Re: relayd ssl termination advice

2023-10-07 Thread Steven Shockley
On 10/7/2023 9:00 PM, Courtney wrote: Hello everyone, I'm seeking an ideal way to make secure https connections to a handful of web servers in my house. I'm currently doing this with haproxy by having it inspect the SNI on the incoming traffic and route based on that. At the time I set it

Netstat output

2023-09-06 Thread Steven Shockley
When running netstat -I [interface], what do the "fails" and "errs" columns mean? When my firewall is under network load, the output interface fails and total errs increases.

Installboot question

2023-07-25 Thread Steven Shockley
I have a machine with two ATA drives in a softraid mirror. For the Zen patch, do I run installboot on just sd2 (the softraid volume) or also sd0 and sd1 (the physical disks)? Thanks.

X11 not working after upgrade to 7.3

2023-04-11 Thread Steven Shockley
I've just upgraded a Windows 10 Hyper-V VM from 7.2 to 7.3 using sysupgrade, sysmerge (no changes) and pkg_add -u. Since the upgrade xenodm doesn't start. The error from Xorg.0.log is: [ 1599.318] (II) VESA(0): virtual address = 0xfe5219000, physical address = 0xf800, size =

Re: Ensuring data integrity

2023-02-17 Thread Steven Shockley
On 2/17/2023 5:30 AM, Stuart Henderson wrote: They're often slower (especially in failure conditions) and more complex. Reconstructing RAID5/6 after a drive failure is pretty intensive on the other disks. Not only that but your other (or spare) drives may have a bad sector that won't be

Re: syslogd program logging

2023-01-25 Thread Steven Shockley
On 1/24/2023 11:13 PM, Alexis wrote: Shouldn't this actually be: !!dhcpd *.*/var/log/dhcpd !* at the start of the file? At least, that's my reading of syslog.conf(5): the two exclamation marks will cause a match on 'dhcpd' to _only_ result in the listed action (with no

syslogd program logging

2023-01-24 Thread Steven Shockley
My isc_dhcpd logs are kind of chatty, and I'd like to send them to their own log. I tried appending the following to syslogd.conf: !dhcpd *.* /var/log/dhcpd This works, but the dhcpd messages still appear in /var/log/daemon as well. Is

Re: embarrassing mail problem

2022-10-06 Thread Steven Shockley
On 10/5/2022 5:04 PM, Steve Fairhead wrote: I have several OpenBSD email servers, some elderly (Sendmail) and some brand-spanking new (smtpd). Recently I've noticed that some (of both kinds) are failing to deliver mail to some major UK ISPs. (Mostly domestic; business ISPs not so much.) For

Daily output empty

2022-10-01 Thread Steven Shockley
I noticed that for the past couple of days I haven't been getting the {daily, weekly, monthly} output from my 8 OpenBSD machines. I am getting emails for other cron jobs. If I run /bin/sh /etc/daily, I get no output (or email). If I run /bin/sh -x /etc/daily, I get what looks like expected

Re: How to disable httpd's default

2022-01-14 Thread Steven Shockley
On 1/13/2022 6:46 PM, i...@protonmail.com wrote: I would like to avoid httpd giving anything if a user types in the IP address of the server. At first I just made an empty page, which is fine for port 80, but if the user then types https://xxx.xxx.xxx.xxx, then the certificate for a domain

Odd package update problem

2021-08-09 Thread Steven Shockley
For a couple of weeks I've had a 6.9-stable machine that didn't seem to be updating packages in packages-stable. In cron I run: /usr/sbin/pkg_add -us | /usr/bin/grep -v 'quirks-.* signed on ' When run via cron, I'd get this output: php-7.4.16p0->7.4.22 forward dependencies: | Dependency of

Re: Azure VMs

2021-08-09 Thread Steven Shockley
On 8/8/2021 11:07 PM, Brian Brombacher wrote: I’ve been running in Azure since Hyper-V drivers were added years ago. Works great. Excellent, thanks!

Azure VMs

2021-08-08 Thread Steven Shockley
Does anyone know if OpenBSD still works in Azure? I found the docs on uploading a VM, but they cover OpenBSD 6.1. I also found https://github.com/Azure/WALinuxAgent/issues/1360, where someone was trying to use 6.3 and unable to get networking functional. (The report was closed as

Re: poor ethernet network performance

2021-05-16 Thread Steven Shockley
On 5/16/2021 6:07 PM, Keegan Saunders wrote: I'm noticing that my OpenBSD desktop with a Realtek 8168 ethernet controller (re(4) driver) is experiencing slow network speeds on OpenBSD 6.9 (not recent, has been an issue before) For example, on OpenBSD, cloning GitHub repos has about <400kb/s

Minor upgrade issue

2021-05-04 Thread Steven Shockley
When following https://www.openbsd.org/faq/upgrade69.html, I noticed a minor error when deleting the Perl files: : rm -f /usr/bin/podselect \ > /usr/lib/libperl.so.20.0 \ [...] > /usr/share/man/man3p/Pod::Select.3p rm: /usr/libdata/perl5/amd64-openbsd/Tie: is a directory rm:

Re: Bufferbloat, FQ-CoDel, and performance

2021-02-25 Thread Steven Shockley
On 2/23/2021 4:04 PM, Stuart Henderson wrote: Oops, on interfaces *without* hw checksum offloading, like this: $ ifconfig em0 hwfeatures em0: flags=8843 mtu 1500 hwfeatures=10 hardmtu 9216 .. I can try it, but I don't think it'll help in my case: bnx0: flags=808843 mtu 1500

Bufferbloat, FQ-CoDel, and performance

2021-02-22 Thread Steven Shockley
I have OpenBSD 6.8 running on a Dell R210-II acting as a firewall/router. To combat bufferbloat I tried implementing FQ-CoDel queueing. The WAN bandwidth is advertised as 940 Mbit/sec down and 840 Mbit/sec up. I've tried adding one or the other of these lines to my pf.conf: queue outq on

Re: dmesg memory not match spdmem and bios

2020-06-11 Thread Steven Shockley
On 6/11/2020 8:57 AM, man Chan wrote: > I just want to know why OpenBSD/i386 have the memory limit to 4G. All operating systems have this limit. The 80386 was released to the public in 1986, when 4 GB was an absurd amount of memory. > It is ok for me to run OpenBSD/amd64 on a i5 machine.

Package -stable updates

2019-08-28 Thread Steven Shockley
So, many thanks to everyone who put together the new -stable updates for packages. Is there a command I can put in the crontab that will only output if there are updates? Similar to what syspatch or openup does. I tried pkg_add -unx, but that still tells me to delete old files and prints the

Re: OpenBSD on VMware ESXi

2019-05-22 Thread Steven Shockley
On 5/22/2019 6:46 AM, Roderick wrote: > Any recommendations in general? Current or stable? I've had bad luck with softupdates and OpenBSD on ESXi when the ESXi datastore is on nfs. (Encountered on ESX 5.0, 5.1, and 5.5; I must not learn from my mistakes.) From what I can tell, if the nfs

Re: 6.5 PowerPC Packages

2019-05-13 Thread Steven Shockley
On 5/9/2019 10:55 AM, Theo de Raadt wrote: > The real reason is because we're low on current for the flux capacitor, > after shifting time for the early 6.5 release. Not all the machines > were able to fit into back seat of the Delorian. Wouldn't that be low on -release or -stable?

Re: Squid slower compared to Linux how to boost it?

2019-01-22 Thread Steven Shockley
On 1/22/2019 11:51 AM, Juan Francisco Cantero Hurtado wrote: > On Tue, Jan 22, 2019 at 07:49:06AM +, slackwaree wrote: >> Hello, >> >> I'm migrating from an old Debian Wheezy 7.11 to OpenBSD 6.3. > > If you're migrating to OpenBSD, then try with -current and update to 6.5 > when we release

DUID changed?

2018-08-18 Thread Steven Shockley
So, today I was installing recent patches on my firewall box (a Dell R210-II) using openup/syspatch. After the reboot, it complained that it couldn't find [DUID].b for swap. After some panic, reboots, powercycles, etc. I realized that the DUID in fstab didn't match the DUID that was being

Re: pgrep/pkill in rc script

2018-06-06 Thread Steven Shockley
On 6/4/2018 4:57 PM, Stuart Henderson wrote: pgrep uses regular expressions, so if you're matching the full string you'll need to escape the +'s. The 16-character limit doesn't apply here, that's if you're only matching on the command name. rc.d / pgrep -f match on the full process title

pgrep/pkill in rc script

2018-06-02 Thread Steven Shockley
I have a 6.3 machine running four Minecraft instances (i.e. Java apps). I recently changed the rc script for one of them to use additional Java command-line arguments. I believe I ran into something similar to https://marc.info/?l=openbsd-misc=138268000201733, where pgrep would no longer