Re: OS fingerprinting and netcraft
On Thu, 16 Jun 2005, Steffen Kluge wrote: I wonder whether my firewall, which was also changed to OpenBSD/pf recently, is interfering. I'm using scrub in all as well as synproxy state on the inbound pass rules. Could that be defeating netcraft's fingerprinting attempts? fingerprinting is very subtle. even trivial changes fool it. using fingerprinting info for any non-trivial purpose is generally asking for trouble; attempting to fool fingerprinters is even more likely to just be a waste of time. -- And that's why he's going to win the nomination.
Re: 4port Realtek nic
On Wed, 15 Jun 2005, Steven Bowers wrote: Compgeeks is offering a 4port RTL8139D nic for an attractive price. I know the 8139 chipset is supported, not quite so sure of the 8138D. Can anyone speak for these cards? The price is nice and a 4port nic would be very handy. re should almost certainly work with it. may not attach because the id is missing, but that's easy to fix. -- And that's why it really hurts.
Re: CCD on /
On Wed, Jun 15, 2005 at 09:19:26PM -0400, Nick Holland wrote: BTW: one other reason RAIDframe isn't in GENERIC is you have to customize your kernel in other ways, not just turning it on. From raid(4): It is important that drives be hard-coded at their respective addresses (i.e., not left free-floating, where a drive with SCSI ID of 4 can end up as /dev/sd0c) for well-behaved functioning of the RAID device. This is true for all types of drives, including IDE, HP-IB, etc. With the new raid autoconfiguration setup this is not the case.
Re: PHP or Mysql problem?
James Strandboge wrote: On Wed, 2005-06-15 at 11:30 +0200, Nico Meijer wrote: Hi Kiraly, mysql error: Can't create/write to file '/tmp/ #sql_4c99_0.MYD' (Errcode: 9) MySQL problem. Simple suggestions, not idiot-proof: I prefer this on OpenBSD 3.6 (should be same on 3.7): Add to /etc/login.conf: # # for mysql to work right # mysql:\ :datasize=infinity:\ :maxproc=infinity:\ :openfiles-cur=2048:\ :openfiles-max=8192:\ :stacksize-cur=8M:\ :localcipher=blowfish,8:\ :tc=default: sudo vipw and change the login class for _mysql to 'mysql'. Hmm .. why don't you just add a _mysql loginprofile in login.conf in the first place instead of adding oldstyle mysql and then change pw db. Seems backwards to me. /per [EMAIL PROTECTED] To use this class, you MUST use 'sudo -c mysql -u _mysql', like this (can be put in /etc/rc.local): sudo -c mysql -u _mysql /usr/local/sbin/mysql.server start This may be useful as well (can also put in /etc/sysctl.conf): sudo sysctl -w kern.maxfiles=16384 And finally, add to /etc/my.cnf on (OpenBSD 3.6 with mysql 4.0.20): [mysqld] ... open-files=1000 ... Jamie Strandboge
Re: 4port Realtek nic
On Thu, 16 Jun 2005 02:08:32 -0400 (EDT) Ted Unangst [EMAIL PROTECTED] wrote: On Wed, 15 Jun 2005, Steven Bowers wrote: Compgeeks is offering a 4port RTL8139D nic for an attractive price. I know the 8139 chipset is supported, not quite so sure of the 8138D. Can anyone speak for these cards? The price is nice and a 4port nic would be very handy. re should almost certainly work with it. may not attach because the id is missing, but that's easy to fix. It worksI used this nic several times...re is right -- Andre Ruppert Technische Leitung [EMAIL PROTECTED] PGP public key ID 4D987794 ___ www.vision-net.de | www.ECMSvario.de | www.evoip.de ___ Vision Consulting Deutschland oHG Osterather Str. 7, D-50739 Kvln (Cologne) Fon: +49-221-9171533 Fax: +49-221-9171538 http://www.vision-net.de, [EMAIL PROTECTED] ___ Geschdftsf|hrende Gesellschafter: Dipl.-Inf. Stephan Krafft, Laura Krafft ___ Register: HRA 15151 - Amtsgericht Kvln Ust-IDNr: DE176186883 IBAN: DE14370502990191002182 Swift-Code: COKSDE33 ___ Disclaimer: http://disclaimer.vision-net.de ___
Re: ifconfig lladdr and Atheros driver
Just curios, what ISP in Sweden (I assume Sweden from your .se mailaddy) offers 54mbit WLAN and demand you buy WLAN cards from them? Thanks. // Dunceor On 6/14/05, Jonas Fischer [EMAIL PROTECTED] wrote: Changing mac address with ifconfig ath0 lladdr does not work on the ath driver. After that I changed the address I still can see that my OpenBSD client still tries with the original mac address in my AP. The ath driver works fine if I do not use the mac address filter in my AP. I've tried the openbsd snapshot from 2005-06-11. Regards /Jonas Would really appreciate if this could be fixed. My ISP has just upgraded to 54Mbit wlan but they require everyone to buy network cards from them. Which of course is an TI acx111 based card...
Re: Eric Raymond talks about GPL and BSD licenses on MyFreeBSD.com
On Thu, 16 Jun 2005, Jasper Lievisse Adriaanse wrote: Eric Raymond gave an interview on MyFreeBSD.com about the GPL and the BSD licenses. Though on MyFreeBSD.com, it ain't a FreeBSD specific article. so should i click on the identity theft protection link or the adware remover link to read this article? if i click on web filtering will i never have to read about raymond again? -- And that's why there's this slowdown of the thermohaline circulation.
Re: Eric Raymond talks about GPL and BSD licenses on MyFreeBSD.com
Sorry, I forgot the linkhere it is: http://www.myfreebsd.com.br/static/raymond-20050604.html Interesting to read though. On Thu, 16 Jun 2005, Jasper Lievisse Adriaanse wrote: Eric Raymond gave an interview on MyFreeBSD.com about the GPL and the BSD licenses. Though on MyFreeBSD.com, it ain't a FreeBSD specific article. so should i click on the identity theft protection link or the adware remover link to read this article? if i click on web filtering will i never have to read about raymond again? -- And that's why there's this slowdown of the thermohaline circulation. -- checking whether you're still watching...probaly not :-) /usr/ports/x11/wmx configure script.
Re: Eric Raymond talks about GPL and BSD licenses on MyFreeBSD.com
2005/6/16, Jasper Lievisse Adriaanse [EMAIL PROTECTED]: Eric Raymond gave an interview on MyFreeBSD.com about the GPL and the BSD licenses. Though on MyFreeBSD.com, it ain't a FreeBSD specific article. Nothing to see there, are you sure about the domainname? Could you provide us with a direct link? Wijnand
Re: 4port Realtek nic
On 6/16/05, Nick Holland [EMAIL PROTECTED] wrote: I have a couple similarly marketed, similarly described cards (although, with a cheap dc(4) chip), and while they are VERY useful, they are not four-port NICs. What it actually is is a single port NIC with a four port switch. I'm fairly sure this is the exact same thing. Evidence: the picture seems to show two moderately small chips, most quad-port NICs have five chips -- four NICs and a PCI-PCI bridge. COULD it be a PCI-PCI bridge and a quad-port NIC chip? Perhaps, but I'm not aware of anyone putting four NICs on one chip. More evidence - the description claims it uses the RTL8139D and RTL8305SB chipsets. The RTL8139D chipset is obviously the NIC, the RTL8305B chipset is a five port switch: http://www.realtek.com.tw/products/products1-2.aspx?modelid=18 -- ach
Re: 4port Realtek nic
On Thu, 16 Jun 2005 12:36:06 +0100 Andy Hayward [EMAIL PROTECTED] wrote: On 6/16/05, Nick Holland [EMAIL PROTECTED] wrote: I have a couple similarly marketed, similarly described cards (although, with a cheap dc(4) chip), and while they are VERY useful, they are not four-port NICs. What it actually is is a single port NIC with a four port switch. I'm fairly sure this is the exact same thing. Evidence: the picture seems to show two moderately small chips, most quad-port NICs have five chips -- four NICs and a PCI-PCI bridge. COULD it be a PCI-PCI bridge and a quad-port NIC chip? Perhaps, but I'm not aware of anyone putting four NICs on one chip. More evidence - the description claims it uses the RTL8139D and RTL8305SB chipsets. The RTL8139D chipset is obviously the NIC, the RTL8305B chipset is a five port switch: right again - 1 nic and a build-in switch. ...would be too cheap for a real quad-nic :-) -- Andre Ruppert
libc and BitTorrent
hi there, i was looking at BitTorrent, and this caught my attention: --enable_bad_libc_workaround arg enable workaround for a bug in BSD libc that makes file reads very slow. (defaults to 1) anybody knows what does this mean, and is openbsd affected? -f -- because you will burn.
Re: libc and BitTorrent
According to this post, OpenBSD is one of the BSDs affected: http://www.mirrorshades.org/overflow/archives/002611.shtml I also found a mentioning of this in NetBSD pkgsrc-bugs: http://mail-index.netbsd.org/pkgsrc-bugs/2005/05/03/0006.html Andreas On 16/06/05, -f [EMAIL PROTECTED] wrote: hi there, i was looking at BitTorrent, and this caught my attention: --enable_bad_libc_workaround arg enable workaround for a bug in BSD libc that makes file reads very slow. (defaults to 1) anybody knows what does this mean, and is openbsd affected? -f -- because you will burn. -- Andreas Kahari PGP: 1024D/C2E163CB
Re: libc and BitTorrent
On Thu, 16 Jun 2005, -f wrote: i was looking at BitTorrent, and this caught my attention: --enable_bad_libc_workaround arg enable workaround for a bug in BSD libc that makes file reads very slow. (defaults to 1) anybody knows what does this mean, and is openbsd affected? you could try ceommenting out the setvbuf call in python's fileobject.c. i'm suspicious of anyone building their own buffered file io on top of stdio. -- And that's why they are called references in Java and not pointers.
Re: PHP or Mysql problem?
On Thu, 2005-06-16 at 09:22 +0200, Per Engelbrecht wrote: James Strandboge wrote: On Wed, 2005-06-15 at 11:30 +0200, Nico Meijer wrote: Hi Kiraly, mysql error: Can't create/write to file '/tmp/ #sql_4c99_0.MYD' (Errcode: 9) MySQL problem. Simple suggestions, not idiot-proof: I prefer this on OpenBSD 3.6 (should be same on 3.7): Add to /etc/login.conf: # # for mysql to work right # mysql:\ :datasize=infinity:\ :maxproc=infinity:\ :openfiles-cur=2048:\ :openfiles-max=8192:\ :stacksize-cur=8M:\ :localcipher=blowfish,8:\ :tc=default: sudo vipw and change the login class for _mysql to 'mysql'. Hmm .. why don't you just add a _mysql loginprofile in login.conf in the first place instead of adding oldstyle mysql and then change pw db. Seems backwards to me. I don't know how it is on 3.7 (like I said, this is on 3.6), but you have to update master.passwd with the new login class, since the default _mysql user doesn't have a login class specified. Whether you name that class in login.conf 'mysql' or '_mysql' is a matter of preference (though admittedly '_mysql' looks better). Jamie
Disklabel problems (3.7/sparc64)
Greetings misc@, I am having trouble working with my disklabel on my Sparc64 machine. I was able to set up the partitions correctly when I initially installed, but now I am unable to add partitions past a certain point. Here is my current partition configuration: FilesystemSizeUsed Avail Capacity Mounted on /dev/wd0a 490M 28.0M437M 6%/ /dev/wd0d19.3G7.3G 11.1G40%/home /dev/wd0e 490M136M330M29%/tmp /dev/wd0f 490M240M226M51%/usr /dev/wd0g 982M100M833M11%/usr/local /dev/wd0h 982M4.2M929M 0%/usr/obj /dev/wd0i 982M581M352M62%/usr/src /dev/wd0j 2.0G 43.0M1.8G 2%/var /dev/wd0l 7.8G170M7.2G 2%/var/www colossus:/storage36.7G 34.2G642M98%/storage colossus:/storage2 73.4G 48.9G 20.8G70%/storage2 Here is the disklabel output: device: /dev/rwd0c type: ESDI disk: ESDI/IDE disk label: IC35L040AVER07-0 bytes/sector: 512 sectors/track: 63 tracks/cylinder: 16 sectors/cylinder: 1008 cylinders: 16383 total sectors: 16514064 free sectors: 14465808 rpm: 3600 16 partitions: # sizeoffset fstype [fsize bsize cpg] a: 1024128 0 4.2BSD 2048 16384 16 # Cyl 0 - 1015 b: 1024128 1024128swap # Cyl 1016 - 2031 c: 80418240 0 unused 0 0 # Cyl 0 - 79779 d: 41191920 2048256 4.2BSD 2048 16384 16 # Cyl 2032 - 42896 e: 1024128 43240176 4.2BSD 2048 16384 16 # Cyl 42897 - 43912 f: 1024128 44264304 4.2BSD 2048 16384 16 # Cyl 43913 - 44928 g: 2048256 45288432 4.2BSD 2048 16384 16 # Cyl 44929 - 46960 h: 2048256 47336688 4.2BSD 2048 16384 16 # Cyl 46961 - 48992 i: 2048256 49384944 4.2BSD 2048 16384 16 # Cyl 48993 - 51024 j: 4192272 51433200 4.2BSD 2048 16384 16 # Cyl 51025 - 55183 l: 16600752 63817488 4.2BSD 2048 16384 16 # Cyl 63311 - 79779 As you can see, there is missing space for a 'k' slice, but I am unable to add it. I get this output: a partition: [k] offset: [55625472] The OpenBSD portion of the disk ends at sector 16514064, you tried to add a partition at 55625472. You can use the 'b' command to change the size of the OpenBSD portion. But if I use the 'b' command and do '*' for entire disk or enter the parameters manually, they do not seem to take effect. It still gives me the same error when attempting to create the 'k' slice. I have included my dmesg at the bottom of this email. Does anyone have any suggestions? Regards, Matt console is keyboard/display Copyright (c) 1982, 1986, 1989, 1991, 1993 The Regents of the University of California. All rights reserved. Copyright (c) 1995-2005 OpenBSD. All rights reserved. http://www.OpenBSD.org OpenBSD 3.7 (GENERIC) #431: Sun Mar 20 14:10:02 MST 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/sparc64/compile/GENERIC total memory = 268435456 avail memory = 235126784 using 1638 buffers containing 13418496 bytes of memory bootpath: /[EMAIL PROTECTED],0/[EMAIL PROTECTED],1/[EMAIL PROTECTED],0/[EMAIL PROTECTED],0 mainbus0 (root): Sun Ultra 5/10 UPA/PCI (UltraSPARC-IIi 300MHz) cpu0 at mainbus0: SUNW,UltraSPARC-IIi @ 299.750 MHz, version 0 FPU cpu0: physical 32K instruction (32 b/l), 16K data (32 b/l), 512K external (64 b/l) psycho0 at mainbus0 addr 0xfffc4000 SUNW,sabre: impl 0, version 0: ign 7c0 bus range 0 to 2; PCI bus 0 DVMA map: c000 to e000 IOTDB: 1362000 to 13e2000 pci0 at psycho0 ppb0 at pci0 dev 1 function 1 Sun Simba PCI-PCI rev 0x11 pci1 at ppb0 bus 1 ebus0 at pci1 dev 1 function 0 Sun PCIO Ebus2 rev 0x01 auxio0 at ebus0 addr 726000-726003, 728000-728003, 72a000-72a003, 72c000-72c003, 72f000-72f003 power at ebus0 addr 724000-724003 ipl 37 not configured SUNW,pll at ebus0 addr 504000-504002 not configured sab0 at ebus0 addr 40-40007f ipl 43: rev 3.2 sabtty0 at sab0 port 0 sabtty1 at sab0 port 1 comkbd0 at ebus0 addr 3083f8-3083ff ipl 41: layout 33 wskbd0 at comkbd0: console keyboard com0 at ebus0 addr 3062f8-3062ff ipl 42, mouse: ns16550a, 16 byte fifo lpt0 at ebus0 addr 3043bc-3043cb, 30015c-30015d, 70-7f ipl 34: polled fdthree at ebus0 addr 3023f0-3023f7, 706000-70600f, 72-720003 ipl 39 not configured clock1 at ebus0 addr 0-1fff: mk48t59: hostid 809c9c6c flashprom at ebus0 addr 0-f not configured audioce0 at ebus0 addr 20-2000ff, 702000-70200f, 704000-70400f, 722000-722003 ipl 35 ipl 36: nvaddrs 0 audio0 at audioce0 hme0 at pci1 dev 1 function 1 Sun HME rev 0x01: address 08:00:20:9c:9c:6c nsphy0 at hme0 phy 1: DP83840 10/100 PHY, rev. 1 hme0: using ivec 3021 for interrupt vgafb0 at pci1 dev 2 function 0 ATI Mach64 GT rev 0x9a wsdisplay0 at
3.7.tar.gz patch file missing
The 3.7 patch tar file referenced on the errata page (http://openbsd.org/errata.html) doesn't exist on the ftp server. drwxr-xr-x7 1114 1114 512 Jan 07 12:30 2.2 -r--r--r--1 1114 1114 2866468 Jun 03 04:08 2.2.tar.gz drwxr-xr-x 13 1114 1114 512 Jan 07 12:28 2.3 -r--r--r--1 1114 1114 10217228 Jun 03 04:08 2.3.tar.gz drwxr-xr-x 13 1114 1114 512 Jan 07 12:28 2.4 -r--r--r--1 1114 1114 1300636 Jun 03 04:08 2.4.tar.gz drwxr-xr-x 14 1114 1114 512 Jan 07 12:28 2.5 -r--r--r--1 1114 1114 9736 Jun 03 04:08 2.5.tar.gz drwxr-xr-x 10 1114 1114 512 Jan 07 12:19 2.6 -r--r--r--1 1114 1114 537507 Jun 03 04:08 2.6.tar.gz drwxr-xr-x 11 1114 1114 512 Jan 07 12:19 2.7 -r--r--r--1 1114 111447836 Jun 03 04:08 2.7.tar.gz drwxr-xr-x 16 1114 1114 512 Jan 07 12:19 2.8 -r--r--r--1 1114 1114 3121346 Jun 03 04:08 2.8.tar.gz drwxr-xr-x 16 1114 1114 512 Jan 07 12:19 2.9 -r--r--r--1 1114 1114 315811 Jun 03 04:08 2.9.tar.gz drwxr-xr-x 15 1114 1114 512 Jan 07 12:19 3.0 -r--r--r--1 1114 1114 263914 Jun 03 04:08 3.0.tar.gz drwxr-xr-x 15 1114 1114 512 Jan 07 12:19 3.1 -r--r--r--1 1114 111433259 Jun 03 04:08 3.1.tar.gz drwxr-xr-x 15 1114 1114 512 Jan 07 12:19 3.2 -r--r--r--1 1114 111429096 Jun 03 04:08 3.2.tar.gz drwxr-xr-x 15 1114 1114 512 Jan 07 12:19 3.3 -r--r--r--1 1114 111429204 Jun 03 04:08 3.3.tar.gz drwxr-xr-x 16 1114 1114 512 Jan 07 12:19 3.4 -r--r--r--1 1114 111454398 Jun 03 04:08 3.4.tar.gz drwxr-xr-x 17 1114 1114 512 Mar 16 18:03 3.5 -r--r--r--1 1114 111444364 Jun 03 04:08 3.5.tar.gz drwxr-xr-x 18 1114 1114 512 Mar 16 18:03 3.6 -r--r--r--1 1114 111416562 Jun 03 04:08 3.6.tar.gz drwxr-xr-x 18 1114 1114 512 Jun 07 08:03 3.7 Temporary problem?
Re: Eric Raymond talks about GPL and BSD licenses on MyFreeBSD.com
On Thursday 16 June 2005 13.10, Jasper Lievisse Adriaanse wrote: Eric Raymond gave an interview on MyFreeBSD.com about the GPL and the BSD licenses. Though on MyFreeBSD.com, it ain't a FreeBSD specific article. Jasper http://www.catb.org/~esr/guns/ Regards Johan M:son
Re: moving to a bigger disk
Tony Lambiris wrote: its quite simple... boot into single user mode, foreach partition you have, mount the src under /src/X and /dst/X (where src is the old disk and dst is the new disk) and do a: cd /src/X; tar cf - . | (cd /dst/X; tar xpf - ) ive used this before, works great. after that just make sure you install your boot blocks. I performed the steps Tony told me and it worked just fine, but... one thing is the / partition had to be mounted read-write (tar complained about not being able to write to /tmp); the other is my new / has double the size of the original / after copying it. I ran the same command line for all my partitions, but / was the only one to grow. Why is that? Thanks
Re: libc and BitTorrent
-f [EMAIL PROTECTED] wrote: i was looking at BitTorrent, and this caught my attention: --enable_bad_libc_workaround arg enable workaround for a bug in BSD libc that makes file reads very slow. (defaults to 1) anybody knows what does this mean, and is openbsd affected? Yes, OpenBSD is affected. Which is why the BitTorrent port enables this setting. Otherwise the bt client proceeds to read(2) all data one byte at a time, which causes it to be absurdly slow while eating all the CPU it can get. -- Christian naddy Weisgerber [EMAIL PROTECTED]
Re: SATA
On Thu, 16 Jun 2005, Alexander Yurchenko wrote: On Wed, Jun 15, 2005 at 10:48:30AM -0700, Brian wrote: I know SATA is not as good as SCSI, but the new motherboard I picked up has SATA using NVIDIA, which I take is not supported accroding to pciide. Does NVIDIA SATA fall into the same realm of cheap controllers like Adaptec? nvidia sata fall into the realm of ``hardware which vendor never gives us the docs''. You might want to consider ASUS(VIA), .. pciide works just fine, as does raidframe: pciide0 at pci0 dev 15 function 0 VIA VT8237 SATA rev 0x80: DMA pciide0: using irq 10 for native-PCI interrupt wd0 at pciide0 channel 0 drive 0: ST380013AS wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5 wd1 at pciide0 channel 1 drive 0: ST380013AS wd1: 16-sector PIO, LBA48, 76319MB, 156301488 sectors wd1(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 5 pciide1 at pci0 dev 15 function 1 VIA VT82C571 IDE rev 0x06: ATA133, channel 0 configured to compatibility, channel 1 configured to compatibility The only problem I have found is the sk0 driver appears to be unstable in some installations, requiring a separate NIC (could have be related to GB on 100BaseT, but it wasn't worth the time to troubleshoot). Lee Leland V. Lammert[EMAIL PROTECTED] Chief Scientist Omnitec Corporation Network/Internet Consultants www.omnitec.net
GRUB's boot parameter
Hellow. I'm gonna boot OpenBSD from GRUB in FD. The parameter is following. root (hd2,0,a) kernel --type=netbsd /bsd But unfortunately panic occured. Message is following. panic: /boot too old: upgrade! This is first time that I installed OpenBSD in my PC (Athron CPU). And this PC contains some kind of OSs. So I usualy boot any OS from GRUB in FD. If version of OpenBSD 3.7 's boot parameter changed or parameter I set was wrong, please let me know correct thing. -- [EMAIL PROTECTED] -
Re: ifconfig lladdr and Atheros driver
I'm living out in the country side in Sweden and my ISP is a local company in the nearby city. They are using mac address filtering on the AP. That's probably why they are demanding this. /Jonas Dunceor . wrote: Just curios, what ISP in Sweden (I assume Sweden from your .se mailaddy) offers 54mbit WLAN and demand you buy WLAN cards from them? Thanks. // Dunceor On 6/14/05, Jonas Fischer [EMAIL PROTECTED] wrote: Changing mac address with ifconfig ath0 lladdr does not work on the ath driver. After that I changed the address I still can see that my OpenBSD client still tries with the original mac address in my AP. The ath driver works fine if I do not use the mac address filter in my AP. I've tried the openbsd snapshot from 2005-06-11. Regards /Jonas Would really appreciate if this could be fixed. My ISP has just upgraded to 54Mbit wlan but they require everyone to buy network cards from them. Which of course is an TI acx111 based card... -- -- Jonas Fischer Box 85 Mvnevdgen 11I 520 24 Blidsberg Tel: +46-8-55921191 CellPhone: +46-706-109193 Skype: jonas_fischer E-mail: [EMAIL PROTECTED] --
Re: GRUB's boot parameter
This is probably because OpenBSD != NetBSD, and I suspect grub is using whatever it's notion of a netbsd boot block is. You probably have to fix grub somehow to use a current OpenBSD boot block, as opposed to attempting to start a kernel boot as if it were NetBSD. Ask them for a --type=openbsd option would be a start. -Bob * ikesan [EMAIL PROTECTED] [2005-06-16 10:23]: Hellow. I'm gonna boot OpenBSD from GRUB in FD. The parameter is following. root (hd2,0,a) kernel --type=netbsd /bsd But unfortunately panic occured. Message is following. panic: /boot too old: upgrade! This is first time that I installed OpenBSD in my PC (Athron CPU). And this PC contains some kind of OSs. So I usualy boot any OS from GRUB in FD. If version of OpenBSD 3.7 's boot parameter changed or parameter I set was wrong, please let me know correct thing. -- [EMAIL PROTECTED] - -- Bob Beck Computing and Network Services [EMAIL PROTECTED] University of Alberta True Evil hides its real intentions in its street address.
Re: GRUB's boot parameter
On Fri, Jun 17, 2005 at 01:12:59AM +0900, ikesan wrote: root (hd2,0,a) kernel --type=netbsd /bsd Use the chainloader. Ciao, Kili
Re: GRUB's boot parameter
speaking of GRUB: The most embarassing comment came from a developer of the GRUB project who went only by the name of 'Gord'. 'This function is truly horrid,' he wrote. 'We try opening the device, then severely abuse the GEOMETRY-flags field to pass a file descriptor to biosdisk. Thank God nobody's looking at this comment, or my reputation would be ruined.' -- From the OpenSolaris code, h00h0h0h0h0 Bob Beck wrote: This is probably because OpenBSD != NetBSD, and I suspect grub is using whatever it's notion of a netbsd boot block is. You probably have to fix grub somehow to use a current OpenBSD boot block, as opposed to attempting to start a kernel boot as if it were NetBSD. Ask them for a --type=openbsd option would be a start. -Bob * ikesan [EMAIL PROTECTED] [2005-06-16 10:23]: Hellow. I'm gonna boot OpenBSD from GRUB in FD. The parameter is following. root (hd2,0,a) kernel --type=netbsd /bsd But unfortunately panic occured. Message is following. panic: /boot too old: upgrade! This is first time that I installed OpenBSD in my PC (Athron CPU). And this PC contains some kind of OSs. So I usualy boot any OS from GRUB in FD. If version of OpenBSD 3.7 's boot parameter changed or parameter I set was wrong, please let me know correct thing. -- [EMAIL PROTECTED] - -- Tony Lambiris [ [EMAIL PROTECTED] ] so if it is really hard for you then perhaps you are just retarded and need treatment w/ electricity and if that does not help then perhaps should not use computers...
Re: Disklabel problems (3.7/sparc64)
Kurt, Thanks much! g d did the trick. Regards, Matt Kurt Miller wrote: From: Matthew S Elmore [EMAIL PROTECTED] a partition: [k] offset: [55625472] The OpenBSD portion of the disk ends at sector 16514064, you tried to add a partition at 55625472. You can use the 'b' command to change the size of the OpenBSD portion. try this: switch to disk geometry, write the label, exit and then go back into disklabel and make any changes needed. -Kurt
Re: GRUB's boot parameter
On Thu, 16 Jun 2005 10:27:15 -0600 Bob Beck [EMAIL PROTECTED] wrote: This is probably because OpenBSD != NetBSD, and I suspect grub is using whatever it's notion of a netbsd boot block is. You probably have to fix grub somehow to use a current OpenBSD boot block, as opposed to attempting to start a kernel boot as if it were NetBSD. Ask them for a --type=openbsd option would be a start. -Bob I had tried the option that you told to me, but it does not works good. The same message was displayed. panic: /boot too old; upgrade! Oh! I installed newest verson of OpenBSD, and how can I upgrade it. Because I could not boot OpenBSD. So I thought if GRUBS parameter was wrong. This is sample parameter that GRUB offered, and I used it. -Ikesan
Problems with wi0 as hostap
Hi I'm running a Netgear MA311 in hostap-mode on OpenBSD 3.7. wi0 at pci0 dev 10 function 0 Intersil PRISM2.5 rev 0x01: irq 12 wi0: PRISM2.5 ISL3874A(Mini-PCI), Firmware 1.1.1 (primary), 1.8.2 (station) Sometimes I have problems with DHCP, i.e. the clients don't get an IP. So I checked dmesg and found this: wi0: init failed wi0: failed to allocate 1594 bytes on NIC wi0: tx buffer allocation failed wi0: failed to allocate 1594 bytes on NIC wi0: mgmt. buffer allocation failed wi0: wi_mgmt_xmit: xmit failed wi0: wi_start: xmit failed wi0: device timeout wi0: wi_mgmt_xmit: xmit failed wi0: wi_mgmt_xmit: xmit failed wi0: wi_mgmt_xmit: xmit failed wi0: wi_mgmt_xmit: xmit failed wi0: wi_mgmt_xmit: xmit failed wi0: wi_mgmt_xmit: xmit failed wi0: wi_mgmt_xmit: xmit failed wi0: wi_mgmt_xmit: xmit failed wi0: wi_mgmt_xmit: xmit failed wi0: wi_mgmt_xmit: xmit failed This doesn't look to healthy. Might this be the cause for my DHCP-trouble? Otherwise the card works fine and has a good range, so I'd like to keep it (my former 3CRWE777A had a really lousy range). But it's really annoying not getting an IP every now and then. -- Fridtjof Busse I've coined new words, like misunderstanding and Hispanically. George W. Bush March 29, 2001
Two out of four ports detected on Intel PRO/1000MT
I'm having problems with an Intel Pro/1000 quad-port ethernet card. Two of the ports don't show up. This is in an IBM x306, which has two onboard em(4) cards. The intel card shows up as em1 and em2 in the below. The onboard nic's are em0 and em3. So I'm missing two more ports! grin Would moving to -current solve this issue? I thought someone was using this card here recently, so if you are, please let me know if you have this problem. ifconfig(8) and dmesg(8) follow... # ifconfig -a lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 33224 inet 127.0.0.1 netmask 0xff00 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x8 em0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 address: 00:11:25:aa:44:92 media: Ethernet autoselect (1000baseT full-duplex) status: active inet 172.17.9.189 netmask 0xfff8 broadcast 172.17.9.191 inet6 fe80::211:25ff:feaa:4492%em0 prefixlen 64 scopeid 0x1 em1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 address: 00:04:23:b2:89:16 description: ads_if media: Ethernet 1000baseT full-duplex (autoselect) status: no carrier inet 172.17.216.81 netmask 0xfff0 broadcast 172.17.216.80 inet6 fe80::204:23ff:feb2:8916%em1 prefixlen 64 scopeid 0x2 em2: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 address: 00:04:23:b2:89:17 description: fp_if media: Ethernet 1000baseT full-duplex (autoselect) status: no carrier inet 172.17.216.97 netmask 0xffe0 broadcast 172.17.216.96 inet6 fe80::204:23ff:feb2:8917%em2 prefixlen 64 scopeid 0x3 em3: flags=8802BROADCAST,SIMPLEX,MULTICAST mtu 1500 address: 00:11:25:aa:44:93 media: Ethernet autoselect status: no carrier pflog0: flags=141UP,RUNNING,PROMISC mtu 33224 pfsync0: flags=0 mtu 2020 enc0: flags=0 mtu 1536 OpenBSD 3.7 (GENERIC) #50: Sun Mar 20 00:01:57 MST 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Pentium(R) 4 CPU 3.20GHz (GenuineIntel 686-class) 3.21 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,PNI,MWAIT,CNXT-ID real mem = 535846912 (523288K) avail mem = 482148352 (470848K) using 4278 buffers containing 26894336 bytes (26264K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(9f) BIOS, date 10/22/04, BIOS32 rev. 0 @ 0xfd5b6 pcibios0 at bios0: rev 2.1 @ 0xfd520/0xae0 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfde80/352 (20 entries) pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82371FB ISA rev 0x00) pcibios0: PCI bus #4 is the last bus bios0: ROM list: 0xc/0x9000 0xc9000/0x1000 0xca000/0x1000 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82875P Host rev 0x02 ppb0 at pci0 dev 3 function 0 Intel 82875P PCI-CSA rev 0x02 pci1 at ppb0 bus 1 em0 at pci1 dev 1 function 0 Intel PRO/1000CT (82547EI) rev 0x00: irq 5, address: 00:11:25:aa:44:92 ppb1 at pci0 dev 28 function 0 Intel 6300ESB PCIX rev 0x02 pci2 at ppb1 bus 2 ppb2 at pci2 dev 1 function 0 IBM PCIX-PCIX rev 0x02 pci3 at ppb2 bus 3 em1 at pci3 dev 6 function 0 Intel PRO/1000MT QP (82546EB) rev 0x01: irq 11, address: 00:04:23:b2:89:16 em2 at pci3 dev 6 function 1 Intel PRO/1000MT QP (82546EB) rev 0x01: irq 11, address: 00:04:23:b2:89:17 uhci0 at pci0 dev 29 function 0 Intel 6300ESB USB rev 0x02: irq 3 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 29 function 1 Intel 5300ESB USB rev 0x02: irq 11 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered Intel 6300ESB WDT rev 0x02 at pci0 dev 29 function 4 not configured Intel 6300ESB APIC rev 0x02 at pci0 dev 29 function 5 not configured ehci0 at pci0 dev 29 function 7 Intel 6300ESB USB rev 0x02: irq 7 ehci0: EHCI version 1.0 ehci0: companion controllers, 2 ports each: uhci0 uhci1 usb2 at ehci0: USB revision 2.0 uhub2 at usb2 uhub2: Intel EHCI root hub, class 9/0, rev 2.00/1.00, addr 1 uhub2: single transaction translator uhub2: 4 ports with 4 removable, self powered ppb3 at pci0 dev 30 function 0 Intel 82801BA AGP rev 0x0a pci4 at ppb3 bus 4 vga1 at pci4 dev 2 function 0 ATI Radeon VE QY rev 0x00 wsdisplay0 at vga1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) em3 at pci4 dev 3 function 0 Intel PRO/1000MT (82541EI) rev 0x00: irq 11, address: 00:11:25:aa:44:93 ichpcib0 at pci0 dev 31 function 0 Intel 6300ESB LPC rev 0x02 pciide0 at pci0 dev 31 function 2 Intel 6300ESB SATA rev 0x02: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility atapiscsi0 at pciide0 channel 0 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun
Re: GRUB's boot parameter
On Friday, June 17, ikesan wrote: panic: /boot too old; upgrade! Oh! I installed newest verson of OpenBSD, and how can I upgrade it. Because I could not boot OpenBSD. So I thought if GRUBS parameter was wrong. Use the chainloader. Use the chainloader. Use the chainloader. Use the chainloader. Use the chainloader. Use the chainloader. Use the chainloader. Use the chainloader. Use the chainloader. Use the chainloader. --Toby.
Re: GRUB's boot parameter
On Fri, Jun 17, 2005 at 02:13:32AM +0900, ikesan wrote: On Thu, 16 Jun 2005 10:27:15 -0600 Bob Beck [EMAIL PROTECTED] wrote: This is probably because OpenBSD != NetBSD, and I suspect grub is using whatever it's notion of a netbsd boot block is. You probably have to fix grub somehow to use a current OpenBSD boot block, as opposed to attempting to start a kernel boot as if it were NetBSD. Ask them for a --type=openbsd option would be a start. -Bob I had tried the option that you told to me, but it does not works good. The same message was displayed. panic: /boot too old; upgrade! Oh! I installed newest verson of OpenBSD, and how can I upgrade it. Because I could not boot OpenBSD. So I thought if GRUBS parameter was wrong. This is sample parameter that GRUB offered, and I used it. -Ikesan Do what Matthias Kilian said, use chainloader. Like this: # For booting OpenBSD title OBSD root (hd1,3,a)# -- depends on your setup chainloader +1 -- Veit Waltemath [EMAIL PROTECTED] | *BSD / 01896 Pulsnitz / Germany| / Linux Systems
Re: GRUB's boot parameter
You don't get it. I said to ask the grub people for a correct openbsd boot option. The problem is grub is attempting to boot OpenBSD as if it were an old netbsd kernel. This will not work. You should ask the grub people to fix it. My advice? don't use grub. -Bob * ikesan [EMAIL PROTECTED] [2005-06-16 11:29]: On Thu, 16 Jun 2005 10:27:15 -0600 Bob Beck [EMAIL PROTECTED] wrote: This is probably because OpenBSD != NetBSD, and I suspect grub is using whatever it's notion of a netbsd boot block is. You probably have to fix grub somehow to use a current OpenBSD boot block, as opposed to attempting to start a kernel boot as if it were NetBSD. Ask them for a --type=openbsd option would be a start. -Bob I had tried the option that you told to me, but it does not works good. The same message was displayed. panic: /boot too old; upgrade! Oh! I installed newest verson of OpenBSD, and how can I upgrade it. Because I could not boot OpenBSD. So I thought if GRUBS parameter was wrong. This is sample parameter that GRUB offered, and I used it. -Ikesan -- Bob Beck Computing and Network Services [EMAIL PROTECTED] University of Alberta True Evil hides its real intentions in its street address.
speed of mac mini
Hello list, i think of buying a mac mini, but i don't know if a mac mini is fast enough. So i ask you: does anyone use an mac mini with gnome/kde or so? At the moment i have an dual-P3 and he's fast enough. Any coments, suggestions? Bye Thorsten
hi ich bins
hallo, na wir haben ja schon eine weile nichts mehr voneinander gehvrt, mein computer hat sich einen bvsen virus eingefangen, ich kann keine mails empfangen und scheinbar gehen auch keine raus, deswegen bin ich gerade in einem internetcafe, ich gebe dir meine handynummer: 0160/99206935 und w|rde mich freuen wenn wir so in kontakt bleiben kvnnen, deine anja.
Re: speed of mac mini
On Jun 16, 2005, at 1:52 PM, Thorsten Johannvorderbrueggen wrote: Hello list, i think of buying a mac mini, but i don't know if a mac mini is fast enough. So i ask you: does anyone use an mac mini with gnome/ kde or so? At the moment i have an dual-P3 and he's fast enough. Any coments, suggestions? It runs OS X. QED. (Further: I have one, running OS X with 512MB RAM. It runs World of Warcraft decently well... it should be fine for anything desktop- oriented you want to throw at it, keeping in mind the speed of the hdd.) -- bda cyberpunk is dead. long live cyberpunk.
Re: CARP and isakmpd ipsec
On 16 jun 2005, at 16.45, Stephen Marley wrote: Is this known behaviour with the code in its current state, or should I be looking at my configuration or reporting a problem? Yes, I've seen it. Unfortunately I have lots of other work at the moment, so it'll probably be a week or so before I can look closer at it. /H
Re: Problems with wi0 as hostap
i'm having similar problems with the same card in hostap mode,but noone answered in the previous mail I sent today so I can't figure out if it's a driver or a firmware problem... The error message I keep getting is wi0: oversized packet received... It seems that those cards don''t work reliably in openbsd 3.7 yet in hostap mode, because my other netgear in ibss mode works perfectly for a long time now.
Re: CCD on /
and what are you going to do in case the raid partition itself gets broken? how are you going to repair if you cannot boot the machine w/o any additional hardware attached? therefore you'd have to setup an explicit non-raided partition or hdd with a repair-root on all servers with raid-controllers being supported by openbsd. such a repair-partition would be a a nice feature, but it shouldn't be inevitable. if one needs such a functionality, he'd even be able to realize it with nw- boot. my understanding of raid1 is avoiding loss of data because of hw-errors. i don't see raid1 as a fault-tolerance for kernels, users, raid- or fs-code not working correctly. finally, the current way to realize raid1 under openbsd makes each install and upgrade much more difficult than it could be. in the worst case you have to take care for 3 basic os setups, their up-to-dateness and security on one machine. br, mdff...
Re: Two out of four ports detected on Intel PRO/1000MT
On 6/16/05, eric [EMAIL PROTECTED] wrote: I'm having problems with an Intel Pro/1000 quad-port ethernet card. Two of the ports don't show up. This is in an IBM x306, which has two onboard em(4) cards. The intel card shows up as em1 and em2 in the below. The onboard nic's are em0 and em3. So I'm missing two more ports! grin Would moving to -current solve this issue? I thought someone was using this card here recently, so if you are, please let me know if you have this problem. I don't have this problem on 3.6 or 3.7 on machines with onboard em, but I do see that the nic numbering varies depending on what IRQ is used for each port. Does the IBM BIOS give the ability to set the interrupt for the individual ports on the quad card? em0 at pci1 dev 1 function 0 Intel PRO/1000CT (82547EI) rev 0x00: irq 5, address: 00:11:25:aa:44:92 . . . em1 at pci3 dev 6 function 0 Intel PRO/1000MT QP (82546EB) rev 0x01: irq 11, address: 00:04:23:b2:89:16 em2 at pci3 dev 6 function 1 Intel PRO/1000MT QP (82546EB) rev 0x01: irq 11, address: 00:04:23:b2:89:17 . . . em3 at pci4 dev 3 function 0 Intel PRO/1000MT (82541EI) rev 0x00: irq 11, address: 00:11:25:aa:44:93 The IDs for your em0 and em3 seem odd. My Quad cards were all purchased in one batch, but some come up as MT with the same Intel PRO/1000MT QP (82546EB) ID as above, others are MF, as seen below (a Dell PE750 with dual onboard em): $uname -r 3.6 $ dmesg |grep Intel PRO em0 at pci1 dev 1 function 0 Intel PRO/1000CT (82547EI) rev 0x00: irq 10, address: 00:c0:9f:43:3c:c6 em1 at pci3 dev 4 function 0 Intel PRO/1000MF QP (82546EB) rev 0x01: irq 7, address: 00:04:23:09:58:18 em2 at pci3 dev 4 function 1 Intel PRO/1000MF QP (82546EB) rev 0x01: irq 7, address: 00:04:23:09:58:19 em3 at pci3 dev 6 function 0 Intel PRO/1000MF QP (82546EB) rev 0x01: irq 7, address: 00:04:23:09:58:1a em4 at pci3 dev 6 function 1 Intel PRO/1000MF QP (82546EB) rev 0x01: irq 7, address: 00:04:23:09:58:1b em5 at pci4 dev 2 function 0 Intel PRO/1000MT (82541EI) rev 0x00: irq 6, address : 00:c0:9f:43:3c:c7 $ exit Kevin
Re: speed of mac mini
i believe that the biggest bottleneck is the hard drive, I think there is a 2.5 5400rpm or 4200rpm drive in it. You can of course always pop it out but most people using the mac mini probably aren't looking for a proformance boost. On 6/16/05, Bryan Allen [EMAIL PROTECTED] wrote: On Jun 16, 2005, at 1:52 PM, Thorsten Johannvorderbrueggen wrote: Hello list, i think of buying a mac mini, but i don't know if a mac mini is fast enough. So i ask you: does anyone use an mac mini with gnome/ kde or so? At the moment i have an dual-P3 and he's fast enough. Any coments, suggestions? It runs OS X. QED. (Further: I have one, running OS X with 512MB RAM. It runs World of Warcraft decently well... it should be fine for anything desktop- oriented you want to throw at it, keeping in mind the speed of the hdd.) -- bda cyberpunk is dead. long live cyberpunk.
interface groups and pf
So, after cleaning up the interface abstraction code in pf with Ryan before the Hackathon, I worked on interface groups integration to pf. An interface group, is, well, a group of interfaces (surprised, anyone?). Interfaces can join and leave interface groups any time, and can be member in an arbitary number of groups. The join and leave is done via ifconfig: ifconfig sk1 group dmz makes sk1 join the group dmz, and ifconfig sk1 -group dmz removes sk1 from that group again. A group is removed when it does not have any members any more and pf does not refer to it. So far, so good. Now, pf can use interface groups instead of interfaces basically everywhere now. Sounds simple, but is quite powerful. For example, you can (ab-)use interface groups as a kind of aliasing. Just a group with one member, and refer to that. For example, hang your dmz of an interface group called dmz - if you do this in a consistent manner, your ruleset is entirely independent from the underlying hardware, you make interfaces join the groups in their respective hostname.if files which are machine dependent anyway. now, if you add a second dmz interface for whatever reasons with the same policy, you don't even have to modify (usually not even reload) your ruleset - just make the 2nd dmz interface join the group :) that of course makes much more sense for your external interface, where you might get a second internet connection, or customer-facing interfaces which have the same policies. pf can refer to interfaces and interface groups which do not exist (yet) - once the interface / the group shows up, it will be atached to the construct pf uses and (without ruleset reloads!) things Just Work. Moreover, you can use the brace notation for a dynamic interface name to ip address translation, as in, pass in on tun0 proto tcp to (tun0) port ssh keep state and the like. Internally, pf uses a table named after the interface inside the _pf anchor, and updates the table whenever there are address changes on that interface. That works for interface groups too, now - including correct handling of interfaces joining and leaving the group in question, of course. so, if you put all your customer-facing interfaces (vlans or physical, or any combination... as long as it is interfaces :) ) in a group customers, (customers) correctly expands to all ip addresses on your customer-facing interfaces - and (customer:network) to all networks on them. And suddenly nice things like block in on egress from (customer:network) work. For clonable interfaces (almost all virtual ones are, tun, ppp, lo, vlan, etc), the clones are all member of an interface class group, for example, all loopback interfaces are part of the lo interface group, all vlan interfaces are part of the vlan group, etc. this is especially useful in cases where interfaces get created by a daemon on a next free basis, like tun with userland ppp. now, we had a sick idea for a while, and since we finally had all the parts together now I could implement it - there is an egress interface group now which follows the default routes. This interface group contains all interfaces which IPv4 and IPv6 default routes point to - usually, that is one. It even understands multipath routes already, despite them not being useful yet. The group is updated (actually, rebuilt) every time there is changes/additions/deletions of an IPv4 or IPv6 default route. So, imagine that on your notebook, where you are sometimes on wireless and sometimes on wired network connections - just write your pf.conf so that it refers to the egress group instead of wi0 and em0, and it will Just Work :)
my may/june trip to canada
So, I am in the airplane flying back from Vancouver. It has been a long journey, but let me start from the beginning. I have been flying to Montreal on May 7th, basically just after my return from RIPE-50 at Stockholm. Matt (msf) picked me up downtown, and Ryan arrived a few hours later, bringing Fernando Gont with him. We stayed at Matt's for a few days, doing some random hacking, and Ryan and me, siting in front of one screen, finally got started on the pf interface abstraction code cleanup, which was a prerequisite for making use of the interface groups stuff I hacked a year ago. I can't point out enough how important it was that we could sit down together, staring at one screen, to get started on that. I continued to work on that for the following days. We didn't miss out the city of Montreal either of course - we did have a lot of fun, no doubt. Reyk flew in on the 12th, we rented a car, picked him up at the airport and drove over to Ottawa for BSDCan. There was a (not so surprising) surprise waiting for me - a shiny new laptop, an IBM X40. Many thanks again to those who made that possible (and yes, I will finally handle donations.html for the donors when I am back, promised). Ryan spoke first, in fact he had the first possible slot at the conference (3 parallel tracks). He spoke on randomness in our network stack, that went very well. Bob spoke on spamd the next day, Reyk on wireless network support in OpenBSD (where, as you could already read from others, phk tried to spread FUD, which did not work out), Fernando gave his icmp attacks against tcp talk, and I spoke on OpenBGPD. All talks went well, unfortunately Fernando spoke in parallel to me so I could not see his. Bob and me had humppa as introduction to our talks tho, which the audience appreciated :) We did sell T-Shirts and CDs too, with quite some success. Overall, it was a nice and well organized conference, worth visiting. Of course we went out for food beer in the evenings, be assured we had fun. On the 15th we slacked hacked a bit in the student's residence where we were staying (the coference was at the U of Ottawa campus); in the evening Matt, Ryan, Reyk, Fernando and me flew to Vancouver, and Bob home to Edmonton. From Vancouver we went on a fantastic trip to Tofino (on Vancouver Island), staying there for two nights, and then driving back to Vancouver, and over to Calgary in the following two days. There we were just two days early for our 2005 hackathon. We celebrated Theo's birthday, and on the 20th we set the hackrooms up. The hackathon itself got quite some coverage already - after I finished the interface abstraction cleanup stuff in pf I worked on integrating the interface groups to pf; I'll write a seperate mail on what that is and how it works and what is so cool about it :) Besides that I of course spent some time with claudio in bgpd and with various other developers on various other things in the networking area - last not least with camiel on vlan, so that bridging over vlans now finally works, and bridging vlan-encapsulated frames still does as well. We did go for a dayhike during the hackathon of course, forming two groups of 5 people each for a hard hike and one big group for an easier one. Theo, Ryan, Reyk, Uwe and me went up Mount St. Piran, starting at Lake Louise, after going over some other Mountain (forgot the name), elevation delta about 900m. It was fun. pval me escaped for a (fantastic) mountain bike ride on the last day before we started tearing things down. Ryan, Uwe, Martin, jsg and claudio stayed to go on a hike with Theo, Peter, Ryan and me. We went to Turbine Canyon in Kananaskis (well, close to it), quite a bit of the way on snow shoes. Camping there a night, Ryan and me put our tent on top of a hill, with a fantastic view over the area, which we enjoyed very much and very long :) Next day we went back down to the forks (about halfway) where bob was camping; Ryan, Pval and me decided to extend the hike one more day, the others left. We slacked a bit there and then went up to the three isle lake. It was pretty hard, but more than worth it - a very cool trip. We returned the day after. Of course a day for recovery and catching up on email etc was in order, we stayed at peter's place in calgary. There was a Plaid Tongued Devils concert in the evening which we (and pascoe and dlg, who stayed in calgary longer too) enjoyed very much. Ryan and me left early the next morning, renting a car and driving back to Vancouver. We went very very relaxed and still made it in about 12 hours. There, at Ryan's place in Vancouver, I stayed until today. We enjoyed Vancouver, went for another 2.5-day hike to Emma Lake (and on), near Powell River, went up Grouse Grind near Vanouver (930m elevation delta on 3km :)) and used the time to talk about future openbsd work, designing cool stuff and of course hacking. Many Thanks to the people who made this trip
Re: interface groups and pf
Cool how's your new notebook?
Dell Inspiron 700m
I've got some good news.. I installed OpenBSD on my Dell Inspiron 700m... so far (with a snapshot of Jun 15th) I am able to get wireless to be functional, and I just finished porting over the the 855resolution hack for the VBIOS to get full widescreen 1280x800 support (broken Dell BIOS workaround). I still have yet to test sound and such (even though it is detected successfully), but once I straighten everything out with this laptop, I will post a dmesg and the code to fix the VBIOS. ROCKIN!! :) -- Tony Lambiris [ [EMAIL PROTECTED] ] so if it is really hard for you then perhaps you are just retarded and need treatment w/ electricity and if that does not help then perhaps should not use computers...
Re: CCD on /
Oh, sure, you might want your system to stay running after it wuffs a drive, but if you are running an IDE system, it almost certainly won't. If you are running SCSI, it *might*, but don't count on it. Consider cheap (i.e., software) RAID systems a way to rapidly repair a broken computer, not a way to keep the system running without interruption. Why wouldn't a two drive ATA/SATA system which was raidframe mirrored stay up if one of the drives went belly up? I've been spending some cycles automating the kernel build/raidframe configure process assuming it was worth the extra effort
Re: CCD on /
On Thu, Jun 16, 2005 at 03:11:46PM -0400, Nick Bender wrote: Why wouldn't a two drive ATA/SATA system which was raidframe mirrored stay up if one of the drives went belly up? I've been spending some cycles automating the kernel build/raidframe configure process assuming it was worth the extra effort Controllers don't tend to like it. Sometimes with disk failure, the controller will fail too!
Re: CCD on /
responding 2 nick: WHY do you want to mirror root? i do not like software raid at all and i even more dislike ide-raid (regardless whether it's sw or any other hw-raid). but sometimes you use hw where an hw-raid is not supported (even if there's a controller on-board...) and that's my reason for trying and using sw-raid like raidframe because it is better than nothing... really talking 'bout raid1 like i want it to be: having redundant power, redundant disks w hotplug, scsi320 at least and a good raid-controller-hw with a really smart bios handling any problems... i totally agree with you that scsi-hw-raid w hotplug support is definitely what you want on any production server. but if it comes to a development server or anything you just test on, you'd want to mirror root also, because you don't have to take care for your 2nd chance. you just throw the damn bad ide-hdd out of the window and the other one would bring up your system again like it was 10 minutes (add time for hangup, shutdown and some coffee) ago.
Re: interface groups and pf
Marvelous work. Thank you. :)
Re: CCD on /
At 08:31 PM 6/16/2005 +0100, Niall O'Higgins wrote: Controllers don't tend to like it. Sometimes with disk failure, the controller will fail too! The ASUS A7V880 runs just fine with one disk dead - infant mortality a few months ago. Lee
Re: S-Video TV Hookup
Sorry about the attachment being rejected. I have an ATI Mobility M3 card according to dmesg. How do I configure it to use the video out so I can hook it up to my tv? __ Discover Yahoo! Get on-the-go sports scores, stock quotes, news and more. Check it out! http://discover.yahoo.com/mobile.html
Re: interface groups and pf
Truely amazing work Henning. OpenBSD already leads the way (at least in my opinion) for a packet filter, whether it's commercial or open source, and these latest additions will make my life so much easier. If there is any more testing that needs to be done, I have many spare computers, almost completely unused T1 (only by me and two other co-workers), a /28 of IP addresses (6 currently used, but I could trim that down a few), and a cabinet drawer full of spare nics at work and I'm in charge of it all, so I could do some testing when I have some spare time. Again, thanks so much for this amazing work. Jason On 6/16/05, Henning Brauer [EMAIL PROTECTED] wrote: So, after cleaning up the interface abstraction code in pf with Ryan before the Hackathon, I worked on interface groups integration to pf. An interface group, is, well, a group of interfaces (surprised, anyone?). Interfaces can join and leave interface groups any time, and can be member in an arbitary number of groups. The join and leave is done via ifconfig: ifconfig sk1 group dmz makes sk1 join the group dmz, and ifconfig sk1 -group dmz removes sk1 from that group again. A group is removed when it does not have any members any more and pf does not refer to it. So far, so good. Now, pf can use interface groups instead of interfaces basically everywhere now. Sounds simple, but is quite powerful. For example, you can (ab-)use interface groups as a kind of aliasing. Just a group with one member, and refer to that. For example, hang your dmz of an interface group called dmz - if you do this in a consistent manner, your ruleset is entirely independent from the underlying hardware, you make interfaces join the groups in their respective hostname.if files which are machine dependent anyway. now, if you add a second dmz interface for whatever reasons with the same policy, you don't even have to modify (usually not even reload) your ruleset - just make the 2nd dmz interface join the group :) that of course makes much more sense for your external interface, where you might get a second internet connection, or customer-facing interfaces which have the same policies. pf can refer to interfaces and interface groups which do not exist (yet) - once the interface / the group shows up, it will be atached to the construct pf uses and (without ruleset reloads!) things Just Work. Moreover, you can use the brace notation for a dynamic interface name to ip address translation, as in, pass in on tun0 proto tcp to (tun0) port ssh keep state and the like. Internally, pf uses a table named after the interface inside the _pf anchor, and updates the table whenever there are address changes on that interface. That works for interface groups too, now - including correct handling of interfaces joining and leaving the group in question, of course. so, if you put all your customer-facing interfaces (vlans or physical, or any combination... as long as it is interfaces :) ) in a group customers, (customers) correctly expands to all ip addresses on your customer-facing interfaces - and (customer:network) to all networks on them. And suddenly nice things like block in on egress from (customer:network) work. For clonable interfaces (almost all virtual ones are, tun, ppp, lo, vlan, etc), the clones are all member of an interface class group, for example, all loopback interfaces are part of the lo interface group, all vlan interfaces are part of the vlan group, etc. this is especially useful in cases where interfaces get created by a daemon on a next free basis, like tun with userland ppp. now, we had a sick idea for a while, and since we finally had all the parts together now I could implement it - there is an egress interface group now which follows the default routes. This interface group contains all interfaces which IPv4 and IPv6 default routes point to - usually, that is one. It even understands multipath routes already, despite them not being useful yet. The group is updated (actually, rebuilt) every time there is changes/additions/deletions of an IPv4 or IPv6 default route. So, imagine that on your notebook, where you are sometimes on wireless and sometimes on wired network connections - just write your pf.conf so that it refers to the egress group instead of wi0 and em0, and it will Just Work :)
OSPFd over IPSEC (enc)?
Can two 3.7 servers running OSPFd talk OSPF to each other over an IPSEC tunnel, or worded in another way, an enc interface? I have two sites with a WAN link and I want to use the Internet (VPN) as a backup route. The concept is that under normal circumstances, the OSPF routing table would have valid routes between the two sites over both the VPN and WAN links. If the WAN link failed, there'd still be a valid route between the two sites over VPN. Please forgive the following disclaimer - I have no control over it. This message may contain information that is privileged, confidential and exempt from disclosure under applicable law. If you are not the intended recipient of this message you may not store, disclose, copy, forward, distribute or use this message or its contents for any purpose. If you have received this communication in error, please notify us immediately by return e-mail and delete the original message and any attachments from your e-mail system. Thank you.
Re: CCD on /
exactly. I'm using blades with no hardware raid controller. software raid that worked just like hardware raid would be the best solution until we get better hardware. On 6/16/05, mdff [EMAIL PROTECTED] wrote: responding 2 nick: WHY do you want to mirror root? i do not like software raid at all and i even more dislike ide-raid (regardless whether it's sw or any other hw-raid). but sometimes you use hw where an hw-raid is not supported (even if there's a controller on-board...) and that's my reason for trying and using sw-raid like raidframe because it is better than nothing... really talking 'bout raid1 like i want it to be: having redundant power, redundant disks w hotplug, scsi320 at least and a good raid-controller-hw with a really smart bios handling any problems... i totally agree with you that scsi-hw-raid w hotplug support is definitely what you want on any production server. but if it comes to a development server or anything you just test on, you'd want to mirror root also, because you don't have to take care for your 2nd chance. you just throw the damn bad ide-hdd out of the window and the other one would bring up your system again like it was 10 minutes (add time for hangup, shutdown and some coffee) ago.
Re: GRUB's boot parameter
Gag is the way to go, easy to use and even looks pretty. Subject: Re: GRUB's boot parameter GAG [1] is a nice boot manager. It can boot a lot of OS's, including OpenBSD. You should give it a try. Jasper [1] http://gag.sourceforge.net -- checking whether you're still watching...probaly not :-) /usr/ports/x11/wmx configure script.
Re: OSPFd over IPSEC (enc)?
On Thu, Jun 16, 2005 at 12:51:53PM -0700, Michael Favinsky wrote: Can two 3.7 servers running OSPFd talk OSPF to each other over an IPSEC tunnel, or worded in another way, an enc interface? I have two sites with a WAN link and I want to use the Internet (VPN) as a backup route. The concept is that under normal circumstances, the OSPF routing table would have valid routes between the two sites over both the VPN and WAN links. If the WAN link failed, there'd still be a valid route between the two sites over VPN. AFAIK it was not yet tested. I'm not sure if it will work because the enc interface is not a real interface. I know it works over gre tunnels. Using the enc device may work but I'm not sure about it (until now I never had to use IPsec). Btw. use -current ospfd and ospfctl because many bug fixes and additional features went into the tree lately. -- :wq Claudio
Re: newfs_msdos - Question
On Fri, Jun 17, 2005 at 01:31:05AM +0200, [EMAIL PROTECTED] wrote: I've a question related to newfs_msdos. I bought a USB-Stick and formated it (FAT32) but I'm still limited to the 8.3 DOS-Style for the filenames. Maybe I'm wrong but MS Windows 98 wich was able to use FAT32 was able to use 256 CHarackters for a filename don't need FAT32 for it, because LFN in 9x was fake., regardless of # of bits in FAT. i don't know all the details by heart, but the file, on disk, is still 8.3 - using a format you've seen: So I got many ~ in my filenames and also extenders with more then 3 charackters (tar.gz or tar.bz2) are a littlebit problematic. such as FILENA~1.TXT for Filename that is longer than it should be.txt you didn't do anything wrong, however this is not in any way related to openbsd, or i would say even newfs_msdos; but rather about a bogus marketing FAT hack microsoft pulled. if you google for 'LFN 8.3' there's no way you will be able to avoid the information jared p.s. Is somebody out there who formated a USB-Stick with FFS? Would that be possible? ,) don't see why not, system just sees it as a writable scsi drive. - [ openbsd 3.7 GENERIC ( jun 3 ) // i386 ]
Re: OSPFd over IPSEC (enc)? - OT
On Thu, Jun 16, 2005 at 10:50:10PM +0200, Claudio Jeker wrote: AFAIK it was not yet tested. I'm not sure if it will work because the enc interface is not a real interface. I know it works over gre tunnels. Using the enc device may work but I'm not sure about it (until now I never had to use IPsec). i was able to use enc0 (after throwing an IP on it) as the local endpoint to match an IPsec flow such as: 172.16.2.2/32 0 172.16.1.1/32 0 0 66.55.44.77/50/use/in 172.16.1.1/32 0 172.16.2.2/32 0 0 66.55.44.77/50/require/out where 172.16.1.1/32 was the IP i threw on enc0. ( eg, i could ping -I 172.16.1.1 172.16.2.2 ok, and other side could ping -I 172.16.2.2 172.16.1.1 OK ) though, to be fair, i changed the way i was doing things and decided to not put the IP on enc0, so i didn't give it a lot of testing. jun.10 snapshots jared - [ openbsd 3.7 GENERIC ( jun 3 ) // i386 ]
Re: CCD on /
On 6/16/05, Niall O'Higgins [EMAIL PROTECTED] wrote: Controllers don't tend to like it. Sometimes with disk failure, the controller will fail too! Apart from that, you'll suffer from various annoying delays if for any reason parts in the system try to access the failed drive. Admittedly, I only saw this on 3.5 as it never occurred again. Nowadays, I'm a happy ami(4) user. For those who believe the observation above not to be a surprise: they're probably right. In my defence, that's I didn't report it. Cheers, Rogier -- If you don't know where you're going, any road will get you there.
Re: CCD on /
L. V. Lammert wrote: At 08:31 PM 6/16/2005 +0100, Niall O'Higgins wrote: Controllers don't tend to like it. Sometimes with disk failure, the controller will fail too! The ASUS A7V880 runs just fine with one disk dead - infant mortality a few months ago. Lee One example does not make it always so. Some people expect RAID (of either HW or SW kind) to keep them running through a disk failure... Some have more experience. Designing systems that work through failures is not trivial. The way devices fail in the real world is very different than the way you expect them to fail, and rarely can you get a device to fail while you are watching everything you need to to watch to fix a problem once discovered. If you do get a real-world failure which produces a problem, you try to fix it, but you will probably never know how well you fixed it, because it will never fail in exactly the same way again. If you try to manufacture defective drives (i.e., spike 'em with a powder-actuated nail gun while they are spinning), you will rack up a lot of money rapidly (at least for a volunteer project) (but it IS fun!). So, yes, I'm saying there are probably bugs in how HW failures are handled in OpenBSD...and probably most other OSs. It just isn't something you can test effectively, but only refine it over years of (bitter) experience. I've always told people RAID is part of a rapid-repair solution, not part of a never goes down. It *may* not go down. Maybe, probably won't go down. But don't bet your career on it. Plan for the worst case, and things will always look better than expected. And you look like a genius. :) Nick.
Re: newfs_msdos - Question
ummm actually, the Windows layer of Win98 could handle 256 chars for a filename - the DOS layer underneath was still limited r At 09:31 AM 17/06/2005, [EMAIL PROTECTED] wrote: I've a question related to newfs_msdos. I bought a USB-Stick and formated it (FAT32) but I'm still limited to the 8.3 DOS-Style for the filenames. Maybe I'm wrong but MS Windows 98 wich was able to use FAT32 was able to use 256 CHarackters for a filename So I got many ~ in my filenames and also extenders with more then 3 charackters (tar.gz or tar.bz2) are a littlebit problematic. Did I missed something in the manpage of newfs or is there realy no way to handle longer filenames correctly? Kind regards, Sebastian p.s. Is somebody out there who formated a USB-Stick with FFS? Would that be possible? ,) Best Regards Ray Cauchi Manager/Lead Developer ( T W E E K ! ) PO Box 468 Katoomba NSW Australia 2780 p: +61 2 4757 1600 f: +61 2 4757 3808 m: 0414 270 400 e: [EMAIL PROTECTED] w: www.tweek.com.au
Re: interface groups and pf
On Thu, 16 Jun 2005 20:55:48 +0200, Henning Brauer [EMAIL PROTECTED] wrote: So, after cleaning up the interface abstraction code in pf with Ryan before the Hackathon, I worked on interface groups integration to pf. Henning, Ryan and all involved -Very Amazing Work. Thank You! JCR