On Tue, 1 Feb 2011 17:45:52 -0500
Ted Unangst ted.unan...@gmail.com wrote:
On Tue, Feb 1, 2011 at 4:34 PM, Steve Johnson
maill...@sjohnson.info wrote:
I had forgotten to also include the sysctl changes that I had made
as well, mostly based from calomel.org, which were the following:
On Wed, 20 Oct 2010 18:30:31 +0100
Kevin Chadwick ma1l1i...@yahoo.co.uk wrote:
On Tue, 19 Oct 2010 18:45:18 +0200
Massimo Lusetti mass...@cedoc.mo.it wrote:
1.5GHz VIA C7 CPU o an
ATOM one?
No idea what the acceleration on this board brings to the party, but
if you do then bare
On Tue, 19 Oct 2010 18:32:48 + (UTC)
Stuart Henderson s...@spacehopper.org wrote:
On 2010-10-19, Massimo Lusetti mass...@cedoc.mo.it wrote:
Does it still doable nowadays to buy VIA padlock engine equipped
CPU/motherboard just to take advantage of the hw crypto
acceleration?
I mean
On Wed, 20 Oct 2010 11:35:19 +0200
Francesco Vollero ra...@lilik.it wrote:
Did you already check here[1] ? :)
I think I read misc@ daily plus tech@ and source-changes@ too and
that's the reason I'm asking.
I read (some time ago) VIA C7 has a crippled implementation of the
crypto flow
Does it still doable nowadays to buy VIA padlock engine equipped
CPU/motherboard just to take advantage of the hw crypto acceleration?
I mean, to do IPSec stuff it's better to use a 1.5GHz VIA C7 CPU o an
ATOM one?
Do anyone have any experience?
Thanks in advantage
--
Massimo
On Wed, 29 Sep 2010 11:16:53 -0600
Theo de Raadt dera...@cvs.openbsd.org wrote:
It is more efficient. There is almost always enough entropy for
arandom, and if there isn't, you would have a hard time detecting
that.
There is always enough. The generator will keep moving, until it has
Hi guys,
I read on the OpenBSD PF's FAQ this statement:
Ruleset Tips
Filter the physical interface. As far as PF is concerned, network
traffic comes from the physical interface, not the CARP virtual
interface (i.e., carp0). So, write your rule sets accordingly. Don't
forget that an interface
... I think it deserve at least an undeadly article ;)
Thanks guys!
--
Massimo
On Sat, 19 Jun 2010 11:08:29 -0600
Theo de Raadt dera...@cvs.openbsd.org wrote:
anyone is welcome to run the official isc stuff if they want. they're
also welcome to drink the water in india. we don't mind when other
Please add this to theo.c ... it
On Fri, 4 Jun 2010 12:35:36 +0200
Reyk Floeter r...@openbsd.org wrote:
but please a little bit before using it in production networks,
iked(8) is not fully ready yet ;-).
I'm following your commit flow about it and is exiting, this is why I'm
still with OpenBSD ;)
--
Massimo
On Thu, 3 Jun 2010 23:06:58 +0200
Reyk Floeter r...@openbsd.org wrote:
This is a very brief summary, more information will follow.
reyk
That's great! ... 4.7 is just behind the door and is already time to
move on -current!
I got 48 IPsec gateways which just await to be upgraded!
Pretty
On Thu, 20 May 2010 16:07:31 +0200
Henning Brauer lists-open...@bsws.de wrote:
argh, no. bigmem isn't useable as of now or it would be default.
the difference being PCI space mostly. only have 32bit adressing ake
4G for mem AND pci etc, ya know.
yep, reading archives and commit logs I have
4.7amd64 sees only 3G RAM
Any clue is really appreciated, thanks
Regards
--
Massimo Lusetti
On Wed, 19 May 2010 11:40:33 +0200
Massimo Lusetti mass...@cedoc.mo.it wrote:
Hi guys,
I got a small issue with a FW-8750 which boots:
OpenBSD 4.7-current (GENERIC.MP) #227: Wed Apr 28 11:55:45 MDT 2010
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem
On Wed, 19 May 2010 13:32:19 +0200
Robert rob...@openbsd.pap.st wrote:
This is the expected behaviour.
Check the mailinglist-archives for details. (hint: bigmem)
Thanks for the hint, looking for infos.
Thanks to others answering privately too, even the ones suggesting
another MUA ;)
Cheers
On Fri, 12 Mar 2010 01:43:39 +0100
Claudio Jeker cje...@diehard.n-r-g.com wrote:
On Fri, Mar 12, 2010 at 12:28:33AM +, Stuart Henderson wrote:
On 2010-03-10, Massimo Lusetti mass...@cedoc.mo.it wrote:
Hi misc,
I got a 4.5 box which act as a perimeter ipsec routing gateway
On Fri, 12 Mar 2010 14:55:51 +0100
Claudio Jeker cje...@diehard.n-r-g.com wrote:
Wow that's a strange flag combo. Why is S M set together?
Hmm. Another strange routing thing I need to have a loot at.
Most probably the cloning is done wrong.
Hmm, does it have to be cloned? Couldn't
Hi misc,
I got a 4.5 box which act as a perimeter ipsec routing gateway, it
has 682 flow (by ipsecctl -sf | wc -l).
Some of this flow are up with a static route to the other point of the
ipsec tunnel and some of these routes are changing dynamically (netstat
shows UGHMS flags).
When these
On Wed, 10 Mar 2010 09:44:36 +0100
Massimo Lusetti mass...@cedoc.mo.it wrote:
Any hints is really appreciated.
Should I stop accepting icmp redirect with the sysctl knobs as the
changes in the 4.6 release?
Cheers
--
Massimo
On Tue, 13 Oct 2009 02:12:04 +0200
Henning Brauer lists-open...@bsws.de wrote:
and there's a reason why it is that way - I always found the idea of
making a bgp router out of a common unix box by adding a userland bgp
speaker only flawed. many things can only properly or at all be done
at
On Sat, 02 Jun 2007 16:40:49 -0600
Theo de Raadt [EMAIL PROTECTED] wrote:
Hope you guys out there enjoy the changes that we've made.
You can't imagine how much i enjoyed reading through commit logs.
Amazing. Thank you!
--
Massimo.run();
: is not an identifier
Hi all,
with my own CDs i freshly installed 4.1 on my laptop, everything is
working smootly expect for an UMTS PCMCIA card which is not totally
recognized.
I think this is similar to the ones supported by ubsa(4).
This is the kernel messages obtained when i insert the PCMCIA card on a
4.1
On Wed, 2 May 2007 21:48:38 +1000
Jonathan Gray [EMAIL PROTECTED] wrote:
Sounds like umsm(4) would be more likely to me.
Can you send the output of usbdevs -v?
Here you are:
Controller /dev/usb0:
addr 1: full speed, self powered, config 1, UHCI root hub(0x), Intel
(0x8086), rev 1.00
On Mon, 9 Apr 2007 20:20:33 -0500
Marco Peereboom [EMAIL PROTECTED] wrote:
GPL is as free as communism.
Please add this to fortune!
--
Massimo.run();
She's the kind of girl who climbed the ladder of success wrong by
wrong. -- Mae West
This[1] is from a LE-565 board which refuse to run normally when 2 or
more network are attached to more then one re(4).
As soon as i configure and connect an Ethernet cable to a second nic i
get the watchdog timeout error at the bottom of the dmesg. No matter
if i put traffic on wire or not.
BTW
I'm really happy since i can now try to work with the wpi(4) on my
laptop.
I freshly installed 4.0 and got
wpi0 at pci5 dev 0 function 0 Intel PRO/Wireless 3945ABG rev 0x02: irq
10, address 00:13:02:18:e5:b2
but as soon as i try
ifconfig wpi0 up
and the driver try to load the firware i got
wpi0:
On Fri, 2006-11-03 at 10:56 +0100, Massimo Lusetti wrote:
If i can do anything to help you debug this problem, please let me know,
I'll try.
Could be this related?
CVSROOT:/cvs
Module name:src
Changes by: [EMAIL PROTECTED] 2006/11/01 04:25:01
Modified files:
sys/dev
On Tue, 31 Oct 2006 07:12:51 -0700 (MST)
Diana Eichert [EMAIL PROTECTED] wrote:
On Tue, 31 Oct 2006, Tom Cosgrove wrote:
Although they're not yet available, Wim is hoping to sell
http://www.liantec.com/product/emboard/EMB-5740.htm soon.
See http://www.kd85.com/liantec.html.
Thanks
On Sat, 2006-10-14 at 09:59 +1000, Jonathan Gray wrote:
This is because the hardware presents the same number to the
kernel for 8169/8169S/8110S. The 8110S is designed
to be used on system boards, 8169 is the sort of thing that can
be found on pci cards.
Thanks for the clarification.
What
Hi all,
I wish to know actually which chipset this board has on, since the
spec sheet says it has to be a RTL8110S-32 but after seeing the dmesg
output I'm not so sure right now.
This is from a 4.0-CURRENT from mid of September (14/09)
re0 at pci0 dev 11 function 0 Realtek 8169 rev 0x10: irq
On Fri, 2006-10-06 at 11:36 +, Ryan McBride wrote:
I've just committed code based on a suggestion made by Daniel Hartmeier
to make flags S/SA keep state the default for rules.
THANKS!
--
Massimo.run();
On Mon, 2006-08-21 at 15:43 +0200, Sven Ingebrigt Ulland wrote:
How long have you been running openbsd isakmpd/ipsec (in production)?
We've been using them since 3.9 and got small quirks mostly due to our
misunderstanding of protocols and implementations, a little also due to
the initial lack
On Mon, 2006-07-24 at 03:05 -0300, Gustavo Rios wrote:
What is the process one should pass through in order to have built a
bsd.rd kernel?
I highly suggest you to look at flashboot.
--
Massimo.run();
On Mon, 2006-07-24 at 02:33 -0300, Gustavo Rios wrote:
PS: If you have a kernel configuration file for exact that hardware, i
would enjoy too.
Look at flashboot[1] source.
[1] http://mindrot.org/flashboot.html
--
Massimo.run();
I just updated from CVS today and cannot do a make build anymore.
I successfully installed a booted a GENERIC kernel.
OpenBSD 3.9-current (GENERIC) #3: Wed Jul 5 09:38:20 CEST 2006
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel Pentium III (GenuineIntel 686-class) 602
On Wed, 2006-07-05 at 16:41 +0200, Otto Moerbeek wrote:
You probably did not do a make build, but took a shortcut.
No at all.
I've followed precisely the procedure described here:
http://www.openbsd.org/faq/faq5.html
as I've always done before, I forgot to mention that the machine was a
On Wed, 2006-07-05 at 17:38 +0200, Otto Moerbeek wrote:
What is the version of your libc? Check ls -l /usr/lib/libc.so.*,
newest version should be 39.2.
$ nm /usr/lib/libc.so.39.2 | grep adjfreq
000411f0 T _thread_sys_adjfreq
000411f0 W adjfreq
I'm building right now on the second box
I got a VPN network which works quite well, i mean works very well
thanks to OpenBSD and its implementation but i got one end point over
the 6 running which causing me troubles.
The configuration is done with ipsec.conf and is identical to others
which works well.
Here some example config:
ike
On Mon, 2006-07-03 at 00:51 -0700, Clint Pachl wrote:
Are both end points trying to negotiate? Try using the passive keyword
on one endpoint: ike passive esp ...
Yes both active. Does that should cause problems?
I have experienced the same issue. I don't know the details of what
exactly
On Thu, 2006-06-22 at 20:04 +0200, Hans-Joerg Hoexer wrote:
we are.
It would be great if you could explain us a little more about this?
BTW thanks for the great tool ipsecctl is!
Ciao
--
Massimo.run();
On Fri, 2006-06-23 at 10:00 +0200, Markus Friedl wrote:
yes, the card needs to support all algorithms,
crypto_newsession() does this:
/*
* The algorithm we use here is pretty stupid; just use the
* first driver that supports all the algorithms we need. Do
* a
On Wed, 2006-06-21 at 17:49 +0200, Bihlmaier Andreas wrote:
Sorry, for that but I thought it wouldn't matter:
I dont mean to offend you, but... i think test environment matter.
All hosts are in the same network and can talk directly to each other,
but for unsecure protocols (NFS, HTTP) I
On Wed, 2006-06-21 at 13:48 +0200, Bihlmaier Andreas wrote:
I dont mean to offend you, but ...
Doh, I know that and these are VERY nice figures, BUT my problem is
that I have to slow (== no acceleration) speed in IPSEC.
I thought that OPenBSD would just make use of it (again in IPSEC) if it
On Fri, 2006-06-09 at 13:55 +0100, Craig Skinner wrote:
When I worked for a small ISP that had 5000 domains, we found the best
thing to do was use passwd for auth as anything else was too slow.
When an account was added via the website, a perl script would pull data
from SQL, generate
44 matches
Mail list logo
