Database backups here at work are enormous. A TB is nothing these days.
On 9/9/06, Peter Fraser [EMAIL PROTECTED] wrote:
Multi system backups to disk
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of pedro la peu
Sent: Friday, September 08, 2006 8:50
That's not an easy scenario.
Perhaps the simplest solution would work for you.
You could implement a generic account on the firewall called say
wifi-user. SSH into the filewall (not using Kerberos or anything)
and log in using the shared password for wifi-user.
The login shell could point to
man pf.conf
Secondly, it's been discussed numerous times on the list that bridges
have their place (I use them in production environments at our data
centre) but you'll find filtering a bridge much more difficult than
filtering a NAT.
On 7/29/06, elaconta.com Webmaster [EMAIL PROTECTED] wrote:
On 7/20/06, Rahul Sharma [EMAIL PROTECTED] wrote:
Hi Peter Phillips,
It is not Mr. Eric Pancer but me (rahulthehacker) who is asking for help on
dhcpd lease.
Wrong:
http://www.sigmasoft.com/~openbsd/archives/html/openbsd-misc/2006-06/msg01371.html
On 7/20/06, Rob Baldassano [EMAIL PROTECTED] wrote:
Please forgive me if I am wrong but...
This thread should die.
Question is:
Why would you WANT your clients to constantly get new IPs?
it disrupts SSL communication traffic, especially when you are dealing with
external ly available
First, *don't* download source from the cvsweb website. That source
is handy for browsing, but you should be getting your code from a cvs
repository.
Look at the instructions for a given patch for guidance:
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/001_sendmail.patch
And then
dhcpd code i require sendmail
patch.
Can u Plz explain me that.
Warm regards
Rahul
On 7/7/06, Peter Blair [EMAIL PROTECTED] wrote:
First, *don't* download source from the cvsweb website. That source
is handy for browsing, but you should be getting your code from a cvs
repository.
Look
Something like:
pass in quick on $ext_if from { $friendly_networks } to any port ssh keep state
block in on $ext_if from any to any port ssh
should work. You can place $friendly_networks into a table that
gets loaded from a file if the list is large. And/or update it via
pftcl on the fly.
On
is part of a \16 network that has been privately subnetted. So it's
difficult to say ok, jerk.com has xxx.yyy.zzz.xyz IP, and that
belongs to xxx.yyy\16 network, so I'll block out all 65 thousand
addresses.
On 7/6/06, Peter Blair [EMAIL PROTECTED] wrote:
Something like:
pass in quick on $ext_if from
:
On Tue, 4 Jul 2006 18:48:28 +0200, Joachim Schipper
[EMAIL PROTECTED] wrote:
On Tue, Jul 04, 2006 at 12:16:45PM -0400, Nick Guenther wrote:
On 7/4/06, Peter Blair [EMAIL PROTECTED] wrote:
On 6/29/06, J.C. Roberts [EMAIL PROTECTED] wrote:
I just got a call this afternoon from Tom Moore to let
Hello lists! (sorry if cross-list posting is frowned upon)
I'm setting up a BSD/pf machine that will be working as a binat
firewall for a number of hosts on two /28 subnets belonging to the
same co-location provider.
The BSD machine is already live, working hard for one subnet, and I
don't have
I haven't tried under OpenBSD, but mounting /tmp as a ramdisk could
prove viable.
On 7/4/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Some days ago I read a question related to encrypting a partition.
I just know that swap gets encrypted automaticly.
Wouldn`t it be possible to encrypt also
Has anyone tried recently to connect to ftp.hifn.com ? I haven't been
able to connect from multiple locations.
-Pete
On 6/29/06, J.C. Roberts [EMAIL PROTECTED] wrote:
Howdy misc@
Though I stayed out of the last public fiasco regarding HiFn here on the
misc@ list, I privately contacted the
If you have no parts of X installed, then how do you expect to link
against it? If you plan to use your OpenBSD machine as a headless X
client, then you'll need to install the requisite libs.
You'll save yourself a lot of time and headache if you just install the X set.
On 7/4/06, Lawrence
SSL certificates for a hostname requires a unique IP address. Are you
trying to do virtual name hosting with https?
On 6/27/06, FTP [EMAIL PROTECTED] wrote:
On Mon, Jun 26, 2006 at 08:30:29AM -0700, Scott Francis wrote:
On 6/26/06, FTP [EMAIL PROTECTED] wrote:
Hi there,
I was trying to
:
On Saturday 24 June 2006 18:13, Peter Blair wrote:
At work we run Nagios across Linux, OpenBSD FreeBSD machines.
Compiling it from source is the only way to ensure config file
compatibility.
Say what? How does the compilation affect the config file? The config file
format is exactly the same
Paste the entire contents of /etc/pf.conf
On 6/26/06, Matt Singerman [EMAIL PROTECTED] wrote:
I'm sorry if I didn't give enough info - what else would you have to know?
And your root password. Please e-mail that to the list.
On 6/26/06, Bryan Irvine [EMAIL PROTECTED] wrote:
On 6/26/06, Matt Singerman [EMAIL PROTECTED] wrote:
I'm sorry if I didn't give enough info - what else would you have to know?
At the bare minimum, your pf.conf.
Also desirable are the
, and contains:
add dc0 add dc1 up
It was running for a good 300 days or so. It was set up and
configured by my predecessor, and I am not completely sure on all of
its configurations.
On 6/26/06, Peter Blair [EMAIL PROTECTED] wrote:
That sorta makes sense if your firewall was working as a bridge, but I
On 6/23/06, Spruell, Darren-Perot [EMAIL PROTECTED] wrote:
Incidentally, if you haven't used the package(s) for Nagios, do. I had no
problems and I went with a package install. No mysteries.
At work we run Nagios across Linux, OpenBSD FreeBSD machines.
Compiling it from source is the only way
Obvious, but ensure that /var/www/cgi-bin/nagios is a valid directory
from the perspective of your chroot'd server.
Another caveat is to ensure that the named pipe is accessable to both
the nagios executable, and to the chroot'd cgi's (once they start
working that is). Nagios references the
RTFM:
man trunk
On 6/17/06, S t i n g r a y [EMAIL PROTECTED] wrote:
Is it possible to combine 2 external interface into
one in openBsD ?
actually its cheaper for me to buy two smaller
internet connection then a big one.
so i was thinking ...
*:$., 88,.$:*(((*$ Stingray *:$., 88,.$:*((*$
And here's another for you:
http://www.openbsd.org/faq/pf/pools.html#outgoing
On 6/17/06, S t i n g r a y [EMAIL PROTECTED] wrote:
Is it possible to combine 2 external interface into
one in openBsD ?
actually its cheaper for me to buy two smaller
internet connection then a big one.
so i was
Be careful -- if you have an application say /usr/local/whatever/foo
that is linked from /usr/local/bin/bar then when you call
/usr/local/bin/bar it will populate bar as the argv[0] element.
This may be what you want, but then again, perhaps you want to know
that foo is the application being
That project (if/once completed) would be very useful. I just cringe
at the thought of running a guestOS of openbsd under linux or Solaris
;)
On 5/30/06, Dries Schellekens [EMAIL PROTECTED] wrote:
Anil Madhavapeddy wrote:
We've put up some Xen-related projects for the Google Summer of
Code,
Gak! The should was hedged with quotes because I couldn't verify
how it behaved. Apparently it's just a quick way to access argv[0].
Thanks!
On 30 May 2006 16:29:31 +0200, Artur Grabowski [EMAIL PROTECTED] wrote:
Peter Blair [EMAIL PROTECTED] writes:
Be careful -- if you have
Are you saying that OpenBSD is targetted as a Dom0 OS? I couldn't
tell from the above mentioned links.
On 5/30/06, Dries Schellekens [EMAIL PROTECTED] wrote:
Peter Blair wrote:
That project (if/once completed) would be very useful. I just cringe
at the thought of running a guestOS
Here's a quick perl script to extract the html:
#!/usr/bin/perl
#
# cvs_dates.pl
while(STDIN)
{
my($line) = $_;
chomp($line);
if( $line =~ /(\d{4}-\d{2}-\d{2}).{28}(\d{10,20})/ )
{
my($d) = $1;
my($id) = $2;
print $d, ,
Don't use iostream.h, as it's old, and only there for backwards
compatibility. If possible, use iostream instead.
On 5/25/06, Toni Mueller [EMAIL PROTECTED] wrote:
Hello,
I'd like to compile a small C++ program (part of building the HylaFAX
port). This is the program:
I haven't personally tested this, but give it a look:
http://www.whoopis.com/howtos/web-bandwidth-limit.html
Unfortunately it doesn't have the same kind of benefits that altq/pf
provide, but as stated in the previous messages, you'd have to place
your webmail and iso services on different IPs.
Another alternative is to use
http://httpd.apache.org/docs/1.3/mod/mod_proxy.html#proxypass to proxy
your iso directory to another httpd instance running on a private IP,
eg:
setup your webserver with the regular public IP address(es), and
additionally setup a number of private IP addresses.
What's your timezone?
On 5/18/06, Didier Wiroth [EMAIL PROTECTED] wrote:
Hello,
(openbsd novice)
I'm experimenting with cvs.
I'm running:
a) cvs repository on openbsd 3.9-stable:
repo:~ $ ls -la /etc/localtime date
lrwxr-xr-x 1 root wheel 37 May 12 17:34 /etc/localtime -
woops -- replied before reading entire message. *ducks*
On 5/18/06, Peter Blair [EMAIL PROTECTED] wrote:
What's your timezone?
On 5/18/06, Didier Wiroth [EMAIL PROTECTED] wrote:
Hello,
(openbsd novice)
I'm experimenting with cvs.
I'm running:
a) cvs repository on openbsd 3.9-stable
Since CEST is +2hours from GMT, then the cvs timestamp looks fine.
On 5/18/06, Darrin Chandler [EMAIL PROTECTED] wrote:
On Thu, May 18, 2006 at 04:42:47PM +0200, Didier Wiroth wrote:
I put a $Id$ in a file and do a commit
cvs -q -d $MYCVS ci -m test index.html
The index.html file $ID$ after
Does the section of the book talk about frame relay? More context would help.
On 5/15/06, S t i n g r a y [EMAIL PROTECTED] wrote:
Well i am learning OpenBSD PF from a book in the
book when creating sample rules the author refers to
CIR's when defining Macros but in the form of
prv_ad =
Perhaps this is what it's talking about.
http://www.ralphb.net/IPSubnet/cidr.html
On 5/15/06, S t i n g r a y [EMAIL PROTECTED] wrote:
No this book is only about openbsd PF no types of
networks
arpwatch
http://ee.lbl.gov/
And lock down the permitted mac addresses on your switch.
On 5/9/06, S t i n g r a y [EMAIL PROTECTED] wrote:
Ok i know PF dont filter using MAC address but can you
point me to package that has the feature of Anti MAC
Spoofing ?
regards
*:$., 88,.$:*(((*$
man getsomeoneelsetodoit
On 5/8/06, Nick Guenther [EMAIL PROTECTED] wrote:
On 5/8/06, S t i n g r a y [EMAIL PROTECTED] wrote:
i have a network script that i want to execute before
any host on the network connects to my computer.
thanks
man rc
man netstart
Perhaps I'm confused, but it doesn't look (from your diagram) that
your pf machine is acting as a firewall for anything but itself.
If you want to filter traffic to your public machines, then you'll
have to either:
1) Use the pf-machine as a bridge between the internet ethernet
segment, and the
http://undeadly.org/cgi?action=articlesid=20060222180512
On 5/5/06, carlopmart [EMAIL PROTECTED] wrote:
Hi all,
Somebody knows when ipsec faq will be published on openbsd website?? i
need to deploy two openbsd 3.9 HA firewalls with vpn, dhcp and x509
certificates included? Somebody have some
ALTQ Should do the trick:
http://www.openbsd.org/faq/pf/queueing.html
On 5/1/06, Chris Bullock [EMAIL PROTECTED] wrote:
Can queues be used to queue overall bandwidth? We have a project where we
will be sharing an Internet connection with another company, we will have an
IP and they will have
I forgot to mention in my previous e-mail, that if you were to
implement the scenerio outlined in your e-mail, then the other company
would have to 'trust' that you're setting up your firewall to not
exceed your 100k of bandwidth.
Just setup a single queue that caps at 100k.
On 5/1/06, Chris
ftp://ftp.openbsd.org/pub/OpenBSD/3.7/ports.tar.gz
On 4/28/06, S t i n g r a y [EMAIL PROTECTED] wrote:
Well i just installed my First OpenBSD BOX :) feels
good !!! but to install packages i cannot find ports
collection in /usr how can i get them ? i am using 3.7
version.
regards
*:$.,
But perhaps you're confusing ports packages:
http://www.openbsd.org/faq/faq15.html#PkgMgmt
Packages are pre-compiled. Ports creates packages from source. You
don't need the ports tree to install packages.
-Pete
On 4/28/06, Peter Blair [EMAIL PROTECTED] wrote:
ftp://ftp.openbsd.org/pub
As an aside: I recently read The Design and Implementation of 4.2 BSD
Operating System, which focused on the VAX architecture, and was
published sometime in the early 80s. In spite of its age, I found the
concepts clearly stated and on a high level, I believe that reading
the book forwarded my
Perhaps: http://www.benzedrine.cx/pfstat.html would interest you.
On Thu, Apr 27, 2006 at 07:50:22AM +0700, riwanlky wrote:
I just installed a pf on my openBSD box as a firewall. However I need
to install MRTG and SNMP so that I can get the network utilization.
Any documentation in the
46 matches
Mail list logo
