Re: FreeBSD and IPMI how-to (was Re: su problem)
Hi, all, Am 15.06.2012 um 03:27 schrieb Matthew X. Economou: Daniel Braniss writes: just for the record, serial on 8.x works fine! the device naming has changed from sio to uart, and maybe some features. We use it on all our servers, even redirecting it where possible via ILO,IMPI,DRAC. and is great for debuging or saving long trips :-) Would some kind soul point me to a howto for configuring IPMI on FreeBSD? I have a Dell PowerEdge 840 that supports IPMI, but I have no idea how to set it up - either in the BIOS or in FreeBSD. I've messed around with ipmitools a little, but I haven't gotten it to work. Did you kldload ipmi ? What's the output of dmesg kldstat after loading the module? With the module loaded, you should be able to get something like this: devel# ipmitool sensor Ambient | 23.500 | degrees C | ok| na| 1.000 | 6.000 | 37.000| 42.000| na Systemboard | 32.000 | degrees C | ok| na| na| na | 60.000| 65.000| na CPU1 | 49.000 | degrees C | ok| na| na| na | 93.000| 97.000| na CPU2 | 48.000 | degrees C | ok| na| na| na | 93.000| 97.000| na ... FAN1 SYS | 6120.000 | RPM| ok| na| 1920.000 | na | na| na| na FAN2 SYS | 6480.000 | RPM| ok| na| 1920.000 | na | na| na| na FAN3 SYS | 6000.000 | RPM| ok| na| 1920.000 | na | na| na| na FAN4 SYS | 6480.000 | RPM| ok| na| 1920.000 | na | na| na| na FAN5 SYS | 6120.000 | RPM| ok| na| 1920.000 | na | na| na| na FAN6 SYS | 6480.000 | RPM| ok| na| 1920.000 | na | na| na| na FAN7 SYS | 6120.000 | RPM| ok| na| 1920.000 | na | na| na| na FAN8 SYS | 6480.000 | RPM| ok| na| 1920.000 | na | na| na| na FAN9 SYS | 6240.000 | RPM| ok| na| 1920.000 | na | na| na| na FAN10 SYS| 6720.000 | RPM| ok| na| 1920.000 | na | na| na| na FAN11 SYS| 6240.000 | RPM| ok| na| 1920.000 | na | na| na| na FAN12 SYS| 6720.000 | RPM| ok| na| 1920.000 | na | na| na| na PSU1 Power | 100.000| Watts | ok| na| na| na | na| na| na PSU2 Power | 96.000 | Watts | ok| na| na| na | na| na| na Total Power | 196.000| Watts | ok| na| na| na | na| na| na Total Power Out | 172.000| Watts | ok| na| na| na | na| na| na ... Kind regards, Patrickj -- punkt.de GmbH * Kaiserallee 13a * 76133 Karlsruhe Tel. 0721 9109 0 * Fax 0721 9109 100 i...@punkt.de http://www.punkt.de Gf: Jürgen Egeling AG Mannheim 108285 ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: devd problem with 9-stable
On Thu, Jun 14, 2012 at 3:11 AM, Ronald Klop ronald-freeb...@klop.yi.org wrote: On Thu, 14 Jun 2012 02:41:58 +0200, Kevin Oberman kob6...@gmail.com wrote: Since updating my systems to 9-Stable, I am not getting my smartcard reader attached when hot-plugged. From devd.conf attach 50 { device-name ugen[0-9]+; match vendor 0x0529; match product 0x0600; action /usr/local/sbin/openct-control attach usb:529/600 usb /dev/$dev$ }; detach 50 { device-name ugen[0-9]+; match vendor 0x0529; match product 0x0600; action /usr/bin/pkill -fx '/usr/local/sbin/ifdhandler -H -p [a-z0-9]+ $ }; If I manually enter the action command, it works fine, but it fails when I insert the device. It worked fine under version 8. I have confirmed devd is seeing the device inserted just fine. the action just does not seem to be carried out. Any idea where I should look? I saw a couple of threads on current from others seeing something similar, but could find no resolution. I have seen a Did you run devd with debug messages on? Options -D and -d are helpful. If you do does devd match the right devd.conf sections and start the action? With debug i get: Processing event '!system=USB subsystem=DEVICE type=ATTACH ugen=ugen1.3 cdev=ugen1.3 vendor=0x0529 product=0x0600 devclass=0xff devsubclass=0x00 sernum= release=0x0100 mode=host port=1 parent=ugen1.2' [long list of Testing entries, none of which 'vendor' matched] Executing 'logger Unknown USB device: vendor 0x0529 product 0x0600 bus uhub3' So it looks like devd is not matching the vendor. But my devd.conf file contains that vendor. I don't know exactly why it is not being tested against. Nothing in the debug output gives me a clue and I tried grepping for one of the tested vendor IDs in /etc/devd.conf and /etc/devd/*.conf. Not found. I am at a loss. -- R. Kevin Oberman, Network Engineer E-mail: kob6...@gmail.com ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: mpt: Unable to memory map registers
On 6/13/12 7:10 PM, John Baldwin wrote: On Tuesday, June 12, 2012 5:57:34 pm Andrey Zonov wrote: On 6/13/12 12:51 AM, John Baldwin wrote: On Tuesday, June 12, 2012 3:53:09 pm Andrey Zonov wrote: On 6/12/12 10:06 PM, John Baldwin wrote: [snip] Ok, I've added some more debugging. The patch is a bit larger now and you can fetch it from www.freebsd.org/~jhb/patches/pcib_debug.patch New dmesg is in attach. Sheesh, found another bug (wasn't masking 'front' properly). Try updated patch (same URL). Great! It works! Excellent. I've committed the 2 bugs needed to fix your box. However, there is another bug that this exposed that I'd like you to test. Can you update to the latest HEAD, apply the updated pcib_debug.patch, and boot with 'hw.pci.pcib_clear=1' set from the loader? That should exercise the bug I'm worried about and see if my fixes for that (recursively growing windows) works correctly. Attached. -- Andrey Zonov MP Configuration Table version 1.4 found at 0x800fcb70 Table 'FACP' at 0xdffb0290 Table 'APIC' at 0xdffb0390 APIC: Found table at 0xdffb0390 APIC: Using the MADT enumerator. MADT: Found CPU APIC ID 0 ACPI ID 1: enabled SMP: Added CPU 0 (AP) MADT: Found CPU APIC ID 4 ACPI ID 2: enabled SMP: Added CPU 4 (AP) MADT: Found CPU APIC ID 1 ACPI ID 3: enabled SMP: Added CPU 1 (AP) MADT: Found CPU APIC ID 5 ACPI ID 4: enabled SMP: Added CPU 5 (AP) MADT: Found CPU APIC ID 2 ACPI ID 5: enabled SMP: Added CPU 2 (AP) MADT: Found CPU APIC ID 6 ACPI ID 6: enabled SMP: Added CPU 6 (AP) MADT: Found CPU APIC ID 3 ACPI ID 7: enabled SMP: Added CPU 3 (AP) MADT: Found CPU APIC ID 7 ACPI ID 8: enabled SMP: Added CPU 7 (AP) Copyright (c) 1992-2012 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 10.0-CURRENT #0 r237018: Thu Jun 14 11:18:43 MSK 2012 r...@dst-dev.yandex.ru:/usr/obj/place/home/zont/head/sys/stable10 amd64 Preloaded elf kernel /boot/kernel/kernel at 0x80fdc000. Calibrating TSC clock ... TSC clock: 2826309738 Hz CPU: Intel(R) Xeon(R) CPU E5440 @ 2.83GHz (2826.31-MHz K8-class CPU) Origin = GenuineIntel Id = 0x1067a Family = 6 Model = 17 Stepping = 10 Features=0xbfebfbffFPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE Features2=0xc0ce3bdSSE3,DTES64,MON,DS_CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,DCA,SSE4.1,XSAVE,OSXSAVE AMD Features=0x20100800SYSCALL,NX,LM AMD Features2=0x1LAHF TSC: P-state invariant, performance statistics real memory = 34359738368 (32768 MB) Physical memory chunk(s): 0x0001 - 0x0009bfff, 573440 bytes (140 pages) 0x0010 - 0x001f, 1048576 bytes (256 pages) 0x01028000 - 0xdff9, 3740762112 bytes (913272 pages) 0xdffae000 - 0xdffa, 8192 bytes (2 pages) 0x0001 - 0x0007e2ea0fff, 29576794112 bytes (7220897 pages) avail memory = 33113063424 (31579 MB) INTR: Adding local APIC 0 as a target Event timer LAPIC quality 400 ACPI APIC Table: 090808 APIC1308 INTR: Adding local APIC 0 as a target INTR: Adding local APIC 1 as a target INTR: Adding local APIC 2 as a target INTR: Adding local APIC 3 as a target INTR: Adding local APIC 4 as a target INTR: Adding local APIC 5 as a target INTR: Adding local APIC 6 as a target INTR: Adding local APIC 7 as a target FreeBSD/SMP: Multiprocessor System Detected: 8 CPUs FreeBSD/SMP: 2 package(s) x 4 core(s) cpu0 (BSP): APIC ID: 0 cpu1 (AP): APIC ID: 1 cpu2 (AP): APIC ID: 2 cpu3 (AP): APIC ID: 3 cpu4 (AP): APIC ID: 4 cpu5 (AP): APIC ID: 5 cpu6 (AP): APIC ID: 6 cpu7 (AP): APIC ID: 7 x86bios: IVT 0x00-0x0004ff at 0xfe00 x86bios: SSEG 0x098000-0x098fff at 0xff800029 x86bios: EBDA 0x09e000-0x09 at 0xfe09e000 x86bios: ROM 0x0a-0x0fefff at 0xfe0a APIC: CPU 0 has ACPI ID 1 APIC: CPU 1 has ACPI ID 3 APIC: CPU 2 has ACPI ID 5 APIC: CPU 3 has ACPI ID 7 APIC: CPU 4 has ACPI ID 2 APIC: CPU 5 has ACPI ID 4 APIC: CPU 6 has ACPI ID 6 APIC: CPU 7 has ACPI ID 8 WARNING: VIMAGE (virtualized network stack) is a highly experimental feature. ULE: setup cpu 0 ULE: setup cpu 1 ULE: setup cpu 2 ULE: setup cpu 3 ULE: setup cpu 4 ULE: setup cpu 5 ULE: setup cpu 6 ULE: setup cpu 7 ACPI: RSDP 0xf9960 00024 (v02 ACPIAM) ACPI: XSDT 0xdffb0100 00074 (v01 090808 XSDT1308 20080908 MSFT 0097) ACPI: FACP 0xdffb0290 000F4 (v03 090808 FACP1308 20080908 MSFT 0097) ACPI: DSDT 0xdffb04d0 05414 (v01 CLSea CLSea007 0007 INTL 20051117) ACPI: FACS 0xdffbe000 00040 ACPI: APIC 0xdffb0390 000AA (v01 090808 APIC1308 20080908 MSFT 0097) ACPI: MCFG 0xdffb0490 0003C (v01 090808 OEMMCFG 20080908 MSFT 0097) ACPI: OEMB 0xdffbe040 00071 (v01 090808 OEMB1308 20080908 MSFT 0097) ACPI: HPET 0xdffb58f0
Re: FreeBSD and IPMI how-to (was Re: su problem)
Hi, On 15 Jun 2012, at 02:27, Matthew X. Economou wrote: Would some kind soul point me to a howto for configuring IPMI on FreeBSD? I have a Dell PowerEdge 840 that supports IPMI, but I have no idea how to set it up - either in the BIOS or in FreeBSD. I've messed around with ipmitools a little, but I haven't gotten it to work. To get things like remote management and serial over LAN working, the config has to be right on both the OS and the platform. Others have addressed the FreeBSD end; configuration of the platform is documented here: http://support.dell.com/support/edocs/software/smbmcmu but you'll have to figure out which version is applicable to your box. When you have ipmitool working, the output of `ipmitool mc info' may help with that. Also, it seems like your box implements IPMI v1.5, which is rather less friendly than v2. -- Bob Bishop r...@gid.co.uk ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: Boot hangs on v9 system at CD device probe
Marius Strobl wrote: [...] http://people.freebsd.org/~marius/ata_ite_ATA_CAM_ATA_NO_ATAPI_DMA.diff [...] I've committed it to head in r237107 as a band-aid for now as it's a sufficiently severe problem. Obviously, fixing ATA_CAM to not break ATAPI CAM instead is the right thing to do. I've already spent quite some time trying to find the underlying but didn't get anywhere with that so far though (granted, most of that wasted time was because of me thinking that this would be due to an endian bug only seen on big endian machines, which turned out to not be the case). AFAICT, mav@ also has ALI hardware affected by this issue, maybe he'll have a look at it eventually ... I'm not sure if it's the same or a different issue, but ATA_CAM also breaks for me with a legacy P-ATA controller (UDMA-133) on RELENG_9. Removing ATA_CAM and adding atapicam fixes it. I've described the problem in more detail here: http://lists.freebsd.org/pipermail/freebsd-stable/2012-June/068175.html This is the controller in question: pciconf: atapci0@pci0:3:6:0: class=0x018085 card=0x4d68105a chip=0x4d69105a rev=0x02 hdr=0x00 vendor = 'Promise Technology, Inc.' device = '20269' class = mass storage dmesg: atapci0: Promise PDC20269 UDMA133 controller port 0xdc00-0xdc07, 0xd880-0xd883,0xd800-0xd807,0xcc00-0xcc03,0xc880-0xc88f mem 0xfeaf8000-0xfeafbfff irq 21 at device 6.0 on pci3 Shall I open a PR with this? Of course, I can try any patches that somebody throws at me. :-) Best regards Oliver -- Oliver Fromme, secnetix GmbH Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd Python is executable pseudocode. Perl is executable line noise. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: devd problem with 9-stable
Kevin Oberman wrote: Since updating my systems to 9-Stable, I am not getting my smartcard reader attached when hot-plugged. From devd.conf attach 50 { device-name ugen[0-9]+; match vendor 0x0529; match product 0x0600; action /usr/local/sbin/openct-control attach usb:529/600 usb /dev/$dev$ }; detach 50 { device-name ugen[0-9]+; match vendor 0x0529; match product 0x0600; action /usr/bin/pkill -fx '/usr/local/sbin/ifdhandler -H -p [a-z0-9]+ $ }; Maybe the device-name doesn't match. The ugen names contain a dot (ugenX.Y), so ugen[0-9]+ won't match if the regular expression is anchored (the manual page isn't clear about that, unfortunately, but the examples suggest that it is indeed anchored). Besides, the /dev/ugen* names are only symlinks to the real entries in /dev/usb/X.Y.Z. It might be worth a try to just comment out the device-name lines. Best regards Oliver -- Oliver Fromme, secnetix GmbH Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd [...] one observation we can make here is that Python makes an excellent pseudocoding language, with the wonderful attribute that it can actually be executed. -- Bruce Eckel ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: FreeBSD and IPMI how-to (was Re: su problem)
Daniel Braniss writes: Would some kind soul point me to a howto for configuring IPMI on FreeBSD? I have a Dell PowerEdge 840 that supports IPMI, but I have no idea how to set it up - either in the BIOS or in FreeBSD. I've messed around with ipmitools a little, but I haven't gotten it to work. http://blog.multiplay.co.uk/2011/06/ipmi-under-freebsd-is-easy/ Regards Steve This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it. In the event of misdirection, illegible or incomplete transmission please telephone +44 845 868 1337 or return the E.mail to postmas...@multiplay.co.uk. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: devd problem with 9-stable
On Fri, 15 Jun 2012 08:01:21 +0200, Kevin Oberman kob6...@gmail.com wrote: On Thu, Jun 14, 2012 at 3:11 AM, Ronald Klop ronald-freeb...@klop.yi.org wrote: On Thu, 14 Jun 2012 02:41:58 +0200, Kevin Oberman kob6...@gmail.com wrote: Since updating my systems to 9-Stable, I am not getting my smartcard reader attached when hot-plugged. From devd.conf attach 50 { device-name ugen[0-9]+; match vendor 0x0529; match product 0x0600; action /usr/local/sbin/openct-control attach usb:529/600 usb /dev/$dev$ }; detach 50 { device-name ugen[0-9]+; match vendor 0x0529; match product 0x0600; action /usr/bin/pkill -fx '/usr/local/sbin/ifdhandler -H -p [a-z0-9]+ $ }; If I manually enter the action command, it works fine, but it fails when I insert the device. It worked fine under version 8. I have confirmed devd is seeing the device inserted just fine. the action just does not seem to be carried out. Any idea where I should look? I saw a couple of threads on current from others seeing something similar, but could find no resolution. I have seen a Did you run devd with debug messages on? Options -D and -d are helpful. If you do does devd match the right devd.conf sections and start the action? With debug i get: Processing event '!system=USB subsystem=DEVICE type=ATTACH ugen=ugen1.3 cdev=ugen1.3 vendor=0x0529 product=0x0600 devclass=0xff devsubclass=0x00 sernum= release=0x0100 mode=host port=1 parent=ugen1.2' [long list of Testing entries, none of which 'vendor' matched] Executing 'logger Unknown USB device: vendor 0x0529 product 0x0600 bus uhub3' So it looks like devd is not matching the vendor. But my devd.conf file contains that vendor. I don't know exactly why it is not being tested against. Nothing in the debug output gives me a clue and I tried grepping for one of the tested vendor IDs in /etc/devd.conf and /etc/devd/*.conf. Not found. I am at a loss. Just a guess, but ugen[0-9]+ does not match the dot in ugen1.3. Can you try ugen[0-9]+.[0-9]+? Or just remove the device-name? Shouldn't the vendor and product be enough identification? Ronald. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: devd problem with 9-stable
On Fri, 15 Jun 2012 08:01:21 +0200, Kevin Oberman kob6...@gmail.com wrote: On Thu, Jun 14, 2012 at 3:11 AM, Ronald Klop ronald-freeb...@klop.yi.org wrote: On Thu, 14 Jun 2012 02:41:58 +0200, Kevin Oberman kob6...@gmail.com wrote: Since updating my systems to 9-Stable, I am not getting my smartcard reader attached when hot-plugged. From devd.conf attach 50 { device-name ugen[0-9]+; match vendor 0x0529; match product 0x0600; action /usr/local/sbin/openct-control attach usb:529/600 usb /dev/$dev$ }; detach 50 { device-name ugen[0-9]+; match vendor 0x0529; match product 0x0600; action /usr/bin/pkill -fx '/usr/local/sbin/ifdhandler -H -p [a-z0-9]+ $ }; If I manually enter the action command, it works fine, but it fails when I insert the device. It worked fine under version 8. I have confirmed devd is seeing the device inserted just fine. the action just does not seem to be carried out. Any idea where I should look? I saw a couple of threads on current from others seeing something similar, but could find no resolution. I have seen a Did you run devd with debug messages on? Options -D and -d are helpful. If you do does devd match the right devd.conf sections and start the action? With debug i get: Processing event '!system=USB subsystem=DEVICE type=ATTACH ugen=ugen1.3 cdev=ugen1.3 vendor=0x0529 product=0x0600 devclass=0xff devsubclass=0x00 sernum= release=0x0100 mode=host port=1 parent=ugen1.2' [long list of Testing entries, none of which 'vendor' matched] Executing 'logger Unknown USB device: vendor 0x0529 product 0x0600 bus uhub3' So it looks like devd is not matching the vendor. But my devd.conf file contains that vendor. I don't know exactly why it is not being tested against. Nothing in the debug output gives me a clue and I tried grepping for one of the tested vendor IDs in /etc/devd.conf and /etc/devd/*.conf. Not found. I am at a loss. http://www.freebsd.org/releases/9.0R/errata.html See point 3 under Open Issues. Ronald. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: FreeBSD and IPMI how-to (was Re: su problem)
i want two things from ipmi, reset and kva console. freebsd ipmitool gives me the first, and i already had an apc controlled power bar. randy ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: FreeBSD and IPMI how-to (was Re: su problem)
Hi, all, Am 15.06.2012 um 03:27 schrieb Matthew X. Economou: Daniel Braniss writes: just for the record, serial on 8.x works fine! the device naming has changed from sio to uart, and maybe some features. We use it on all our servers, even redirecting it where possible via ILO,IMPI,DRAC. and is great for debuging or saving long trips :-) Would some kind soul point me to a howto for configuring IPMI on FreeBSD? I have a Dell PowerEdge 840 that supports IPMI, but I have no idea how to set it up - either in the BIOS or in FreeBSD. I've messed around with ipmitools a little, but I haven't gotten it to work. Did you kldload ipmi ? What's the output of dmesg kldstat after loading the module? With the module loaded, you should be able to get something like this: devel# ipmitool sensor Ambient | 23.500 | degrees C | ok| na| 1.000 = | 6.000 | 37.000| 42.000| na Systemboard | 32.000 | degrees C | ok| na| na = | na| 60.000| 65.000| na CPU1 | 49.000 | degrees C | ok| na| na = | na| 93.000| 97.000| na CPU2 | 48.000 | degrees C | ok| na| na = | na| 93.000| 97.000| na ... [...] the ipmi kernel module allows interfacing/communicating with the 'local system', which is nice, unless the kernel went bonkers. You can - after some configuring(*) - connect from another host via something like: ipmitool -A MD5 -H remote-host-ipmi-module-ip-address -U root -I lanplus sol activate and get the remote host console, or do a power cycle: ipmitool -A MD5 -H remote-host-ipmi-module-ip-address -U root power cycle danny *: you need configure/enable the bios/drac. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: [stable 9] broken hwpstate calls
On Wed, 6 Jun 2012 16:33:20 -0700, Sean Bruno wrote: On Wed, 2012-06-06 at 16:02 -0700, Jung-uk Kim wrote: Buy me a Bulldozer and I'll fix it for you! :-P Since I have one (FX-8150), do you want me to expose it to the internet and let you play with it? I referred a fairly new user who asked on questions@ about the hwpstate errors on his new ASUS M5A97 EVO + AMD FX 8120 (stepping 15) to this thread, but had to say it wasn't clear whether there was or was not a working patch, amid discussions on a more general solution. He may ask here himself, but I was wondering if and how you got yours going? :) cheers, Ian ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: Boot hangs on v9 system at CD device probe
On Fri, Jun 15, 2012 at 09:16:16AM +0200, Oliver Fromme wrote: Marius Strobl wrote: [...] http://people.freebsd.org/~marius/ata_ite_ATA_CAM_ATA_NO_ATAPI_DMA.diff [...] I've committed it to head in r237107 as a band-aid for now as it's a sufficiently severe problem. Obviously, fixing ATA_CAM to not break ATAPI CAM instead is the right thing to do. I've already spent quite some time trying to find the underlying but didn't get anywhere with that so far though (granted, most of that wasted time was because of me thinking that this would be due to an endian bug only seen on big endian machines, which turned out to not be the case). AFAICT, mav@ also has ALI hardware affected by this issue, maybe he'll have a look at it eventually ... I'm not sure if it's the same or a different issue, but ATA_CAM also breaks for me with a legacy P-ATA controller (UDMA-133) on RELENG_9. Removing ATA_CAM and adding atapicam fixes it. I've described the problem in more detail here: http://lists.freebsd.org/pipermail/freebsd-stable/2012-June/068175.html This is the controller in question: pciconf: atapci0@pci0:3:6:0: class=0x018085 card=0x4d68105a chip=0x4d69105a rev=0x02 hdr=0x00 vendor = 'Promise Technology, Inc.' device = '20269' class = mass storage dmesg: atapci0: Promise PDC20269 UDMA133 controller port 0xdc00-0xdc07, 0xd880-0xd883,0xd800-0xd807,0xcc00-0xcc03,0xc880-0xc88f mem 0xfeaf8000-0xfeafbfff irq 21 at device 6.0 on pci3 This likely is a different issue as atapromise(4) already disables ATAPI DMA by default since before ATA_CAM hit the tree. Shall I open a PR with this? It probably won't hurt to file one and assign it to mav@. Marius ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
[releng_8 tinderbox] failure on arm/arm
TB --- 2012-06-15 08:53:49 - tinderbox 2.9 running on freebsd-legacy2.sentex.ca TB --- 2012-06-15 08:53:49 - FreeBSD freebsd-legacy2.sentex.ca 9.0-RELEASE FreeBSD 9.0-RELEASE #0: Tue Jan 3 07:46:30 UTC 2012 r...@farrell.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 TB --- 2012-06-15 08:53:49 - starting RELENG_8 tinderbox run for arm/arm TB --- 2012-06-15 08:53:49 - cleaning the object tree TB --- 2012-06-15 08:54:05 - cvsupping the source tree TB --- 2012-06-15 08:54:05 - /usr/bin/csup -z -r 3 -g -L 1 -h cvsup.sentex.ca /tinderbox/RELENG_8/arm/arm/supfile TB --- 2012-06-15 08:55:10 - building world TB --- 2012-06-15 08:55:10 - CROSS_BUILD_TESTING=YES TB --- 2012-06-15 08:55:10 - MAKEOBJDIRPREFIX=/obj TB --- 2012-06-15 08:55:10 - PATH=/usr/bin:/usr/sbin:/bin:/sbin TB --- 2012-06-15 08:55:10 - SRCCONF=/dev/null TB --- 2012-06-15 08:55:10 - TARGET=arm TB --- 2012-06-15 08:55:10 - TARGET_ARCH=arm TB --- 2012-06-15 08:55:10 - TZ=UTC TB --- 2012-06-15 08:55:10 - __MAKE_CONF=/dev/null TB --- 2012-06-15 08:55:10 - cd /src TB --- 2012-06-15 08:55:10 - /usr/bin/make -B buildworld World build started on Fri Jun 15 08:55:10 UTC 2012 Rebuilding the temporary build tree stage 1.1: legacy release compatibility shims stage 1.2: bootstrap tools stage 2.1: cleaning up the object tree stage 2.2: rebuilding the object tree stage 2.3: build tools stage 3: cross tools stage 4.1: building includes stage 4.2: building libraries stage 4.3: make dependencies stage 4.4: building everything World build completed on Fri Jun 15 09:31:44 UTC 2012 TB --- 2012-06-15 09:31:44 - cd /src/sys/arm/conf TB --- 2012-06-15 09:31:44 - /usr/sbin/config -m AVILA TB --- 2012-06-15 09:31:44 - building AVILA kernel TB --- 2012-06-15 09:31:44 - CROSS_BUILD_TESTING=YES TB --- 2012-06-15 09:31:44 - MAKEOBJDIRPREFIX=/obj TB --- 2012-06-15 09:31:44 - PATH=/usr/bin:/usr/sbin:/bin:/sbin TB --- 2012-06-15 09:31:44 - SRCCONF=/dev/null TB --- 2012-06-15 09:31:44 - TARGET=arm TB --- 2012-06-15 09:31:44 - TARGET_ARCH=arm TB --- 2012-06-15 09:31:44 - TZ=UTC TB --- 2012-06-15 09:31:44 - __MAKE_CONF=/dev/null TB --- 2012-06-15 09:31:44 - cd /src TB --- 2012-06-15 09:31:44 - /usr/bin/make -B buildkernel KERNCONF=AVILA Kernel build for AVILA started on Fri Jun 15 09:31:44 UTC 2012 stage 1: configuring the kernel stage 2.1: cleaning up the object tree stage 2.2: rebuilding the object tree stage 2.3: build tools stage 3.1: making dependencies stage 3.2: building everything Kernel build for AVILA completed on Fri Jun 15 09:33:39 UTC 2012 TB --- 2012-06-15 09:33:39 - cd /src/sys/arm/conf TB --- 2012-06-15 09:33:39 - /usr/sbin/config -m BWCT TB --- 2012-06-15 09:33:39 - building BWCT kernel TB --- 2012-06-15 09:33:39 - CROSS_BUILD_TESTING=YES TB --- 2012-06-15 09:33:39 - MAKEOBJDIRPREFIX=/obj TB --- 2012-06-15 09:33:39 - PATH=/usr/bin:/usr/sbin:/bin:/sbin TB --- 2012-06-15 09:33:39 - SRCCONF=/dev/null TB --- 2012-06-15 09:33:39 - TARGET=arm TB --- 2012-06-15 09:33:39 - TARGET_ARCH=arm TB --- 2012-06-15 09:33:39 - TZ=UTC TB --- 2012-06-15 09:33:39 - __MAKE_CONF=/dev/null TB --- 2012-06-15 09:33:39 - cd /src TB --- 2012-06-15 09:33:39 - /usr/bin/make -B buildkernel KERNCONF=BWCT Kernel build for BWCT started on Fri Jun 15 09:33:39 UTC 2012 stage 1: configuring the kernel stage 2.1: cleaning up the object tree stage 2.2: rebuilding the object tree stage 2.3: build tools stage 3.1: making dependencies stage 3.2: building everything [...] cc -mlittle-endian -c -O2 -pipe -fno-strict-aliasing -std=c99 -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -Wundef -Wno-pointer-sign -fformat-extensions -nostdinc -I. -I/src/sys -I/src/sys/contrib/altq -D_KERNEL -DHAVE_KERNEL_OPTION_HEADERS -include opt_global.h -fno-common -finline-limit=8000 --param inline-unit-growth=100 --param large-function-growth=1000 -mcpu=arm9 -ffreestanding -Werror /src/sys/arm/at91/at91_pio.c cc -mlittle-endian -c -O2 -pipe -fno-strict-aliasing -std=c99 -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -Wundef -Wno-pointer-sign -fformat-extensions -nostdinc -I. -I/src/sys -I/src/sys/contrib/altq -D_KERNEL -DHAVE_KERNEL_OPTION_HEADERS -include opt_global.h -fno-common -finline-limit=8000 --param inline-unit-growth=100 --param large-function-growth=1000 -mcpu=arm9 -ffreestanding -Werror /src/sys/arm/at91/at91_pmc.c cc -mlittle-endian -c -O2 -pipe -fno-strict-aliasing -std=c99 -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -Wundef -Wno-pointer-sign -fformat-extensions -nostdinc -I. -I/src/sys -I/src/sys/contrib/altq -D_KERNEL -DHAVE_KERNEL_OPTION_HEADERS -include opt_global.h -fno-common -finline-limit=8000 --param inline-unit-growth=100 --param large-function-growth=1000 -mcpu=arm9 -ffreestanding -Werror
Re: mfi(4) IO performance regression, post 8.1
Yes, of course. So far I can say that the major shift appears to have occurred between 8.1 and 8.2 . Thanks, Charles Owens Great Bay Software, Inc. Sent from my phone - Reply message - From: Adrian Chadd adr...@freebsd.org To: Charles Owens cow...@greatbaysoftware.com Cc: sta...@freebsd.org Subject: mfi(4) IO performance regression, post 8.1 Date: Fri, Jun 15, 2012 1:55 am Hm, can you try different subversion checkouts of the kernel tree between 8.1 and 8.3, to pinpoint which commit(s) broke things? ADrian ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: Experience with Intel SATA and fbsd 8.3-amd64 ?
On Fri, Jun 08, 2012 at 04:46:21PM +0200, Kurt Jaeger wrote: Hi! I have a problem with some host: If I put heavy IO load on that system, write errors happen, and then it crashes. AHCI is enabled. So I suspect the controller -- has anyone experience with that controller ? Hello Kurt, I don't have the same controller, but we've seen problems with other intel AHCI controllers and the new AHCI driver. Could you try running with old ATA driver instead of ahci driver? It helped us, might not be the case for you. Regards. Victor. -- La prueba más fehaciente de que existe vida inteligente en otros planetas, es que no han intentado contactar con nosotros. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: devd problem with 9-stable
On Fri, 15 Jun 2012, Ronald Klop wrote: On Fri, 15 Jun 2012 08:01:21 +0200, Kevin Oberman kob6...@gmail.com wrote: On Thu, Jun 14, 2012 at 3:11 AM, Ronald Klop ronald-freeb...@klop.yi.org wrote: On Thu, 14 Jun 2012 02:41:58 +0200, Kevin Oberman kob6...@gmail.com wrote: Since updating my systems to 9-Stable, I am not getting my smartcard reader attached when hot-plugged. From devd.conf attach 50 { device-name ugen[0-9]+; match vendor 0x0529; match product 0x0600; action /usr/local/sbin/openct-control attach usb:529/600 usb /dev/$dev$ }; detach 50 { device-name ugen[0-9]+; match vendor 0x0529; match product 0x0600; action /usr/bin/pkill -fx '/usr/local/sbin/ifdhandler -H -p [a-z0-9]+ $ }; If I manually enter the action command, it works fine, but it fails when I insert the device. It worked fine under version 8. I have confirmed devd is seeing the device inserted just fine. the action just does not seem to be carried out. Any idea where I should look? I saw a couple of threads on current from others seeing something similar, but could find no resolution. I have seen a Did you run devd with debug messages on? Options -D and -d are helpful. If you do does devd match the right devd.conf sections and start the action? With debug i get: Processing event '!system=USB subsystem=DEVICE type=ATTACH ugen=ugen1.3 cdev=ugen1.3 vendor=0x0529 product=0x0600 devclass=0xff devsubclass=0x00 sernum= release=0x0100 mode=host port=1 parent=ugen1.2' [long list of Testing entries, none of which 'vendor' matched] Executing 'logger Unknown USB device: vendor 0x0529 product 0x0600 bus uhub3' So it looks like devd is not matching the vendor. But my devd.conf file contains that vendor. I don't know exactly why it is not being tested against. Nothing in the debug output gives me a clue and I tried grepping for one of the tested vendor IDs in /etc/devd.conf and /etc/devd/*.conf. Not found. I am at a loss. http://www.freebsd.org/releases/9.0R/errata.html See point 3 under Open Issues. Even with those changes, devd is not triggering on my scanner attach: match subsystem DEVICE; match type ATTACH; match cdev ugen[0-9]+.[0-9]+; match vendor 0x04b8; match product 0x010a; action echo HERE! $cdev /tmp/zoot; # devd -d -D -f /etc/devd/wb.conf Processing event '!system=USB subsystem=DEVICE type=ATTACH ugen=ugen0.6 cdev=ugen0.6 vendor=0x04b8 product=0x010a devclass=0xff devsubclass=0xff sernum= release=0x0103 mode=host port=4 parent=ugen0.4' Pushing table setting system=USB setting subsystem=DEVICE setting type=ATTACH setting ugen=ugen0.6 setting cdev=ugen0.6 setting vendor=0x04b8 setting product=0x010a setting devclass=0xff setting devsubclass=0xff setting sernum= setting release=0x0103 setting mode=host setting port=4 setting parent=ugen0.4 Processing notify event Testing system=USB against ^DEVFS Testing system=USB against ^DEVFS Popping table ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: Experience with Intel SATA and fbsd 8.3-amd64 ?
Hi! I don't have the same controller, but we've seen problems with other intel AHCI controllers and the new AHCI driver. Could you try running with old ATA driver instead of ahci driver? Same problem. I'll try a different controller, arrived today 8-) -- p...@opsec.eu+49 171 3101372 8 years to go ! ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: devd problem with 9-stable
Warren Block wrote: [...] attach 50 { [...] Even with those changes, devd is not triggering on my scanner attach: match subsystem DEVICE; match type ATTACH; match cdev ugen[0-9]+.[0-9]+; match vendor 0x04b8; match product 0x010a; action echo HERE! $cdev /tmp/zoot; Have you tried to put those lines inside a notify block instead of an attach block? The documentation is not very clear about the difference between an attach block an a notify block with $type=ATTACH, but it probably wouldn't hurt to try both. Best regards Oliver -- Oliver Fromme, secnetix GmbH Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd If Java had true garbage collection, most programs would delete themselves upon execution. -- Robert Sewell ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: mfi(4) IO performance regression, post 8.1
Curious why you are preferring i386 +PAE as opposed to amd64? On Jun 15, 2012 4:09 AM, Charles Owens cow...@greatbaysoftware.com wrote: Yes, of course. So far I can say that the major shift appears to have occurred between 8.1 and 8.2 . Thanks, Charles Owens Great Bay Software, Inc. Sent from my phone - Reply message - From: Adrian Chadd adr...@freebsd.org To: Charles Owens cow...@greatbaysoftware.com Cc: sta...@freebsd.org Subject: mfi(4) IO performance regression, post 8.1 Date: Fri, Jun 15, 2012 1:55 am Hm, can you try different subversion checkouts of the kernel tree between 8.1 and 8.3, to pinpoint which commit(s) broke things? ADrian ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: devd problem with 9-stable
On Fri, 15 Jun 2012 15:50:49 +0200, Warren Block wbl...@wonkity.com wrote: On Fri, 15 Jun 2012, Ronald Klop wrote: On Fri, 15 Jun 2012 08:01:21 +0200, Kevin Oberman kob6...@gmail.com wrote: On Thu, Jun 14, 2012 at 3:11 AM, Ronald Klop ronald-freeb...@klop.yi.org wrote: On Thu, 14 Jun 2012 02:41:58 +0200, Kevin Oberman kob6...@gmail.com wrote: Since updating my systems to 9-Stable, I am not getting my smartcard reader attached when hot-plugged. From devd.conf attach 50 { device-name ugen[0-9]+; match vendor 0x0529; match product 0x0600; action /usr/local/sbin/openct-control attach usb:529/600 usb /dev/$dev$ }; detach 50 { device-name ugen[0-9]+; match vendor 0x0529; match product 0x0600; action /usr/bin/pkill -fx '/usr/local/sbin/ifdhandler -H -p [a-z0-9]+ $ }; If I manually enter the action command, it works fine, but it fails when I insert the device. It worked fine under version 8. I have confirmed devd is seeing the device inserted just fine. the action just does not seem to be carried out. Any idea where I should look? I saw a couple of threads on current from others seeing something similar, but could find no resolution. I have seen a Did you run devd with debug messages on? Options -D and -d are helpful. If you do does devd match the right devd.conf sections and start the action? With debug i get: Processing event '!system=USB subsystem=DEVICE type=ATTACH ugen=ugen1.3 cdev=ugen1.3 vendor=0x0529 product=0x0600 devclass=0xff devsubclass=0x00 sernum= release=0x0100 mode=host port=1 parent=ugen1.2' [long list of Testing entries, none of which 'vendor' matched] Executing 'logger Unknown USB device: vendor 0x0529 product 0x0600 bus uhub3' So it looks like devd is not matching the vendor. But my devd.conf file contains that vendor. I don't know exactly why it is not being tested against. Nothing in the debug output gives me a clue and I tried grepping for one of the tested vendor IDs in /etc/devd.conf and /etc/devd/*.conf. Not found. I am at a loss. http://www.freebsd.org/releases/9.0R/errata.html See point 3 under Open Issues. Even with those changes, devd is not triggering on my scanner attach: match subsystem DEVICE; match type ATTACH; match cdev ugen[0-9]+.[0-9]+; match vendor 0x04b8; match product 0x010a; action echo HERE! $cdev /tmp/zoot; # devd -d -D -f /etc/devd/wb.conf Processing event '!system=USB subsystem=DEVICE type=ATTACH ugen=ugen0.6 cdev=ugen0.6 vendor=0x04b8 product=0x010a devclass=0xff devsubclass=0xff sernum= release=0x0103 mode=host port=4 parent=ugen0.4' Pushing table setting system=USB setting subsystem=DEVICE setting type=ATTACH setting ugen=ugen0.6 setting cdev=ugen0.6 setting vendor=0x04b8 setting product=0x010a setting devclass=0xff setting devsubclass=0xff setting sernum= setting release=0x0103 setting mode=host setting port=4 setting parent=ugen0.4 Processing notify event Testing system=USB against ^DEVFS Testing system=USB against ^DEVFS Popping table I tried the same attaching my webcam on pcbsd in vmware. [root@pcbsd-1684 /etc/devd]# cat /tmp/bla.conf notify 100 { match subsystem DEVICE; match type ATTACH; match cdev ugen[0-9]+.[0-9]+; match vendor 0x2232; match product 0x1008; action echo HERE! $cdev /tmp/bla.log; }; # devd -d -D -f /tmp/bla.conf ... Processing event '!system=USB subsystem=DEVICE type=ATTACH ugen=ugen1.2 cdev=ugen1.2 vendor=0x2232 product=0x1008 devclass=0xef devsubclass=0x02 sernum= release=0x0019 mode=host port=1 parent=ugen1.1' Pushing table setting system=USB setting subsystem=DEVICE setting type=ATTACH setting ugen=ugen1.2 setting cdev=ugen1.2 setting vendor=0x2232 setting product=0x1008 setting devclass=0xef setting devsubclass=0x02 setting sernum= setting release=0x0019 setting mode=host setting port=1 setting parent=ugen1.1 Processing notify event Testing subsystem=DEVICE against ^DEVICE Testing type=ATTACH against ^ATTACH Testing cdev=ugen1.2 against ^ugen[0-9]+.[0-9]+ Testing vendor=0x2232 against ^0x2232 Testing product=0x1008 against ^0x1008 Executing 'echo HERE! ugen1.2 /tmp/bla.log' Popping table [root@pcbsd-1684 /etc/devd]# cat /tmp/bla.log HERE! ugen1.2 Do you see a significant difference with your setup? Ronald. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: FreeBSD and IPMI how-to (was Re: su problem)
On Thu, Jun 14, 2012 at 6:27 PM, Matthew X. Economou xenop...@irtnog.org wrote: ... Would some kind soul point me to a howto for configuring IPMI on FreeBSD? I have a Dell PowerEdge 840 that supports IPMI, but I have no idea how to set it up - either in the BIOS or in FreeBSD. I've messed around with ipmitools a little, but I haven't gotten it to work. We have HP boxes here with IPMI (mostly v1.5), and by and large, there isn't much FreeBSD configuration. The set of things I do for serial over LAN are the same as for a regular serial console: 1) create /boot.config with the line -D -S115200 2) create /boot/loader.conf with the lines boot_multicons=YES comconsole_speed=115200 console=comconsole,vidconsole 3) change /etc/ttys to allow a login over the console. something similar to ttyu0 /usr/libexec/getty std.115200 vt100 on secure The rest of the configuration is in the BIOS and tends to be vendor specific. Once this is configured, you can use something like ipmitool to control power (chassis power on, chassis power reset, ...) and get a serial console (sol activate). HTH. ---chuck ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
[releng_8 tinderbox] failure on arm/arm
TB --- 2012-06-15 15:03:36 - tinderbox 2.9 running on freebsd-legacy2.sentex.ca TB --- 2012-06-15 15:03:36 - FreeBSD freebsd-legacy2.sentex.ca 9.0-RELEASE FreeBSD 9.0-RELEASE #0: Tue Jan 3 07:46:30 UTC 2012 r...@farrell.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 TB --- 2012-06-15 15:03:36 - starting RELENG_8 tinderbox run for arm/arm TB --- 2012-06-15 15:03:36 - cleaning the object tree TB --- 2012-06-15 15:03:44 - cvsupping the source tree TB --- 2012-06-15 15:03:44 - /usr/bin/csup -z -r 3 -g -L 1 -h cvsup.sentex.ca /tinderbox/RELENG_8/arm/arm/supfile TB --- 2012-06-15 15:04:45 - building world TB --- 2012-06-15 15:04:45 - CROSS_BUILD_TESTING=YES TB --- 2012-06-15 15:04:45 - MAKEOBJDIRPREFIX=/obj TB --- 2012-06-15 15:04:45 - PATH=/usr/bin:/usr/sbin:/bin:/sbin TB --- 2012-06-15 15:04:45 - SRCCONF=/dev/null TB --- 2012-06-15 15:04:45 - TARGET=arm TB --- 2012-06-15 15:04:45 - TARGET_ARCH=arm TB --- 2012-06-15 15:04:45 - TZ=UTC TB --- 2012-06-15 15:04:45 - __MAKE_CONF=/dev/null TB --- 2012-06-15 15:04:45 - cd /src TB --- 2012-06-15 15:04:45 - /usr/bin/make -B buildworld World build started on Fri Jun 15 15:04:46 UTC 2012 Rebuilding the temporary build tree stage 1.1: legacy release compatibility shims stage 1.2: bootstrap tools stage 2.1: cleaning up the object tree stage 2.2: rebuilding the object tree stage 2.3: build tools stage 3: cross tools stage 4.1: building includes stage 4.2: building libraries stage 4.3: make dependencies stage 4.4: building everything World build completed on Fri Jun 15 15:41:54 UTC 2012 TB --- 2012-06-15 15:41:54 - cd /src/sys/arm/conf TB --- 2012-06-15 15:41:54 - /usr/sbin/config -m AVILA TB --- 2012-06-15 15:41:54 - building AVILA kernel TB --- 2012-06-15 15:41:54 - CROSS_BUILD_TESTING=YES TB --- 2012-06-15 15:41:54 - MAKEOBJDIRPREFIX=/obj TB --- 2012-06-15 15:41:54 - PATH=/usr/bin:/usr/sbin:/bin:/sbin TB --- 2012-06-15 15:41:54 - SRCCONF=/dev/null TB --- 2012-06-15 15:41:54 - TARGET=arm TB --- 2012-06-15 15:41:54 - TARGET_ARCH=arm TB --- 2012-06-15 15:41:54 - TZ=UTC TB --- 2012-06-15 15:41:54 - __MAKE_CONF=/dev/null TB --- 2012-06-15 15:41:54 - cd /src TB --- 2012-06-15 15:41:54 - /usr/bin/make -B buildkernel KERNCONF=AVILA Kernel build for AVILA started on Fri Jun 15 15:41:54 UTC 2012 stage 1: configuring the kernel stage 2.1: cleaning up the object tree stage 2.2: rebuilding the object tree stage 2.3: build tools stage 3.1: making dependencies stage 3.2: building everything Kernel build for AVILA completed on Fri Jun 15 15:43:50 UTC 2012 TB --- 2012-06-15 15:43:50 - cd /src/sys/arm/conf TB --- 2012-06-15 15:43:50 - /usr/sbin/config -m BWCT TB --- 2012-06-15 15:43:50 - building BWCT kernel TB --- 2012-06-15 15:43:50 - CROSS_BUILD_TESTING=YES TB --- 2012-06-15 15:43:50 - MAKEOBJDIRPREFIX=/obj TB --- 2012-06-15 15:43:50 - PATH=/usr/bin:/usr/sbin:/bin:/sbin TB --- 2012-06-15 15:43:50 - SRCCONF=/dev/null TB --- 2012-06-15 15:43:50 - TARGET=arm TB --- 2012-06-15 15:43:50 - TARGET_ARCH=arm TB --- 2012-06-15 15:43:50 - TZ=UTC TB --- 2012-06-15 15:43:50 - __MAKE_CONF=/dev/null TB --- 2012-06-15 15:43:50 - cd /src TB --- 2012-06-15 15:43:50 - /usr/bin/make -B buildkernel KERNCONF=BWCT Kernel build for BWCT started on Fri Jun 15 15:43:50 UTC 2012 stage 1: configuring the kernel stage 2.1: cleaning up the object tree stage 2.2: rebuilding the object tree stage 2.3: build tools stage 3.1: making dependencies stage 3.2: building everything [...] cc -mlittle-endian -c -O2 -pipe -fno-strict-aliasing -std=c99 -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -Wundef -Wno-pointer-sign -fformat-extensions -nostdinc -I. -I/src/sys -I/src/sys/contrib/altq -D_KERNEL -DHAVE_KERNEL_OPTION_HEADERS -include opt_global.h -fno-common -finline-limit=8000 --param inline-unit-growth=100 --param large-function-growth=1000 -mcpu=arm9 -ffreestanding -Werror /src/sys/arm/at91/at91_pio.c cc -mlittle-endian -c -O2 -pipe -fno-strict-aliasing -std=c99 -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -Wundef -Wno-pointer-sign -fformat-extensions -nostdinc -I. -I/src/sys -I/src/sys/contrib/altq -D_KERNEL -DHAVE_KERNEL_OPTION_HEADERS -include opt_global.h -fno-common -finline-limit=8000 --param inline-unit-growth=100 --param large-function-growth=1000 -mcpu=arm9 -ffreestanding -Werror /src/sys/arm/at91/at91_pmc.c cc -mlittle-endian -c -O2 -pipe -fno-strict-aliasing -std=c99 -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -Wundef -Wno-pointer-sign -fformat-extensions -nostdinc -I. -I/src/sys -I/src/sys/contrib/altq -D_KERNEL -DHAVE_KERNEL_OPTION_HEADERS -include opt_global.h -fno-common -finline-limit=8000 --param inline-unit-growth=100 --param large-function-growth=1000 -mcpu=arm9 -ffreestanding -Werror
PF to Preventing SMTP Brute Force Attacks
Hi FreeBSD Gurus, i want to use PF to Preventing SMTP Brute Force Attacks. i need some help to understand correct syntax. URL Explaining this: http://www.openbsd.org/faq/pf/filter.html#stateopts i expect the following behavior from the PF rule below: Limit the absolute maximum number of states that this rule can create to 200 Enable source tracking; limit state creation based on states created by this rule only Limit the maximum number of nodes that can simultaneously create state to 100 Limit the maximum number of simultaneous states per source IP to 3 Solution: int0=em0 trusted_tcp_ports={22,25,443,465} pass in on $int0 proto tcp from any to any port $trusted_tcp_ports keep state max 200, source-track rule, max-src-nodes 100, max-src-states 3 please help .. Thanks / Regards ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
How to bind a route to a network adapter and not IP
Hi, Maybe there is a simple answer, but how do I bind a route to a network interface in 8-stable? Is that possible at all? I'm asking because the routes I add in my network setup are lost because of ARP packet drops. I.E. they exist for a while, but not forever like I want to. --HPS ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: PF to Preventing SMTP Brute Force Attacks
On 15/06/2012 17:17, Shiv. Nath wrote: Hi FreeBSD Gurus, i want to use PF to Preventing SMTP Brute Force Attacks. i need some help to understand correct syntax. URL Explaining this: http://www.openbsd.org/faq/pf/filter.html#stateopts i expect the following behavior from the PF rule below: Limit the absolute maximum number of states that this rule can create to 200 Enable source tracking; limit state creation based on states created by this rule only Limit the maximum number of nodes that can simultaneously create state to 100 Limit the maximum number of simultaneous states per source IP to 3 Solution: int0=em0 trusted_tcp_ports={22,25,443,465} pass in on $int0 proto tcp from any to any port $trusted_tcp_ports keep state max 200, source-track rule, max-src-nodes 100, max-src-states 3 Limiting yourself to 200 states won't protect you very much -- you tend to get a whole series of attacks from the same IP, and that just uses one state at a time. Instead, look at the frequency with which an attacker tries to connect to you. Something like this: table bruteforce persist [...] block in log quick from bruteforce [...] pass in on $ext_if proto tcp \ from any to $ext_if port $trusted_tcp_ports \ flags S/SA keep state \ (max-src-conn-rate 3/300, overload bruteforce flush global) Plus you'll need a cron job like this to clean up the bruteforce table, otherwise it will just grow larger and larger: */12 * * * */sbin/pfctl -t ssh-bruteforce -T expire 604800 /dev/null 21 The end result of this is that if one IP tries to connect to you more than 3 times in 5 minutes, they will get blacklisted. I normally use this just for ssh, so you might want to adjust the parameters appropriately. You should also implement a whitelist for IP ranges you control or use frequently and that will never be used for bruteforce attacks: it is quite easy to block yourself out with these sort of rules. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Re: devd problem with 9-stable
On Fri, Jun 15, 2012 at 7:53 AM, Ronald Klop ronald-freeb...@klop.yi.org wrote: On Fri, 15 Jun 2012 15:50:49 +0200, Warren Block wbl...@wonkity.com wrote: On Fri, 15 Jun 2012, Ronald Klop wrote: On Fri, 15 Jun 2012 08:01:21 +0200, Kevin Oberman kob6...@gmail.com wrote: On Thu, Jun 14, 2012 at 3:11 AM, Ronald Klop ronald-freeb...@klop.yi.org wrote: On Thu, 14 Jun 2012 02:41:58 +0200, Kevin Oberman kob6...@gmail.com wrote: Since updating my systems to 9-Stable, I am not getting my smartcard reader attached when hot-plugged. From devd.conf attach 50 { device-name ugen[0-9]+; match vendor 0x0529; match product 0x0600; action /usr/local/sbin/openct-control attach usb:529/600 usb /dev/$dev$ }; detach 50 { device-name ugen[0-9]+; match vendor 0x0529; match product 0x0600; action /usr/bin/pkill -fx '/usr/local/sbin/ifdhandler -H -p [a-z0-9]+ $ }; If I manually enter the action command, it works fine, but it fails when I insert the device. It worked fine under version 8. I have confirmed devd is seeing the device inserted just fine. the action just does not seem to be carried out. Any idea where I should look? I saw a couple of threads on current from others seeing something similar, but could find no resolution. I have seen a Did you run devd with debug messages on? Options -D and -d are helpful. If you do does devd match the right devd.conf sections and start the action? With debug i get: Processing event '!system=USB subsystem=DEVICE type=ATTACH ugen=ugen1.3 cdev=ugen1.3 vendor=0x0529 product=0x0600 devclass=0xff devsubclass=0x00 sernum= release=0x0100 mode=host port=1 parent=ugen1.2' [long list of Testing entries, none of which 'vendor' matched] Executing 'logger Unknown USB device: vendor 0x0529 product 0x0600 bus uhub3' So it looks like devd is not matching the vendor. But my devd.conf file contains that vendor. I don't know exactly why it is not being tested against. Nothing in the debug output gives me a clue and I tried grepping for one of the tested vendor IDs in /etc/devd.conf and /etc/devd/*.conf. Not found. I am at a loss. http://www.freebsd.org/releases/9.0R/errata.html See point 3 under Open Issues. Even with those changes, devd is not triggering on my scanner attach: match subsystem DEVICE; match type ATTACH; match cdev ugen[0-9]+.[0-9]+; match vendor 0x04b8; match product 0x010a; action echo HERE! $cdev /tmp/zoot; # devd -d -D -f /etc/devd/wb.conf Processing event '!system=USB subsystem=DEVICE type=ATTACH ugen=ugen0.6 cdev=ugen0.6 vendor=0x04b8 product=0x010a devclass=0xff devsubclass=0xff sernum= release=0x0103 mode=host port=4 parent=ugen0.4' Pushing table setting system=USB setting subsystem=DEVICE setting type=ATTACH setting ugen=ugen0.6 setting cdev=ugen0.6 setting vendor=0x04b8 setting product=0x010a setting devclass=0xff setting devsubclass=0xff setting sernum= setting release=0x0103 setting mode=host setting port=4 setting parent=ugen0.4 Processing notify event Testing system=USB against ^DEVFS Testing system=USB against ^DEVFS Popping table I tried the same attaching my webcam on pcbsd in vmware. [root@pcbsd-1684 /etc/devd]# cat /tmp/bla.conf notify 100 { match subsystem DEVICE; match type ATTACH; match cdev ugen[0-9]+.[0-9]+; match vendor 0x2232; match product 0x1008; action echo HERE! $cdev /tmp/bla.log; }; # devd -d -D -f /tmp/bla.conf ... Processing event '!system=USB subsystem=DEVICE type=ATTACH ugen=ugen1.2 cdev=ugen1.2 vendor=0x2232 product=0x1008 devclass=0xef devsubclass=0x02 sernum= release=0x0019 mode=host port=1 parent=ugen1.1' Pushing table setting system=USB setting subsystem=DEVICE setting type=ATTACH setting ugen=ugen1.2 setting cdev=ugen1.2 setting vendor=0x2232 setting product=0x1008 setting devclass=0xef setting devsubclass=0x02 setting sernum= setting release=0x0019 setting mode=host setting port=1 setting parent=ugen1.1 Processing notify event Testing subsystem=DEVICE against ^DEVICE Testing type=ATTACH against ^ATTACH Testing cdev=ugen1.2 against ^ugen[0-9]+.[0-9]+ Testing vendor=0x2232 against ^0x2232 Testing product=0x1008 against ^0x1008 Executing 'echo HERE! ugen1.2 /tmp/bla.log' Popping table [root@pcbsd-1684 /etc/devd]# cat /tmp/bla.log HERE! ugen1.2 Do you see a significant difference with your setup? Switched to 'notify' with: notify 50 { match system USB match subsystem DEVICE; match type ATTACH; match cdev ugen[0-9\.]+; match vendor 0x0529; match product 0x0600; action /usr/local/sbin/openct-control attach usb:529/600 usb /dev/$devi ce-name; }; I still see no attempt to match against vendor 0x0529. Still no go. (Note that I prefer the [0-9\.] + syntax, but tried yours, as well.) The real issue is that devd seems to have a long list of vendors that
Re: PF to Preventing SMTP Brute Force Attacks
Limiting yourself to 200 states won't protect you very much -- you tend to get a whole series of attacks from the same IP, and that just uses one state at a time. Instead, look at the frequency with which an attacker tries to connect to you. Something like this: table bruteforce persist [...] block in log quick from bruteforce [...] pass in on $ext_if proto tcp \ from any to $ext_if port $trusted_tcp_ports \ flags S/SA keep state \ (max-src-conn-rate 3/300, overload bruteforce flush global) Plus you'll need a cron job like this to clean up the bruteforce table, otherwise it will just grow larger and larger: */12 * * * * /sbin/pfctl -t ssh-bruteforce -T expire 604800 /dev/null 21 The end result of this is that if one IP tries to connect to you more than 3 times in 5 minutes, they will get blacklisted. I normally use this just for ssh, so you might want to adjust the parameters appropriately. You should also implement a whitelist for IP ranges you control or use frequently and that will never be used for bruteforce attacks: it is quite easy to block yourself out with these sort of rules. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW Dear Mattthew, Grateful for sending me in right direction, solution really sounds well. Does it look good configuration for /etc/pf.conf ? # START table bruteforce persist block in log quick from bruteforce pass in on $ext_if proto tcp \ from any to $ext_if port $trusted_tcp_ports \ flags S/SA keep state \ (max-src-conn-rate 3/300, overload bruteforce flush global) # END AND CRON: */12 * * * */sbin/pfctl -t ssh-bruteforce -T expire 604800 /dev/null 21 What is the function expire 604800 are they entries in the table? should it be -t bruteforce or -t ssh-bruteforce Thanks ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: PF to Preventing SMTP Brute Force Attacks
On Fri, Jun 15, 2012 at 04:17:06PM -, Shiv. Nath wrote: Hi FreeBSD Gurus, i want to use PF to Preventing SMTP Brute Force Attacks. i need some help to understand correct syntax. URL Explaining this: http://www.openbsd.org/faq/pf/filter.html#stateopts i expect the following behavior from the PF rule below: Limit the absolute maximum number of states that this rule can create to 200 Enable source tracking; limit state creation based on states created by this rule only Limit the maximum number of nodes that can simultaneously create state to 100 Limit the maximum number of simultaneous states per source IP to 3 Solution: int0=em0 trusted_tcp_ports={22,25,443,465} pass in on $int0 proto tcp from any to any port $trusted_tcp_ports keep state (max 200, source-track rule, max-src-nodes 100, max-src-states 3 ) I don't know if max will work here but this is what I use for a sshd rule. pass in log quick proto tcp from any port 1023 to any port 22 flags S/SA keep state (max-src-conn 5, max-src-conn-rate 5/15 overload sshmart flush global) You should be using the syntax from pf41 through pf45. The URL you referenced has a syntax that changed in pf46, pf47 onward... -- - (2^(N-1)) ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: How to bind a route to a network adapter and not IP
Perhaps you can ask the very same question in another way so its easier to understand why you losing packets? All in all I always thought TCP/IP was the basic unit in Internet based networking but feel free to correct me if you have any news I might have missed... :) Also do you have any idea why AMD based CPUs could be vulnerable to this alternative networking scheme and cause a remote denial service in fbsd stable but not in CURRENT? Thanks, Etienne On 06/15/2012 12:19 PM, Hans Petter Selasky wrote: Hi, Maybe there is a simple answer, but how do I bind a route to a network interface in 8-stable? Is that possible at all? I'm asking because the routes I add in my network setup are lost because of ARP packet drops. I.E. they exist for a while, but not forever like I want to. --HPS ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
kern.geom.part.check_integrity=0 not working. not able to boot 9-STABLE
Hi, After over 3 years of uptime, I decided to upgrade one of my SUN boxes to 9-stable. However the new kernel didn't boot because of geom integrity check issues. This I understand as I remember I had to use some weird tricks in the past to get the entire disks used in the first place. Anyway, I felt lucky this was a known and documented problem, with a workaround: http://www.freebsd.org/releases/9.0R/relnotes-detailed.html#AEN1277 However, the workaround doesn't seem to work :-( Type '?' for a list of commands, 'help' for more detailed help. OK set kern.geom.part.check_integrity=0 OK boot jumping to kernel entry at 0xc007. Copyright (c) 1992-2012 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 9.0-STABLE #5: Thu Jun 14 19:24:33 UTC 2012 r...@morninglightmountain.hacktor.net:/usr/obj/usr/src/sys/MORNINGLIGHTMOUNTAIN sparc64 real memory = 536870912 (512 MB) avail memory = 503963648 (480 MB) cpu0: Sun Microsystems UltraSparc-IIe Processor (400.00 MHz CPU) ctl: CAM Target Layer loaded nexus0: Open Firmware Nexus device pcib0: U2P UPA-PCI bridge mem 0x1fe-0x1fe,0x1fe0100-0x1fe01ff irq 2032,2030,2031,2021 on nexus0 pcib0: Sabre, impl 0, version 0, IGN 0x1f, bus A, 66MHz pcib0: DVMA map: 0x6000 to 0x63ff 8192 entries pcib0: [GIANT-LOCKED] pci0: OFW PCI bus on pcib0 pci0: bridge, PCI-ISA at device 7.0 (no driver attached) pci0: old, non-VGA display device at device 3.0 (no driver attached) dc0: Davicom DM9102A 10/100BaseTX port 0x1-0x100ff mem 0-0xff at device 12.0 on pci0 miibus0: MII bus on dc0 amphy0: DM9102 10/100 media interface PHY 1 on miibus0 amphy0: none, 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto dc0: Ethernet address: 00:03:ba:05:fa:5c dc1: Davicom DM9102A 10/100BaseTX port 0x10100-0x101ff mem 0x2000-0x20ff at device 5.0 on pci0 miibus1: MII bus on dc1 amphy1: DM9102 10/100 media interface PHY 1 on miibus1 amphy1: none, 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto dc1: Ethernet address: 00:03:ba:05:fa:5c pci0: serial bus, USB at device 10.0 (no driver attached) atapci0: AcerLabs M5229 UDMA66 controller port 0x10200-0x10207,0x10218-0x1021b,0x10210-0x10217,0x10208-0x1020b,0x10220-0x1022f at device 13.0 on pci0 atapci0: using PIO transfers above 137GB as workaround for 48bit DMA access bug, expect reduced performance ata2: ATA channel at channel 0 on atapci0 ata3: ATA channel at channel 1 on atapci0 nexus0: syscons type unknown (no driver attached) Timecounter tick frequency 4 Hz quality 1000 Event timer tick frequency 4 Hz quality 1000 Timecounters tick every 1.000 msec ada0 at ata2 bus 0 scbus0 target 0 lun 0 ada0: MAXTOR STM3160215A 3.AAD ATA-7 device ada0: 66.700MB/s transfers (UDMA4, PIO 8192bytes) ada0: 152627MB (312581808 512 byte sectors: 16H 63S/T 16383C) ada0: Previously was known as ad0 ada1 at ata3 bus 0 scbus1 target 0 lun 0 ada1: MAXTOR STM3160215A 3.AAD ATA-7 device ada1: 66.700MB/s transfers (UDMA4, PIO 8192bytes) ada1: 152627MB (312581808 512 byte sectors: 16H 63S/T 16383C) ada1: Previously was known as ad1 GEOM: ada0: adding VTOC8 information. GEOM_PART: integrity check failed (ada0, VTOC8) this is where it hangs, just like without setting kern.geom.part.check_integrity. Is this a regression? -- cheers, Ruben de Groot ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: PF to Preventing SMTP Brute Force Attacks
On 15/06/2012 17:55, Shiv. Nath wrote: Limiting yourself to 200 states won't protect you very much -- you tend to get a whole series of attacks from the same IP, and that just uses one state at a time. Instead, look at the frequency with which an attacker tries to connect to you. Something like this: table bruteforce persist [...] block in log quick from bruteforce [...] pass in on $ext_if proto tcp \ from any to $ext_if port $trusted_tcp_ports \ flags S/SA keep state \ (max-src-conn-rate 3/300, overload bruteforce flush global) Plus you'll need a cron job like this to clean up the bruteforce table, otherwise it will just grow larger and larger: */12 * * * * /sbin/pfctl -t ssh-bruteforce -T expire 604800 /dev/null 21 The end result of this is that if one IP tries to connect to you more than 3 times in 5 minutes, they will get blacklisted. I normally use this just for ssh, so you might want to adjust the parameters appropriately. You should also implement a whitelist for IP ranges you control or use frequently and that will never be used for bruteforce attacks: it is quite easy to block yourself out with these sort of rules. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW Dear Mattthew, Grateful for sending me in right direction, solution really sounds well. Does it look good configuration for /etc/pf.conf ? # START table bruteforce persist Watch the syntax -- it's table bruteforce persist with angle brackets. block in log quick from bruteforce pass in on $ext_if proto tcp \ from any to $ext_if port $trusted_tcp_ports \ flags S/SA keep state \ (max-src-conn-rate 3/300, overload bruteforce flush global) Again -- you need angle brackets around the table name. # END AND CRON: */12 * * * * /sbin/pfctl -t ssh-bruteforce -T expire 604800 /dev/null 21 What is the function expire 604800 are they entries in the table? should it be -t bruteforce or -t ssh-bruteforce Ooops. Yes, -t bruteforce is correct. expire 604800 means delete entries after they've been in the table for that number of seconds (ie after one week) Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Re: PF to Preventing SMTP Brute Force Attacks
On Jun 15, 2012, at 12:55 PM, Shiv. Nath wrote: # START table bruteforce persist block in log quick from bruteforce pass in on $ext_if proto tcp \ from any to $ext_if port $trusted_tcp_ports \ flags S/SA keep state \ (max-src-conn-rate 3/300, overload bruteforce flush global) # END AND CRON: */12 * * * * /sbin/pfctl -t ssh-bruteforce -T expire 604800 /dev/null 21 What is the function expire 604800 are they entries in the table? should it be -t bruteforce or -t ssh-bruteforce It refers to entries in the table specified by the -t option and instructs pf to expire (remove from the table) all entries older than the specified time (in seconds). Basically, the value 604800 will expire entries older than 1 week. For the above pf rules, the cron entry should be -t bruteforce (although in the pf rules you should be using bruteforce). Cheers, Paul. ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: mfi(4) IO performance regression, post 8.1
On Friday, June 15, 2012 12:28:59 am Charles Owens wrote: Hello FreeBSD folk, We're seeing what appears to be a storage performance regression as we try to move from 8.1 (i386) to 8.3. We looked at 8.2 also and it appears that the regression happened between 8.1 and 8.2. Our system is an Intel S5520UR Server with 12 GB RAM, dual 4-core CPUs. Storage is a LSI MegaSAS 1078 controller (mfi) in a RAID-10 configuration, using UFS + geom_journal for filesystem. Postgresql performance, as seen via pgbench, dropped by approx 20%. This testing was done with our usual PAE-enabled kernels. We then went back to GENERIC kernels and did comparisons using bonnie, results below. Following that is a kernel boot log. Notably, we're seeing this regression only with our RAID mfi(4) based systems. Notably, from looking at FreeBSD source changelogs it appears that the mfi(4) code has seen some changes since 8.1. Between 8.1 and 8.2 mfi has not had any significant changes. The only changes made to sys/dev/mfi were to add a new constant: svn diff svn+ssh://svn.freebsd.org/base/releng/8.1/sys/dev/mfi svn+ssh://svn.freebsd.org/base/releng/8.2/sys/dev/mfi Index: mfireg.h === --- mfireg.h(.../8.1/sys/dev/mfi) (revision 237134) +++ mfireg.h(.../8.2/sys/dev/mfi) (revision 237134) @@ -975,7 +975,9 @@ MFI_PD_STATE_OFFLINE = 0x10, MFI_PD_STATE_FAILED = 0x11, MFI_PD_STATE_REBUILD = 0x14, - MFI_PD_STATE_ONLINE = 0x18 + MFI_PD_STATE_ONLINE = 0x18, + MFI_PD_STATE_COPYBACK = 0x20, + MFI_PD_STATE_SYSTEM = 0x40 }; union mfi_ld_ref { The difference in write performance must be due to something else. You mentioned you are using UFS + gjournal. I think gjournal uses BIO_FLUSH, so I wonder if this is related: r212939 | gibbs | 2010-09-20 19:39:00 -0400 (Mon, 20 Sep 2010) | 61 lines MFC 212160: Correct bioq_disksort so that bioq_insert_tail() offers barrier semantic. Add the BIO_ORDERED flag for struct bio and update bio clients to use it. The barrier semantics of bioq_insert_tail() were broken in two ways: o In bioq_disksort(), an added bio could be inserted at the head of the queue, even when a barrier was present, if the sort key for the new entry was less than that of the last queued barrier bio. o The last_offset used to generate the sort key for newly queued bios did not stay at the position of the barrier until either the barrier was de-queued, or a new barrier (which updates last_offset) was queued. When a barrier is in effect, we know that the disk will pass through the barrier position just before the blocked bios are released, so using the barrier's offset for last_offset is the optimal choice. sys/geom/sched/subr_disk.c: sys/kern/subr_disk.c: o Update last_offset in bioq_insert_tail(). o Only update last_offset in bioq_remove() if the removed bio is at the head of the queue (typically due to a call via bioq_takefirst()) and no barrier is active. o In bioq_disksort(), if we have a barrier (insert_point is non-NULL), set prev to the barrier and cur to it's next element. Now that last_offset is kept at the barrier position, this change isn't strictly necessary, but since we have to take a decision branch anyway, it does avoid one, no-op, loop iteration in the while loop that immediately follows. o In bioq_disksort(), bypass the normal sort for bios with the BIO_ORDERED attribute and instead insert them into the queue with bioq_insert_tail(). bioq_insert_tail() not only gives the desired command order during insertion, but also provides barrier semantics so that commands disksorted in the future cannot pass the just enqueued transaction. sys/sys/bio.h: Add BIO_ORDERED as bit 4 of the bio_flags field in struct bio. sys/cam/ata/ata_da.c: sys/cam/scsi/scsi_da.c Use an ordered command for SCSI/ATA-NCQ commands issued in response to bios with the BIO_ORDERED flag set. sys/cam/scsi/scsi_da.c Use an ordered tag when issuing a synchronize cache command. Wrap some lines to 80 columns. sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c sys/geom/geom_io.c Mark bios with the BIO_FLUSH command as BIO_ORDERED. Sponsored by: Spectra Logic Corporation Can you try perhaps commenting out the 'bp-bio_flags |= BIO_ORDERED' line changed in geom_io.c in 8.2? That would be effectively reverting this portion of the diff: Index: geom_io.c === --- geom_io.c (.../8.1/sys/geom) (revision 237134) +++ geom_io.c (.../8.2/sys/geom)
Re: Experience with Intel SATA and fbsd 8.3-amd64 ?
Hi! Kurt Jaeger li...@opsec.eu wrote: I have a problem with some host: If I put heavy IO load on that system, write errors happen, and then it crashes. What kind of write errors, exactly? What messages do you get on the console? g_vfs_done():ada0s1f[WRITE(offset=50699862016, length=16384)]error = 2 2 g_vfs_done():ada0s1f[WRITE(offset=50699862016, length=16384)]error = 22 g_vfs_done():ada0s1e[WRITE(offset=44693307392, length=16384)]error = 22 g_vfs_done():ada0s1e[WRITE(offset=44693211136, length=2048)]error = 5 It's also worth mentioning that such problems could also be caused by bad RAM, or even by the power supply (though the latter is unlikely in this case, I think). Well, the device was probably a bit on the cheap side (ALLNET FW9000). -- p...@opsec.eu+49 171 3101372 8 years to go ! ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: ATI Mobility Radeon HD 5470
My laptop has a Radeon HD 5470. Xorg and consoles work perfectly. There is little or no hardware acceleration though. This means no 3D games for sure. I remember videos being rather jerky in full screen as well but with the most recent version of the ati driver, even full HD videos seem to run just fine. The only thing I miss is DPMS support. The screen will go blank but the backlight will never turn off. My workaround is to restart Xorg with the vesa driver and run vbetool dpms off from the command line whenever I want to keep the laptop running with the screen off. - Bartosz ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: devd problem with 9-stable
On Fri, 15 Jun 2012, Oliver Fromme wrote: Warren Block wrote: [...] attach 50 { [...] Even with those changes, devd is not triggering on my scanner attach: match subsystem DEVICE; match type ATTACH; match cdev ugen[0-9]+.[0-9]+; match vendor 0x04b8; match product 0x010a; action echo HERE! $cdev /tmp/zoot; Have you tried to put those lines inside a notify block instead of an attach block? The documentation is not very clear about the difference between an attach block an a notify block with $type=ATTACH, but it probably wouldn't hurt to try both. Well, it did work with an attach event. Progress: the event is seen with a notify event. However, something is not right with the execution of backticks in the action string: notify 20 { match subsystem DEVICE; match type ATTACH; match cdev ugen[0-9]+.[0-9]+; match vendor 0x04b8; match product 0x010a; action devnum=`echo $cdev | sed -e 's/^ugen//'` \ echo $devnum /tmp/example \ echo $cdev /tmp/example; }; When the event is seen: Executing 'devnum=`echo ugen0.6 | sed -e 's/^ugen//'` echo devnum: /tmp/example echo cdev: ugen0.6 /tmp/example' $devnum never gets a value, the contents of /tmp/example are: devnum: cdev: ugen0.6 Trying $() instead of backticks makes it worse: Executing 'devnum=$(echo $cdev | sed -e 's/^ugen//') echo devnum: $devnum /tmp/example echo cdev: $cdev /tmp/example' /tmp/example is then: devnum: cdev: ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
FreeBSD not so free anymore ? Long live FreeBSD...
On 06/15/2012 01:08 PM, Jerry wrote: Skype 4.0 for Linux is now available. Is there any possibility of getting it ported to FreeBSD? The latest version in ports is only 2.x. Why not? Thinking FreeBSD could become immune to remote exploits is absurd. So without much efforts I can guess ports like Skype will become more widespread now that FreeBSD has gived up on network security, preferring to announce critical security vulnerabilities once the exploit has been confirmed without any warnings. A good reason to stop using this bloated OS if you ask me and use something more respectful to their users base relaying on STABLE for stability reasons... Cheers, E -- Etienne Robillard Occupation: Software Developer Company:Green Tea Hackers Club Email: e...@gthcfoundation.org Website:gthcfoundation.org Skype ID: incidah ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: How to bind a route to a network adapter and not IP
On 06/15/12 12:19, Hans Petter Selasky wrote: Hi, Maybe there is a simple answer, but how do I bind a route to a network interface in 8-stable? Is that possible at all? I'm asking because the routes I add in my network setup are lost because of ARP packet drops. I.E. they exist for a while, but not forever like I want to. --HPS Is route add x.x.x.x -iface em0 what you want? ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: mpt: Unable to memory map registers
On Friday, June 15, 2012 2:12:06 am Andrey Zonov wrote: On 6/13/12 7:10 PM, John Baldwin wrote: On Tuesday, June 12, 2012 5:57:34 pm Andrey Zonov wrote: On 6/13/12 12:51 AM, John Baldwin wrote: On Tuesday, June 12, 2012 3:53:09 pm Andrey Zonov wrote: On 6/12/12 10:06 PM, John Baldwin wrote: [snip] Ok, I've added some more debugging. The patch is a bit larger now and you can fetch it from www.freebsd.org/~jhb/patches/pcib_debug.patch New dmesg is in attach. Sheesh, found another bug (wasn't masking 'front' properly). Try updated patch (same URL). Great! It works! Excellent. I've committed the 2 bugs needed to fix your box. However, there is another bug that this exposed that I'd like you to test. Can you update to the latest HEAD, apply the updated pcib_debug.patch, and boot with 'hw.pci.pcib_clear=1' set from the loader? That should exercise the bug I'm worried about and see if my fixes for that (recursively growing windows) works correctly. Attached. Hmm, it doesn't seem like hw.pci.pcib_clear was set (the pcibX devices still tried to allocate their initial windows). -- John Baldwin ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: How to bind a route to a network adapter and not IP
Perhaps you can ask the very same question in another way so its easier to understand why you losing packets? All in all I always thought TCP/IP was the basic unit in Internet based networking but feel free to correct me if you have any news I might have missed... :) This is an old and well known problem, with no solution as of today (unless you want to run quagga/zebra or similar). With Cisco and Juniper (and probably lots of other big name) routers, if I create a static route pointing to a next hop on one interface, and the interface goes down (e.g. Ethernet cable is unplugged), 1. the static route is removed from the routing table. But then, when the interface later comes back up 2. the static route is reinstalled in the routing table. With FreeBSD point 1 above happens, but not point 2. I would love to have the functionality where FreeBSD would reinstall the route as in point 2 above. I think this is definitely the least surprising behavior (POLA), and should happen even without running an explicit routing system like quagga. Steinar Haug, Nethelp consulting, sth...@nethelp.no On 06/15/2012 12:19 PM, Hans Petter Selasky wrote: Hi, Maybe there is a simple answer, but how do I bind a route to a network interface in 8-stable? Is that possible at all? I'm asking because the routes I add in my network setup are lost because of ARP packet drops. I.E. they exist for a while, but not forever like I want to. --HPS ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: FreeBSD not so free anymore ? Long live FreeBSD...
On 06/15/2012 01:57 PM, Michael Scheidell wrote: On 6/15/12 1:53 PM, Etienne Robillard wrote: A good reason to stop using this bloated OS if you ask me and use something more respectful to their users base relaying on STABLE for stability reasons... PLEASE use linux.. they need you and love you. Yeah. Well there's nothing wrong in asking the polite way... :-) At least this is more reasonable than physically breaking a system to indicate your disagreement with someone because of ignorance, bliss or both. :-) Finally Thank you for advocating Linux security. Cheers, E ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: FreeBSD not so free anymore ? Long live FreeBSD...
On 15 June 2012 18:53, Etienne Robillard animelo...@gmail.com wrote: On 06/15/2012 01:08 PM, Jerry wrote: Skype 4.0 for Linux is now available. Is there any possibility of getting it ported to FreeBSD? The latest version in ports is only 2.x. Why not? Thinking FreeBSD could become immune to remote exploits is absurd. So without much efforts I can guess ports like Skype will become more widespread now that FreeBSD has gived up on network security, preferring to announce critical security vulnerabilities once the exploit has been confirmed without any warnings. A good reason to stop using this bloated OS if you ask me and use something more respectful to their users base relaying on STABLE for stability reasons... New versions of Skype require ALSA. This is at their insistence. Chris ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: devd problem with 9-stable
Warren Block wrote: Well, it did work with an attach event. Progress: the event is seen with a notify event. However, something is not right with the execution of backticks in the action string: notify 20 { match subsystem DEVICE; match type ATTACH; match cdev ugen[0-9]+.[0-9]+; match vendor 0x04b8; match product 0x010a; action devnum=`echo $cdev | sed -e 's/^ugen//'` \ echo $devnum /tmp/example \ echo $cdev /tmp/example; }; When the event is seen: Executing 'devnum=`echo ugen0.6 | sed -e 's/^ugen//'` echo devnum: /tmp/example echo cdev: ugen0.6 /tmp/example' $devnum never gets a value, the contents of /tmp/example are: devnum: cdev: ugen0.6 Trying $() instead of backticks makes it worse: Executing 'devnum=$(echo $cdev | sed -e 's/^ugen//') echo devnum: $devnum /tmp/example echo cdev: $cdev /tmp/example' Unfortunately, the manual page does not explain how the action strings are parsed exactly. I guess the problem is not the backticks but the fact that the parser tries to expand $devnum as a devd variable, so the shell never sees it. This also explains why using $() makes things worse. You can try to prepend a backslash, i.e. echo \$devnum. This isn't documented, but then again, using backslashes to continue strings that span multiple lines isn't documented either. In case the sed command still doesn't work, alternatively you can use shell substring processing instead (this is also more efficient because the shell doesn't have to create a pipe and fork a sed process): action devnum=$cdev; devnum=\${devnum##ugen}; echo \$devnum /tmp/foo Or even: action devnum=$cdev; echo \${devnum##ugen} /tmp/foo Best regards Oliver -- Oliver Fromme, secnetix GmbH Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd I made up the term 'object-oriented', and I can tell you I didn't have C++ in mind. -- Alan Kay, OOPSLA '97 ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: devd problem with 9-stable
On Jun 15, 2012, at 11:23 AM, Oliver Fromme wrote: You can try to prepend a backslash, i.e. echo \$devnum. This isn't documented, but then again, using backslashes to continue strings that span multiple lines isn't documented either. Line continuations and escaping special chars like $ are in man sh: Backslash A backslash preserves the literal meaning of the following char- acter, with the exception of the newline character (`\n'). A backslash preceding a newline is treated as a line continuation. The Bash manpage is perhaps more clear about this: There are three quoting mechanisms: the escape character, single quotes, and double quotes. A non-quoted backslash (\) is the escape character. It preserves the literal value of the next character that follows, with the exception of newline. If a \newline pair appears, and the backslash is not itself quoted, the \newline is treated as a line continuation (that is, it is removed from the input stream and effectively ignored). Enclosing characters in single quotes preserves the literal value of each character within the quotes. A single quote may not occur between single quotes, even when preceded by a backslash. Enclosing characters in double quotes preserves the literal value of all characters within the quotes, with the exception of $, `, \, and, when history expansion is enabled, !. The characters $ and ` retain their special meaning within double quotes. The backslash retains its special meaning only when followed by one of the following characters: $, `, , \, or newline. A double quote may be quoted within double quotes by preceding it with a backslash. If enabled, history expansion will be performed unless an ! appearing in double quotes is escaped using a backslash. The backslash preceding the ! is not removed. Regards, -- -Chuck ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: How to bind a route to a network adapter and not IP
On Fri, Jun 15, 2012 at 07:54:52PM +0200, sth...@nethelp.no typed: Perhaps you can ask the very same question in another way so its easier to understand why you losing packets? All in all I always thought TCP/IP was the basic unit in Internet based networking but feel free to correct me if you have any news I might have missed... :) This is an old and well known problem, with no solution as of today (unless you want to run quagga/zebra or similar). With Cisco and Juniper (and probably lots of other big name) routers, if I create a static route pointing to a next hop on one interface, and the interface goes down (e.g. Ethernet cable is unplugged), 1. the static route is removed from the routing table. But then, when the interface later comes back up 2. the static route is reinstalled in the routing table. With FreeBSD point 1 above happens, but not point 2. I would love to have the functionality where FreeBSD would reinstall the route as in point 2 above. I think this is definitely the least surprising behavior (POLA), and should happen even without running an explicit routing system like quagga. This can be quite easily programmed with kqueue, use EVFILT_NETDEV for notices of interface up/down events and adjust the routing table accordingly. Big chance Cisco and Juniper are doing something similar. -- Ruben ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: devd problem with 9-stable
Chuck Swiger wrote: On Jun 15, 2012, at 11:23 AM, Oliver Fromme wrote: You can try to prepend a backslash, i.e. echo \$devnum. This isn't documented, but then again, using backslashes to continue strings that span multiple lines isn't documented either. Line continuations and escaping special chars like $ are in man sh: Yes, I know that, but the question is how devd(8) parses the action strings. The problem here is that we have multiple levels or parsing. First, devd reads the line, concatenates continuation lines (apparently -- it's not documented), expands devd variables, and *then* it passes the resulting string to the shell for further parsing and processing. Best regards Oliver -- Oliver Fromme, secnetix GmbH Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd I have stopped reading Stephen King novels. Now I just read C code instead. -- Richard A. O'Keefe ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: devd problem with 9-stable
On Fri, Jun 15, 2012 at 11:45 AM, Oliver Fromme o...@lurza.secnetix.de wrote: Chuck Swiger wrote: On Jun 15, 2012, at 11:23 AM, Oliver Fromme wrote: You can try to prepend a backslash, i.e. echo \$devnum. This isn't documented, but then again, using backslashes to continue strings that span multiple lines isn't documented either. Line continuations and escaping special chars like $ are in man sh: Yes, I know that, but the question is how devd(8) parses the action strings. The problem here is that we have multiple levels or parsing. First, devd reads the line, concatenates continuation lines (apparently -- it's not documented), expands devd variables, and *then* it passes the resulting string to the shell for further parsing and processing. If you have that many levels of backticks, variable expansions, programs, etc, wouldn't it be a prime candidate for a script? Just pass in a couple of variables directly from devd, and then do everything else inside the script? -- Freddie Cash fjwc...@gmail.com ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: mfi(4) IO performance regression, post 8.1
No reason other than history... will be changing over at some point. Charles Owens Great Bay Software, Inc. On 6/15/12 10:38 AM, Brian W. wrote: Curious why you are preferring i386 +PAE as opposed to amd64? On Jun 15, 2012 4:09 AM, Charles Owens cow...@greatbaysoftware.com mailto:cow...@greatbaysoftware.com wrote: Yes, of course. So far I can say that the major shift appears to have occurred between 8.1 and 8.2 . Thanks, Charles Owens Great Bay Software, Inc. Sent from my phone - Reply message - From: Adrian Chadd adr...@freebsd.org mailto:adr...@freebsd.org To: Charles Owens cow...@greatbaysoftware.com mailto:cow...@greatbaysoftware.com Cc: sta...@freebsd.org mailto:sta...@freebsd.org Subject: mfi(4) IO performance regression, post 8.1 Date: Fri, Jun 15, 2012 1:55 am Hm, can you try different subversion checkouts of the kernel tree between 8.1 and 8.3, to pinpoint which commit(s) broke things? ADrian ___ freebsd-stable@freebsd.org mailto:freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org mailto:freebsd-stable-unsubscr...@freebsd.org ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: devd problem with 9-stable
Freddie Cash wrote: On Fri, Jun 15, 2012 at 11:45 AM, Oliver Fromme o...@lurza.secnetix.de wrote: Chuck Swiger wrote: On Jun 15, 2012, at 11:23 AM, Oliver Fromme wrote: You can try to prepend a backslash, i.e. echo \$devnum. This isn't documented, but then again, using backslashes to continue strings that span multiple lines isn't documented either. Line continuations and escaping special chars like $ are in man sh: Yes, I know that, but the question is how devd(8) parses the action strings. The problem here is that we have multiple levels or parsing. First, devd reads the line, concatenates continuation lines (apparently -- it's not documented), expands devd variables, and *then* it passes the resulting string to the shell for further parsing and processing. If you have that many levels of backticks, variable expansions, programs, etc, wouldn't it be a prime candidate for a script? Just pass in a couple of variables directly from devd, and then do everything else inside the script? Yes, that might be better. At least, the shell parser is much better documented than the devd parser, so it makes sense to make the action line as simple as possible. I also think it is a mistake to use dollar signs for variable expansion in devd.conf, because the shell uses the same character for the same thing, so it causes confusion. It's just like in Makefiles; I also keep forgetting to double the dollar signs for shell variables in Makefiles ... Best regards Oliver -- Oliver Fromme, secnetix GmbH Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd Being really good at C++ is like being really good at using rocks to sharpen sticks. -- Thant Tessman ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: devd problem with 9-stable
On Fri, 15 Jun 2012 18:40:45 +0200, Kevin Oberman kob6...@gmail.com wrote: On Fri, Jun 15, 2012 at 7:53 AM, Ronald Klop ronald-freeb...@klop.yi.org wrote: On Fri, 15 Jun 2012 15:50:49 +0200, Warren Block wbl...@wonkity.com wrote: On Fri, 15 Jun 2012, Ronald Klop wrote: On Fri, 15 Jun 2012 08:01:21 +0200, Kevin Oberman kob6...@gmail.com wrote: On Thu, Jun 14, 2012 at 3:11 AM, Ronald Klop ronald-freeb...@klop.yi.org wrote: On Thu, 14 Jun 2012 02:41:58 +0200, Kevin Oberman kob6...@gmail.com wrote: Since updating my systems to 9-Stable, I am not getting my smartcard reader attached when hot-plugged. From devd.conf attach 50 { device-name ugen[0-9]+; match vendor 0x0529; match product 0x0600; action /usr/local/sbin/openct-control attach usb:529/600 usb /dev/$dev$ }; detach 50 { device-name ugen[0-9]+; match vendor 0x0529; match product 0x0600; action /usr/bin/pkill -fx '/usr/local/sbin/ifdhandler -H -p [a-z0-9]+ $ }; If I manually enter the action command, it works fine, but it fails when I insert the device. It worked fine under version 8. I have confirmed devd is seeing the device inserted just fine. the action just does not seem to be carried out. Any idea where I should look? I saw a couple of threads on current from others seeing something similar, but could find no resolution. I have seen a Did you run devd with debug messages on? Options -D and -d are helpful. If you do does devd match the right devd.conf sections and start the action? With debug i get: Processing event '!system=USB subsystem=DEVICE type=ATTACH ugen=ugen1.3 cdev=ugen1.3 vendor=0x0529 product=0x0600 devclass=0xff devsubclass=0x00 sernum= release=0x0100 mode=host port=1 parent=ugen1.2' [long list of Testing entries, none of which 'vendor' matched] Executing 'logger Unknown USB device: vendor 0x0529 product 0x0600 bus uhub3' So it looks like devd is not matching the vendor. But my devd.conf file contains that vendor. I don't know exactly why it is not being tested against. Nothing in the debug output gives me a clue and I tried grepping for one of the tested vendor IDs in /etc/devd.conf and /etc/devd/*.conf. Not found. I am at a loss. http://www.freebsd.org/releases/9.0R/errata.html See point 3 under Open Issues. Even with those changes, devd is not triggering on my scanner attach: match subsystem DEVICE; match type ATTACH; match cdev ugen[0-9]+.[0-9]+; match vendor 0x04b8; match product 0x010a; action echo HERE! $cdev /tmp/zoot; # devd -d -D -f /etc/devd/wb.conf Processing event '!system=USB subsystem=DEVICE type=ATTACH ugen=ugen0.6 cdev=ugen0.6 vendor=0x04b8 product=0x010a devclass=0xff devsubclass=0xff sernum= release=0x0103 mode=host port=4 parent=ugen0.4' Pushing table setting system=USB setting subsystem=DEVICE setting type=ATTACH setting ugen=ugen0.6 setting cdev=ugen0.6 setting vendor=0x04b8 setting product=0x010a setting devclass=0xff setting devsubclass=0xff setting sernum= setting release=0x0103 setting mode=host setting port=4 setting parent=ugen0.4 Processing notify event Testing system=USB against ^DEVFS Testing system=USB against ^DEVFS Popping table I tried the same attaching my webcam on pcbsd in vmware. [root@pcbsd-1684 /etc/devd]# cat /tmp/bla.conf notify 100 { match subsystem DEVICE; match type ATTACH; match cdev ugen[0-9]+.[0-9]+; match vendor 0x2232; match product 0x1008; action echo HERE! $cdev /tmp/bla.log; }; # devd -d -D -f /tmp/bla.conf ... Processing event '!system=USB subsystem=DEVICE type=ATTACH ugen=ugen1.2 cdev=ugen1.2 vendor=0x2232 product=0x1008 devclass=0xef devsubclass=0x02 sernum= release=0x0019 mode=host port=1 parent=ugen1.1' Pushing table setting system=USB setting subsystem=DEVICE setting type=ATTACH setting ugen=ugen1.2 setting cdev=ugen1.2 setting vendor=0x2232 setting product=0x1008 setting devclass=0xef setting devsubclass=0x02 setting sernum= setting release=0x0019 setting mode=host setting port=1 setting parent=ugen1.1 Processing notify event Testing subsystem=DEVICE against ^DEVICE Testing type=ATTACH against ^ATTACH Testing cdev=ugen1.2 against ^ugen[0-9]+.[0-9]+ Testing vendor=0x2232 against ^0x2232 Testing product=0x1008 against ^0x1008 Executing 'echo HERE! ugen1.2 /tmp/bla.log' Popping table [root@pcbsd-1684 /etc/devd]# cat /tmp/bla.log HERE! ugen1.2 Do you see a significant difference with your setup? Switched to 'notify' with: notify 50 { match system USB match subsystem DEVICE; match type ATTACH; match cdev ugen[0-9\.]+; match vendor 0x0529; match product 0x0600; action /usr/local/sbin/openct-control attach usb:529/600 usb /dev/$devi ce-name; }; I still see no attempt to match against vendor 0x0529. Still no go. (Note that I prefer the [0-9\.] + syntax, but tried yours, as well.) The real issue is that devd seems to have a long list of vendors that it matches
Re: PF to Preventing SMTP Brute Force Attacks
Dear Mattthew, Grateful for sending me in right direction, solution really sounds well. Does it look good configuration for /etc/pf.conf ? # START table bruteforce persist Watch the syntax -- it's table bruteforce persist with angle brackets. block in log quick from bruteforce pass in on $ext_if proto tcp \ from any to $ext_if port $trusted_tcp_ports \ flags S/SA keep state \ (max-src-conn-rate 3/300, overload bruteforce flush global) Again -- you need angle brackets around the table name. # END AND CRON: */12 * * * * /sbin/pfctl -t ssh-bruteforce -T expire 604800 /dev/null 21 What is the function expire 604800 are they entries in the table? should it be -t bruteforce or -t ssh-bruteforce Ooops. Yes, -t bruteforce is correct. expire 604800 means delete entries after they've been in the table for that number of seconds (ie after one week) Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW Dear Mattthew, i am very much grateful for your assistance and advice configuring PF correctly. Well done ! Thanks / Regards ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: devd problem with 9-stable
On Fri, 15 Jun 2012, Oliver Fromme wrote: When the event is seen: Executing 'devnum=`echo ugen0.6 | sed -e 's/^ugen//'` echo devnum: /tmp/example echo cdev: ugen0.6 /tmp/example' $devnum never gets a value, the contents of /tmp/example are: devnum: cdev: ugen0.6 Trying $() instead of backticks makes it worse: Executing 'devnum=$(echo $cdev | sed -e 's/^ugen//') echo devnum: $devnum /tmp/example echo cdev: $cdev /tmp/example' Unfortunately, the manual page does not explain how the action strings are parsed exactly. I guess the problem is not the backticks but the fact that the parser tries to expand $devnum as a devd variable, so the shell never sees it. This also explains why using $() makes things worse. It should be pointed out that this is a regression from 8.x. You can try to prepend a backslash, i.e. echo \$devnum. This isn't documented, but then again, using backslashes to continue strings that span multiple lines isn't documented either. devd has already expanded variables by then: Executing 'devnum=ugen0.6 echo devnum: \ /tmp/example echo cdev: ugen0.6 /tmp/example' It does seem to work to use the bracketed form: action devnum=`echo $cdev | sed -e 's/^ugen//'` echo ${devnum} /tmp/example; In case the sed command still doesn't work, alternatively you can use shell substring processing instead (this is also more efficient because the shell doesn't have to create a pipe and fork a sed process): action devnum=$cdev; devnum=\${devnum##ugen}; echo \$devnum /tmp/foo Or even: action devnum=$cdev; echo \${devnum##ugen} /tmp/foo I like that, and it does work without the backslash. action devnum=$cdev ; echo ${devnum##ugen} /tmp/example; cat /tmp/example 0.6 I started to enter a PR, but got confused partway through. The problem here is that devd is expanding variables unknown to it in action strings (unless the bracket notation is used), and replacing them with empty strings. Agreed? ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: A problem with MAXPATHLEN on a back
On 2012-03-03 17:37, Jilles Tjoelker wrote: On Sun, Feb 26, 2012 at 02:40:09PM +0100, Willem Jan Withagen wrote: I'm running into this on a backup-backupserver. (8.2-STABLE #134: Wed Feb 1 15:05:59 CET 2012 amd64) Haven't checked which paths are too long. But is there any easy way out? Like making MAXPATHLEN 2048 and rebuilding locate. Or is that going to propagate and major impact all and everything. Rebuilding locate database: locate: integer out of +-MAXPATHLEN (1024): 1031 locate: integer out of +-MAXPATHLEN (1024): 1031 It should be possible to replace (sed -i) MAXPATHLEN with something else in the locate source and recompile it. Changing the value of MAXPATHLEN itself is not safe because it defines the size of various buffers in the ABI (such as the one passed to realpath() if its resolved_path parameter is not NULL); in any case, it is a very intrusive change. Right, this changing the ABI. But I was thinking more along the line to have userspace at least allocate more, so long(er) paths in ZFS would still work. Locate uses find(1) to generate its list of files, and find's output is not subject to MAXPATHLEN (unless the -L option or the -follow primary is used). Almost any use of the very long pathnames will require a manual split-up though (cd'ing to an initial part shorter than MAXPATHLEN, then repeating the process with relative pathnames until the remaining part is shorter than MAXPATHLEN). I finally came around to trying something to fix this. And my problem is with the files stored on ZFS on my backupserver. There that path are apparently rather long in the Windows-backups made there. But it messes up the complete locate. So I went into /usr/src/src8/src/usr.bin/locate/locate/locate.h And (un|re)defined MAXPATHLEN to mean 2048 in stead of 1024. That fixed my problem. Not shure if that would be a general fix. But it would be able that more tools would run into these types of problems. Maybe userspace MAXPATHLEN should be set to something bigger to start with... But I'll leave that to people with more experience. --WjW ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
[releng_9 tinderbox] failure on powerpc64/powerpc
TB --- 2012-06-15 18:56:06 - tinderbox 2.9 running on freebsd-stable.sentex.ca TB --- 2012-06-15 18:56:06 - FreeBSD freebsd-stable.sentex.ca 8.2-STABLE FreeBSD 8.2-STABLE #4: Wed Sep 28 13:48:49 UTC 2011 mdtan...@freebsd-stable.sentex.ca:/usr/obj/usr/src/sys/server amd64 TB --- 2012-06-15 18:56:06 - starting RELENG_9 tinderbox run for powerpc64/powerpc TB --- 2012-06-15 18:56:06 - cleaning the object tree TB --- 2012-06-15 18:56:06 - cvsupping the source tree TB --- 2012-06-15 18:56:06 - /usr/bin/csup -z -r 3 -g -L 1 -h cvsup.sentex.ca /tinderbox/RELENG_9/powerpc64/powerpc/supfile TB --- 2012-06-15 18:57:24 - building world TB --- 2012-06-15 18:57:24 - CROSS_BUILD_TESTING=YES TB --- 2012-06-15 18:57:24 - MAKEOBJDIRPREFIX=/obj TB --- 2012-06-15 18:57:24 - PATH=/usr/bin:/usr/sbin:/bin:/sbin TB --- 2012-06-15 18:57:24 - SRCCONF=/dev/null TB --- 2012-06-15 18:57:24 - TARGET=powerpc TB --- 2012-06-15 18:57:24 - TARGET_ARCH=powerpc64 TB --- 2012-06-15 18:57:24 - TZ=UTC TB --- 2012-06-15 18:57:24 - __MAKE_CONF=/dev/null TB --- 2012-06-15 18:57:24 - cd /src TB --- 2012-06-15 18:57:24 - /usr/bin/make -B buildworld World build started on Fri Jun 15 18:57:25 UTC 2012 Rebuilding the temporary build tree stage 1.1: legacy release compatibility shims stage 1.2: bootstrap tools stage 2.1: cleaning up the object tree stage 2.2: rebuilding the object tree stage 2.3: build tools stage 3: cross tools stage 4.1: building includes stage 4.2: building libraries stage 4.3: make dependencies stage 4.4: building everything stage 5.1: building 32 bit shim libraries World build completed on Fri Jun 15 21:59:27 UTC 2012 TB --- 2012-06-15 21:59:27 - generating LINT kernel config TB --- 2012-06-15 21:59:27 - cd /src/sys/powerpc/conf TB --- 2012-06-15 21:59:27 - /usr/bin/make -B LINT TB --- 2012-06-15 21:59:27 - cd /src/sys/powerpc/conf TB --- 2012-06-15 21:59:27 - /usr/sbin/config -m LINT TB --- 2012-06-15 21:59:27 - building LINT kernel TB --- 2012-06-15 21:59:27 - CROSS_BUILD_TESTING=YES TB --- 2012-06-15 21:59:27 - MAKEOBJDIRPREFIX=/obj TB --- 2012-06-15 21:59:27 - PATH=/usr/bin:/usr/sbin:/bin:/sbin TB --- 2012-06-15 21:59:27 - SRCCONF=/dev/null TB --- 2012-06-15 21:59:27 - TARGET=powerpc TB --- 2012-06-15 21:59:27 - TARGET_ARCH=powerpc64 TB --- 2012-06-15 21:59:27 - TZ=UTC TB --- 2012-06-15 21:59:27 - __MAKE_CONF=/dev/null TB --- 2012-06-15 21:59:27 - cd /src TB --- 2012-06-15 21:59:27 - /usr/bin/make -B buildkernel KERNCONF=LINT Kernel build for LINT started on Fri Jun 15 21:59:27 UTC 2012 stage 1: configuring the kernel stage 2.1: cleaning up the object tree stage 2.2: rebuilding the object tree stage 2.3: build tools stage 3.1: making dependencies stage 3.2: building everything [...] cc -c -O -pipe -std=c99 -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -Wundef -Wno-pointer-sign -fformat-extensions -Wmissing-include-dirs -fdiagnostics-show-option -nostdinc -I. -I/src/sys -I/src/sys/contrib/altq -I/src/sys/contrib/libfdt -D_KERNEL -DHAVE_KERNEL_OPTION_HEADERS -include opt_global.h -fno-common -finline-limit=15000 --param inline-unit-growth=100 --param large-function-growth=1000 -fno-builtin -msoft-float -Wa,-many -fno-omit-frame-pointer -msoft-float -mno-altivec -mcall-aixdesc -ffreestanding -fstack-protector -Werror vnode_if.c : hack.c cc -shared -nostdlib hack.c -o hack.So rm -f hack.c MAKE=/usr/bin/make sh /src/sys/conf/newvers.sh LINT cc -c -O -pipe -std=c99 -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -Wundef -Wno-pointer-sign -fformat-extensions -Wmissing-include-dirs -fdiagnostics-show-option -nostdinc -I. -I/src/sys -I/src/sys/contrib/altq -I/src/sys/contrib/libfdt -D_KERNEL -DHAVE_KERNEL_OPTION_HEADERS -include opt_global.h -fno-common -finline-limit=15000 --param inline-unit-growth=100 --param large-function-growth=1000 -fno-builtin -msoft-float -Wa,-many -fno-omit-frame-pointer -msoft-float -mno-altivec -mcall-aixdesc -ffreestanding -fstack-protector -Werror vers.c linking kernel mmu_oea64.o:(.got+0x90): undefined reference to `elf32_nxstack' *** Error code 1 Stop in /obj/powerpc.powerpc64/src/sys/LINT. *** Error code 1 Stop in /src. *** Error code 1 Stop in /src. TB --- 2012-06-15 22:08:55 - WARNING: /usr/bin/make returned exit code 1 TB --- 2012-06-15 22:08:55 - ERROR: failed to build LINT kernel TB --- 2012-06-15 22:08:55 - 8285.71 user 1172.02 system 11569.40 real http://tinderbox.freebsd.org/tinderbox-releng_9-RELENG_9-powerpc64-powerpc.full ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: devd problem with 9-stable
Warren Block wrote: On Fri, 15 Jun 2012, Oliver Fromme wrote: You can try to prepend a backslash, i.e. echo \$devnum. This isn't documented, but then again, using backslashes to continue strings that span multiple lines isn't documented either. devd has already expanded variables by then: Executing 'devnum=ugen0.6 echo devnum: \ /tmp/example echo cdev: ugen0.6 /tmp/example' I see ... The next thing I would've tried is to double the dollar signs, like in Makefiles, i.e. $$devnum. But it seems you already found a different way: It does seem to work to use the bracketed form: action devnum=`echo $cdev | sed -e 's/^ugen//'` echo ${devnum} /tmp/example; Ok. I started to enter a PR, but got confused partway through. The problem here is that devd is expanding variables unknown to it in action strings (unless the bracket notation is used), and replacing them with empty strings. Agreed? Yes, that's what seems to happen. At the very least, this behaviour should be documented in the manual page. In particular, I'm worried that the work- around (i.e. using brackets) might work just by accident, i.e. it's not guarateed that it will work in the future. There *should* be a way to quote or escape dollar signs so devd does not expand them, whether the variable name is known to it or not, and this way *should* be documented in the manual page. Best regards Oliver -- Oliver Fromme, secnetix GmbH Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd C++ is over-complicated nonsense. And Bjorn Shoestrap's book a danger to public health. I tried reading it once, I was in recovery for months. -- Cliff Sarginson ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: devd problem with 9-stable
On Fri, 15 Jun 2012, Freddie Cash wrote: On Fri, Jun 15, 2012 at 11:45 AM, Oliver Fromme o...@lurza.secnetix.de wrote: Chuck Swiger wrote: On Jun 15, 2012, at 11:23 AM, Oliver Fromme wrote: You can try to prepend a backslash, i.e. echo \$devnum. This isn't documented, but then again, using backslashes to continue strings that span multiple lines isn't documented either. Line continuations and escaping special chars like $ are in man sh: Yes, I know that, but the question is how devd(8) parses the action strings. The problem here is that we have multiple levels or parsing. First, devd reads the line, concatenates continuation lines (apparently -- it's not documented), expands devd variables, and *then* it passes the resulting string to the shell for further parsing and processing. If you have that many levels of backticks, variable expansions, programs, etc, wouldn't it be a prime candidate for a script? Just pass in a couple of variables directly from devd, and then do everything else inside the script? It can be done that way, sure. But allowing short scripts in the action string makes for less files to maintain. Exactly how devd parses the action string should be better-defined either way.___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: Experience with Intel SATA and fbsd 8.3-amd64 ?
On Fri, Jun 15, 2012 at 07:20:28PM +0200, Kurt Jaeger wrote: Kurt Jaeger li...@opsec.eu wrote: I have a problem with some host: If I put heavy IO load on that system, write errors happen, and then it crashes. What kind of write errors, exactly? What messages do you get on the console? g_vfs_done():ada0s1f[WRITE(offset=50699862016, length=16384)]error = 2 2 g_vfs_done():ada0s1f[WRITE(offset=50699862016, length=16384)]error = 22 g_vfs_done():ada0s1e[WRITE(offset=44693307392, length=16384)]error = 22 g_vfs_done():ada0s1e[WRITE(offset=44693211136, length=2048)]error = 5 It's also worth mentioning that such problems could also be caused by bad RAM, or even by the power supply (though the latter is unlikely in this case, I think). Well, the device was probably a bit on the cheap side (ALLNET FW9000). Could it be a device problem? I've seen that type of error (including a crash in the end) when a device can't handle DMA. Disabling DMA solved the problem for me. -- greg byshenk - gbysh...@byshenk.net - Leiden, NL - Portland, OR USA ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org
Re: [releng_9 tinderbox] failure on powerpc64/powerpc
On Fri, Jun 15, 2012 at 10:08:55PM +, FreeBSD Tinderbox wrote: mmu_oea64.o:(.got+0x90): undefined reference to `elf32_nxstack' *** Error code 1 Stop in /obj/powerpc.powerpc64/src/sys/LINT. *** Error code 1 Should be fixed in r237150, sorry for the breakage. pgpeueXgUXlkL.pgp Description: PGP signature
acpidump -dt broken in 9 stable
Just upgrade from 9.0 to 9 stable. `acpidump -dt` shows error message realpath tmp file: No such file or directory It is related to the recent change made to realpath(3) Thanks ___ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org