Re: dhcrelay: send_packet: No buffer space available If it's easy to do try a different network card. The only time I've ever seen that error came from a urtwn card under OpenBSD 5.7 and earlier. But Stuart knows a lot more about it than I do.
On 2/13/16, owner-m...@openbsd.org <owner-m...@openbsd.org> wrote: > The pre-dawn daily digest > Volume 1 : Issue 3715 : "text" Format > > Messages in this Issue: > Re: Kernel panic during installation > Re: Kernel panic during installation > Re: Kernel panic during installation > Re: Kernel panic during installation > Re: Kernel panic during installation > Re: Kernel panic during installation > Re: Kernel panic during installation > OpenBGPd RTBH peer with match clause on community > Re: OpenBGPd RTBH peer with match clause on community > Re: OpenBGPd RTBH peer with match clause on community > Re: NVM Express (NVMe) support status > Re: Problems using squid as transparent proxy for SSL/TLS > Re: dhcrelay: send_packet: No buffer space available > Re: dhcrelay: send_packet: No buffer space available > Re: OpenBSD5.7, hangs on ppb6 "Intel 5000 PCIE" Dell poweredge 1950 > how to mount a *dmg in -current > Re: how to mount a *dmg in -current > Re: how to mount a *dmg in -current > pfsync and table > Re: pfsync and table > Re: sshfs man page, -o idmap=user > > ---------------------------------------------------------------------- > > Date: Fri, 12 Feb 2016 07:51:34 -0500 > From: Donald Allen <donaldcal...@gmail.com> > To: misc <misc@openbsd.org> > Subject: Re: Kernel panic during installation > Message-ID: > <capstybzn2x_tioqzbs1cplm6+e6sefr+db31qzzxxbilwgt...@mail.gmail.com> > > On Feb 12, 2016 05:08, "Stefan Sperling" <s...@stsp.name> wrote: >> >> On Thu, Feb 11, 2016 at 08:42:21PM -0500, Donald Allen wrote: >> > When attempting to install the 2/8 snapshot on my Thinkpad x-250, I > chose >> > to configure the wireless network interface (iwm). This resulted in the >> > following: >> > >> > iwm0: could not read firmware iwm-7265-9 (error 2) >> > panic: attempt to execute user address 0x0 in supervisor mode >> >> Do you have a trace from ddb please? > > There was no entry to ddb. There was one additional message after the > above: > > syncing disks... done > > and that was all she wrote. (I took a photo of the screen.) > > If you have a suggestion for how to get the trace, I will certainly try to > help. Or maybe build a kernel with some additional printfs to try to > isolate where this is happening? > > > ------------------------------ > > Date: Fri, 12 Feb 2016 07:45:35 -0800 > From: Chris Cappuccio <ch...@nmedia.net> > To: Donald Allen <donaldcal...@gmail.com> > Cc: misc <misc@openbsd.org> > Subject: Re: Kernel panic during installation > Message-ID: <20160212154535.gb5...@ref.nmedia.net> > > Donald Allen [donaldcal...@gmail.com] wrote: >> On Feb 12, 2016 05:08, "Stefan Sperling" <s...@stsp.name> wrote: >> > >> > On Thu, Feb 11, 2016 at 08:42:21PM -0500, Donald Allen wrote: >> > > When attempting to install the 2/8 snapshot on my Thinkpad x-250, I >> chose >> > > to configure the wireless network interface (iwm). This resulted in >> > > the >> > > following: >> > > >> > > iwm0: could not read firmware iwm-7265-9 (error 2) >> > > panic: attempt to execute user address 0x0 in supervisor mode >> > >> > Do you have a trace from ddb please? >> >> There was no entry to ddb. There was one additional message after the >> above: >> >> syncing disks... done >> >> and that was all she wrote. (I took a photo of the screen.) >> >> If you have a suggestion for how to get the trace, I will certainly try >> to >> help. Or maybe build a kernel with some additional printfs to try to >> isolate where this is happening? > > sysctl ddb.panic=1 ?? > > > ------------------------------ > > Date: Fri, 12 Feb 2016 10:47:16 -0500 > From: Donald Allen <donaldcal...@gmail.com> > To: Chris Cappuccio <ch...@nmedia.net> > Cc: misc <misc@openbsd.org> > Subject: Re: Kernel panic during installation > Message-ID: > <capstybxc8clevfaw-zwbs9ygoaxdtbkg_3obeljaw-lnyqh...@mail.gmail.com> > > On Fri, Feb 12, 2016 at 10:45 AM, Chris Cappuccio <ch...@nmedia.net> wrote: > >> Donald Allen [donaldcal...@gmail.com] wrote: >> > On Feb 12, 2016 05:08, "Stefan Sperling" <s...@stsp.name> wrote: >> > > >> > > On Thu, Feb 11, 2016 at 08:42:21PM -0500, Donald Allen wrote: >> > > > When attempting to install the 2/8 snapshot on my Thinkpad x-250, I >> > chose >> > > > to configure the wireless network interface (iwm). This resulted in >> the >> > > > following: >> > > > >> > > > iwm0: could not read firmware iwm-7265-9 (error 2) >> > > > panic: attempt to execute user address 0x0 in supervisor mode >> > > >> > > Do you have a trace from ddb please? >> > >> > There was no entry to ddb. There was one additional message after the >> above: >> > >> > syncing disks... done >> > >> > and that was all she wrote. (I took a photo of the screen.) >> > >> > If you have a suggestion for how to get the trace, I will certainly try >> to >> > help. Or maybe build a kernel with some additional printfs to try to >> > isolate where this is happening? >> >> sysctl ddb.panic=1 ?? >> > > Ah .. thank you. I'll give it a try. > > > ------------------------------ > > Date: Fri, 12 Feb 2016 17:17:31 +0100 > From: Stefan Sperling <s...@stsp.name> > To: Donald Allen <donaldcal...@gmail.com> > Cc: Chris Cappuccio <ch...@nmedia.net>, misc <misc@openbsd.org> > Subject: Re: Kernel panic during installation > Message-ID: <20160212161731.gg...@ted.stsp.name> > > On Fri, Feb 12, 2016 at 10:47:16AM -0500, Donald Allen wrote: >> On Fri, Feb 12, 2016 at 10:45 AM, Chris Cappuccio <ch...@nmedia.net> >> wrote: >> >> > Donald Allen [donaldcal...@gmail.com] wrote: >> > > On Feb 12, 2016 05:08, "Stefan Sperling" <s...@stsp.name> wrote: >> > > > >> > > > On Thu, Feb 11, 2016 at 08:42:21PM -0500, Donald Allen wrote: >> > > > > When attempting to install the 2/8 snapshot on my Thinkpad x-250, >> > > > > I >> > > chose >> > > > > to configure the wireless network interface (iwm). This resulted >> > > > > in >> > the >> > > > > following: >> > > > > >> > > > > iwm0: could not read firmware iwm-7265-9 (error 2) >> > > > > panic: attempt to execute user address 0x0 in supervisor mode >> > > > >> > > > Do you have a trace from ddb please? >> > > >> > > There was no entry to ddb. There was one additional message after the >> > above: >> > > >> > > syncing disks... done >> > > >> > > and that was all she wrote. (I took a photo of the screen.) >> > > >> > > If you have a suggestion for how to get the trace, I will certainly >> > > try >> > to >> > > help. Or maybe build a kernel with some additional printfs to try to >> > > isolate where this is happening? >> > >> > sysctl ddb.panic=1 ?? >> > >> >> Ah .. thank you. I'll give it a try. >> > > No need. I could reproduce locally. The problem also shows up with > a GENERIC kernel when the firmware is not installed. > > For some reason, the callbacks into the wireless stack aren't hooked > up until after the firmware is loaded. There is no reason not do hook > them up ealier. This diff fixes the crash for me. > > Index: if_iwm.c > =================================================================== > RCS file: /cvs/src/sys/dev/pci/if_iwm.c,v > retrieving revision 1.77 > diff -u -p -r1.77 if_iwm.c > --- if_iwm.c 5 Feb 2016 16:08:44 -0000 1.77 > +++ if_iwm.c 12 Feb 2016 16:10:48 -0000 > @@ -6642,18 +6642,6 @@ iwm_preinit(struct iwm_softc *sc) > printf("%s: could not set MAC address (error %d)\n", > DEVNAME(sc), error); > > - ic->ic_node_alloc = iwm_node_alloc; > - > - /* Override 802.11 state transition machine. */ > - sc->sc_newstate = ic->ic_newstate; > - ic->ic_newstate = iwm_newstate; > - ic->ic_update_htprot = iwm_update_htprot; > - ic->ic_ampdu_rx_start = iwm_ampdu_rx_start; > - ic->ic_ampdu_rx_stop = iwm_ampdu_rx_stop; > -#ifdef notyet > - ic->ic_ampdu_tx_start = iwm_ampdu_tx_start; > - ic->ic_ampdu_tx_stop = iwm_ampdu_tx_stop; > -#endif > ieee80211_media_init(ifp, iwm_media_change, ieee80211_media_status); > > return 0; > @@ -6886,6 +6874,18 @@ iwm_attach(struct device *parent, struct > task_set(&sc->ba_task, iwm_ba_task, sc); > task_set(&sc->htprot_task, iwm_htprot_task, sc); > > + ic->ic_node_alloc = iwm_node_alloc; > + > + /* Override 802.11 state transition machine. */ > + sc->sc_newstate = ic->ic_newstate; > + ic->ic_newstate = iwm_newstate; > + ic->ic_update_htprot = iwm_update_htprot; > + ic->ic_ampdu_rx_start = iwm_ampdu_rx_start; > + ic->ic_ampdu_rx_stop = iwm_ampdu_rx_stop; > +#ifdef notyet > + ic->ic_ampdu_tx_start = iwm_ampdu_tx_start; > + ic->ic_ampdu_tx_stop = iwm_ampdu_tx_stop; > +#endif > /* > * We cannot read the MAC address without loading the > * firmware from disk. Postpone until mountroot is done. > > > ------------------------------ > > Date: Fri, 12 Feb 2016 15:03:46 -0500 > From: Donald Allen <donaldcal...@gmail.com> > To: Donald Allen <donaldcal...@gmail.com>, Chris Cappuccio > <ch...@nmedia.net>, misc <misc@openbsd.org> > Subject: Re: Kernel panic during installation > Message-ID: > <capstybw4gic7pcprzaqqnhifkwwgpba89h5ac_rta-pkesv...@mail.gmail.com> > > On Fri, Feb 12, 2016 at 11:17 AM, Stefan Sperling <s...@stsp.name> wrote: > >> On Fri, Feb 12, 2016 at 10:47:16AM -0500, Donald Allen wrote: >> > On Fri, Feb 12, 2016 at 10:45 AM, Chris Cappuccio <ch...@nmedia.net> >> wrote: >> > >> > > Donald Allen [donaldcal...@gmail.com] wrote: >> > > > On Feb 12, 2016 05:08, "Stefan Sperling" <s...@stsp.name> wrote: >> > > > > >> > > > > On Thu, Feb 11, 2016 at 08:42:21PM -0500, Donald Allen wrote: >> > > > > > When attempting to install the 2/8 snapshot on my Thinkpad >> x-250, I >> > > > chose >> > > > > > to configure the wireless network interface (iwm). This >> > > > > > resulted >> in >> > > the >> > > > > > following: >> > > > > > >> > > > > > iwm0: could not read firmware iwm-7265-9 (error 2) >> > > > > > panic: attempt to execute user address 0x0 in supervisor mode >> > > > > >> > > > > Do you have a trace from ddb please? >> > > > >> > > > There was no entry to ddb. There was one additional message after >> > > > the >> > > above: >> > > > >> > > > syncing disks... done >> > > > >> > > > and that was all she wrote. (I took a photo of the screen.) >> > > > >> > > > If you have a suggestion for how to get the trace, I will certainly >> try >> > > to >> > > > help. Or maybe build a kernel with some additional printfs to try >> > > > to >> > > > isolate where this is happening? >> > > >> > > sysctl ddb.panic=1 ?? >> > > >> > >> > Ah .. thank you. I'll give it a try. >> > >> >> No need. I could reproduce locally. The problem also shows up with >> a GENERIC kernel when the firmware is not installed. >> >> For some reason, the callbacks into the wireless stack aren't hooked >> up until after the firmware is loaded. There is no reason not do hook >> them up ealier. This diff fixes the crash for me. >> > > Thanks. > > I just used this exchange as an example to a friend who buys everything > Apple and then complains when their software is buggy. This is a perfect > example of how a direct negative feedback path makes software converge > quickly to correctness, something you don't get with the big proprietary > players like Apple, Microsoft, etc. > >> >> Index: if_iwm.c >> =================================================================== >> RCS file: /cvs/src/sys/dev/pci/if_iwm.c,v >> retrieving revision 1.77 >> diff -u -p -r1.77 if_iwm.c >> --- if_iwm.c 5 Feb 2016 16:08:44 -0000 1.77 >> +++ if_iwm.c 12 Feb 2016 16:10:48 -0000 >> @@ -6642,18 +6642,6 @@ iwm_preinit(struct iwm_softc *sc) >> printf("%s: could not set MAC address (error %d)\n", >> DEVNAME(sc), error); >> >> - ic->ic_node_alloc = iwm_node_alloc; >> - >> - /* Override 802.11 state transition machine. */ >> - sc->sc_newstate = ic->ic_newstate; >> - ic->ic_newstate = iwm_newstate; >> - ic->ic_update_htprot = iwm_update_htprot; >> - ic->ic_ampdu_rx_start = iwm_ampdu_rx_start; >> - ic->ic_ampdu_rx_stop = iwm_ampdu_rx_stop; >> -#ifdef notyet >> - ic->ic_ampdu_tx_start = iwm_ampdu_tx_start; >> - ic->ic_ampdu_tx_stop = iwm_ampdu_tx_stop; >> -#endif >> ieee80211_media_init(ifp, iwm_media_change, >> ieee80211_media_status); >> >> return 0; >> @@ -6886,6 +6874,18 @@ iwm_attach(struct device *parent, struct >> task_set(&sc->ba_task, iwm_ba_task, sc); >> task_set(&sc->htprot_task, iwm_htprot_task, sc); >> >> + ic->ic_node_alloc = iwm_node_alloc; >> + >> + /* Override 802.11 state transition machine. */ >> + sc->sc_newstate = ic->ic_newstate; >> + ic->ic_newstate = iwm_newstate; >> + ic->ic_update_htprot = iwm_update_htprot; >> + ic->ic_ampdu_rx_start = iwm_ampdu_rx_start; >> + ic->ic_ampdu_rx_stop = iwm_ampdu_rx_stop; >> +#ifdef notyet >> + ic->ic_ampdu_tx_start = iwm_ampdu_tx_start; >> + ic->ic_ampdu_tx_stop = iwm_ampdu_tx_stop; >> +#endif >> /* >> * We cannot read the MAC address without loading the >> * firmware from disk. Postpone until mountroot is done. > > > ------------------------------ > > Date: Fri, 12 Feb 2016 21:42:31 +0100 > From: Stefan Sperling <s...@stsp.name> > To: Donald Allen <donaldcal...@gmail.com> > Cc: Chris Cappuccio <ch...@nmedia.net>, misc <misc@openbsd.org> > Subject: Re: Kernel panic during installation > Message-ID: <20160212204231.gj...@ted.stsp.name> > > On Fri, Feb 12, 2016 at 03:03:46PM -0500, Donald Allen wrote: >> I just used this exchange as an example to a friend who buys everything >> Apple and then complains when their software is buggy. This is a perfect >> example of how a direct negative feedback path makes software converge >> quickly to correctness, something you don't get with the big proprietary >> players like Apple, Microsoft, etc. > > That's correct, and it's why we're all here. > > Make sure your friend understands that we're not trying to provide a > drop-in replacement for Apple, to avoid potential disappointment ;-) > > > ------------------------------ > > Date: Fri, 12 Feb 2016 15:54:04 -0500 > From: Donald Allen <donaldcal...@gmail.com> > To: Donald Allen <donaldcal...@gmail.com>, Chris Cappuccio > <ch...@nmedia.net>, misc <misc@openbsd.org> > Subject: Re: Kernel panic during installation > Message-ID: > <capstybwgvgzunww7tkdqwu42kh99kas__ypsq31r60yshau...@mail.gmail.com> > > On Fri, Feb 12, 2016 at 3:42 PM, Stefan Sperling <s...@stsp.name> wrote: > >> On Fri, Feb 12, 2016 at 03:03:46PM -0500, Donald Allen wrote: >> > I just used this exchange as an example to a friend who buys everything >> > Apple and then complains when their software is buggy. This is a >> > perfect >> > example of how a direct negative feedback path makes software converge >> > quickly to correctness, something you don't get with the big >> > proprietary >> > players like Apple, Microsoft, etc. >> >> That's correct, and it's why we're all here. >> >> Make sure your friend understands that we're not trying to provide a >> drop-in replacement for Apple, to avoid potential disappointment ;-) >> > > Now *I'm* disappointed. I was looking forward to the OpenBSD equivalent of > Siri, which I expected would be called Theo. Can you imagine the response > to "Theo -- where is the nearest good pizza place?". > > > ------------------------------ > > Date: Fri, 12 Feb 2016 14:23:08 +0100 > From: Laurent CARON <lca...@unix-scripts.info> > To: openbsd-misc <misc@openbsd.org> > Subject: OpenBGPd RTBH peer with match clause on community > Message-ID: <94144f87-1b86-d84d-5be3-d52657bdc...@unix-scripts.info> > > Hi, > > I'm trying to achieve the following: > > I have a RTBH peer configured (router from my ISP I access over multihop). > > Config is the following: > > group "eBGP_RTBH_COGENT" { > > remote-as 174 > holdtime 30 > holdtime min 3 > announce none > set med 325 > set localpref 50 > multihop 64 > > neighbor $COGENT_RTBH_PEER_IPv6 { > descr ev6_gw-003_to_RTBH_COGENT > local-address $COGENT_MY_IPv6 > announce IPv4 none > announce IPv6 none > } > > neighbor $COGENT_RTBH_PEER_IPv4 { > descr ev4_gw-003_to_RTBH_COGENT > local-address $COGENT_MY_IPv4 > announce IPv4 none > announce IPv6 none > } > > } > > > I have a community I defined: > COMMUNITY_RTBH="$MY_AS:666" > > When i set this community to prefixes a match clause adds the carrier > specific community to get the blackholing done on their side (easy when > the BH prefix is carried by the regular BGP session). > > Now I wonder how to send BH prefixes to this very peer in the same way. > > Thanks > > > ------------------------------ > > Date: Fri, 12 Feb 2016 15:43:09 +0100 > From: Peter Hessler <phess...@theapt.org> > To: Laurent CARON <lca...@unix-scripts.info> > Cc: openbsd-misc <misc@openbsd.org> > Subject: Re: OpenBGPd RTBH peer with match clause on community > Message-ID: <20160212144308.gb12...@gir.theapt.org> > > We also have the same RTBH service with the same provider, and this is > how we do that: > > group { > announce all > .... > } > > deny to group "BLACKHOLE" > allow to group "BLACKHOLE" community $MY_AS:666 > > (btw, they are not the fastest at removing the blackhole. Seconds for > it to apply, minutes to remove.) > > > On 2016 Feb 12 (Fri) at 14:23:08 +0100 (+0100), Laurent CARON wrote: > :Hi, > : > :I'm trying to achieve the following: > : > :I have a RTBH peer configured (router from my ISP I access over multihop). > : > :Config is the following: > : > :group "eBGP_RTBH_COGENT" { > : > : remote-as 174 > : holdtime 30 > : holdtime min 3 > : announce none > : set med 325 > : set localpref 50 > : multihop 64 > : > : neighbor $COGENT_RTBH_PEER_IPv6 { > : descr ev6_gw-003_to_RTBH_COGENT > : local-address $COGENT_MY_IPv6 > : announce IPv4 none > : announce IPv6 none > : } > : > : neighbor $COGENT_RTBH_PEER_IPv4 { > : descr ev4_gw-003_to_RTBH_COGENT > : local-address $COGENT_MY_IPv4 > : announce IPv4 none > : announce IPv6 none > : } > : > :} > : > : > :I have a community I defined: > :COMMUNITY_RTBH="$MY_AS:666" > : > :When i set this community to prefixes a match clause adds the carrier > :specific community to get the blackholing done on their side (easy when > the > :BH prefix is carried by the regular BGP session). > : > :Now I wonder how to send BH prefixes to this very peer in the same way. > : > :Thanks > : > > -- > Experience is what causes a person to make new mistakes instead of old > ones. > > > ------------------------------ > > Date: Fri, 12 Feb 2016 15:58:44 +0100 > From: Laurent CARON <lca...@unix-scripts.info> > To: misc@openbsd.org > Subject: Re: OpenBGPd RTBH peer with match clause on community > Message-ID: <11add035-7d62-9a8c-3430-56d78c6c4...@unix-scripts.info> > > Brillant. > > Works wonderfully. > > Just tried it on a spare prefix. > > Seem to be effective quite quickly. > > It blackholed traffic within 5/10 secs ans stops blackholing within > 10/20 secs from removal. > > Thanks > > On 12/02/2016 15:43, Peter Hessler wrote: >> We also have the same RTBH service with the same provider, and this is >> how we do that: >> >> group { >> announce all >> .... >> } >> >> deny to group "BLACKHOLE" >> allow to group "BLACKHOLE" community $MY_AS:666 >> >> (btw, they are not the fastest at removing the blackhole. Seconds for >> it to apply, minutes to remove.) >> >> >> On 2016 Feb 12 (Fri) at 14:23:08 +0100 (+0100), Laurent CARON wrote: >> :Hi, >> : >> :I'm trying to achieve the following: >> : >> :I have a RTBH peer configured (router from my ISP I access over >> multihop). >> : >> :Config is the following: >> : >> :group "eBGP_RTBH_COGENT" { >> : >> : remote-as 174 >> : holdtime 30 >> : holdtime min 3 >> : announce none >> : set med 325 >> : set localpref 50 >> : multihop 64 >> : >> : neighbor $COGENT_RTBH_PEER_IPv6 { >> : descr ev6_gw-003_to_RTBH_COGENT >> : local-address $COGENT_MY_IPv6 >> : announce IPv4 none >> : announce IPv6 none >> : } >> : >> : neighbor $COGENT_RTBH_PEER_IPv4 { >> : descr ev4_gw-003_to_RTBH_COGENT >> : local-address $COGENT_MY_IPv4 >> : announce IPv4 none >> : announce IPv6 none >> : } >> : >> :} >> : >> : >> :I have a community I defined: >> :COMMUNITY_RTBH="$MY_AS:666" >> : >> :When i set this community to prefixes a match clause adds the carrier >> :specific community to get the blackholing done on their side (easy when >> the >> :BH prefix is carried by the regular BGP session). >> : >> :Now I wonder how to send BH prefixes to this very peer in the same way. >> : >> :Thanks >> : > > > ------------------------------ > > Date: Fri, 12 Feb 2016 07:44:49 -0800 > From: Chris Cappuccio <ch...@nmedia.net> > To: Evgeniy Sudyr <eject.in...@gmail.com> > Cc: "misc@openbsd.org" <misc@openbsd.org>, d...@openbsd.org > Subject: Re: NVM Express (NVMe) support status > Message-ID: <20160212154449.ga5...@ref.nmedia.net> > > Evgeniy Sudyr [eject.in...@gmail.com] wrote: >> Hi all, >> >> I'm looking status of NVM Express support in -current (got Intel 750 >> consumer device >> https://www-ssl.intel.com/content/www/us/en/solid-state-drives/solid-state-drives-750-series.html >> for home desktop, but it looks like all devices are using the same >> Specification). >> >> I found 2 commits of nvme_pci.c from @dlg there: >> >> http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/nvme_pci.c >> >> But commit message sounds work is abandoned, because of problems faced. >> > > If it was abandoned, it would be in the Attic. > > Lack of progress is a matter of time and hardware access to developers. > >> It will be great to get this "awesome fast" storage support in next >> OpenBSD release(s). >> >> Anybody aware of any plans on this? >> > > Feel free to submit a patch improving it. > > > ------------------------------ > > Date: Fri, 12 Feb 2016 16:52:01 +0000 > From: Stuart Henderson <s...@spacehopper.org> > To: "C.L. Martinez" <carlopm...@gmail.com> > Cc: misc@openbsd.org > Subject: Re: Problems using squid as transparent proxy for SSL/TLS > Message-ID: <3q218257gwzd...@naiad.spacehopper.org> > > On 2016-01-04, C.L. Martinez <carlopm...@gmail.com> wrote: >> I have configured squid in an OpenBSD host acting as a transparent >> proxy. Actually all works OK for all traffic except for SSL/TLS, ex: >> port 443. >> > [..] >> >> In my squid.conf: >> >> # Squid normally listens to port 3128 >> http_port 127.0.0.1:3128 >> http_port 127.0.0.1:3129 intercept >> http_port 127.0.0.1:3130 intercept ssl-bump >> cert=/etc/squid/ssl_cert/uxdom.org.cert >> key=/etc/squid/ssl_cert/uxdom.org.private \ >> generate-host-certificates=on version=1 >> options=NO_SSLv2,NO_SSLv3,SINGLE_DH_USE > > I've figured it out now. Change http_port to https_port for the SSL > interception. You'll also want to generate DH parameters and specify > them on the ssl-bump line. > > openssl dhparam 2048 -out /etc/ssl/dh2048.pem > > https_port 127.0.0.1:3130 intercept ssl-bump cert=[...] > dhparams=/etc/ssl/dh2048.pem > > > ------------------------------ > > Date: Fri, 12 Feb 2016 16:56:48 +0000 (UTC) > From: Stuart Henderson <s...@spacehopper.org> > To: misc@openbsd.org > Subject: Re: dhcrelay: send_packet: No buffer space available > Message-ID: <slrnnbs3mg.677....@naiad.spacehopper.org> > > On 2016-02-12, Kapetanakis Giannis <bil...@edu.physics.uoc.gr> wrote: >> Hi, >> >> I have a carped firewall which is using dhcrelay to forward dhcp >> requests to another carped dhcp server. >> After upgrade to Feb 4 snapshot I'm seeing these in my logs: > > What version were you running before? > > To establish whether it's a dhcrelay problem or something to do with carp > can you try dhcrelay from slightly older source e.g. 'cvs up -D > 2016/02/01'? > > > ------------------------------ > > Date: Sat, 13 Feb 2016 12:28:40 +0200 > From: Kapetanakis Giannis <bil...@edu.physics.uoc.gr> > To: misc@openbsd.org > Subject: Re: dhcrelay: send_packet: No buffer space available > Message-ID: <56bf0558.8020...@edu.physics.uoc.gr> > > On 12/02/16 18:56, Stuart Henderson wrote: >> On 2016-02-12, Kapetanakis Giannis <bil...@edu.physics.uoc.gr> wrote: >>> Hi, >>> >>> I have a carped firewall which is using dhcrelay to forward dhcp >>> requests to another carped dhcp server. >>> After upgrade to Feb 4 snapshot I'm seeing these in my logs: >> What version were you running before? >> >> To establish whether it's a dhcrelay problem or something to do with carp >> can you try dhcrelay from slightly older source e.g. 'cvs up -D >> 2016/02/01'? >> > > The previous version was from July 2015 so it was far away from now. > I guess it will not work with current kernel and pledge(2), tame(2) > changes correct? > > G > > > ------------------------------ > > Date: Fri, 12 Feb 2016 09:12:21 -0800 > From: John Nyhuis <jnyh...@stamlab.org> > Cc: OpenBSD Misc <misc@openbsd.org> > Subject: Re: OpenBSD5.7, hangs on ppb6 "Intel 5000 PCIE" Dell poweredge > 1950 > Message-ID: <56be1275.6090...@stamlab.org> > > Thanks, I'll start running through our spare PERC5i cards and see if the > problem is affected. > > Thanks, > John Nyhuis, Director > Altius Institute for Biomedical Research > 2211 Elliott Avenue > 6th Floor, 6S139 > Seattle, WA 98121 > O: (206)-267-1091 ext 220 > F: (206)-441-3033 > > On 2/11/2016 11:44 PM, Abel Abraham Camarillo Ojeda wrote: >> On Thu, Feb 11, 2016 at 6:18 PM, John Nyhuis <jnyh...@stamlab.org> wrote: >>> We had a drive failure, and after replacement I am reinstalling our >>> bridging >>> Firewall, OpenBSD 5.7 - amd64, bsd.mp kernal. This is the same version >>> that >>> was running stably on this server before. >>> >>> HW: Dell Poweredge 1950 v2, BIOS 2.7.0 >>> >>> We made it through the install OK, but on first boot, I hang on: >>> "ppb6 at pci0 dev 3 function 0 "Intel 5000 PCIE" rev 0x12" >>> "pci7 at ppb6 bus 1" >>> >>> I've gone through the BIOS and disabled everything, including the NICs >>> which >>> I actually need for the final solution, and I still hang at the same >>> device >>> "Intel 5000 PCIE" rev 0x12" while the OS is loading. >>> >>> Google hasn't turned up much of use. >>> Any ideas? >>> -- >>> Thanks, >>> John N. >>> >> >> In my experience with this servers - poweredge 1950 - this has been >> 'fixed' by changing RAID cards, >> we keep a lot of PERC5 cards on site because of this... >> >> sometimes we have seen some 'broken capacitors' on these cards, >> so sometimes the card was broken, not some hdds >> >> regards~ > > > ------------------------------ > > Date: Fri, 12 Feb 2016 12:43:18 -0600 > From: Andrew <and...@quickstick.net> > To: misc@openbsd.org > Subject: how to mount a *dmg in -current > Message-ID: > <CANc2tpGfnxpeaNpJKBDLBaB=u+hdmwk+taopwsokppugfts...@mail.gmail.com> > > sh> file tws-stable-standalone-macosx-x64.dmg > > tws-stable-standalone-macosx-x64.dmg: Macintosh HFS Extended version 4 > data last mounted by: '10.0', created: Tue Feb 2 16:12:22 2016, last > modified: Tue Feb 2 22:12:22 20to 16, last backup: Tue Feb 2 > 22:12:22 2016, last checked: Tue Feb 2 22:12:22 2016, block size: > 4096, number of blocks: 23105, free blocks: 0 > > -- > > FWIW: The old version of this software was simply a couple *jar files > that will work flawlessly on 5.7 doing nothing more than adding jdk* > from packages. This company repackaged the *jar files using install4j > into a *dmg image. I think they also customized java somehow and > included it in the *dmg. Now I'm supposed to "click on the icon" to > unpack everything. > > Can I mount this *dmg using just -current -- or mount it by adding > something else from packages ?? Have I overlooked the obvious > solution ?? hfsplus does not work An old marc thread mentioned > dmg2img but it is not in packages, > > My current test setup is a GENERIC.MP #1847 amd64. > > Thank you in advance for any suggestions. > > > ------------------------------ > > Date: Fri, 12 Feb 2016 13:58:03 -0500 > From: Jiri B <ji...@devio.us> > To: Andrew <and...@quickstick.net> > Cc: misc@openbsd.org > Subject: Re: how to mount a *dmg in -current > Message-ID: <20160212185803.gb25...@wolfman.devio.us> > > On Fri, Feb 12, 2016 at 12:43:18PM -0600, Andrew wrote: >> sh> file tws-stable-standalone-macosx-x64.dmg >> >> tws-stable-standalone-macosx-x64.dmg: Macintosh HFS Extended version 4 >> data last mounted by: '10.0', created: Tue Feb 2 16:12:22 2016, last >> modified: Tue Feb 2 22:12:22 20to 16, last backup: Tue Feb 2 >> 22:12:22 2016, last checked: Tue Feb 2 22:12:22 2016, block size: >> 4096, number of blocks: 23105, free blocks: 0 >> >> -- >> >> FWIW: The old version of this software was simply a couple *jar files >> that will work flawlessly on 5.7 doing nothing more than adding jdk* >> from packages. This company repackaged the *jar files using install4j >> into a *dmg image. I think they also customized java somehow and >> included it in the *dmg. Now I'm supposed to "click on the icon" to >> unpack everything. >> >> Can I mount this *dmg using just -current -- or mount it by adding >> something else from packages ?? Have I overlooked the obvious >> solution ?? hfsplus does not work An old marc thread mentioned >> dmg2img but it is not in packages, >> >> My current test setup is a GENERIC.MP #1847 amd64. >> >> Thank you in advance for any suggestions. > > Have you tried p7zip? > > j. > > > ------------------------------ > > Date: Fri, 12 Feb 2016 13:14:22 -0600 > From: Andrew <and...@quickstick.net> > To: misc@openbsd.org > Subject: Re: how to mount a *dmg in -current > Message-ID: > <canc2tpgjiewjj097jubwp1ysajaywfscx2bvbo5mepxobe0...@mail.gmail.com> > > Thank you Jiri !! This works: > > sh> pkg_add p7zip > sh> 7z e *dmg > > > > On 2/12/16, Jiri B <ji...@devio.us> wrote: >> On Fri, Feb 12, 2016 at 12:43:18PM -0600, Andrew wrote: >>> sh> file tws-stable-standalone-macosx-x64.dmg >>> >>> tws-stable-standalone-macosx-x64.dmg: Macintosh HFS Extended version 4 >>> data last mounted by: '10.0', created: Tue Feb 2 16:12:22 2016, last >>> modified: Tue Feb 2 22:12:22 20to 16, last backup: Tue Feb 2 >>> 22:12:22 2016, last checked: Tue Feb 2 22:12:22 2016, block size: >>> 4096, number of blocks: 23105, free blocks: 0 >>> >>> -- >>> >>> FWIW: The old version of this software was simply a couple *jar files >>> that will work flawlessly on 5.7 doing nothing more than adding jdk* >>> from packages. This company repackaged the *jar files using install4j >>> into a *dmg image. I think they also customized java somehow and >>> included it in the *dmg. Now I'm supposed to "click on the icon" to >>> unpack everything. >>> >>> Can I mount this *dmg using just -current -- or mount it by adding >>> something else from packages ?? Have I overlooked the obvious >>> solution ?? hfsplus does not work An old marc thread mentioned >>> dmg2img but it is not in packages, >>> >>> My current test setup is a GENERIC.MP #1847 amd64. >>> >>> Thank you in advance for any suggestions. >> >> Have you tried p7zip? >> >> j. > > > ------------------------------ > > Date: Fri, 12 Feb 2016 14:21:44 -0500 > From: sven falempin <sven.falem...@gmail.com> > To: "misc@openbsd.org" <misc@openbsd.org> > Subject: pfsync and table > Message-ID: > <CA++fYEjnKthkM4FUpaztjY0MYVWQmULi=mxuamy8+9a8wsx...@mail.gmail.com> > > Hello All, Sunday is Valentine day > > I know pfsync will sync the state between two routers, sasync and other > tools will help syncing other daemon, > > Are pf table synced as well ? is it possible to ignore one table ? > > Best. > > -- > --------------------------------------------------------------------------------------------------------------------- > () ascii ribbon campaign - against html e-mail > /\ > > > ------------------------------ > > Date: Fri, 12 Feb 2016 23:20:09 +0100 > From: Peter Hessler <phess...@theapt.org> > To: sven falempin <sven.falem...@gmail.com> > Cc: "misc@openbsd.org" <misc@openbsd.org> > Subject: Re: pfsync and table > Message-ID: <20160212222008.gc12...@gir.theapt.org> > > pfsync does not sync any rules, nor tables. It only syncs states. > > You'll need to sync rules and tables on your own. > > > On 2016 Feb 12 (Fri) at 14:21:44 -0500 (-0500), sven falempin wrote: > :Hello All, Sunday is Valentine day > : > :I know pfsync will sync the state between two routers, sasync and other > :tools will help syncing other daemon, > : > :Are pf table synced as well ? is it possible to ignore one table ? > : > :Best. > : > :-- > :--------------------------------------------------------------------------------------------------------------------- > :() ascii ribbon campaign - against html e-mail > :/\ > : > > -- > Remember that whatever misfortune may be your lot, it could only be > worse in Cleveland. > -- National Lampoon, "Deteriorata" > > > ------------------------------ > > Date: Fri, 12 Feb 2016 16:13:38 -0600 > From: Daniel Boyd <dan...@boydemail.com> > To: misc@openbsd.org > Subject: Re: sshfs man page, -o idmap=user > Message-ID: > <CA+0jCOa3dE=gfmnuqrnmv4pg8fivmxyeeeawgx5ehdw6vpp...@mail.gmail.com> > > I am having this same issue. I also tried adding the -d switch > to see if that would shed any light. > > $ sshfs -d -o idmap=user ... > command-line line 0: Bad number. > remote host has disconnected > > $ sshfs -d -o idmap=file,uidfile=myuidfile,gidfile=mygidfile ... > command-line line 0: Bad number. > remote host has disconnected > > Any ideas? I'm also running 5.8. > > Thanks! > Daniel > > > ------------------------------ > > End of [misc] Daily digest, Issue 3715 (21 messages) > ********** > -- Credit is the root of all evil. - AB1JX