OpenBSD 6.2 - 6.4 crash on ASRock Q1900 ITX boards

Hi, I have a couple of Q1900DC-ITX boards: http://www.asrock.com/MB/Intel/Q1900DC-ITX/index.de.asp I also have a couple of Q1900M versions of the same board. On the ITX version OpenBSD (tested from 6.2 - 6.4) crashes upon reboot, but not upon a cold boot, with the following: NMI ...

Re: Problems with a quad Realtek NIC

> It is preferable to just include the whole dmesg directly in the mail > Better still, when it's a "sometimes works" problem, include a "diff -u" > between the two (the context to show where the lines are added/removed). I have pasted a "diff -u" on https://paste.debian.net/1047098/ > Very

Problems with a quad Realtek NIC

Hi,� I have one of these 4-port Realtek NIC cards: https://www.ebay.co.uk/itm/PCIe-PCI-Express-to-4x-Gigabit-Card-4-Port-Ethernet-Network-Adapter-10-100-1000M/252484240577?epid=505371101� I am running OpenBSD 6.3 stable.� During boot the card is seen, but it only works occasionally. When it works

PF redirect traffic to TUN/VPN

Hi,� I have an OpenBSD box setup as a firewall and gateway with DHCP.� I was thinking about adding VPN to the box.� Is it possible to install OpenVPN, establish a tunnel via a third partyVPN provider (like PIA), and then have PF redirect some traffic throughthat tunnel based upon IP addresses, but

Sharing files between OpenBSD, Linux, and Windows boxes

How do you share files between OpenBSD, Linux, and Windows boxes? Currently I have a setup in which I mount Samba shares that are being served from Linux boxes and mounted on Linux boxes using cifs and on Windows boxes. This works very well and it's both easy to administer and it's very fast.

Syn flood crashed my LAN

Hi, I have a home network that is segmented into 3 different zones using a NIC with 4 ports sitting on an OpenBSD firewall/dhcp server. One port is connected to the Internet (ISP router) and each of the three others has a D-Link DGS-1005D switch connected to each. So.. LAN1 = 192.168.1.0

Re: Syn flood crashed my LAN

Why would I need a container like Docker?!

I have occasionally used virtualization (Qemu) for easy testing of some OS. I have also played around with "containers" using FreeBSD Jails and Linux LXC, but I have never ever thought of any of this as a security measurement or anything needed beyond testing. When I want isolation I run a

dnsmasq not working on OpenBSD 6.1

Hi I have successfully setup unbound on OpenBSD 6.1 and I can query it. In the same setup I have tested dnsmasq, but it almost seems broken on OpenBSD 6.1. I have disabled unbound and confirmed nothing is running on port 53 using netstat. Then I have installed dnsmasq from packages and set

Re: Non-free firmware without asking the user

On Sun, 8 Jan 2017, Stefan Sperling wrote: >> The above policy applies to the base system code. >> It does not apply to ports and packages of third party software, i.e. >> anything >> listed by pkg_info. > Perhaps the whole only a misunderstanding of the original poster that > could have been

Re: Non-free firmware without asking the user

08.01.2017, 02:53, "Peter Rippe" : > I think it absolutely is a language issue: > >>  On policy page it clearly says: "OpenBSD strives to provide code that can > > be freely used, copied, modified, and distributed by anyone and for any > purpose." > > Operative word being

Re: Non-free firmware without asking the user

08.01.2017, 01:29, "Mike Burns" <mike+open...@mike-burns.com>: > On 2017-01-08 00.02.21 +0100, Martin Hanson wrote: >>  The issue is a misguiding policy statement. > > It could be a language issue. I'm a native speaker and everything Theo, > et al., are saying

Re: Non-free firmware without asking the user

ludovic coues said: > You are free to use OpenBSD code. > You are free to copy OpenBSD code. > You are free to modify OpenBSD code. > You are free to distribute you fork. > > So unless your dictionary is twisted, shipping non-free firmware isn't > an exception to these freedom. You're wrong.

Re: Non-free firmware without asking the user

06.01.2017, 23:26, "Theo de Raadt" : > If you don't want such firmwares loaded onto the hardware, then don't > buy the hardware that needs it. > > There is your choice. > > I see no value in asking a user the question. I have misunderstood the purpose and use of the term

Non-free firmware without asking the user

Hi, I know that we cannot trust the hardware vendors and that all the hardware is running firmware on ROMS, except some which are provided be the kernel. However, I fail to understand the reason for this patch:

Re: Unbound and dnscrypt-proxy not playing nice

09.09.2016, 06:14, "Lists" : > Does unbound.conf have the following setting? > > do-not-query-localhost: no Yes, it has the setting.

Unbound and dnscrypt-proxy not playing nice

Hi, Since I upgraded to OBSD 6.0 I have had some problems with Unbound and dnscrypt-proxy. Normally I would troubleshoot by using "dig" to request directly to dnscrypt-proxy, but for some reason (I don't know) the "-p" option has been removed and it is impossible to use that now. Unbound

Any experience running OpenBSD 5.6 or current on a Shuttle DS437?

Hi, If so, how well does the driver for the two NICs work? How does the box perform in general? Thanks!

OpenBSD 5.6/current on Soekris 6501-70

Hi, Anyone running OpenBSD 5.6 or current on Soekris 6501-70 who wouldn't mind sharing some through-put data for gigabit performance. Regards, MH

Re: OpenBSD 5.6/current on Soekris 6501-70

I would like to be able to run ~100-120 MB/s from one NIC to the other on this box, if possible?

Re: Confused about authpf real world usage

theoretically this is possible, but only if the original machine holding the ip was down. just as a nameserver converts to an ip, the ip is converted to a MAC-address, which is associated with the NIC. if you want you can permantly associate an ip with a mac, that way another machine cannot

Confused about authpf real world usage

Hi So I am looking into authpf and I am wondering about some real world applications. I have a bunch of users, but I also have just a bunch of machines. The machines cannot login via SSH and should not try to do so (via some script or otherwise). However, these machines needs access 24/7. So I

Re: Confused about authpf real world usage

Here is a case where you trust the machines, but do not trust Joe. Commonly, trusted servers are deployed on network segments that are separate from untrusted users - via Ethernet segments or VLANs. It is also possible to use VPNs to provide functional separation of servers from users,

Multiple NICs vs multiple physical firewalls

Hi all I have one gateway and several boxes serving some NFS, Samba and other stuff. Then I have a public server for some gaming. I am thinking about two different setups, but I am in serious doubt as to whether one actually has any real benefit over the other. The public server gets its own