Skip to main content

Questions tagged [openbsd]

OpenBSD is a free, multi-platform 4.4BSD-based UNIX-like operating system with a focus on security, portability, standardization, code correctness, proactive security and integrated cryptography.

Filter by
Sorted by
Tagged with
26 votes
11 answers
20k views

Is anyone else using OpenBSD as a router in the enterprise? What hardware are you running it on? [closed]

We have an OpenBSD router at each of our locations, currently running on generic "homebrew" PC hardware in a 4U server case. Due to reliability concerns and space considerations we're looking at ...
Kamil Kisiel's user avatar
  • 12.3k
24 votes
2 answers
8k views

Authenticating OpenBSD against Active Directory

Edit: Reformatted this as Q&A. If anyone can change this from Community Wiki to a typical question, that's probably more appropriate as well. How can I authenticate OpenBSD against Active ...
22 votes
2 answers
42k views

Why does tomcat7 log into both catalina.out and catalina.YYYY-MM-DD.log?

On OpenBSD 5.2, the default installation of tomcat-7.0.29 seems to be logging all errors into both catalina.out and catalina.YYYY-MM-DD.log. Cns# ll /var/tomcat/logs/catalina.* -rw-r--r-- 1 _tomcat ...
cnst's user avatar
  • 14.4k
13 votes
6 answers
5k views

OpenBSD, FreeBSD: your update philosophy?

I've used FreeBSD for about 5 years - server/Desktop - and I've tended to take my apt-get/yum upgrade everything habits along with me ( I admin Debian/RHEL/Cent boxes as well -- I know, I know ......
Bubnoff's user avatar
  • 425
9 votes
1 answer
3k views

OpenBSD route via different gateways which have same IP but on different interfaces

I have multiple VPN connections which use the same gateway IP (I do not have the ability to change this as it is out of my control). These VPNs all provide access to different networks, and the ...
bao7uo's user avatar
  • 1,714
8 votes
4 answers
3k views

OpenBSD/FreeBSD Firewall w/ GUI that is compatible with Intel 82574L Gigabit LAN NICs

I recently purchased a server to run m0n0wall or pfSense but I've learned since then that both of these firewall products are based on versions of FreeBSD which weren't yet compatible with the NICs in ...
Zen Master's user avatar
8 votes
1 answer
9k views

Send trunk directly to vm in HyperV 2012

I'm setting up OpenBSD as a VM in HyperV 2012. It would be easier for me to just create one interface on the vm and have OpenBSD take care of setting up the vlans. Is it possible to tell HyperV to ...
Guillaume Filion's user avatar
7 votes
7 answers
13k views

Linux equivalent of pfsync+carp for failover firewall/routing

I'm currently using a linux box to handle my firewall/NAT using iptables. It has two NICs, one link to a LAN switch, one to our egress Internet provider. I'm looking at upgrade this box to two boxes ...
imaginative's user avatar
  • 1,991
7 votes
2 answers
4k views

Can I create a pf rule involving MAC address instead of IP?

The title is self explanatory. I want to create rules in pf running on OpenBSD 4.9 for perticular MAC address, something like pass in on eth0 from mac 00:04:34:5f:34:33 to mac 34:32:34:06:5e:22 I ...
Vineet Menon's user avatar
7 votes
1 answer
2k views

Multi-homed OpenBSD system: Policy based routing vs. mpath default routes

TL;DR Will OpenBSD policy based routing help with a multi-homed server/gateway situation? If so, how do I configure it? Long Form I'm managing an OpenBSD with two ISP links and VPN tunnels to ...
Jim Dennis's user avatar
6 votes
2 answers
793 views

Which BSD best suited to run as VMware guest?

I want to deploy a VM to serve DNS and files (via NFS) to other *nix systems in my infrastructure. Due to reasons beyond my control, I need a very light OS, so I naturally choose the *BSD family. ...
pepoluan's user avatar
  • 5,148
6 votes
5 answers
5k views

How do I spamtrap with Postfix?

How do I setup spamtraps with Postfix so clients that send to trapped addresses are prevented from sending me more spam?
sh-beta's user avatar
  • 6,848
6 votes
3 answers
3k views

Modern open source NIDS/HIDS and consoles? [closed]

Years back we set up an IDS solution by placing a tap in front of our exterior firewall, piping all the traffic on our DS1 through an IDS box and then sending the results off to a logging server ...
MattC's user avatar
  • 377
6 votes
1 answer
3k views

How to run VmWare tools in OpenBSD4.5 with VmWare server 2.0.X

For testing purposes i frequently run OpenBSD in VmWare, before version 2.0.x, tweaking the vm type and using Freebsd compatibility mode made the job but this does not work anymore with VmWare server ...
Maxwell's user avatar
  • 5,076
6 votes
2 answers
3k views

Setting up IPSEC on LAN between two hosts (OpenBSD)

Trying to use IPSEC between two hosts on a LAN. No VPN involved Using OpenBSD 5.8 (in VirtualBox). I'd prefer to use OpenBSD's built-in support for IPSEC and key exchange and not a third-party. Two ...
Neil McGuigan's user avatar
6 votes
3 answers
2k views

OpenBSD default gateway outside subnet

My ISP offers IPv6 by default. However, my ISPs IPv6 setup appears to be a bit strange because the default IPv6 gateway is located outside of my servers subnet. Under linux it is possible to setup a ...
RNieaa's user avatar
  • 61
6 votes
1 answer
360 views

OpenBSD not responding to arp queries

I am setting up an OpenBSD system as a router, I have one interface as the upstream, then another with a vlan configured: Upstream(em0): inet 10.0.2.20 255.255.255.0 NONE description upstream ...
Michael Jones's user avatar
5 votes
4 answers
7k views

How do I count the number of processors on an OpenBSD system?

How can I determine the number of CPUs on an OpenBSD system, using either system tools or C code? The technique I know of to count CPUs on other BSD platforms -- checking /var/run/dmesg.boot for ...
mob's user avatar
  • 183
5 votes
3 answers
5k views

OpenBSD: Gateway outside subnet (works in Linux)

We need to set up an OpenBSD host to use a default gateway that's outside of it's subnet. This is all I need to do on Linux (not the actual IPs) to achieve it: ifconfig eth0 33.33.33.33/31 up route ...
kshade's user avatar
  • 65
5 votes
1 answer
8k views

OpenBSD: How to use `relayd` and `httpd` for redirecting subdomain requests

Situation I created the following setup on OpenBSD: So I have my OpenBSD server on 192.168.1.250 redirecting all http-requests to the host-vm on 192.168.30.2. The host-vm itself operates nginx for ...
Jan's user avatar
  • 107
5 votes
2 answers
5k views

How to block MAC address in pf firewall

I want to block particular MAC address on PF firewall. I know PF firewall works on the Layer 3 i.e it operates on the IP addresses rather than MAC address.But is there any way to block the MAC address ...
user229957's user avatar
5 votes
2 answers
459 views

Portable firewall rules for Linux and Free/Net/Open/DragonFlyBSD

I need apply the same rules (lists of IPs with allow and drop rules) in firewalls of Linux and *BSD. Do you know some application (CLI) for to convert a list of rules in the specific format of each ...
Rufo El Magufo's user avatar
5 votes
1 answer
2k views

Request multiple IP-addresses via DHCP on a single physical interface (OpenBSD)

On OpenBSD, is it possible to request multiple IP-addresses via DHCP on a single physical interface? It looks like DHCP leased addresses can't be assigned as aliases. I though of creating a virtual ...
watain's user avatar
  • 151
5 votes
1 answer
882 views

BSD 50% interrupt utilization in irq0/clock

On OpenBSD on an Atom 450, with HPET configured in the BIOS and not, also with Hyperthreading/ACPI on-off, nothing seems to make a difference. Here's my vmstat -iz # vmstat 2 procs memory ...
RandomNickName42's user avatar
4 votes
3 answers
16k views

redundant openvpn configuration

I have two openbsd nat/firewall boxes with carp for failover / high availability purposes. What would be the best possible practice to ensure that OpenVPN, which I plan on running on these boxes, ...
imaginative's user avatar
  • 1,991
4 votes
6 answers
13k views

PXE Boot - Linux server & OpenBSD client

I have an old machine here I'm trying to setup as a diskless client running OpenBSD, booting from my fedora 10 machine. I've setup tftp and dhcp and both appear to be correct, yet the client just ...
theotherreceive's user avatar
4 votes
3 answers
4k views

OpenBSD has open ports in default installation

I have been considering replacing Ubuntu with OpenBSD to improve the security on my local server. I need to have ssh access to it, and I also need it to serve static web content - so the only ports I ...
D R's user avatar
  • 143
4 votes
3 answers
7k views

NFS mount "hanging" when accessing from a server on a different subnet

Here's a problem which I am at a loss to diagnose: Our user home directories are served via NFS from an Apple XServe running Mac OS X 10.5.7. Normally they are exported to our default office subnet, "...
Kamil Kisiel's user avatar
  • 12.3k
4 votes
2 answers
14k views

Getting IPTables to properly forward NTP traffic

I have the following setup: NTP 10.21.3.169 | | 10.21.3.160 (eth1) Linux 10.0.0.67 (eth0) | | 10.0.0.65 (pcn1) OpenBSD The idea is to allow the NTPD client (not ...
Rich's user avatar
  • 1,353
4 votes
1 answer
3k views

What's the proper way to get smtpd (OpenSMTPD) to pick up changes to smtpd.conf?

I'm new to OpenBSD and in the process of learning OpenSMTPD. I would have expected some sort of "restart" option from the smtpctl command, but it only has a stop with no start which might force a ...
rcampbell's user avatar
  • 1,035
4 votes
1 answer
8k views

502 Bad Gateway Error Nginx connect() to unix:/tmp/unicorn.sock failed

This is my first question on Server Fault. I could not find a solution to this while searching the web. I am working on an OpenBSD server running Nginx, which I did not setup, that is throwing a 502 ...
jeffagraber's user avatar
4 votes
1 answer
815 views

OpenBSD Apache version 1.3.29? [closed]

I recently installed OpenBSD and went to check the version of Apache HTTPD and when I run httpd -v it tells me the version is Apache/1.3.29 (Unix). Surely this can't be right? I am using the latest ...
Sam's user avatar
  • 43
4 votes
2 answers
1k views

home, end, delete, pageup, pagedown with ksh

I want to use home, end, delete, pageup, pagedown with ksh. My TERM is xterm-color. These keys works fine with tcsh and zsh, but not with ksh (print a tilda ~) I found this: bind '^[[3'=prefix-2 ...
Nicolas's user avatar
  • 41
4 votes
1 answer
1k views

Changing PF rules on the fly to mitigate damage of DDoS (OpenBSD 6.4)

This is a two part question, really. Keep in mind that I am a developer not a system admin, but being the only employee in the company, I wear ALL the hats. I have deployed my server with two ...
Miguel's user avatar
  • 171
4 votes
3 answers
6k views

tuning tips for CPU load for OpenBSD guest on qemu-kvm Server

I have a CentOS KVM Server running 1 OpenBSD, 1 CentOS and 2 FreeBSD guests. Only the openBSD guest has a higher CPU load on the KVM Server. 8-10% on Server whilst Guest is at idle. The only service ...
Philip's user avatar
  • 41
4 votes
1 answer
170 views

pfctl in OpenBSD and FreeBSD

I've noticed that both FreeBSD and NetBSD have extra pfctl options: pfctl [-AdeghmNnOPqRrvz] But OpenBSD doesn't, it's missing around five of the extra options: pfctl [-deghnPqrvz] I would have ...
Jak's user avatar
  • 1,008
4 votes
1 answer
5k views

OpenBSD pf port forwarding multiple rules

I have a few dozen servers behind OpenBSD firewall with port forwarding. Most rules are very similar and differ only in IPs or sometimes in ports forwarded, so I want to compact them to remove ...
AlexD's user avatar
  • 10.4k
4 votes
1 answer
194 views

Is reverse DNS a good method for promoting grey IPs from trusted domains to white?

I'm trying to set up a mail server using OpenBSD, OpenSMTPD, spamd, and pf. The first problem I've encountered is that many large webmail providers - like Gmail - will retry delivery from a different ...
rcampbell's user avatar
  • 1,035
4 votes
1 answer
2k views

OpenBSD automatic filesystem check at reboot

I want my openbsd server to boot, no matter what and dont break with waiting for manual FSCKing. It's easy to do in linux, but in obsd it just doesnt want to be "auto". Last time I set the 6th,7th ...
danishd's user avatar
  • 41
4 votes
1 answer
2k views

DNSSEC and IPSec DNS Server and DNS Client Configuration

I'm about to deploy DNSSEC for some of my domains and as I was getting ready I did some reading on the subject. I came across some Microsoft Technet articles talking about Name Resolution Policy Table ...
Cromulent's user avatar
  • 340
3 votes
2 answers
9k views

dhcpd.leases file manually edit

I have OpenBSD 4.8 serving as Gateway & DHCP Server. By mistake, when reinstalling one of the workstations (it is Windows 7) it gets the same name as it was before (i.e workstation-PC). So now I ...
Zoran's user avatar
  • 161
3 votes
1 answer
3k views

Provide IPv6 to network from OpenBSD firewall

I have an OpenBSD PF firewall that I have added a IPv6 tunnel to (using HE.net tunnelbroker). I can ping/traceroute IPv6 addresses from the firewall. Now I want to provide IPv6 services to the ...
thelsdj's user avatar
  • 840
3 votes
1 answer
1k views

OpenBSD relayd forward to web server based on HTTP request path

I have two web servers running on my machine. One is listening on port 8080 and the other on 8081. $ curl http://localhost:8080 I am the API $ curl http://localhost:8081 <html> <head>&...
Ishpeck's user avatar
  • 224
3 votes
4 answers
3k views

OpenBSD and filesystem snapshots

What is the best solution, if any, for carrying out LVM style filesystem snapshots on OpenBSD?
Moo's user avatar
  • 2,264
3 votes
3 answers
803 views

ichiic0 errors on OpenBSD 4.4

I have four identical nodes built on Supermicro 1025TC-TB hardware running OpenBSD 4.4. Two of the nodes are routers and two are load balancers. Each set is running in active/passive configuration ...
sh-beta's user avatar
  • 6,848
3 votes
1 answer
4k views

Why am I getting errors in my HAProxy content switching config?

I'm migrating some infrastructure from multiple servers hosting specific sites to a load-balancing architecture using HAProxy 1.3.15.7 on OpenBSD 4.6 macppc. Naturally, I'm starting with configuring ...
morgant's user avatar
  • 1,490
3 votes
1 answer
679 views

Why can not add subversion package to my OpenBSD 4.5 machine?

I have an OpenBSD 4.5 on a virtual machine. I configured the net and my machine can connect to the OpenBSD FTP repository in Canada (ftp.openbsd.org) correctly. But when I execute this line: ...
jaloplo's user avatar
  • 255
3 votes
1 answer
441 views

Why does spampd fail with socket connection failure on openbsd?

I'm having some trouble getting spampd to work in OpenBSD. First off, if I try to specify the daemon flags in my /etc/rc.conf.local like so: spampd_flags="--port=10025 --relayhost=127.0.0.1:10027 --...
djsumdog's user avatar
  • 1,130
3 votes
1 answer
2k views

OpenBSD routing: Cannot reach gateway from IF configured to static block

When trying to set up an OpenBSD router I've run into an apparent routing problem. I have a 1U machine with 6 gigabit NICs (em0-em5). My ISP provided me with the following: xx.xx.97.246/28 static ...
Kubitz's user avatar
  • 33
3 votes
1 answer
1k views

Forcing a password change on OpenBSD

On OpenBSD 5.6 I need to provision a number of user accounts with default passwords. I would like users, upon their first SSH login, to be forced to change their passwords from the default. On CentOS ...
J.C.'s user avatar
  • 131

1
2 3 4 5