DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 3rd September 2009
ultranothing ultranothing is offline
New User
 
Join Date: Aug 2009
Posts: 3
Thumbs down Some Questions ??

Hi To All

I Have some question please if any one can answer them (TNX)
1- how can start,stop.restart services in openbsd(like squid,ssh,network,...) ??
in linux it is very easy to do anything but in openbsd ??

2- how we can use openbsd as cache , bandwidth controller ,,after installlation delay_pool not supported ?????? what i have to do ??

3- my new server has 4 HDD SCSI and i want to use as i said for cache-proxy ,.... . i want to use all 4 HDDs also use RAID but it is only to use one HDD (sd0,ds1,sd2,sd3) and it is only sd0 ,, it is maybe to use all or no and how ????

thanks all
Reply With Quote
  #2   (View Single Post)  
Old 3rd September 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default

Quote:
Originally Posted by ultranothing View Post
1- how can start,stop.restart services in openbsd(like squid,ssh,network,...) ??
Built-in services are started by rc(8) environment variables. The default settings are found in /etc/rc.conf, and the admin should normally make local changes to these variables in /etc/rc.conf.local. See rc.conf(5) for more information.

3rd party packages are started by scripts the admin writes in /etc/rc.local. See rc(8), again.

The network is started by rc(8). The admin may restart the entire network or an individual NIC through:
# sh /etc/netstart [nic]
Please see netstart(8), and all of FAQ 6.

For your 3rd party packages, the admin may manually stop/start daemons, or, if the application does not come with management scripts, the admin may write his/her own.
Quote:
2- how we can use openbsd as cache , bandwidth controller ,,after installlation delay_pool not supported ?????? what i have to do ??
Regarding bandwidth: I've already answered that question in your first thread: http://www.daemonforums.org/showthre...3652#post26188
The bandwidth tool is OpenBSD's Packet Filter, PF. I instructed you to read the PF Users Guide, which is part of the OpenBSD FAQ. Please read it.

Regarding cache: what kind? If HTTP, the admin typically uses Squid, which is a 3rd party package, and one you already mentioned. If you intend a cache for something other than HTTP, please restate your question.
Quote:
3- my new server has 4 HDD SCSI and i want to use as i said for cache-proxy ,.... . i want to use all 4 HDDs also use RAID but it is only to use one HDD (sd0,ds1,sd2,sd3) and it is only sd0 ,, it is maybe to use all or no and how ????
The current answer is RAIDframe. A newer technology, Softraid, is still in development and may not be suitable for production -- the only redundancy configuration is RAID1, and after a drive failure, the array must be backed up and then restored, it cannot reestablish a mirror. RAIDframe is a fully functional RAID 0/1/3/5 solution, but it requires a custom kernel. RAIDframe is described in FAQ 14, and custom kernels are described in FAQ 5. Read both, very carefully.
Reply With Quote
  #3   (View Single Post)  
Old 4th September 2009
ultranothing ultranothing is offline
New User
 
Join Date: Aug 2009
Posts: 3
Wink OpenBSD Some Question

tnx for your answers

ineed squid in openbsd for cache (http,ftp) and controlling the download files such as .zip , .tar and .... .
also i can not undestand your answer about using all 4 HDD ?? how can partioning the system with all 4 HDD ?



thanks a lot
Reply With Quote
  #4   (View Single Post)  
Old 4th September 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default

FAQ 14 is the FAQ to read for disk drive setup, configuration, and management. Have you read it, yet?

If all you want to do is add sd1, sd2, and sd3 to your system as standard disk drives, start with FAQ 14.3, which describes using fdisk(8), disklabel(8), mount(8), and fstab(5). Other parts of the FAQ will also be helpful, such as 14.1 and 14.2.

You asked, above, about using drives in a software RAID array, so you should also read FAQ 14.13. Carefully. This FAQ will discuss two software RAID technologies: RAIDframe, which I mentioned above, and ccd(8), which I did not.

The FAQ will tell you that ccd is easier to configure than RAIDframe, but that it has recoverability limitations.

Please, read the FAQ. Then, once you have read it, if you have a specific question, feel free to ask it.
Reply With Quote
  #5   (View Single Post)  
Old 4th September 2009
BSDfan666 BSDfan666 is offline
Real Name: N/A, this is the interweb.
Banned
 
Join Date: Apr 2008
Location: Ontario, Canada
Posts: 2,223
Default

softraid(4) is a little further along than jggimi mentions, it is in the default kernel after all.. unfortunately the major problem is that backwards compatibility is not a goal, and newer viewers may break on-disk structure (..forcing you to rebuild the array).

A bonus with softraid is that it is controlled and monitored with the same utilities as many of the hardware RAID controllers, bioctl(8).

There are 4 methods available, ccd(4).. raid(4) - (..aka RAIDframe).. softraid(4).. and hardware RAID controllers (..apropos RAID).

Good luck.
Reply With Quote
  #6   (View Single Post)  
Old 4th September 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,975
Default

I still don't think Softraid is ready as a production RAID environment. And I say that as a user of Softraid in production. I do so for its CRYPTO discipline, not for RAID.

It does support more than RAID 1, now, as RAID 0/4/5 were added. However, f you lose a mirror in RAID 1, or, lose a drive in a RAID 4 or RAID 5 array, the arrays will continue operating, but -- unfortunately -- recovery of the full array will requires a complete backup and restore, negating its usefulness in comparison with other RAID technologies.

RAID 0, because it has no redundancy at all (it should never have been called "RAID" by UC Berkeley), would not be a problem, since the array would have to be recreated anyway.
Reply With Quote
  #7   (View Single Post)  
Old 4th September 2009
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 3,318
Default

Quote:
Originally Posted by BSDfan666 View Post
...it is in the default kernel after all..
It is not an uncommon practice within the project to put new functionality into place (sometimes for several versions...), but not enable it until it is deemed stable enough for general usage. Although I suspect BSDfan666 is well aware of this, others reading this thread may not, & may read more into the above comment than is intended.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Questions about BSD (in general) fbsduser FreeBSD General 16 21st January 2009 02:41 PM
Silly questions about Mac OS X? tutosun Other BSD and UNIX/UNIX-like 12 31st December 2008 03:45 PM
ZFS thoughts and questions mtx FreeBSD General 3 28th November 2008 07:27 AM
FTP ruleset questions hitete OpenBSD Security 2 25th November 2008 05:30 PM
A few questions on OpenBSD? php111 OpenBSD General 24 1st November 2008 09:18 AM


All times are GMT. The time now is 11:29 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick