| |
| |
| |
|
Page: 1 2
Comments:
<0> Hey folks. Any way to filter the display of pftop?
<0> for example, to get it to leave out all the post 80 and 443 states?
<0> *port
<1> don't think so
<1> nice idea though
<0> k. thanks
<1> it it was possible it would be in the man page
<0> likely, but as always, worth checking with the gurus here
<1> if it can't, add it ;-)
<0> not everyone who uses OBSD is a C coder. I'd love to be, but I like to sleep, eat, fsck, and mountain bike, too.
<0> :)
<0> time is at a premium, especially in summer
<1> heh
<1> yeah
<1> add it to your todo list, that's what i do
<0> yep
<1> sometimes my todo list can reach up to 50 items
<1> about 30 off are "sometime in the future, maybe"
<1> er, s/off/of/
<1> trouble is, i only add boring items to todo list
<1> interesting stuff gets done right now
<1> boring or expensive stuff
<1> so it ends up never happening :-)
<2> whats the url to see the new stuff between 3.9->4.0
<2> or does it not exist yet
<3> follow changes in -current
<1> plus.html
<2> oh plus i was thinking it was current.html
<2> thnx nicm
<2> anyone know a way to test why rewrite rules arent working :-/
<1> rewrite rules?
<2> nm
<2> nicm; for apache
<2> i had to add %{DOCUMENT_ROOT} to the condition
<1> oh, dunno then
<1> i don't use mod_rewrite
<1> try google or the docs
<2> yeah i fixed it
<4> How can I see what another user is typing (commands run etc) while I am root?
<5> look over the shoulder
<6> happy sys admin day!
<7> What's happy about it?
<6> mwahahaha
<6> if your happy and you know it, clap your hands
<8> yo
<9> yo
<10> hello to the entire world!
<10> as anyone in here able to configure fbsd to do traffic shaping for those p2p connection, like giving less priority for p2p and higher priority to voip/web/smtp/pop3?
<1> this is #openbsd
<1> try #freebsdhelp
<10> opps sorry openbsd rather
<10> not fbsd
<10> im sorry
<1> okay
<1> p2p is hard
<1> mainly because it is hard to catch all the traffic
<1> you would be better doing it in reverse
<10> p2p like those common apps like imesh,kazaa,limewire ,edonkey and etc.
<1> queue the voip/web/smtp/pop3 highly and queue /everything else/ low
<10> what do you mean in reverse?
<1> don't try to downgrade p2p
<1> try to upgrade the things you want
<10> yes like that NicM so how is that possible in openbsd?
<1> altq
<1> go and read the pf guide
<1> also look at the examples in /usr/share/pf
<10> so the altq of pf in obsd is the same with freebsd, am i right?
<1> if you are really using freebsd and only said openbsd to get an answer, i will be very cross
<10> i have also readh the pf of freebsd and im researching which is easier to implement yet powerfull enough to handle such loads
<1> freebsd's pf is a couple of years behind openbsd's
<1> but otherwise they are much the same
<10> http://www.openbsd.org/faq/pf/queueing.html <--just found this through google ,is this the right manual im looking for?
<11> is it worth learnning delphi this days?
<12> doubt it.
<12> it's almost as complex to learn as c/cpp, and it's half as powerful
<11> some ppl say its like cpp
<13> has everyone seen http://www.ukuug.org/sysadminday/
<11> lol yes
<6> tah
<6> just had the obvious one. http://www.sysadminday.com/
<14> Is there a way to have root execute a command when a specific user logs in?
<14> without constantly tailing authlog :p
<3> There is a system-wide .login file, /etc/login. Have it check for the user in question, and execute the command if it matches.
<14> /etc/login.conf?
<15> i've just set up a webserver that works in my LAN but when trying to access it remotely i get "Alert!: Unable to connect to remote host." and "lynx: Can't access startfile http://80.216.86.224/";, i've set up my pf.conf (on the gateway) like this: "rdr on $ext proto { tcp, udp } to port 80 -> 192.168.0.4 (the local ip for the webserver) port 80" and "p*** in on $ext proto { tcp, udp } from any to any port 80 keep state"
<15> what have i missed
<14> rdr p*** on $ext proto tcp from any to port 80 -> 192.168.0.4 maybe
<15> i have tried that
<15> with the same result
<1> use logging
<1> it will tell you which rule is dropping traffic
<15> NicM: how do i do that
<15> i've tried the following: http://members.chello.se/tiol/html.djur.txt
<15> (last time i did the same thing for about a year ago it worked fine)
<15> isn't it to suppose to listen to rl1 (my external interface) where rl0 is my internal one
<1> check the pf guide
<1> it has a section on how to log
<14> So how can I use /etc/login.conf to execute a command as root when a specific user logs in?
<1> you can't
<14> Ok
<1> oh wait
<1> you can
<1> read the man page
<1> perhaps "approve"
<16> martin: he said /etc/login, not login.conf
<1> or use "shell"
<16> pay attention
<14> remiel: manpage?
<1> use your own shell and p*** on to the real shell any acceptable logins
<16> martin: man csh
<1> i don't think /etc/login will do it
<14> Maybe it's just easier to find another way of changing p***word from stdin instead of usermod -p :)
<1> p***wd+expect?
<13> what are you trying to do?
<13> if you make their shell a wrapper around the p***wd command, that should do most of it. it means they can't get any furhter until they've changed their p***word
<14> trying to create an account for use on insecure networks
<14> I have a script that changes the p***word on every login and mails it to my cell
<1> login.conf has a "shell" option
<1> which lets you specify a shell
<1> so, write a script doing what you want and set it as shell
<1> then exec $SHELL if it is happy
<14> will usermod run as root then?
<1> maybe not, but set it up to use sudo
<1> you could alos try "approve" instead, it may run as root
<1> read the man page yourself and see what the options are
<14> ok
<14> trying to avoid sudo
<1> well, try if you like, but it is a valid tool to use
<14> probably better to just use p***wd and expect as you suggested
<1> or patch p***wd to accept it from stdin
<14> yep
<1> oop, gotta go
<1> later
<14> thanks
<14> what's the correct way of patching p***wd?
<13> don't
<14> :)
<14> but I need the --stdin option
<17> does skey(1) do what you need already?
<14> maybe
<18> martin: you're mailing your new p***words in cleartext?
<18> (currently)
<14> yes
<18> and how does that make anything more secure?
<14> it's just an attempt to battle possible keyloggers
<18> you're logging in via ssh?
<14> yes
<18> then use skey(1)
<18> sending p***words via cleartext may avoid keyloggers, but it opens you up to a host of other (easy) attacks
Return to
#openbsd
or
Go to some related
logs:
#microsoft
#debian
#hardware
#nintendo
#politics
what is repr()
linux noob open ports
#heroin
#beginner
#beginner
|
|