headers
Peter Valchev | 1 Nov 2002 01:26

theo

Theo is in sw phoenix az, does anyone want to buy him beer tonight?
He sounds like he needs some
Permalink | Reply | 6 comments |
headers
Dan Weeks | 1 Nov 2002 01:33
X-Face

Re: Redirecting a range of ports

first, please make sure you wrap your lines in the future, one long line is
a pain in the butt to read.

second, this is not a tech <at>  issue, i've redirected to misc <at> .

>>>>> "CP" == "Canek Peláez" <canek.pelaez <at> simitel.com>:
CP> Hi; I've a special case for a NAT. I've a server behind my NAT, and the
CP> port that the server uses is redirectioned. But when the client makes a
CP> connection with the server, it needs to open ANOTHER connection with
CP> the server. Those connections uses the ports 10000, 10001, 10002, ...,
CP> etc.
CP> 
CP> So far, I've been using this (IP's changed):
CP> 
CP> rdr sis0 1.1.1.1/32 port 10000 -> 2.2.2.2 port 10000
CP> rdr sis0 1.1.1.1/32 port 10001 -> 2.2.2.2 port 10001
CP> rdr sis0 1.1.1.1/32 port 10002 -> 2.2.2.2 port 10002
CP> 
CP> That's horrible. I need to redirect a whole range of ports. It's that possible?
CP> 
CP> (The reasons I need to do this are very complicated; but a solution of
CP> the form "put the server in the NAT" just doesn't work for me).

have you read the pf.conf(5) man page at all?

     rdr         The packet is redirected to another destination and possibly
                 a different port.  rdr rules can optionally specify port
                 ranges instead of single ports.  'rdr ... port 2000:2999 ->
                 ... port 4000' redirects ports 2000 to 2999 (including port
                 2000 and 2999) to the same port 4000.  'rdr ... port
(Continue reading)

Permalink | Reply | 2 comments |
headers
Diana Eichert | 1 Nov 2002 01:48

Re: theo

On Thu, 31 Oct 2002, Peter Valchev wrote:

> Theo is in sw phoenix az, does anyone want to buy him beer tonight?
> He sounds like he needs some

If he was in Albuquerque, New Mexico I'd buy him a beer, but Phoenix is a
little far for me to drive.  Shoot, I'd buy him several pints if he
wanted them!

diana

To announce that there must be no criticism of the president,
or that we are to stand by the president, right or wrong, is not
only unpatriotic and servile, but is morally treasonable to 
the American public.  - Theodore Roosevelt

For PGP Public key
http://www.swcp.com/~deichert/pgp_public_key.txt
Permalink | Reply | 0 comments |
headers
Marco Peereboom | 1 Nov 2002 01:56
Picon
Favicon

Re: Redirecting a range of ports

Let me quote from man.conf:
The packet is redirected to another destination and possibly
a different port.  rdr rules can optionally specify port
ranges instead of single ports.  'rdr ... port 2000:2999 ->
... port 4000' redirects ports 2000 to 2999 (including port
2000 and 2999) to the same port 4000.  'rdr ... port
2000:2999 -> ... port 4000:*' redirects port 2000 to 4000,
2001 to 4001, ..., 2999 to 4999.

----- Original Message -----
From: "Canek Peláez" <canek.pelaez <at> simitel.com>
To: <tech <at> openbsd.org>
Sent: Thursday, October 31, 2002 19:24
Subject: Redirecting a range of ports

> Hi; I've a special case for a NAT. I've a server behind my NAT, and  the
port that the server uses is redirectioned. But when the client makes a
connection with the server, it needs to open ANOTHER connection with the
server. Those connections uses the ports 10000, 10001, 10002, ..., etc.
>
> So far, I've been using this (IP's changed):
>
> rdr sis0 1.1.1.1/32 port 10000 -> 2.2.2.2 port 10000
> rdr sis0 1.1.1.1/32 port 10001 -> 2.2.2.2 port 10001
> rdr sis0 1.1.1.1/32 port 10002 -> 2.2.2.2 port 10002
> ...
>
> That's horrible. I need to redirect a whole range of ports. It's that
possible?
>
(Continue reading)

Permalink | Reply | 1 comment |
headers
Karl R. Balsmeier | 1 Nov 2002 02:20

PHP "Flavors"

These have been removed from what my command lines return...  Is there an
alternate route to say,

env=FLAVOR "imap mysql ldap" make

I so enjoyed Samiela V. Taufa's howto on this back in the 2.8 days...
Basically i'm just looking to compile PHP with goodies I can stash
sourceforge stuff into...  All of the politicians running for office in SF
love these "canned" websites like phpnuke, et al...  and pay willingly...

Sincerely,
Karl R. Balsmeier
Senior Systems Engineer
SFDATA.NET, LLC
Permalink | Reply | 3 comments |
headers
Colin Harford | 1 Nov 2002 02:50

Re: Recommendations for TCP/IP traffic statistical analysis

Time I unlurk i think...
On Thursday, October 31, 2002, at 01:10 PM, Jyri Hovila wrote:

> Howdy!
>
> First of all, thanks for the many good answers for my previous question
> about bridge having an IP-address. You guys are unbelieveable: first
> answer came just couple of minutes after I posted the question! =)
>
> Here's a new one: I'm trying to find out what is causing *very* big
> traffic peaks in my client's network. Peaks occur every now and then,
> usually once a day. During the peak duration -- couple of hours usually
> -- , tens of gigabytes of traffic is generated, both in- and outbound.
> My client is a company which definately does not transfer such amounts
> of anything. And usually the peaks have occured when there's no-one in
> the office.
>
> Anyway, I'm looking for a way to collect statistics of TCP/IP traffic
> during a period of one week. I'm mostly interested in knowing overall
> amount of traffic from/to each workstation and server in my client's
> LAN. Any ideas what program(s) I could use for this purpose? MRTG is no
> good as I'd like to get statistics per host. It would be great to get
> some nice graphs of the results though. :)
>
> Thanks, again, in advance!
>
> - Jyri
>
>
(Continue reading)

Permalink | Reply | 3 comments |
headers
Dirk Rösler | 1 Nov 2002 02:57
Picon

Re: Redirecting a range of ports

As far as I can see the only thing you cannot consolidate in rdr are 
non-sequential port numbers. Individual rules need to be used, e.g.

rdr on tun0 proto tcp from any to tun0/32 port 80 -> 192.168.1.2 # HTTP
rdr on tun0 proto tcp from any to tun0/32 port 443 -> 192.168.1.2 # 
HTTPS

and not

rdr on tun0 proto tcp from any to tun0/32 port { 80, 443 } -> 
192.168.1.2 # HTTP(S)

This is unlike firewall rules.

Dirk
Permalink | Reply | 0 comments |
headers
Ramon Reyes Carrion | 1 Nov 2002 03:53
Picon
Favicon

Re: OpenBSD 3.1 sparc64 freezes during post-install reboot

On Fri, 23 Aug 2002, Dan Herrera wrote:

[...]
> After installation is complete, and I am attempting to boot OpenBSD
> for the first time, it freezes randomly at one of two points while
> booting.  It either stops at the 'pcons at mainbus0 not configured'
> line, or at 'root device :' line.  When it freezes, I am unable
> to get to the ok prompt by sending a break over the serial console.

I have exactly the same problem with a Ultra I, but just discovered that
the machine is running and having configured the network during
installation I can remotely login. The only thing that I can guess is that
for some reason getty is not running. Maybe someone else may help with
getty.

Ramon.
Permalink | Reply | 0 comments |
headers
Ben Goren | 1 Nov 2002 04:31
Favicon
Gravatar

Re: theo

On Thu, Oct 31, 2002 at 05:26:02PM -0700, Peter Valchev wrote:

> Theo  is in  sw phoenix  az, does  anyone want  to buy  him beer
> tonight?  He sounds like he needs some

Tonight's   no  good,   but   tomorrow  is   if   he's  still   in
town. Actually, I've been  doing a bit of consulting  for a rather
good restaurant chain lately  and I may be able to  get him a good
meal to go with the beer.

My number is listed and available upon request....

Cheers,

b&

P.S. It's never  been an issue  before...but is it  ``thee-oh'' or
``tay-oh''? I recall coming  across a thread in  the archives some
time ago that was inconclusive. b&

--
Ben Goren
 mailto:ben <at> trumpetpower.com
 http://www.trumpetpower.com/
 icbm:33o25'37"N_111o57'32"W

[demime 0.98d removed an attachment of type application/pgp-signature]
Permalink | Reply | 4 comments |
headers
David Norman | 1 Nov 2002 05:45
Picon
Favicon

Re: PHP "Flavors"

> These have been removed from what my command lines return...  Is
> there an
> alternate route to say,
> 
> env=FLAVOR "imap mysql ldap" make

It goes the other way now. To do it cleanly, I've found you have to
build the core directory first, then switch to the extensions directory
and use the flavors, then do PEAR if you want it. When I try to do it
all in /usr/ports/www/php4, I get errors, so I just do it in each
section.

cd /usr/ports/www/php4/core
make show VARNAME=FLAVORS <- remember this listing for later
make install
cd ../extensions
env FLAVOR="no_x11 no_bz2 no_curl..." make install
[activate modules if you want to here with phpxs]
cd ../pear
make install

David Norman

stupid yahoo tagline:
HotJobs - Search new jobs daily now
http://hotjobs.yahoo.com/
Permalink | Reply | 1 comment |

Gmane