Protectli FW1 with Intel 82583V - Interfaces errors and latency spike issue

2020-06-08 Thread Gabri Tofano

Hi all,

I'm sending this e-mail since I have found other users in this 
mailing-list using the same device without issues.


I'm using a "Protectli FW1" with FreeBSD 12.1 amd64 as a firewall which 
is serving me with great performances and no issues at all. The 
appliance has 4 Intel Gigabit 82583V Ethernet NIC ports which are 
working very well under FreeBSD 12.1. I have used PFsense as well prior 
to FreeBSD and it worked without issues too.


I took the decision to move to OpenBSD 6.7 amd64 in order to benefit of 
the latest pf (and other) features but unfortunately the OS is giving me 
an issue which I guess is related to the NIC drivers; When I was 
connected via ssh I felt some glitches meanwhile I was typing/moving 
around with the editor, so I started to ping the inside interface from 
my wired connected pc and found out that time to time the appliance is 
responding with a 100+/200+ ms response (I have cut some 1ms reply to 
make it shorter):


Reply from 172.16.200.1: bytes=32 time=1ms TTL=254
Reply from 172.16.200.1: bytes=32 time=1ms TTL=254
Reply from 172.16.200.1: bytes=32 time=163ms TTL=254
Reply from 172.16.200.1: bytes=32 time=1ms TTL=254
Reply from 172.16.200.1: bytes=32 time=1ms TTL=254
Reply from 172.16.200.1: bytes=32 time=1ms TTL=254
Reply from 172.16.200.1: bytes=32 time=1ms TTL=254
Reply from 172.16.200.1: bytes=32 time<1ms TTL=254
Reply from 172.16.200.1: bytes=32 time=2ms TTL=254
Reply from 172.16.200.1: bytes=32 time=1ms TTL=254
Reply from 172.16.200.1: bytes=32 time<1ms TTL=254
Reply from 172.16.200.1: bytes=32 time=1ms TTL=254
Reply from 172.16.200.1: bytes=32 time<1ms TTL=254
Reply from 172.16.200.1: bytes=32 time=3ms TTL=254
Reply from 172.16.200.1: bytes=32 time=1ms TTL=254
Reply from 172.16.200.1: bytes=32 time<1ms TTL=254
Reply from 172.16.200.1: bytes=32 time=1ms TTL=254
Reply from 172.16.200.1: bytes=32 time=1ms TTL=254
Reply from 172.16.200.1: bytes=32 time=1ms TTL=254
Reply from 172.16.200.1: bytes=32 time=1ms TTL=254
Reply from 172.16.200.1: bytes=32 time=1ms TTL=254
Reply from 172.16.200.1: bytes=32 time=43ms TTL=254
Reply from 172.16.200.1: bytes=32 time=1ms TTL=254
Reply from 172.16.200.1: bytes=32 time=1ms TTL=254
Reply from 172.16.200.1: bytes=32 time<1ms TTL=254
Reply from 172.16.200.1: bytes=32 time=1ms TTL=254
Reply from 172.16.200.1: bytes=32 time<1ms TTL=254
Reply from 172.16.200.1: bytes=32 time<1ms TTL=254
Reply from 172.16.200.1: bytes=32 time<1ms TTL=254
Reply from 172.16.200.1: bytes=32 time=4ms TTL=254
Reply from 172.16.200.1: bytes=32 time=1ms TTL=254
Reply from 172.16.200.1: bytes=32 time=257ms TTL=254

With FreeBSD 12.1 is steady at <1/1ms all the time and even under load.

As an online gamer as well, I felt the glitches meanwhile playing few 
online FPS games using OpenBSD 6.7 on the appliance. Looking at the 
interface statistics on OpenBSD I found out that inbound/outbound errors 
are present (this has been taken after few minutes of a reinstall to 
test it again):


FRW-FW1# netstat -i
NameMtu   Network Address  Ipkts   IfailOpkts 
Ofail Colls
em0 1500xx:xx:xx:xx:xx:xx1317600  2351   466114
 0 0
em0 1500  74.215.235/ xxx.xxx.xxx.xxx  1317600  2351   466114
 0 0
em1 1500xx:xx:xx:xx:xx:xx39278218   1199871
 1 0
em1 1500  172.16.200. 172.16.200.1 39278218   1199871
 1 0
em2 1500xx:xx:xx:xx:xx:xx156055
 1 0
em2 1500  172.16.103/ 172.16.103.254   156055
 1 0
em3*1500xx:xx:xx:xx:xx:xx 0 0 0
 0 0
enc0*   0 0 0 0
 0 0
pflog0  33136 0 0 0
 0 0


Looking at the Cisco 3560G where the ports are connected there are no 
errors at all. I have also doublechecked the drivers and the firmware 
installed by fw_update are the following:


vmm-firmware-1.11.0p2
inteldrm-firmware-20181218
intel-firmware-20200508v0

I have done multiple reinstall with different OS to make sure that this 
is related to OpenBSD 6.7 itself and found the following:


PFsense 2.4.5: no issues at all
FreeBSD 12.1: no issues at all
OPNsense: interface errors
OpenBSD: interface errors and interface latency spikes

I have also swapped the ethernet cables and contacted Protectli which 
has confirmed that this appliance has been tested on OpenBSD (it looks 
like 6.3).


Here the dmesg output:

OpenBSD 6.7 (GENERIC.MP) #2: Thu Jun  4 09:55:08 MDT 2020

r...@syspatch-67-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP

real mem = 4163854336 (3970MB)
avail mem = 4025044992 (3838MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 3.0 @ 0xecea0 (51 entries)
bios0: vendor American Megatrends Inc. version "5.6.5" date 10/24/2018
bios0: Protectli FW1
acpi0 at bios0: ACPI 5.0
acpi0: sleep states S0 S3 S4 S5
acp

Re: pfsync interface in carp group

2020-06-08 Thread Markus Wernig
On 6/9/20 12:27 AM, Paul B. Henson wrote:

> Yes, I am using a direct link between the two physical firewalls.
[...]
> Is this no longer a best practice?

If it's in the documentation, I suppose it still is.

But I have found it problematic, because taking down one firewall, or
even only its sync interface, will automatically demote the sync
interface on the other one, which then will affect the whole carp group,
if the interface is part of that group. When I first tried carp in the
lab many, many years ago, I vaguely remember seeing effects similar to
what you describe, and have used switched sync interfaces ever since.



Re: pfsync interface in carp group

2020-06-08 Thread Paul B. Henson

On 6/8/2020 6:29 AM, Philipp Buehler wrote:


did you follow some "howto" and set net.inet.carp.preempt=1?


Well, if you consider the official openBSD documentation a "how-to", 
then yes :).


In the example in https://www.openbsd.org/faq/pf/carp.html under the 
section "Combining CARP and pfsync for Failover" it says:


! enable preemption and group interface failover
# sysctl net.inet.carp.preempt=1
# echo 'net.inet.carp.preempt=1' >> /etc/sysctl.conf

As well as in the example in 'man pfsync':

The following must also be added to /etc/sysctl.conf:

   net.inet.carp.preempt=1


One of my firewalls has newer hardware and more power than the other, it 
is the primary. If I reboot it and the load fails over to the secondary, 
I want the load to automatically come back to the primary once it is 
available again.


Thanks…



Re: sane-backends permission problems

2020-06-08 Thread Predrag Punosevac
Predrag Punosevac wrote:

> Hi Misc,
> 
> I am trying for the first time to scan a document on
> 
> predrag@oko$ uname -a
> OpenBSD oko.int.bagdala2.net 6.7 GENERIC.MP#2 amd64
> 
> Can somebody familiar with the changes in permissions between releases
> and 6.6 and 6.7 help me out how to enable scanning for a non root user
> This is what I am talking about
> 
> predrag@oko$ scanimage -L
> 
> No scanners were identified. If you were expecting something different,
> check that the scanner is plugged in, turned on and detected by the
> sane-find-scanner tool (if appropriate). Please read the documentation
> which came with this software (README, FAQ, manpages).
> 
> 
> now as a root
> 
> predrag@oko$ doas scanimage -L
> doas (pred...@oko.int.bagdala2.net) password: 
> device `snapscan:libusb:000:003' is a EPSON EPSON Scanner flatbed
> scanner
> 
> 
> I can confirm that the scanning works as expected on 6.7 minus
> permission problem. Actually even changing permission on /dev/ugen* from
> current 600 to 660 (as it was on 6.6) would not allow me to use XSane
> for scanning.
> 
> Cheers,
> Predrag

Solved per pkg-readme of course :-)

predrag@oko$ pwd   
/usr/local/share/doc/pkg-readmes
predrag@oko$ cat sane-backends 
$OpenBSD: README,v 1.17 2019/12/14 13:02:28 ajacoutot Exp $

+---
| Running sane-backends on OpenBSD
+---

First read /usr/local/share/doc/sane-backends/PROBLEMS.

USB
===
Since USB scanning will be handled by libusb, you need to allow
the user access to the corresponding USB endpoint. To do so, find
where your scanner is attached to using:
$ usbdevs -v
then change the ownerships accordingly.

e.g.
  
Controller /dev/usb0:
  
<...>
  
addr 05: 03f0:4812 HP, Officejet 7500 E910
  
 high speed, self powered, config 1, rev 1.00, iSerialNumber
MY2793100Q05JB
 driver: umass0
  
 driver: ugen1
  

  
# chown  /dev/ugen1.* /dev/usb0

To preserve your changes after a system update, use rc.local(8).
Alternatively, hotplugd(8) attach/detach scripts can automate this.

You can grant multiple users direct access to the scanner by adding them
to the
_saned group and allowing access to its ugen(4) device.
e.g. chgrp _saned /dev/ugen1.* && chmod 660 /dev/ugen1.*



Re: pfsync interface in carp group

2020-06-08 Thread Paul B. Henson

On 6/7/2020 5:21 PM, Markus Wernig wrote:


I don't see that behaviour on my carp pair. Are you using a cross-link
cable between the two firewalls? (You shouldn't, in my experience.)


Yes, I am using a direct link between the two physical firewalls. It 
seems to be the configuration recommended by the documentation?


https://www.openbsd.org/faq/pf/carp.html

"The firewalls are connected back-to-back using a crossover cable on em1."

As well as in 'man pfsync':

"Only run the pfsync protocol on a trusted network - ideally a network 
dedicated to pfsync messages such as a crossover cable between two 
firewalls."


"A crossover cable connects the two firewalls via their sis2 interfaces."

Is this no longer a best practice?



Re: iked keeps reconnecting every 8 minutes

2020-06-08 Thread Tobias Heider
On Mon, Jun 08, 2020 at 05:28:48PM +, Leclerc, Sebastien wrote:
> After an upgrade to 6.7 on amd64 this weekend, iked keeps reconnecting every 
> 8 minutes, but only for one tunnel, to a Watchguard firewall. The tunnel has 
> been functioning properly for 5 years. Other tunnels to OpenBSD devices do 
> not reconnect every 8 minutes. I confirmed there a no dropped packets by pf. 
> Here is part of the log (anonymized) :
> 
> Jun  8 12:10:22 hv-fw-inf-02 iked[50153]: ikev2_init_ike_sa: initiating 
> "TUNNELNAME"
> Jun  8 12:10:22 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: send 
> IKE_SA_INIT req 0 peer 192.0.2.199:500 local 192.0.2.2:500, 334 bytes
> Jun  8 12:10:22 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: recv 
> IKE_SA_INIT res 0 peer 192.0.2.199:500 local 192.0.2.2:500, 296 bytes, policy 
> 'TUNNELNAME'
> Jun  8 12:10:22 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: send 
> IKE_AUTH req 1 peer 192.0.2.199:500 local 192.0.2.2:500, 252 bytes
> Jun  8 12:10:22 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: recv 
> IKE_AUTH res 1 peer 192.0.2.199:500 local 192.0.2.2:500, 204 bytes, policy 
> 'TUNNELNAME'
> Jun  8 12:10:22 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: 
> ikev2_childsa_enable: loaded SPIs: 0x4cd06a6a, 0xa749d359
> Jun  8 12:10:22 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: 
> ikev2_childsa_enable: loaded flows: ESP-10.0.1.0/24=10.0.100.0/24(0), 
> ESP-10.0.1.0/24=10.0.150.0/24(0), ESP-192.0.2.2/32=192.0.2.199/32(0)
> Jun  8 12:10:22 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: established 
> peer 192.0.2.199:500[IPV4/192.0.2.199] local 192.0.2.2:500[IPV4/192.0.2.2] 
> policy 'TUNNELNAME' as initiator
> Jun  8 12:15:24 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: retransmit 
> 1 INFORMATIONAL req 2 peer 192.0.2.199:500 local 192.0.2.2:500
> Jun  8 12:15:28 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: retransmit 
> 2 INFORMATIONAL req 2 peer 192.0.2.199:500 local 192.0.2.2:500
> Jun  8 12:15:36 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: retransmit 
> 3 INFORMATIONAL req 2 peer 192.0.2.199:500 local 192.0.2.2:500
> Jun  8 12:15:52 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: retransmit 
> 4 INFORMATIONAL req 2 peer 192.0.2.199:500 local 192.0.2.2:500
> Jun  8 12:16:24 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: retransmit 
> 5 INFORMATIONAL req 2 peer 192.0.2.199:500 local 192.0.2.2:500
> Jun  8 12:17:28 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: sa_free: 
> retransmit limit reached
> Jun  8 12:18:22 hv-fw-inf-02 iked[50153]: ikev2_init_ike_sa: initiating 
> "TUNNELNAME"
> Jun  8 12:18:22 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: send 
> IKE_SA_INIT req 0 peer 192.0.2.199:500 local 192.0.2.2:500, 334 bytes
> Jun  8 12:18:22 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: recv 
> IKE_SA_INIT res 0 peer 192.0.2.199:500 local 192.0.2.2:500, 296 bytes, policy 
> 'TUNNELNAME'
> Jun  8 12:18:22 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: send 
> IKE_AUTH req 1 peer 192.0.2.199:500 local 192.0.2.2:500, 252 bytes
> Jun  8 12:18:22 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: recv 
> IKE_AUTH res 1 peer 192.0.2.199:500 local 192.0.2.2:500, 204 bytes, policy 
> 'TUNNELNAME'
> Jun  8 12:18:22 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: 
> ikev2_childsa_enable: loaded SPIs: 0x4cd06a6b, 0xf20c662c
> Jun  8 12:18:22 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: 
> ikev2_childsa_enable: loaded flows: ESP-10.0.1.0/24=10.0.100.0/24(0), 
> ESP-10.0.1.0/24=10.0.150.0/24(0), ESP-192.0.2.2/32=192.0.2.199/32(0)
> Jun  8 12:18:22 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: established 
> peer 192.0.2.199:500[IPV4/192.0.2.199] local 192.0.2.2:500[IPV4/192.0.2.2] 
> policy 'TUNNELNAME' as initiator
> Jun  8 12:23:24 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: retransmit 
> 1 INFORMATIONAL req 2 peer 192.0.2.199:500 local 192.0.2.2:500
> Jun  8 12:23:28 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: retransmit 
> 2 INFORMATIONAL req 2 peer 192.0.2.199:500 local 192.0.2.2:500
> Jun  8 12:23:37 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: retransmit 
> 3 INFORMATIONAL req 2 peer 192.0.2.199:500 local 192.0.2.2:500
> Jun  8 12:23:53 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: retransmit 
> 4 INFORMATIONAL req 2 peer 192.0.2.199:500 local 192.0.2.2:500
> Jun  8 12:24:25 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: retransmit 
> 5 INFORMATIONAL req 2 peer 192.0.2.199:500 local 192.0.2.2:500
> Jun  8 12:25:29 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: sa_free: 
> retransmit limit reached
>  
> And here is the configuration of the tunnel : 
> 
> ikev2 "TUNNELNAME" active esp \
>   from 10.0.1.0/24 to 10.0.100.0/24 \
>   from 10.0.1.0/24 to 10.0.150.0/24 \
>   from 192.0.2.2/32 to 192.0.2.199/32 \
>   local 192.0.2.2 peer 192.0.2.199 \
>   ikesa auth hmac-sha1 enc aes-128 group grp5 \
>   childsa auth hmac-sha1 enc aes-128 group grp5 \
>   srcid 192.0.2.2 dsti

Input Filter and LPD

2020-06-08 Thread Predrag Punosevac
It seems that there is another change on 6.7 perhaps among packages
which broke printing for me. I am using built in LPD to print onto the
network connected Brother HL-5250DN. I am getting row PostScript output
on the printer instead of the document.

This is the relevant printcap entry

rp|HL-5250DN:\
:lp=9100@192.168.3.15:\
:if=/etc/foomatic-rip/script_brother.sh:\
:sh:sd=/var/spool/output/brother:\
:lf=/var/log/lpd-errs:

Note that I am using jetdirect protocol since foomatic-rip doesn't speak
LPD.

This is my magic input filter (if) script which was needed after the
support for LPD was removed from foomatic-rip

#!/bin/sh

/usr/local/bin/a2ps -BRq --columns=1 -o - | \
/usr/local/bin/foomatic-rip -P HL-5250DN --ppd \
/etc/foomatic-rip/direct/brother-hl-5250dn-postscript-brother.ppd

and this is the relevant /usr/local/share/doc/pkg-readmes/cups-filters
paragraph

Input filter script
---
Non-postscript files must be converted before being sent to
foomatic-rip(1). Several packages can be used for that, a2ps being the
most complete.
Note that a2ps(1) requires external helper tools for converting files.
They can be configured under /etc/a2ps{,-site}.cfg. By default,
converting images requires the ImageMagick package.

Here's a sample converter script:

---8<---
#!/bin/sh

/usr/local/bin/a2ps -BRq --columns=1 -o - | \
/usr/local/bin/foomatic-rip -P samsung-ml2850d
---8<---

Additional options can be passed to foomatic-rip(1).
e.g.
- to print in duplex mode: -o duplex
- to set the page size to letter: -o pagesize=letter

Default options can be set by editing the PPD file.

To use the above script as an input filter for lpd(8), see the next
sections (make sure the script is executable).

lpd(8): USB printer printcap(5) example
---
lp|samsung|Samsung-ML-2850D:\
:lp=/dev/ulpt0:\
:if=/path/to/script.sh:\
:sd=/var/spool/output:\
:lf=/var/log/lpd-errs:\
:sh:

lpd(8): network printer printcap(5) example
---
rp|samsung|Samsung-ML-2850D:\
:lp=9100@1.2.3.4:\
:if=/path/to/script.sh:\
:sd=/var/spool/output:\
:lf=/var/log/lpd-errs:\
:sh:
(where 1.2.3.4 is the printer IP address and 9100 the printer stream
port)

foomatic-rip(1) does *not* speak LPD (port 515).
If the printer does not support raw printing over port 9100, it must be
setup locally on a print server (see above for an example using USB)
then accessed over LPD by the clients (there is no need to setup any
print filter on the clients since it will run on the print server).


What am I missing?

Predrag



Re: Getting HDMI Events

2020-06-08 Thread Switch 1024
On Mon, 8 Jun 2020 at 13:51, Marcus MERIGHI  wrote:

> Sorry to hear that; I just made sure that "it works for me", on amd64
> -current. dmesg below.
>
> marcus

OK, thanks for the Info, maybe I have to check the driver, although my
C is very rusty :-)

best
Rai

p.s. my complete dmesg:
OpenBSD 6.7 (GENERIC.MP) #2: Thu Jun  4 09:55:08 MDT 2020

r...@syspatch-67-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 8452829184 (8061MB)
avail mem = 8184029184 (7804MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xbcd3d000 (60 entries)
bios0: vendor LENOVO version "GRET63WW (1.40 )" date 03/27/2020
bios0: LENOVO 20A8S00C00
acpi0 at bios0: ACPI 5.0
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP SLIC DBGP ECDT HPET APIC MCFG SSDT SSDT SSDT
SSDT SSDT SSDT SSDT PCCT SSDT UEFI MSDM ASF! BATB FPDT UEFI BGRT DMAR
acpi0: wakeup devices LID_(S4) SLPB(S3) IGBE(S4) EXP2(S4) XHCI(S3) EHC1(S3)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpiec0 at acpi0
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i7-4600U CPU @ 2.10GHz, 1995.69 MHz, 06-45-01
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,MELTDOWN
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 99MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Core(TM) i7-4600U CPU @ 2.10GHz, 1995.38 MHz, 06-45-01
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,MELTDOWN
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 1, core 0, package 0
cpu2 at mainbus0: apid 2 (application processor)
cpu2: Intel(R) Core(TM) i7-4600U CPU @ 2.10GHz, 1995.38 MHz, 06-45-01
cpu2: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,MELTDOWN
cpu2: 256KB 64b/line 8-way L2 cache
cpu2: smt 0, core 1, package 0
cpu3 at mainbus0: apid 3 (application processor)
cpu3: Intel(R) Core(TM) i7-4600U CPU @ 2.10GHz, 1995.38 MHz, 06-45-01
cpu3: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,MELTDOWN
cpu3: 256KB 64b/line 8-way L2 cache
cpu3: smt 1, core 1, package 0
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 40 pins
acpimcfg0 at acpi0
acpimcfg0: addr 0xf800, bus 0-63
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (PEG_)
acpiprt2 at acpi0: bus 2 (EXP1)
acpiprt3 at acpi0: bus 3 (EXP2)
acpiprt4 at acpi0: bus -1 (EXP3)
acpicpu0 at acpi0: C3(200@506 mwait.1@0x60), C2(200@148 mwait.1@0x33),
C1(1000@1 mwait.1), PSS
acpicpu1 at acpi0: C3(200@506 mwait.1@0x60), C2(200@148 mwait.1@0x33),
C1(1000@1 mwait.1), PSS
acpicpu2 at acpi0: C3(200@506 mwait.1@0x60), C2(200@148 mwait.1@0x33),
C1(1000@1 mwait.1), PSS
acpicpu3 at acpi0: C3(200@506 mwait.1@0x60), C2(200@148 mwait.1@0x33),
C1(1000@1 mwait.1), PSS
acpipwrres0 at acpi0: PUBS, resource for XHCI, EHC1
acpitz0 at acpi0: critical temperature is 200 degC
dwiic0 at acpi0 I2C1 addr 0xfe105000/0x1000 irq 7
iic0 at dwiic0
"CPLM3218" at iic0 addr 0x48 not configured
acpibtn0 at acpi0: LID_
acpibtn1 at acpi0: SLPB
acpipci0 at acpi0 PCI0: 0x 0x0011 0x0001
acpicmos0 at acpi0
acpibat0 at acpi0: BAT0 model "45N1701" serial 10421 type LiP oem "SONY"
acpiac0 at acpi0: AC unit online
acpithinkpad0 at acpi0: version 2.0
"PNP0C14" at acpi0 not configured
"PNP0C14" at acpi0 not configured
"PNP0C14" at acpi0 not configured
"I

sane-backends permission problems

2020-06-08 Thread Predrag Punosevac
Hi Misc,

I am trying for the first time to scan a document on

predrag@oko$ uname -a
OpenBSD oko.int.bagdala2.net 6.7 GENERIC.MP#2 amd64

Can somebody familiar with the changes in permissions between releases
and 6.6 and 6.7 help me out how to enable scanning for a non root user
This is what I am talking about

predrag@oko$ scanimage -L

No scanners were identified. If you were expecting something different,
check that the scanner is plugged in, turned on and detected by the
sane-find-scanner tool (if appropriate). Please read the documentation
which came with this software (README, FAQ, manpages).


now as a root

predrag@oko$ doas scanimage -L
doas (pred...@oko.int.bagdala2.net) password: 
device `snapscan:libusb:000:003' is a EPSON EPSON Scanner flatbed
scanner


I can confirm that the scanning works as expected on 6.7 minus
permission problem. Actually even changing permission on /dev/ugen* from
current 600 to 660 (as it was on 6.6) would not allow me to use XSane
for scanning.

Cheers,
Predrag



iked keeps reconnecting every 8 minutes

2020-06-08 Thread Leclerc, Sebastien
After an upgrade to 6.7 on amd64 this weekend, iked keeps reconnecting every 8 
minutes, but only for one tunnel, to a Watchguard firewall. The tunnel has been 
functioning properly for 5 years. Other tunnels to OpenBSD devices do not 
reconnect every 8 minutes. I confirmed there a no dropped packets by pf. Here 
is part of the log (anonymized) :

Jun  8 12:10:22 hv-fw-inf-02 iked[50153]: ikev2_init_ike_sa: initiating 
"TUNNELNAME"
Jun  8 12:10:22 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: send 
IKE_SA_INIT req 0 peer 192.0.2.199:500 local 192.0.2.2:500, 334 bytes
Jun  8 12:10:22 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: recv 
IKE_SA_INIT res 0 peer 192.0.2.199:500 local 192.0.2.2:500, 296 bytes, policy 
'TUNNELNAME'
Jun  8 12:10:22 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: send IKE_AUTH 
req 1 peer 192.0.2.199:500 local 192.0.2.2:500, 252 bytes
Jun  8 12:10:22 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: recv IKE_AUTH 
res 1 peer 192.0.2.199:500 local 192.0.2.2:500, 204 bytes, policy 'TUNNELNAME'
Jun  8 12:10:22 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: 
ikev2_childsa_enable: loaded SPIs: 0x4cd06a6a, 0xa749d359
Jun  8 12:10:22 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: 
ikev2_childsa_enable: loaded flows: ESP-10.0.1.0/24=10.0.100.0/24(0), 
ESP-10.0.1.0/24=10.0.150.0/24(0), ESP-192.0.2.2/32=192.0.2.199/32(0)
Jun  8 12:10:22 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: established 
peer 192.0.2.199:500[IPV4/192.0.2.199] local 192.0.2.2:500[IPV4/192.0.2.2] 
policy 'TUNNELNAME' as initiator
Jun  8 12:15:24 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: retransmit 1 
INFORMATIONAL req 2 peer 192.0.2.199:500 local 192.0.2.2:500
Jun  8 12:15:28 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: retransmit 2 
INFORMATIONAL req 2 peer 192.0.2.199:500 local 192.0.2.2:500
Jun  8 12:15:36 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: retransmit 3 
INFORMATIONAL req 2 peer 192.0.2.199:500 local 192.0.2.2:500
Jun  8 12:15:52 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: retransmit 4 
INFORMATIONAL req 2 peer 192.0.2.199:500 local 192.0.2.2:500
Jun  8 12:16:24 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: retransmit 5 
INFORMATIONAL req 2 peer 192.0.2.199:500 local 192.0.2.2:500
Jun  8 12:17:28 hv-fw-inf-02 iked[50153]: spi=0x73cd01a5c65aa870: sa_free: 
retransmit limit reached
Jun  8 12:18:22 hv-fw-inf-02 iked[50153]: ikev2_init_ike_sa: initiating 
"TUNNELNAME"
Jun  8 12:18:22 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: send 
IKE_SA_INIT req 0 peer 192.0.2.199:500 local 192.0.2.2:500, 334 bytes
Jun  8 12:18:22 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: recv 
IKE_SA_INIT res 0 peer 192.0.2.199:500 local 192.0.2.2:500, 296 bytes, policy 
'TUNNELNAME'
Jun  8 12:18:22 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: send IKE_AUTH 
req 1 peer 192.0.2.199:500 local 192.0.2.2:500, 252 bytes
Jun  8 12:18:22 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: recv IKE_AUTH 
res 1 peer 192.0.2.199:500 local 192.0.2.2:500, 204 bytes, policy 'TUNNELNAME'
Jun  8 12:18:22 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: 
ikev2_childsa_enable: loaded SPIs: 0x4cd06a6b, 0xf20c662c
Jun  8 12:18:22 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: 
ikev2_childsa_enable: loaded flows: ESP-10.0.1.0/24=10.0.100.0/24(0), 
ESP-10.0.1.0/24=10.0.150.0/24(0), ESP-192.0.2.2/32=192.0.2.199/32(0)
Jun  8 12:18:22 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: established 
peer 192.0.2.199:500[IPV4/192.0.2.199] local 192.0.2.2:500[IPV4/192.0.2.2] 
policy 'TUNNELNAME' as initiator
Jun  8 12:23:24 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: retransmit 1 
INFORMATIONAL req 2 peer 192.0.2.199:500 local 192.0.2.2:500
Jun  8 12:23:28 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: retransmit 2 
INFORMATIONAL req 2 peer 192.0.2.199:500 local 192.0.2.2:500
Jun  8 12:23:37 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: retransmit 3 
INFORMATIONAL req 2 peer 192.0.2.199:500 local 192.0.2.2:500
Jun  8 12:23:53 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: retransmit 4 
INFORMATIONAL req 2 peer 192.0.2.199:500 local 192.0.2.2:500
Jun  8 12:24:25 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: retransmit 5 
INFORMATIONAL req 2 peer 192.0.2.199:500 local 192.0.2.2:500
Jun  8 12:25:29 hv-fw-inf-02 iked[50153]: spi=0xa84faba012c73dce: sa_free: 
retransmit limit reached

And here is the configuration of the tunnel : 

ikev2 "TUNNELNAME" active esp \
from 10.0.1.0/24 to 10.0.100.0/24 \
from 10.0.1.0/24 to 10.0.150.0/24 \
from 192.0.2.2/32 to 192.0.2.199/32 \
local 192.0.2.2 peer 192.0.2.199 \
ikesa auth hmac-sha1 enc aes-128 group grp5 \
childsa auth hmac-sha1 enc aes-128 group grp5 \
srcid 192.0.2.2 dstid 192.0.2.199 \
ikelifetime 28800 \
psk THISISTHEPSK

Other tunnels have basically the same configuration, only omitting ikesa, 
childsa and ikelifetime parameters.
I don't have control over the Watchgua

Re: Potential awk bug?

2020-06-08 Thread Todd C . Miller
On Sun, 07 Jun 2020 17:02:03 -0700, Jordan Geoghegan wrote:

> Thanks for the quick response. I certainly wasn't expecting to find an 
> ancient bug like this. Should I be reporting this bug upstream, or are 
> you planning on upstreaming a diff?

I've created a pull request to fix this upstream:
https://github.com/onetrueawk/awk/pull/80

 - todd



connecting with bwfm(4) to AP takes a long time

2020-06-08 Thread Peter J. Philipp
Hi,

My bwfm(4) device does not connect to my parents AVM Fritz!box 7950 all too
great.  I recently flashed to the Labor version on this device hoping it would
improve but I didn't see an improvement.

I noticed with tcpdump that packets go through, but it doesn't go out, at
least the fritzbox doesn't receive anything.  (there is no pf rules other
than the default).

This is my /etc/hostname.bwfm0, that I have edited a little for paste...

nwid SOME387 bssid dc:XX:XX:XX:XX:XX wpakey "something" nwflag stayauth 
inet 192.168.178.28/24
!/root/bin/setpromisc

The setpromisc.c program I wrote for this because I noticed that after running
tcpdump sometimes it would make ping get a reply.  It looks like this:


#include 
#include 
#include 

#include 
#include 

#include 
#include 
#include 

#include 
#include 

int
main(void)
{
struct ifreq ifr;
short flags = 0;
int so;

so = socket(AF_INET, SOCK_DGRAM, 0);
if (so == -1) {
err(1, "socket");
}

memset(&ifr, 0, sizeof(ifr));

strlcpy((char *)&ifr.ifr_name, "bwfm0", sizeof(ifr.ifr_name));

if (ioctl(so, SIOCGIFFLAGS, &ifr, sizeof(ifr)) == -1) {
err(1, "ioctl");
}

flags = ifr.ifr_flags;
flags |= IFF_PROMISC;

ifr.ifr_flags = flags;

if (ioctl(so, SIOCSIFFLAGS, &ifr, sizeof(ifr)) == -1) {
err(1, "ioctl");
}

close(so);

return 0;
}

But making the interface promiscuous may help a little but it still takes
about 5 minutes to get 'net.  I have used the stayauth option to make sure
that it isn't being deauth'ed from anywhere.

All other devices in my parents household work, except I'm monkeying around
with my box trying to get it to work properly.  If you can spot a mistake in
my config let me know.  Thanks!

Also this MBP worked flawlessly with the Fritz!Box on a snapshot a few weeks
before the release where I'm still at.  I had reinstalled from scratch with
the new release and this is the 67 base signify checksum I have:

untrusted comment: openbsd 6.7 base public key
RWRmkIA877Io3oCILSZoJGhAswifJbFK4r18ICoia+3c0PfwANueolNj

I'm not sure if this is the correct sum.  But it's the same sum on all my
6.7 devices.

dmesg follows,

-peter


OpenBSD 6.7 (GENERIC.MP) #2: Thu Jun  4 09:55:08 MDT 2020

r...@syspatch-67-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 17059287040 (16269MB)
avail mem = 16529657856 (15763MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.7 @ 0x8afac000 (32 entries)
bios0: vendor Apple Inc. version "186.0.0.0.0" date 06/14/2019
bios0: Apple Inc. MacBookPro12,1
acpi0 at bios0: ACPI 5.0
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP HPET APIC SBST ECDT SSDT SSDT SSDT SSDT SSDT SSDT SSDT 
SSDT DMAR MCFG
acpi0: wakeup devices PEG0(S3) EC__(S3) HDEF(S3) RP01(S3) RP02(S3) RP03(S4) 
ARPT(S4) RP05(S3) RP06(S3) SPIT(S3) XHC1(S3) ADP1(S3) LID0(S3)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i5-5287U CPU @ 2.90GHz, 2800.49 MHz, 06-3d-04
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,PT,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,MELTDOWN
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 100MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Core(TM) i5-5287U CPU @ 2.90GHz, 2800.02 MHz, 06-3d-04
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,PT,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,MELTDOWN
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 1 (application processor)
cpu2: Intel(R) Core(TM) i5-5287U CPU @ 2.90GHz, 2800.02 MHz, 06-3d-04
cpu2: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,

Re: Privoxy crashes on one OpenBSD machine but not another

2020-06-08 Thread Sebastien Marie
Hi,

A fix has been commited.

Thanks for investigated the problem and provided a test case. It was very
useful to properly found the state corruption.

-- 
Sebastien Marie

On Wed, Jun 03, 2020 at 07:22:52PM +0200, Fabian Keil wrote:
> TJ  wrote:
> 
> > I'm migrating my system configs from one OpenBSD machine (Pentium 4) to
> > another (Core 2 Duo).
> > 
> > I noticed unpredictable crashes of the Privoxy package when run and used
> > on the C2D computer. These crashes don't occur on the P4 at all, with
> > the same traffic.
> 
> I tried to reproduce the crashes with OpenBSD 6.7 amd64
> and Privoxy 3.0.29 built from git and Privoxy reliably
> crashes when executing a regression test ...
> 
> The crash I encountered seems to be triggered by long
> host names resolved from a thread.
> 
> Here's a reduced test case:
> 
> openbsd$ cat resolve.c 
> #include 
> #include 
> #include 
> #include 
> #include 
> #include 
> 
> pthread_mutex_t mutex;
> 
> void resolve(char *host) {
> int error;
> error = pthread_mutex_lock(&mutex);
> if (error) {
> printf("Locking failed: %s", strerror(error));
> exit(1);
> }
> printf("Calling gethostbyname with %s\n", host);
> gethostbyname(host);
> pthread_mutex_unlock(&mutex);
> }
> 
> int main(int argc, char **argv) {
> pthread_t the_thread;
> pthread_attr_t attrs;
> int i;
> 
> if (!argc) {
> printf("No argument to resolve given\n");
> exit(1);
> }
> 
> pthread_attr_init(&attrs);
> pthread_attr_setdetachstate(&attrs, PTHREAD_CREATE_DETACHED);
> 
> pthread_mutex_init(&mutex, NULL);
> 
> for (i = 0; i < 3; i++) {
> pthread_create(&the_thread, &attrs, (void * (*)(void *))resolve, 
> argv[1]);
> }
> 
> sleep(1);
> 
> exit(0);
> }
> openbsd$ clang -pthread -ggdb -Wall -o resolve resolve.c 
> openbsd$ ./resolve 
> AAA.example.org
> Calling gethostbyname with 
> AAA.example.org
> Calling gethostbyname with 
> AAA.example.org
> Calling gethostbyname with 
> AAA.example.org
> openbsd$ ./resolve 
> .example.org
> Calling gethostbyname with 
> .example.org
> Segmentation fault (core dumped) 
> openbsd$ egdb resolve resolve.core
> GNU gdb (GDB) 7.12.1
> Copyright (C) 2017 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later 
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
> and "show warranty" for details.
> This GDB was configured as "x86_64-unknown-openbsd6.7".
> Type "show configuration" for configuration details.
> For bug reporting instructions, please see:
> .
> Find the GDB manual and other documentation resources online at:
> .
> For help, type "help".
> Type "apropos word" to search for commands related to "word"...
> Reading symbols from resolve...done.
> [New process 616459]
> [New process 145207]
> [New process 578084]
> [New process 517316]
> Core was generated by `resolve'.
> Program terminated with signal SIGSEGV, Segmentation fault.
> #0  0x031a025d201d in unpack_data (p=0x31a6a754b40, data=0x31a6a754b70, 
> len=12) at /usr/src/lib/libc/asr/asr_utils.c:193
> 193   /usr/src/lib/libc/asr/asr_utils.c: No such file or directory.
> [Current thread is 1 (process 616459)]
> (gdb) where
> #0  0x031a025d201d in unpack_data (p=0x31a6a754b40, data=0x31a6a754b70, 
> len=12) at /usr/src/lib/libc/asr/asr_utils.c:193
> #1  _asr_unpack_header (p=0x31a6a754b40, h=0x31a6a754b70) at 
> /usr/src/lib/libc/asr/asr_utils.c:257
> #2  0x031a0265db34 in hostent_from_packet (reqtype=3, family=2, 
> pkt=, pktlen=) at 
> /usr/src/lib/libc/asr/gethostnamadr_async.c:463
> #3  gethostnamadr_async_run (as=, ar=) at 
> /usr/src/lib/libc/asr/gethostnamadr_async.c:305
> #4  0x031a02603308 in _libc_asr_run (as=0x319e01a2e00, ar=0x31a6a754c70) 
> at /usr/src/lib/libc/asr/asr.c:176
> #5  _libc_asr_run_sync (as=0x319e01a2e00, ar=0x31a6a754c70) at 
> /usr/src/lib/libc/asr/asr.c:223
> #6  0x031a025f994e in _gethostbyname (name=0x7f7d01ba 'A'  times>, ".example.org", af=2, ret=, buflen=4096, 
> h_errnop=, buf=)
> at /usr/src/lib/libc/asr/gethostnamadr.c:119
> #7  _libc_gethostbyname2 (name=0x7f7d01ba 'A' , 
> ".example.org", af=2) at /usr/src/lib/libc/asr/gethostnamadr.c:154
> #8  0x0317d0a323c4 in resolve (host=0x7f7d01ba 'A'  times>, ".example.org") at resolve.c:18
> #9  0x031ab56970d1 in _rthread_start (v=) at 
> /usr/src/lib/librthread/rthread.c:96
> #10 0x0

Re: How do I get a list of the files of only installed packages?

2020-06-08 Thread Ottavio Caruso
On Mon, 8 Jun 2020 at 11:31, Stuart Henderson  wrote:
>
> On 2020-06-08, Ottavio Caruso  wrote:
> > I probably didn't make myself clear and I apologize. I'd like to have
> > a list of files for just one package, and only if that package has
> > been installed. If not installed, it should tell me it hasn't been
> > installed or just provide no output, a bit like pkg_info behaves on
> > NetBSD.
>
> pkg_* tools use /etc/installurl if present. This can be overridden by
> setting PKG_PATH in the environment:
>
> $ env PKG_PATH= pkg_info -f somepkg

Thanks for the hint. Actually:

$ env PKG_PATH= pkg_info -L somepkg

(-L instead of -f) does the job for me.


-- 
Ottavio Caruso



Re: [S-mailx] .nailrc and Gmail

2020-06-08 Thread Steffen Nurpmeso
Hello Predrag.

Predrag Punosevac wrote in
<20200607193905.3ndsv%punoseva...@gmail.com>:
 |Predrag Punosevac  wrote:
 ...
 |I apologize for cross posting. After upgrading my laptop to 

I took ports off ok, i'd feel ashamed to keep it in. ^_^

 |predrag@oko-mobile$ uname -a
 |OpenBSD oko-mobile.int.bagdala2.net 6.7 GENERIC.MP#2 amd64
 |
 |I felt it was the time for me to jump the ship and finally go with
 |s-nail from the official ports tree. 
 |
 |predrag@oko-mobile$ pkg_info s-nail
 |Information for inst:s-nail-14.9.17

Pity they did not wave through .19 before freeze, plenty of time
there would have been.

 |I got to the bottom of all "issues" I originally reported 
 |
 |https://www.mail-archive.com/s-mailx@lists.sdaoden.eu/msg00948.html
 |
 |in the thread. I used quotation marks around issues as in the hindsight
 |there was really only one. All other issues were due to the fact that I
 |didn't realize that you have completely rewritten s-nail and there is
 |really not much in common with the original Heirloom mailx

Nah, not true.  Almost all extensions or replacements until now.
The entire I/O and MIME layer rewrite is waiting still.  That is
ridiculous, i have written much more code in less than half the
time i am maintaining this.  In the past.

 |http://heirloom.sourceforge.net/mailx.html
 |
 |which I used for at least 15 years. That is not to say that the things
 |don't work or they are worse. They just work different. It took me two
 |full days of dicking with it to get a to get a hang of it.

Hm.  A problem is surely that IMAP search expressions must now be
shell-escaped, we do warn a bit but all that primitive.  I got
reports, but people are so silent, hm.

I personally do not regret moving all over to shell syntax with
v15-compat=y that will be default in v14.10.* somewhen in autumn.
We loose strict POSIX compatibility with this, but then again it
should not really hurt if this software is used POSIX compatibly.
It offers so much more possibilities.  Still we are much too
restricted.

 |First thing first you really trough me off the board with Ctrl+D instead
 |of next line and a dot to sent the email. I have not read the code, and
 |even if I did I don't have sufficient programming background to
 |understand design decession but I am using dot to sent emails since
 |circa 1989 and that is a hard pill to swallow. That is why I kept
 |reporting that sending email doesn't work. 
 |
 |I noticed that 14.9.17 on 6.7 doesn't report that annoying message
 |
 |There are new messages in the error message ring (denoted by ERROR),
 |nail:   which can be managed with the `errors' command
 |ERROR# ? 

It would if there would be errors. :)

 |I really like new configuration grammar. This is my not so minimal
 |working example

Just the same grammar. :)

 |predrag@oko-mobile$ more .mailrc 
 |set ask
 |set crt
 |ignore message-id received date fcc status resent-date resent-message-id
 |resent-from in-reply-to
 |
 |set mailx-extra-rc=~/.nailrc

This is new, it was NAIL_EXTRA_RC, but we are moving all over to
mailx all over the software.

 |and this is dotnailrc file
 |
 |account gmail {
 | set inbox=imaps://usern...@imap.gmail.com
 | set imap-use-starttls

Not needed with imaps.

 | set password="secret"
 | set folder=imaps://usern...@imap.gmail.com record="+[Gmail]/Sent Mail"

That this works in practice, you have a good internet connection.
This software still has a very bad error recovery when that would
happen.  With `disconnect' / and `connect' much of this is
handable however.  Hm.  Don't you get automatic copies in "Sent
Mail" when you use SMTPS in GMail?

 | set from="Predrag Punosevac " \
 | mta=smtp://usern...@smtp.gmail.com:587 \
 | set smtp-use-starttls 

You should be able to use

  set mta=smtps://smtp.gmail.com:465

without smtp-use-starttls.  Saves round-trips.

 | set smtp-auth="login" 
 |# IMAP SHORTCUTS SECTION for standard Gmail folders
 | shortcut allmail +[Gmail]/All\ Mail
 | shortcut sent +[Gmail]/Sent\ Mail
 | shortcut spam +[Gmail]/Spam
 | shortcut trash +[Gmail]/Trash
 |}
 |account cmu {
 | set inbox=imaps://username%40andrew.cmu@imap.gmail.com
 | set imap-use-starttls

Not needed with IMAPS.
| set password="secret"
 | set from="Predrag Punosevac " \
 | mta=smtp://username%40andrew.cmu@smtp.gmail.com:587 \
 | set smtp-use-starttls 
 | set smtp-auth="login" 
 |# IMAP SHORTCUTS SECTION for standard Gmail folders
 | shortcut allmail +[Gmail]/All\ Mail
 | shortcut sent +[Gmail]/Sent\ Mail
 | shortcut spam +[Gmail]/Spam
 | shortcut trash +[Gmail]/Trash
 |}
 |account hotmail {

Looked around that, found on [1] via Firefox

  Office-Support
  Produkte
  Geräte
  Neuerungen
  Office installieren
  Konto & Abrechnung

Oops.

  Vorlagen
  Mehr Unterstützung 

  [1] 
https://support.office.com/de-de/article/pop-imap-und-smtp-einstellungen-f%C3%BCr-outlook-com-d088b986-291d-42b8-9564-9c414e2aa040

 | set inbox=imaps://username%40hotmail@imap-mail.outlook.com
 | set folder=imaps

Re: Getting HDMI Events

2020-06-08 Thread Marcus MERIGHI
switch1...@gmail.com (Switch 1024), 2020.06.07 (Sun) 17:48 (CEST):
> On Sun, 7 Jun 2020 at 14:06, Marcus MERIGHI  wrote:
> >
> > switch1...@gmail.com (Switch 1024), 2020.06.07 (Sun) 08:59 (CEST):
> > > tldr; My question is, how can I get  HDMI Events, I want to execute 
> > > scripts
> > > when a new HDMI (or DP, for that matter) device is connected or 
> > > disconnected.
> > > Maybe there is a really obvious or simple way or solution but I did not 
> > > see it.
> >
> > x-on-resize might have some clues:
> > https://marc.info/?l=openbsd-misc&m=157104216604576
> >
> > marcus
> 
> Ok, Thank you, I downloaded the sources for x-on-resize [1], got it to
> compile with clang, but I do not receive events.

Sorry to hear that; I just made sure that "it works for me", on amd64
-current. dmesg below.

marcus

OpenBSD 6.7-current (GENERIC.MP) #250: Sun Jun  7 19:48:27 MDT 2020
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 16035282944 (15292MB)
avail mem = 15536517120 (14816MB)
random: good seed from bootblocks
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xec2f0 (82 entries)
bios0: vendor American Megatrends Inc. version "1.06" date 03/04/2015
bios0: Shuttle Inc. DS57U
acpi0 at bios0: ACPI 5.0
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP APIC FPDT FIDT MCFG HPET SSDT UEFI SSDT ASF! SLIC SSDT 
SSDT SSDT DMAR
acpi0: wakeup devices PEG0(S4) PEGP(S4) PEG1(S4) PEGP(S4) PEG2(S4) PEGP(S4) 
RP01(S4) PXSX(S4) RP02(S4) PXSX(S4) RP03(S4) PXSX(S4) RP04(S4) PXSX(S4) 
RP05(S4) PXSX(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz, 2494.60 MHz, 06-3d-04
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,PT,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,MELTDOWN
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 99MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz, 2494.24 MHz, 06-3d-04
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,PT,MD_CLEAR,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,MELTDOWN
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 0, core 1, package 0
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 40 pins
acpimadt0: bogus nmi for apid 0
acpimadt0: bogus nmi for apid 2
acpimcfg0 at acpi0
acpimcfg0: addr 0xf800, bus 0-63
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (PEG0)
acpiprt2 at acpi0: bus -1 (PEG1)
acpiprt3 at acpi0: bus -1 (PEG2)
acpiprt4 at acpi0: bus 1 (RP01)
acpiprt5 at acpi0: bus -1 (RP02)
acpiprt6 at acpi0: bus 2 (RP03)
acpiprt7 at acpi0: bus 3 (RP04)
acpiprt8 at acpi0: bus -1 (RP05)
acpiprt9 at acpi0: bus -1 (RP06)
acpiprt10 at acpi0: bus -1 (RP07)
acpiprt11 at acpi0: bus -1 (RP08)
acpiec0 at acpi0: not present
acpicpu0 at acpi0: C2(500@67 mwait.1@0x10), C1(1000@1 mwait.1), PSS
acpicpu1 at acpi0: C2(500@67 mwait.1@0x10), C1(1000@1 mwait.1), PSS
acpipwrres0 at acpi0: PG00, resource for PEG0
acpipwrres1 at acpi0: PG01, resource for PEG1
acpipwrres2 at acpi0: PG02, resource for PEG2
acpipwrres3 at acpi0: FN00, resource for FAN0
acpipwrres4 at acpi0: FN01, resource for FAN1
acpipwrres5 at acpi0: FN02, resource for FAN2
acpipwrres6 at acpi0: FN03, resource for FAN3
acpipwrres7 at acpi0: FN04, resource for FAN4
acpitz0 at acpi0: critical temperature is 105 degC
acpitz1 at acpi0: critical temperature is 105 degC
acpipci0 at acpi0 PCI0: 0x 0x0011 0x0001
extent `acpipci0 pcibus' (0x0 - 0xff), flags=0
 0x3f - 0xff
extent `acpipci0 pciio' (0x0 - 0x), flags=0
 0xcf8 - 0xcff
 0x1 - 0x
extent `acpipci0 pcimem' (0x0 - 0x), flags=0
 0x0 - 0x9
 0xc - 0xdfff
 0xfeb0 - 0x
acpicmos0 at acpi0
acpibtn0 at acpi0: SLPB
acpibtn1 at acpi0: PWRB
"PNP0C0B" at acpi0 not configured
"PNP0C0B" at acpi0 not configured
"PNP0C0B" at acpi0 not configured
"PNP0C0B" at acpi0 not configured
"PNP0C0B" at acpi0 not configured
acpivideo0 a

Re: pfsync interface in carp group

2020-06-08 Thread Philipp Buehler

Am 08.06.2020 00:29 schrieb Paul B. Henson:

However, for only two firewalls, when you're using the syncpeer
directive for the pfsync interface, it seems it would be better not to
default to belonging to the carp group? With only two firewalls, if
one of them has broken synchronization, so does the other, so is there
any real point in trying to migrate away from the one that's currently
master?


Hi,

did you follow some "howto" and set net.inet.carp.preempt=1?

ciao
--
pb



Encrypting vnodes with softraid0

2020-06-08 Thread Justin Noor
Hi @misc,

Is there anything problematic about encrypting vnode devices with
softraid0? I made this work on two USB drives and it seems to be fine.

For example, if I have a pre-existing external RAID5 array with 20TB of
pooled storage (filesystem type 4.2BSD), and I want to encrypt a 2TB
portion of it.

Create a 2TB file:

# dd if=/dev/urandom of=/mnt/cryptfile bs=1g count=2000

Create and format the vnode:

# vnconfig vnd0 /mnt/cryptfile
# fidisk -iy -g -b 960 vnd0
# disklabel -E vnd0 (Make one big 'a' partition of type 'RAID')

Create and format the crypto device, using a keydisk:

# bioctl -c C -k sd2a -l vnd0a softraid0
(device attached as sd3)
# dd if=/dev/zero of=/dev/rsd3c bs=1m count=1
# fdisk -iy -g -b 960 sd3
# disklabel -E sd3 (Make one big 'a' partition of type 4.2BSD)
# newfs sd3a

Mount the crypto device:

# mount /dev/sd3a /mnt/crypto_device

I feel like this method offers flexibility for those who don't need
full-disk encryption.


Re: How do I get a list of the files of only installed packages?

2020-06-08 Thread Ottavio Caruso
On Sun, 7 Jun 2020 at 22:26, Udo Zorn  wrote:
>
> On Sun, Jun 07, 2020 at 10:04:53PM +0100, Ottavio Caruso wrote:
> > On Sun, 7 Jun 2020 at 21:37, Daniel Jakots  wrote:
> > >
> > > On Sun, 7 Jun 2020 21:11:57 +0100, Ottavio Caruso
> > >  wrote:
> > >
> > > > Hi,
> > > >
> > > > "pkg_info -L PACKAGE-NAME"
> > > >
> > > > will give me a list of all the files within each package, regardless
> > > > of whether the package is installed or not.
> > > >
> > > > How can I restrict the output to only installed packages, making it
> > > > fail if the package is not installed?
> > > >
> > > > I could do:
> > > >
> > > > "pkg_info -f PACKAGE-NAME "
> > > >
> > > > but that would not give me full pathnames.
> > > >
> > > > I've looked at the pkg_info man page but I couldn't find a clue.
> > > >
> > > > Thanks.
> > > >
> > >
> > > A "creative" solution:
> > > $ cat -- /var/db/pkg/*/+CONTENTS
> > >
> > > for free, you get for each file its size, its timestamp, and
> > > its checksum! ;)
> >
> > Well no, because that would give results for all packages, not each of
> > them; no full path and extra garble.
> >
> > I'd have to think of a shell script.
> >
> > --
> > Ottavio Caruso
> >
>
> How about this?
>
> $ pkg_info -z | xargs pkg_info -L

I probably didn't make myself clear and I apologize. I'd like to have
a list of files for just one package, and only if that package has
been installed. If not installed, it should tell me it hasn't been
installed or just provide no output, a bit like pkg_info behaves on
NetBSD.

-- 
Ottavio Caruso



Re: How do I get a list of the files of only installed packages?

2020-06-08 Thread Kapfhammer, Stefan
Hello Ottavio,

pkg_info -m

will show you all the packages, which you have installed,
without their dependencies.

pkg_info -a

will show you all the packages, including their dependecies.

Regards,
Stefan


-Ursprüngliche Nachricht-
Von: owner-m...@openbsd.org  Im Auftrag von Ottavio 
Caruso
Gesendet: Sonntag, 7. Juni 2020 22:14
An: misc 
Betreff: Re: How do I get a list of the files of only installed packages?

On Sun, 7 Jun 2020 at 21:11, Ottavio Caruso  
wrote:
>
> Hi,
>
> "pkg_info -L PACKAGE-NAME"
>
> will give me a list of all the files within each package, regardless 
> of whether the package is installed or not.
>
> How can I restrict the output to only installed packages, making it 
> fail if the package is not installed?
>
> I could do:
>
> "pkg_info -f PACKAGE-NAME "
>

Correction: "pkg_info -f" will also show me the packing list of remote 
packages, so that is not an option either.


--
Ottavio Caruso



Re: Filling a 4TB Disk with Random Data

2020-06-08 Thread Ian Darwin
On Fri, Jun 05, 2020 at 12:49:41PM -0500, Ed Ahlsen-Girard wrote:
> On Mon, 01 Jun 2020 13:38:55 -0400
> "Eric Furman"  wrote:
> 
> > On Mon, Jun 1, 2020, at 10:28 AM, Paul de Weerd wrote:
> >  [...]  
> > 
> > This is why if you are serious you use a degausser.
> > 
> 
> The truly serious use a smelter. I am not making a joke.

And, to reduce the impact of their being intercepted on the way to the smelter:

https://prodevice.eu/media-destroyers-shredders/data-media-shredder/



Re: How do I get a list of the files of only installed packages?

2020-06-08 Thread Stuart Henderson
On 2020-06-08, Ottavio Caruso  wrote:
> I probably didn't make myself clear and I apologize. I'd like to have
> a list of files for just one package, and only if that package has
> been installed. If not installed, it should tell me it hasn't been
> installed or just provide no output, a bit like pkg_info behaves on
> NetBSD.

pkg_* tools use /etc/installurl if present. This can be overridden by
setting PKG_PATH in the environment:

$ env PKG_PATH= pkg_info -f somepkg




Re: athn on APU2

2020-06-08 Thread Jan Stary
On Jun 06 23:07:29, h...@stare.cz wrote:
> On Jun 06 22:01:14, maillists.rul...@mailbox.org wrote:
> > > None of the clients gets more than cca 1.5MB/s from that, alone.
> > > Is that to be expected with 11g? (Not that I expect the 54 Mbit/s)
> > 
> > I faced the same problem with my new APU2 just yesterday and found
> > more info here: https://marc.info/?l=openbsd-misc&m=158680303103003&w=2
> > 
> > It seems like 11a is really much better than 11g on athn right now. I'm
> > getting ca. 16-20Mbit/s now (but the bottleneck might be the iwm driver
> > on my laptop).
> > 
> > On a side note: I thought channel 1 was a 2.4GHz channel [1]. I'm
> > surprised it works for you. I'm using something like 36, 100 or 128 on
> > my APU2.
> 
> Unfortunately, some of the clients cannot do 11a or 11n,
> so 11g is my only workable choice.
> 
> Thanks for the pointer to the older discussion,
> I will try to also do some testing without WPA.

With 11g and no WPA, the APU2 AP is about 96% idle
and the clients see about 1.5MB/s

With 11a and no WPA, the APU2 AP is about 96% idle
and the clients see about 1.5MB/s

When using WPA, both drop to about 1.4MB/s
and the APU@ is about 94% idle.

The clients are a macbook, and openbsd thinkpad (iwn),
and two openbsd macbooks (ath, athn).

Jan


OpenBSD 6.7-current (GENERIC.MP) #0: Sat Jun  6 00:00:01 CEST 2020
h...@uvt.stare.cz:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 1996484608 (1903MB)
avail mem = 1923248128 (1834MB)
random: good seed from bootblocks
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8 @ 0x7ee8d020 (13 entries)
bios0: vendor coreboot version "v4.11.0.5" date 03/29/2020
bios0: PC Engines apu2
acpi0 at bios0: ACPI 4.0
acpi0: sleep states S0 S1 S4 S5
acpi0: tables DSDT FACP SSDT MCFG TPM2 APIC HEST SSDT SSDT HPET
acpi0: wakeup devices PWRB(S4) PBR4(S4) PBR5(S4) PBR6(S4) PBR7(S4) PBR8(S4) 
UOH1(S3) UOH2(S3) UOH3(S3) UOH4(S3) UOH5(S3) UOH6(S3) XHC0(S4)
acpitimer0 at acpi0: 3579545 Hz, 32 bits
acpimcfg0 at acpi0
acpimcfg0: addr 0xf800, bus 0-64
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: AMD GX-412TC SOC, 998.25 MHz, 16-30-01
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,PCLMUL,MWAIT,SSSE3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,TOPEXT,DBKP,PERFTSC,PCTRL3,ITSC,BMI1,XSAVEOPT
cpu0: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 2MB 64b/line 
16-way L2 cache
cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative
cpu0: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 99MHz
cpu0: mwait min=64, max=64, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: AMD GX-412TC SOC, 998.14 MHz, 16-30-01
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,PCLMUL,MWAIT,SSSE3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,TOPEXT,DBKP,PERFTSC,PCTRL3,ITSC,BMI1,XSAVEOPT
cpu1: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 2MB 64b/line 
16-way L2 cache
cpu1: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative
cpu1: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 2 (application processor)
cpu2: AMD GX-412TC SOC, 998.14 MHz, 16-30-01
cpu2: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,PCLMUL,MWAIT,SSSE3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,TOPEXT,DBKP,PERFTSC,PCTRL3,ITSC,BMI1,XSAVEOPT
cpu2: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 2MB 64b/line 
16-way L2 cache
cpu2: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative
cpu2: DTLB 40 4KB entries fully associative, 8 4MB entries fully associative
cpu2: smt 0, core 2, package 0
cpu3 at mainbus0: apid 3 (application processor)
cpu3: AMD GX-412TC SOC, 998.19 MHz, 16-30-01
cpu3: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,PCLMUL,MWAIT,SSSE3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,SKINIT,TOPEXT,DBKP,PERFTSC,PCTRL3,ITSC,BMI1,XSAVEOPT
cpu3: 32KB 64b/line 2-way I-cache, 32KB 64b/line 8-way D-cache, 2MB 64b/line 
16-way L2 cache
cpu3: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative
cpu3: DTLB 40 4KB entries fully as

Re: [smartmontools] OpenBSD testers required

2020-06-08 Thread Martin Ziemer
On Fri, Jun 05, 2020 at 10:52:38AM +0200, Marek Benc wrote:
> There's been some changes in the OpenBSD port of smartmontools,
> tools for working with S.M.A.R.T diagnostic of hard drives and SSDs,
> the platform-specific code was modernized, so it would be quite useful
> if people could test these changes out to make sure they work on all
> systems, I tested them on a macppc system with an ATA drive.
> 
> The developer doesn't currently have access to a physical system
> with OpenBSD running on it, so they wrote the changes in a virtual
> machine.
> 
> You can find the changes here:
> https://github.com/smartmontools/smartmontools/pull/56
Tested on two amd64-systems. Worked on both systems.