Hello,
my OpenBSD 3.7 box at home establishes a static pptp connection to my
companies vpn server.
From any client at home, I can ping any server in the company. But I
can't ping any client at home from the company.
I have to ping a client at work, from any client at home, in order to
access my
hello,
For the past week, I am trying to get information to
setup a sceure way for my obsd(3.8)AP --- XP. I
find the following document:
http://www50.brinkster.com/dachee/OpenVPN.htm
Is there anyone try this out successfully ? As I was
stopped at the OpenSSL CA Certificates. The error
is
In case anyone from .uk is interested, www.scan.co.uk are currently
selling a couple of Ralink RT2560 based 802.11g wireless cards
(supported under OpenBSD by ral(4)):
Edimax EW-7128G 54Mbps Wireless PCI Card
(http://www.scan.co.uk/Products/ProductInfo.asp?WebProductID=152539)
Gigabyte GN
/usr/ports/net/poptop works excellently.
pf needs to allow protocol 47 and tcp 1723 plus need to allow traffic
for specific tunnels created tun0 tun1 etc.
Generally the client will determine whether to use the created link as
default route. If using windows check the tcp/ip
properties and
I have a hard time making up my mind which is better:
a USB ralink wireless (Surecom EP-9001G) or a PCMCIA ralink
wireless (Surecom EP-9428G).
According to man ral they're both supported so this question isnt about
diffrent chipset but about what bus type is preferable: USB or PCMCIA.
Or if the
John N. Brahy wrote:
Is there a perl interface to pf?
No, and it would be totally insane to build one. PF is not a low-level
assembly language for expressing ioctl(2) calls. It is an LALR(1)
grammar for specifying firewall policies. Because of its high
abstraction level compared to said
per engelbrecht wrote:
Q: setting up iBGP I've used our own AS as 'remote-as' but can't find a
'no synchronization' option for this connection. Do I need it at all.
Been poking around in /usr/src/usr.sbin/bgpd without solving it, but
it's needed in zebra and Cisco IOS hence the question.
A: ?
Is there any difference between openssl 0.9.7d and
openssl 0.9.7g. ? The said http used 0.9.7d but mine
is 0.9.7g.
clarence
--- man Chan [EMAIL PROTECTED] ;!!G
hello,
For the past week, I am trying to get information to
setup a sceure way for my obsd(3.8)AP --- XP. I
find the following
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jesper Louis Andersen wrote:
John N. Brahy wrote:
Is there a perl interface to pf?
No, and it would be totally insane to build one.
Well, the only use that came to my mind was a perl daemon running on the
FW that accepts rule updates from a
Jesper Louis Andersen wrote:
per engelbrecht wrote:
Q: setting up iBGP I've used our own AS as 'remote-as' but can't find
a 'no synchronization' option for this connection. Do I need it at all.
Been poking around in /usr/src/usr.sbin/bgpd without solving it, but
it's needed in zebra and Cisco
You should prefer the PCMCIA one.
The RT2500USB chipset has poor support for per-node tx rate
adaptation and is thus a bad choice for hostap mode.
Damien
| I have a hard time making up my mind which is better:
| a USB ralink wireless (Surecom EP-9001G) or a PCMCIA ralink
| wireless (Surecom
On Nov 3, 2005, at 8:17 AM, Markus Wernig wrote:
Well, the only use that came to my mind was a perl daemon running
on the
FW that accepts rule updates from a remote client. While that can be
done with other means (ssh, sh scripts), i can imagine that a perl
class
for manipulating pf rules
Hi,
I have just installed 3.8 from the CD :-) and FTPed all packages from
ftp.kd85.com. It all went well but I am having a strange problem with
subversion. svnserve does not seem to bind to inet but only to inet6.
I do a simple
sudo svnserve -d -r /my/repos
netstat -a -n -f inet | grep :3960
http://www.linuxdevices.com/news/NS8464432110.html
This looks like something cool to add.
The AOpen MiniPC measures 6.5 x 6.5 x 2 inches, is powered by an
Intel Pentium M or Celeron M processor
--
The only way to keep your health is to eat what you don't want, drink
what you don't like, and do
Hi all
[20051019 snap i386]
Running smartd on a SCSI/U320 based single-disk system kills the system
at once! - dmesg further down.
(sysctl hw.disknames=sd0,cd0,fd0)
Snip of /etc/smartd.conf
[...]
#DEVICESCAN
/dev/sd0c
/dev/sd0c -m [EMAIL PROTECTED] -M test
/dev/sd0c -d scsi -H -l error -l
Dear gentleman,
i have an obsd firewall and would like to prevent external entities
discovering that firewall is openbsd, is that possible?
Thanks a lot for your time and cooperation.
On Thu, Nov 03, 2005 at 10:24:15AM +0100, Andreas Krummrich wrote:
Hello,
my OpenBSD 3.7 box at home establishes a static pptp connection to my
companies vpn server.
From any client at home, I can ping any server in the company. But I
can't ping any client at home from the company.
I have
Zitat von Joachim Schipper [EMAIL PROTECTED]:
On Thu, Nov 03, 2005 at 10:24:15AM +0100, Andreas Krummrich wrote:
Hello,
my OpenBSD 3.7 box at home establishes a static pptp connection to my
companies vpn server.
From any client at home, I can ping any server in the company. But I
can't ping
On 2005-11-03 08:20:47 -0600, Jared Solomon wrote:
The AOpen MiniPC measures 6.5 x 6.5 x 2 inches, is powered by an
Intel Pentium M or Celeron M processor
http://www.heise.de/newsticker/meldung/65660
A MacMini is cheaper and runs OBSD.
Best
Martin
--
Gustavo Rios wrote:
Dear gentleman,
i have an obsd firewall and would like to prevent external entities
discovering that firewall is openbsd, is that possible?
Thanks a lot for your time and cooperation.
I use the following line in pf to prevent nmap scan, including -O:
block in quick
Right now, i am running into bussiness. I would like my client to get
focused into the solution only. I don't want to give him a chance to
compare my proposal to other.
that's why.
2005/11/3, Hans van Leeuwen [EMAIL PROTECTED]:
Gustavo Rios wrote:
Dear gentleman,
i have an obsd firewall
I have recently purchased a number HP DX5150 SFF desktops with idea of
using them as basic infrastructure servers (e.g. DNS, DHCP, and
firewall). I prefer to use -stable versions of FreeBSD and OpenBSD.
Following are the specs on the boxes:
HP dx5150
AMD Sempron 3000+
ATI Radeon Xpress 200
Dominique Jacquel wrote:
Hi,
I have just installed 3.8 from the CD :-) and FTPed all packages from
ftp.kd85.com. It all went well but I am having a strange problem with
subversion. svnserve does not seem to bind to inet but only to inet6.
Yes, this is known. By default svnserve will only
Hello,
Does someone know if this product can be purchased in europe:
http://www.commell-sys.com/Product/IPC/EMB-564.htm
I recently saw this boxes in a presentation available on
www.openbsd-support.com.
Thanks for replying
Didier
Hi again
Followup on first mail with only trace/gdb info:
GNU gdb 6.3
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain
conditions.
Type show copying to
Dominique Jacquel [EMAIL PROTECTED] writes:
Hi,
I have just installed 3.8 from the CD :-) and FTPed all packages from
ftp.kd85.com. It all went well but I am having a strange problem with
subversion. svnserve does not seem to bind to inet but only to inet6.
This is a known issue with
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
Markus Wernig
Sent: den 3 november 2005 14:17
To: Jesper Louis Andersen
Cc: John N. Brahy; misc@openbsd.org
Subject: Re: perl interface to pf?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jesper Louis
On Thursday 03 November 2005 13:49, you wrote:
I'd rather
rely on ssh, keys, sudo, and scripts to do it.
Erm, perl scripts ARE scripts!
--On 02 November 2005 15:19 -0800, Jeffrey Williams wrote:
I have recently purchased a number HP DX5150 SFF desktops with idea
of using them as basic infrastructure servers (e.g. DNS, DHCP, and
firewall). I prefer to use -stable versions of FreeBSD and OpenBSD.
A few general thoughts (no
On Thu, Nov 03, 2005 at 01:48:56PM -0200, Gustavo Rios wrote:
Right now, i am running into bussiness. I would like my client to get
focused into the solution only. I don't want to give him a chance to
compare my proposal to other.
that's why.
Now *there*'s a noble goal...
Anyway, you do
Miguel wrote:
Miguel wrote:
Hi, i have some problems with my quad ethernet in a netra x1
firewall, this is not the first time i face this, some months ago i
had the very same problem, i was able to fix it following this
excelent instructions:
I have been running 3.6 for about a year on my server. I have a backup
solution that writes to an ide-cdrw 4 times a day. A month ago I
installed a scsi card to hook up a newly acquired tape drive. My cdrw
backups have been failing since.
I did not change any kernel settings (that I
Gustavo Rios wrote:
Dear gentleman,
i have an obsd firewall and would like to prevent external entities
discovering that firewall is openbsd, is that possible?
Thanks a lot for your time and cooperation.
Or you can take the complicated approach and use the Wafter.
A kernel module to do
--On 03 November 2005 18:12 +0100, Didier Wiroth wrote:
Does someone know if this product can be purchased in europe:
http://www.commell-sys.com/Product/IPC/EMB-564.htm
I recently saw this boxes in a presentation available on
www.openbsd-support.com.
Hi Gustavo,
Right now, i am running into bussiness. I would like my client to get
focused into the solution only. I don't want to give him a chance to
compare my proposal to other.
In the years I have been in business myself, I have noticed that unless
you are as open as you can be about what
I have been running 3.6 for about a year on my server. I
have a backup
solution that writes to an ide-cdrw 4 times a day. A month ago I
installed a scsi card to hook up a newly acquired tape drive.
My cdrw
backups have been failing since.
I did not change any kernel settings (that
On Thu, 3 Nov 2005, Marc L'Heureux wrote:
I have been running 3.6 for about a year on my server. I have a backup
solution that writes to an ide-cdrw 4 times a day. A month ago I installed a
scsi card to hook up a newly acquired tape drive. My cdrw backups have been
failing since.
I did
I have been running 3.6 for about a year on my server. I
have a backup
solution that writes to an ide-cdrw 4 times a day. A month ago I
installed a scsi card to hook up a newly acquired tape drive.
My cdrw
backups have been failing since.
I did not change any kernel
From: Marc L'Heureux [mailto:[EMAIL PROTECTED]
I used to have dev=/dev/cd0c:0,0,0 but looking at my dmesg
I thought I might
have to change it to dev=/dev/cd0c:0,1,1. Providing
different options to
cdrecord does not help, it still bails
It should be dev=/dev/rcd0c:$BUS,0,0 -
On Thu, 03 Nov 2005 16:32:13 +0100
Hans van Leeuwen [EMAIL PROTECTED] wrote:
Gustavo Rios wrote:
Dear gentleman,
i have an obsd firewall and would like to prevent external entities
discovering that firewall is openbsd, is that possible?
Thanks a lot for your time and cooperation.
On Thu, 03 Nov 2005 16:22:53 +1300
Stephen Nelson [EMAIL PROTECTED] wrote:
Thanks for your prompt reply. I misunderstood you last time, I thought
you were suggesting that one of the drives was defective.
I tried swapping the CDROM, but the x336 are 1U rackmounted servers,
and they use custom
Hello!
...Same problem, again (it was already covered some time ago).
When I run the last step in building a release
(see http://www.openbsd.org/faq/faq5.html) , i.e.
# make release
I get a message informing me that /dev/svnd0a is full. This occurs
while make is working with ramdiskC
On Thu, 3 Nov 2005 08:24:25 +0100
Han Boetes [EMAIL PROTECTED] spake:
Otto Moerbeek wrote:
On Thu, 3 Nov 2005, Eder M. G. A. wrote:
I have installed OpenBSD 3.8 on my ibook G4, all fine, but i
can't switch to another console, just can use ttyC0, i tried
different methods but without
The mailing list server is now using several blacklists from the
SORBS project (http://www.sorbs.net) to prevent spam. So far it
is using the SORBS zombie, spam, web form and dialup blacklists.
This does mean that people sending mail from a dynamic IP address
(cable modem, dynamic DSL or dialup)
Thanks for everything guys :)
Best regards
Atte.
Eder
I have a backup server (Dell PowerEdge 1850) attached to the Dell PowerVault
220S. The only function this server does is backing up remote servers
throughout the day via rsync.
The 1850 uses RAID 1 via the embedded RAID controller (PERC 4e/Si, ami0).
On this RAID 1 is a generic install of
I'm unable to use floppyC38.fs to boot my laptop.
It is a Dell latitude CPx J650GT with bios A16
I've tried different floppy disks with the same results.
I've tried floppyC38.fs from 3.8 release
I've tried floppyC38.fs from snapshots date 11/2/05
Using the exact same floppy i can boot my pc just
On Thursday 03 November 2005 08:59, Martin Schrvder wrote:
On 2005-11-03 08:20:47 -0600, Jared Solomon wrote:
The AOpen MiniPC measures 6.5 x 6.5 x 2 inches, is powered by an
Intel Pentium M or Celeron M processor
http://www.heise.de/newsticker/meldung/65660
A MacMini is cheaper and runs OBSD.
Greetings,
We've all probably had or seen the carp error similar to:
carp0: incorrect hash
In most cases that I've seen on this and other lists it was because of
something obvious like a mismatched pass or two supposed carp partners
using different vhid's.
I've taken a look at the code but
I'll start looking into this ASAP.
On Thu, Nov 03, 2005 at 02:17:12PM -0700, Tom Geman wrote:
I have a backup server (Dell PowerEdge 1850) attached to the Dell
PowerVault 220S. The only function this server does is backing up remote
servers throughout the day via rsync.
The 1850 uses
[EMAIL PROTECTED] wrote:
Hello!
...Same problem, again (it was already covered some time ago).
When I run the last step in building a release
(see http://www.openbsd.org/faq/faq5.html) , i.e.
# make release
I get a message informing me that /dev/svnd0a is full. This occurs
while make is
On Thu, Nov 03, 2005 at 04:56:34PM -0500, daniel wrote:
I'm unable to use floppyC38.fs to boot my laptop.
It is a Dell latitude CPx J650GT with bios A16
I've tried different floppy disks with the same results.
I've tried floppyC38.fs from 3.8 release
I've tried floppyC38.fs from snapshots
holy hell this OS f'ckin rocks.
so i waste a day and a half because i forgot to
do a 'dnssec-enable yes;' in named.conf, totally my fault.
after i turn that on and setup named and my keys/zones
right ( or unbreak them, after the day and a half of barking
up the wrong tree... ), i
I just installed 3.8 on a server that never had OpenBSD on it. Whenever I
reboot, I get a warning that / wasn't unmounted properly. This is followed
by an fsck of / and bootup goes on as normal. All other filesystems are
clean.
I've tried reboot, halt, even sync sync sync reboot. The bootup
Michael Favinsky wrote:
I just installed 3.8 on a server that never had OpenBSD on it. Whenever I
reboot, I get a warning that / wasn't unmounted properly. This is followed
by an fsck of / and bootup goes on as normal. All other filesystems are
clean.
I've tried reboot, halt, even sync sync
Michael Favinsky wrote:
I just installed 3.8 on a server that never had OpenBSD on it.
OpenBSD 3.8 (GENERIC) #138: Sat Sep 10 15:41:37 MDT 2005
That's not 3.8: 3.8-stable was compiled on september the 26th.
# Han
On 11/3/05, Michael Favinsky [EMAIL PROTECTED] wrote:
I just installed 3.8 on a server that never had OpenBSD on it. Whenever I
reboot, I get a warning that / wasn't unmounted properly. This is followed
by an fsck of / and bootup goes on as normal. All other filesystems are
clean.
I've tried
On Thu, Nov 03, 2005 at 06:13:22PM -0700, jared r r spiegel wrote:
On Thu, Nov 03, 2005 at 04:31:56PM -0800, Michael Favinsky wrote:
I've tried reboot, halt, even sync sync sync reboot. The bootup sequence
still shows that / wasn't unmounted properly.
Am I doing something wrong? Is
hi all:
I use OpenBSD 3.8 release,but download packages from
ftp://ftp.openbsd.org/pub/OpenBSD/snapshots/i386/;.
When i install analog-6.0.tgz and webalizer-2.01.10p2.tgz,i got the
same error message.
i run pkg_info -K -L PKGNAME ,but not found lib ttf.1.3.
Is there something
On Fri, Nov 04, 2005 at 09:22:41AM +0800, MichaelBibby wrote:
hi all:
I use OpenBSD 3.8 release,but download packages from
ftp://ftp.openbsd.org/pub/OpenBSD/snapshots/i386/;.
You've missed FAQ 15.4.1:
---
15.4.1 - I'm getting all kinds of crazy errors. I just
MichaelBibby wrote:
hi all:
I use OpenBSD 3.8 release,but download packages from
ftp://ftp.openbsd.org/pub/OpenBSD/snapshots/i386/;.
When i install analog-6.0.tgz and webalizer-2.01.10p2.tgz,i got the
same error message.
i run pkg_info -K -L PKGNAME ,but not found lib ttf.1.3.
sorry ,what a stupid question :(
and thanks
Steve Shockley[EMAIL PROTECTED]
Josh Grosse[EMAIL PROTECTED]
^_^
On Thu, Nov 03, 2005 at 06:11:20PM -0500, Jon Hart wrote:
1) used to determine that a particular carp packet is intended for
you carp host?
carp(4) does a number of validity checks before treating the packet a
real carp packet:
- was the device recieved on a interface that has a
Han Boetes wrote:
Michael Favinsky wrote:
I just installed 3.8 on a server that never had OpenBSD on it.
OpenBSD 3.8 (GENERIC) #138: Sat Sep 10 15:41:37 MDT 2005
That's not 3.8: 3.8-stable was compiled on september the 26th.
Yes, that *is* 3.8. That *is* what is on the CDs. I have no
Nick Holland wrote:
Han Boetes wrote:
Michael Favinsky wrote:
I just installed 3.8 on a server that never had OpenBSD on it.
OpenBSD 3.8 (GENERIC) #138: Sat Sep 10 15:41:37 MDT 2005
That's not 3.8: 3.8-stable was compiled on september the 26th.
Yes, that *is* 3.8. That *is* what
Nick Holland wrote:
Han Boetes wrote:
Michael Favinsky wrote:
I just installed 3.8 on a server that never had OpenBSD on it.
OpenBSD 3.8 (GENERIC) #138: Sat Sep 10 15:41:37 MDT 2005
That's not 3.8: 3.8-stable was compiled on september the 26th.
Yes, that *is* 3.8. That *is* what
Hi Damien,
On 04/11/2005, at 9:56 AM, Damien Miller wrote:
why care? fingerprinting is such a non-issue, and spending effort
to avoid it is just security through obscurity.
Ignoring whether blocking NMAP scans is effective or not...
I agree that it is not good to rely on obscurity. But I
Is this anything to be concerned about?
http://www.isrc.qut.edu.au/people/mbradfor/openbsd-carp-arpbalance.html
I'm setting up an OpenBSD 3.7 firewall for the first time.
I've been flailing at this all afternoon and have exhausted my ideas.
My ruleset looks like this (from pfctl -s rules):
[var/[EMAIL PROTECTED] pfctl -s rules
block return all
pass quick proto tcp from any to any
On 11/3/05, Han Boetes [EMAIL PROTECTED] wrote:
Nick Holland wrote:
Han Boetes wrote:
That's not 3.8: 3.8-stable was compiled on september the 26th.
I have no idea what you are babbling about here, 3.8-stable is
only started to be maintained on release day, Nov. 1, and
running
Hi,
I been asked about
http://www.openbsd.org/faq/faq3.html#ISO
How is the Layout defined???
maybe Nick or Theo or some other responsible person could give an
authoritative answer so I can give it back to the person who asked me.
If the md5 sum of the ISO image of a custom made OpenBSD CD is
On Sat, Nov 05, 2005 at 04:05:17AM +1300, Josh wrote:
Is this anything to be concerned about?
http://www.isrc.qut.edu.au/people/mbradfor/openbsd-carp-arpbalance.html
Only if you use arpbalance in a situation where it really matters (as
opposed to a situation where you use it because you think
On Fri, Nov 04, 2005 at 05:16:22PM +1100, Cameron Simpson wrote:
[var/[EMAIL PROTECTED] pfctl -s rules
block return all
pass quick proto tcp from any to any port = ssh flags S/SA keep state
pass in quick proto icmp all keep state
^^
How are the packets
73 matches
Mail list logo