list services / restart a servicercctl ls all / rcctl restart
configure an interfacesh /etc/netstart wg1
equivalent to netstat -lpentu on linuxnetstat -f inet -t
show routing tablenetstat -rn -f inet
dump pf traffictcpdump -lenvvvi pflog0
Show logs paquet for a specific port (443)tcpdump -n -e -ttt -r /var/log/pflog port 443
show current firewall loadedipfctl -sr
check pf config syntax, but don’t load itpfctl -nf /etc/pf.conf
Reload pf configpfctl -f /etc/pf.conf
tracing under openbsdktrace -f vimtrace.out vim<br>
This generates a logfile with the process trace, that you can then parse with kdump.kdump -f vimtrace.out
add a network routeroute add -net 172.16.88.0/22 172.16.88.1
ipsec
Apply ipsec config in isakmpd
After isakmpd restart you must:ipsecctl -F to flush old rules<br>ipsecctl -f /etc/ipsec.conf
list established flowsipsecctl -sa
(nothing listed when tunnels are down).
A good ipsec guide : https://www.packetmischief.ca/~#isakmpd
if we add a new tunnel we need to turn it up by giving only the config fileipsecctl -f /etc/ipsec.conf.exo.ecom-preprod.dk2
Because if we provide global config it will overwrite existing without flushing active flows.
========
no boot after corrupt filesystemfsck_ffs /dev/sd0a<br>fsck_/ffs /dev/sd0k
on all partitions, and answer to questions
lscpu equivalentdmesg | grep -i cpu
Comments are closed