickma1l1i...@yahoo.co.uk:
I heard intel have postponed usb3 for atleast 6 months too.
Even worse: Their PCIe is too slow for usb3.
Sure thing!
On 06/16/2010 05:28 PM, Martin Schrvder wrote:
2010/6/12 E.Tad...@wordpress-fr.fr:
mother card PIII, is compatible: usb2, usb3, e-sata, sata2, sata3,
firewire800, raid0, raid1, raid6
...
And I'd love to see your face when your PIII system rebuilds your
10TB RAID6
LeviaComm Networks NOC wrote:
... hell the word troll is in the URL.
LOL!
and in the last day, god said: DON'T FEED THE TROLLS!
Janne Johansson wrote:
2010/5/27 Leonardo Carneiro - Veltrac lscarne...@veltrac.com.br
Forgive me for the noob question (i'm a newbie at openbsd), but if i want
to build, for example, a large squid cache using openbsd, in a server with
BIIIG ram (12gb+), i will no be able to use
Marco Peereboom wrote:
bad advice. Don't do it, there is a reason it isn't disabled.
send oga some beer for c2k10 instead he might feel more pressure that
way :-)
On Thu, May 27, 2010 at 11:01:58AM +0100, Peter Kay (Syllopsium) wrote:
From: Siju George sgeorge...@gmail.com
On Thu, May 27,
Marco Peereboom wrote:
On Thu, May 27, 2010 at 11:13:36AM -0300, Leonardo Carneiro - Veltrac wrote:
Marco Peereboom wrote:
bad advice. Don't do it, there is a reason it isn't disabled.
send oga some beer for c2k10 instead he might feel more pressure that
way :-)
On Thu, May 27, 2010
Christiano F. Haesbaert wrote:
We all know openbsd isn't the most popular OS in the planet, it's the best, but
far from being the most popular.
Great words.
+rep for this.
Congratulation to all OpenBSD Team.
Bob Beck wrote:
May 19, 2010.
We are pleased to announce the official release of OpenBSD 4.7.
This is our 27th release on CD-ROM (and 28th via FTP). We remain
proud of OpenBSD's
Axel Rau wrote:
Hi all,
I have a pair of redundant firewalls (obsd 4.6) and a server (fbsd 8.0):
+---+ +--+
| | | |
+fw1+--+ +-+ |
carp0| |carp1 | | em0| |
| | | |
There is a way to do time-based rules on pf? Something like this packet
will /pass/ from 10h to 13h or this packet will /pass/ until 22h, 13
june. I mean, there is a built-in mechanic to do this in pf or i'll
need to write a script in cron to add and remove rules?
Tks in advance
--
Stuart Henderson wrote:
On 2010-05-17, Johan Beisser j...@caustic.org wrote:
Build an anchor, have a ruleset loaded to it by cron, and removed at
the specified time later.
there might be more than that; unless you don't mind long-running
sessions continuing, you have to flush the
Hi list.
Why do we get spam on this list? Does it allow to unsubscribed users to
email us or the spam is comming from subscribers?
This is ***not*** a flame war start about spam. I'm just curious.
--
Leonardo Carneiro
Tks.
John Cosimano wrote:
--- Leonardo Carneiro - Veltrac [Tue, May 04, 2010 at 08:54:38AM -0300]: ---
Hi list.
Why do we get spam on this list? Does it allow to unsubscribed users to
email us or the spam is comming from subscribers?
This is ***not*** a flame war start about spam. I'm
Hello everyone.
I have a table in my pf.conf:
table ips_allowed persist const file /etc/pf.conf.d/ips_allowed
If I add or remove IPs from this file mannualy, will the firewall be
aware of such changes or do i need to reload pf? Also, pf do map this
file in memory or does it read from the
Gregory Edigarov wrote:
On Thu, 29 Apr 2010 10:15:08 -0300
Leonardo Carneiro - Veltrac lscarne...@veltrac.com.br wrote:
Hello everyone.
I have a table in my pf.conf:
table ips_allowed persist const file /etc/pf.conf.d/ips_allowed
If I add or remove IPs from this file mannualy
Otto Moerbeek wrote:
On Thu, Apr 29, 2010 at 10:15:08AM -0300, Leonardo Carneiro - Veltrac wrote:
this file in memory or does it read from the disk for every packet?
Neither. The addresses are loaded in kernel memory via pfctl.
-Otto
Tks. This info is very important to me
Lars Nooden wrote:
On Thu, 29 Apr 2010, Leonardo Carneiro - Veltrac wrote:
Tks. This info is very important to me 'cause my disk sucks,
Look at the manual page for mount_mfs(8) and the option -P you can
load a directory and the files in it into memory.
and i'll have to create some tables
Lars Nooden wrote:
On 04/19/2010 09:12 PM, Leonardo Carneiro - Veltrac wrote:
... the gateway features does not work 100% yet (at least in the
server that i use)
There are additional solutions. One is to work with the contacts to
get them set up with XMPP clients, since the gateway
Shane Lazarus wrote:
Heya
Seems to me that you should probably allow traffic out to the $proxy
via the $dmz_if at some point...
For that matter, allow from the $proxy back in through the $dmz_if and
out...
Something like:
# tables
table msn_rdr persist const file /etc/pf.conf.d/msn-rdr
Shane Lazarus wrote:
Heya
On Tue, Apr 20, 2010 at 5:43 AM, Leonardo Carneiro - Veltrac
lscarne...@veltrac.com.br mailto:lscarne...@veltrac.com.br wrote:
My OpenBSD firewall has 4 interfaces: 2 lan, 1 wan and 1 dmz.
What i'm trying to do is:
1. Allow some hosts to use MSN
to the proxy,
the rdr rules used to work, but with this more selective rule, it's not
working at all.
Tks in advance.
Leonardo Carneiro - Veltrac wrote:
Shane Lazarus wrote:
Heya
On Tue, Apr 20, 2010 at 5:43 AM, Leonardo Carneiro - Veltrac
lscarne...@veltrac.com.br mailto:lscarne
Leonardo Carneiro - Veltrac wrote:
Hi Shane, Heya and others. I tried a new setup, using tables (look more
eficient than using a thousan rules to each variable). But is still
failing :(
# tables
table msn-rdr persist const file /etc/pf.conf.d/msn-rdr
table msn-allow persist
Leonardo Carneiro - Veltrac wrote:
Leonardo Carneiro - Veltrac wrote:
Hi Shane, Heya and others. I tried a new setup, using tables (look more
eficient than using a thousan rules to each variable). But is still
failing :(
# tables
table msn-rdr persist const file /etc/pf.conf.d
Hi everyone. I'm trying to get some control of the MSN protocol in my
network.
My OpenBSD firewall has 4 interfaces: 2 lan, 1 wan and 1 dmz.
What i'm trying to do is:
1. Allow some hosts to use MSN;
2. Redirect the MSN connections of some hosts from the LAN interfaces to
a MSN proxy in the
again
Lars Nooden wrote:
On 04/19/2010 08:43 PM, Leonardo Carneiro - Veltrac wrote:
Hi everyone. I'm trying to get some control of the MSN protocol in my
network.
Upgrade to XMPP (jabber).
http://xmpp.org/about/
If you need client software, pidgin is one option available in ports
http
go :)
Lars Nooden wrote:
On 04/19/2010 09:12 PM, Leonardo Carneiro - Veltrac wrote:
... I already have a XMPP server on my network, and it
replaces MSN in almost every task, but the gateway features does not
work 100% yet (at least in the server that i use)...
Which features and which server
longgest useless thread EVER!!! a bit funny, however :D
Jason George wrote:
Actually two of the top linux kernel developers answered my email
directly to them when I had some questions. There was no ridicule or
belittling.
If so, you got ripped off. You should hear us over beer.
Oh,
Is it possible to write a rule based on a arbitrary ip rule instead
using a full subnet as source address like this?
hosts_allowed={ 192.168.0.21-40 }
And even using a single host on this following rule, i get a syntax
error. Can someone point what is wrong?
host_allowed=192.168.0.21
Tks Kapetanakis and Vadis for your help. I'll try this out.
Kapetanakis Giannis wrote:
On 26/02/10 19:23, Leonardo Carneiro - Veltrac wrote:
Is it possible to write a rule based on a arbitrary ip rule instead
using a full subnet as source address like this?
hosts_allowed={ 192.168.0.21-40
32 matches
Mail list logo