ssh from cellpone to openbsd

[Paul Pruett]

FYI -

I was able to ssh2 vith vt320term using username/password to openbsd using 
sprintpcs cellphone (not the fancy palm like ones but the newer lesser 
vision phones that play media and midp java apps)


application on cellphone:

MidpSSH is an SSH and Telnet client for MIDP 1.0 / 2.0 devices
such as Java(tm)-capable cellphones.
http://www.xk72.com/midpssh/index.html

You can send this URL
  http://xk72.com/wap
in a text message, messaging.sprintpcs.com, and the phone can go to it
give wap menu and after selection can download and know its an 
application.




BTW, full ssh2 build, 108KB seems to be working on the new sprintpcs 
phones, like the SANYO MM-5600



will take some playing with to figure best way to macro key inputs.

not sure how audited the software is, but java source is suppose to be 
available.


and not sure if can use keys, it does have a import session from url 
feature that I have not explored.


but it is interesting.

Re: perl -MCPAN checksum mismatch on anything

[J.D. Bronson]

At 09:40 PM 6/24/2005, Uwe Dippel wrote:

On Fri, 24 Jun 2005 20:03:31 -0500, J.D. Bronson wrote:

 I too have this same problem.

 Fresh install...no custom anything...just trying to add modules to
 perl, and anything tried fails 100% no matter which source I use
 (even perl.org).

 Whats going on? - anyone have any further insight on this?

Promise and curse of the base install. I wished I simply could wipe perl
and install it from scratch; but since it does belong to the base, I
wouldn't know how.
I have of course removed the .perl stuff, but that's not everything. Some
config is written in /usr/libdata respectively /usr/local at your initial
call of cpan, respectively the o conf init.

Uwe


for the record, I rather tried this. I built a NEW version of perl 
from src and used all different locations. When I tried to run MCPAN 
on this version, it fails the exact same way. So I wouldnt waste any 
time trying that :)







--
J.D. Bronson
Information Services - Telecom
Aurora Health Care - Milwaukee, Wisconsin
Office: 414.978.8282 // Fax: 414.314.8787

Re: usr mounted nosuid by default..?

[Alexander Farber]

Hi,

I don't know if it's a bug or not, but you don't need to reinstall.
You could edit /etc/fstab and if needed tar zxvfp base37.tgz and others

Regards
Alex 

2005/6/25, asdfasdf asfdasdfasdf [EMAIL PROTECTED]:
 The nosuid thing is the only inconsistency I've
 noticed. Should I be concerned enough to do a
 reinstall?

Re: can't find /etc/crontab ?

[Tony]

man crontab (from fresh OBSD 3.7)
FILES
 /var/cron/cron.allow  list of users allowed to use crontab
 /var/cron/cron.deny   list of users prohibited from using crontab
 /var/cron/tabsdirectory of individual crontabs

I think there's a reason that they include the man (manual) command.
Works much better than playing guessing games.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
Neta
Sent: Saturday, June 25, 2005 6:02 AM
To: misc@openbsd.org
Subject: can't find /etc/crontab ?


Hello All,
I have fresh install machine openbsd 3.7, i couldn't locate any /etc/crontab
?
is this crontab disable by default?
how i can enable it?

Kind regards

Neta

Re: can't find /etc/crontab ?

[Lars Hansson]

On Sat, 25 Jun 2005 06:12:55 -0500
 man crontab   (from fresh OBSD 3.7)
 FILES
  /var/cron/cron.allow  list of users allowed to use crontab
  /var/cron/cron.deny   list of users prohibited from using crontab
  /var/cron/tabsdirectory of individual crontabs

man cron
FILES
 /etc/crontab  system crontab file
 /var/cron/atjobs  directory containing at(1) jobs
 /var/cron/log cron's log file
 /var/cron/tabsdirectory containing individual crontab files
 /var/cron/tabs/.sock  used by crontab(1) to tell cron to check for
   crontab changes immediately


/etc/crontab works but doesnt exist by default, you'll have to create it
yourself. Beware that the format is slightly different.

---
Lars Hansson

Re: can't find /etc/crontab ?

[Neta]

Ok guys, Finally i can find it :) 

TIA
Neta

On 6/25/05, Schvberle Daniel [EMAIL PROTECTED] wrote:
 Not quite so.
 
 System crontab is located in /etc but doesn't exists by default.
 You have to make your own. Watch out for access rights or else
 crond won't parse it.
 
 man 5 crontab
 
 root's crontab is located in /var/cron/tabs.
 
 Daniel.
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Andreas Kahari
 Sent: Saturday, June 25, 2005 1:28 PM
 To: Neta
 Cc: openbsd-misc
 Subject: Re: can't find /etc/crontab ?
 
 The system (root) crontab is not stored in /etc but in /var/cron/tabs
 like for everybody else.  Edit the crontab with crontab -e as root
 to change it, do not modify it directly.
 
 Andreas
 
 On 25/06/05, Neta [EMAIL PROTECTED] wrote:
  Hello All,
  I have fresh install machine openbsd 3.7, i couldn't locate any 
  /etc/crontab ?
  is this crontab disable by default?
  how i can enable it?
 
  Kind regards
 
  Neta
 
 
 
 
 --
 Andreas Kahari
 
 PGP: 1024D/C2E163CB

Re: server disaster, forking failure?

[Nico Meijer]

Hi,

  On the Netserver I blocked Linux OS from accessing ssh port with PF
  as I exclusively use OpenBSD and the problem did not
  occur again but as mentioned it was replaced fairly shortly
  afterwards.
 
 How did you figure this out?  I'm curious.

block in log proto tcp from any os Linux to ($ext_if) port ssh

is an option.

Bye... Nico

Disk On Key under 3.6

[Mayuresh Kathe]

Hi,

I attached my 8Mb Disk-On-Key from M-Systems to my system running 3.6

dmesg shows following output:
OpenBSD 3.6 (GENERIC) #59: Fri Sep 17 12:32:57 MDT 2004
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Geode(TM) Integrated Processor by National Semi (Geode by NSC
586-class) 232 MHz
cpu0: FPU,TSC,MSR,CX8,CMOV,MMX
cpu0: TSC disabled
real mem  = 536424448 (523852K)
avail mem = 482570240 (471260K)
using 4278 buffers containing 26923008 bytes (26292K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(2a) BIOS, date 11/15/00, BIOS32 rev. 0 @ 0xfadc0
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
pcibios0 at bios0: rev 2.1 @ 0xf/0xb248
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdae0/160 (8 entries)
pcibios0: PCI Exclusive IRQs: 3 10 11
pcibios0: no compatible PCI ICU found: ICU vendor 0x1078 product 0x0100
pcibios0: Warning, unable to fix up PCI interrupt routing
pcibios0: PCI bus #0 is the last bus
bios0: ROM list: 0xc/0x8000 0xc8000/0x2000! 0xcc000/0x4000!
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (bios)
pchb0 at pci0 dev 0 function 0 Cyrix GXm PCI rev 0x00
puc0 at pci0 dev 7 function 0 Topic/SmartLink 5634PCV SurfRider rev 0x00: com
pccom3 at puc0 port 0 irq 11: ns16550a, 16 byte fifo
vga1 at pci0 dev 9 function 0 unknown vendor 0x10ea product 0x5000 rev 0x03
wsdisplay0 at vga1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
rl0 at pci0 dev 10 function 0 Realtek 8139 rev 0x10: irq 3 address
00:30:00:04:04:66
rlphy0 at rl0 phy 0: RTL internal phy
pcib0 at pci0 dev 18 function 0 Cyrix Cx5530 South rev 0x00
Cyrix Cx5530 SMI/ACPI rev 0x00 at pci0 dev 18 function 1 not configured
pciide0 at pci0 dev 18 function 2 Cyrix Cx5530 IDE rev 0x00: no DMA,
channel 0 wired to compatibility, channel 1 wired to compatibility
pciide0: channel 0 ignored (other hardware responding at addresses)
pciide0: channel 1 ignored (not responding; disabled or no drives?)
Cyrix Cx5530 XpressAUDIO rev 0x00 at pci0 dev 18 function 3 not configured
ohci0 at pci0 dev 19 function 0 Compaq USB OpenHost rev 0x06: irq
11, version 1.0, legacy support
ohci0: SMM does not respond, resetting
usb0 at ohci0: USB revision 1.0
uhub0 at usb0
uhub0: Compaq OHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pmsi0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pmsi0 mux 0
wdc0 at isa0 port 0x1f0/8 irq 14
wd0 at wdc0 channel 0 drive 0: IC25N040ATMR04-0
wd0: 16-sector PIO, LBA48, 38154MB, 78140160 sectors
wd0(wdc0:0:0): using BIOS timings
sb0 at isa0 port 0x220/24 irq 5 drq 1: dsp v4.12
midi0 at sb0: SB MIDI UART
audio0 at sb0
opl0 at sb0: model OPL3
midi1 at opl0: SB Yamaha OPL3
pcppi0 at isa0 port 0x61
midi2 at pcppi0: PC speaker
sysbeep0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
biomask ef45 netmask ef4d ttymask ffcf
pctr: no performance counters in CPU
dkcsum: wd0 matched BIOS disk 80
root on wd0a
rootdev=0x0 rrootdev=0x300 rawdev=0x302
umass0 at uhub0 port 1 configuration 0 interface 0
umass0: M-Systems DiskOnKey, rev 1.00/2.00, addr 2
umass0: using SCSI over Bulk-Only
scsibus0 at umass0: 2 targets
sd0 at scsibus0 targ 1 lun 0: M-Sys, DiskOnKey, 1.08 SCSI0 0/direct removable
sd0: 7MB, 7 cyl, 64 head, 32 sec, 512 bytes/sec, 15600 sec total

since its showing scsibus0 and umass0 I assumed /dev/sd0a would be the
device to control the DOK.
Following is what I did and what the system showed me in response:
# mount_msdos /dev/sd0a /mnt/  
mount_msdos: /dev/sd0a on /mnt: Device not configured
# newfs_msdos /dev/sd0a
newfs_msdos: /dev/sd0a: Device not configured

Which device in /dev should I use to mount/format the drive?

~Mayuresh

Re: Disk On Key under 3.6

[Diana Eichert]

On Sat, 25 Jun 2005, Mayuresh Kathe wrote:

 Hi,
 
 I attached my 8Mb Disk-On-Key from M-Systems to my system running 3.6
 
 dmesg shows following output:
SNIP
 ohci0 at pci0 dev 19 function 0 Compaq USB OpenHost rev 0x06: irq
 11, version 1.0, legacy support
 ohci0: SMM does not respond, resetting
 usb0 at ohci0: USB revision 1.0
 uhub0 at usb0
 uhub0: Compaq OHCI root hub, class 9/0, rev 1.00/1.00, addr 1
 uhub0: 2 ports with 2 removable, self powered
SNIP
 umass0 at uhub0 port 1 configuration 0 interface 0
 umass0: M-Systems DiskOnKey, rev 1.00/2.00, addr 2
 umass0: using SCSI over Bulk-Only
 scsibus0 at umass0: 2 targets
 sd0 at scsibus0 targ 1 lun 0: M-Sys, DiskOnKey, 1.08 SCSI0 0/direct 
 removable
 sd0: 7MB, 7 cyl, 64 head, 32 sec, 512 bytes/sec, 15600 sec total
 
 since its showing scsibus0 and umass0 I assumed /dev/sd0a would be the
 device to control the DOK.
 Following is what I did and what the system showed me in response:
 # mount_msdos /dev/sd0a /mnt/ 
  
 mount_msdos: /dev/sd0a on /mnt: Device not configured
 # newfs_msdos /dev/sd0a   
  
 newfs_msdos: /dev/sd0a: Device not configured
 
 Which device in /dev should I use to mount/format the drive?
 
 ~Mayuresh

What does disklable sd0 return?

diana

Re: Disk On Key under 3.6

[Diana Eichert]

On Sat, 25 Jun 2005, Diana Eichert wrote:
SNIP
 What does disklable sd0 return?
 
 diana

aieh, need more kaffe.

that would be disklabel sd0

Disk On Key under 3.6

[Christian Jones]

On 6/25/05, Mayuresh Kathe [EMAIL PROTECTED] wrote:
 Following is what I did and what the system showed me in response:
 # mount_msdos /dev/sd0a /mnt/
 mount_msdos: /dev/sd0a on /mnt: Device not configured
 # newfs_msdos /dev/sd0a
 newfs_msdos: /dev/sd0a: Device not configured

 Which device in /dev should I use to mount/format the drive?

It's quite possible you'll need to check the disklabel for sd0 to
determine which partition is recognized as fat;  on many (but not all
I've seen), it will be /dev/sd0i or /dev/sd0j .  As always, I'd
strongly suggest looking at the FAQ:  In this case, 14.17:
http://www.openbsd.org/faq/faq14.html#flashmem

--
Christian Jones
[EMAIL PROTECTED]
http://www.aleph0.com/~chjones

OT - network design documents

[Steve Williams]

Hi,

Off Topic, but I'm struggling..

I have been contracted to make some network changes at a site I originally
set up 10 years ago.  It started with a couple of PC's with an OpenBSD
server as the default gateway/firewall.  As time went on, the site has
grown and now is 200+ computers and several other gateways to other sites
(hospitals, government, etc).  And yes, the OpenBSD firewall (though
upgraded) is still key in this network topology.  The original idea was to
have all the routes on the OpenBSD firewall and rely on ICMP redirects to
build dynamic routes where needed.

This has worked until recently.  One of the Hospital sites has put in a
CISCO Pix 506E and it's not behaving properly with ICMP redirects.  If I
put a static route on the Windows PC, it works fine.

The IT department at the hospital has said
Note: I had problem before, the PIX does not like to do icmp redirect.
Its work best and better security if the internal hub is a layer 3
switch then you control the route policy/Access List from the layer 3
switch.

Well, this is a wee bit over my head, and I really need to read up on how
to PROPERLY design a larger network environment with multiple (4-5)
different gateways and maintain routes  properly with minimal human
intervention.  This has to work with a mixed bag of Windows 98 and up and
assorted Unix systems.

I also need to figure out how OpenBSD will fit into this infrastructure,
as I really like the stability/configurability of OpenBSD ( and spamd :-)
).

Does anyone have pointers, Web or books ( I don't mind spending $$ ) for
resources that would help me understand more complex networks.

Thanks,
Steve Williams

Re: OT - network design documents

[Richard Welty]

On Sat, 25 Jun 2005 09:21:08 -0600 (MDT) Steve Williams [EMAIL PROTECTED] 
wrote:
 This has worked until recently.  One of the Hospital sites has put in a
 CISCO Pix 506E and it's not behaving properly with ICMP redirects.  If I
 put a static route on the Windows PC, it works fine.

 The IT department at the hospital has said
 Note: I had problem before, the PIX does not like to do icmp redirect.
 Its work best and better security if the internal hub is a layer 3
 switch then you control the route policy/Access List from the layer 3
 switch.

layer three switch is marketing speak for a particular style of router.
you will probably want to look at increasing the sophistication of the
routing setup on your openbsd system.

the openbsd system will never be a layer three switch, but it doesn't
need to be. it just needs to be a fancier router, which is quite a
reasonable thing to do.

without a bit more detail, it's hard to advise you on what path to take.

richard
-- 
Richard Welty [EMAIL PROTECTED]
Averill Park Networking
Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
  Well, if you're not going to expect unexpected flames,
 what's the point of going anywhere? -- Truckle the Uncivil

Re: External, USB hard drives

[L. V. Lammert]

On Fri, 24 Jun 2005, Steven Bowers wrote:

 Any comments on the Buslink drives? I found a site selling both 1.1
 and 2.0 drives for a some-what reasonable price. Seems like all the
 USB 2.0 stuff is 120GB or greater and $100 and up. Since I'm primarily
 backing up about 1MB of data I'm not sure I need that much capacity
 Any suggestions on something under $100?

Get thee a USB thumb drive (solid state) - for that small an amount of
data, you don't need a HD.

Lee


  Leland V. Lammert[EMAIL PROTECTED]
Chief Scientist Omnitec Corporation
 Network/Internet Consultants   www.omnitec.net

Re: can't find /etc/crontab ?

[Todd C. Miller]

In message [EMAIL PROTECTED]
so spake Neta (netasys):

 Hello All,
 I have fresh install machine openbsd 3.7, i couldn't locate any /etc/crontab 
 ?
 is this crontab disable by default?
 how i can enable it?

/etc/crontab is not used by default, it predates the availability
of per-user crontab files.  As such it is not included by default,
though you can create it if you really must.  I don't suggest this
as you lose the syntax checking of crontab (1).

 - todd

Re: OT - network design documents

[Steve Williams]

 On Sat, 25 Jun 2005 09:21:08 -0600 (MDT) Steve Williams
 [EMAIL PROTECTED] wrote:
 This has worked until recently.  One of the Hospital sites has put in a
 CISCO Pix 506E and it's not behaving properly with ICMP redirects.  If I
 put a static route on the Windows PC, it works fine.

 The IT department at the hospital has said
 Note: I had problem before, the PIX does not like to do icmp
 redirect.
 Its work best and better security if the internal hub is a layer 3
 switch then you control the route policy/Access List from the layer 3
 switch.

 layer three switch is marketing speak for a particular style of router.
 you will probably want to look at increasing the sophistication of the
 routing setup on your openbsd system.

 the openbsd system will never be a layer three switch, but it doesn't
 need to be. it just needs to be a fancier router, which is quite a
 reasonable thing to do.

 without a bit more detail, it's hard to advise you on what path to take.

 richard
 --
 Richard Welty
 [EMAIL PROTECTED]
 Averill Park Networking
 Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
   Well, if you're not going to expect unexpected flames,
  what's the point of going anywhere? -- Truckle the Uncivil

Hi,

Thanks for answering... I was trying to avoid discussing this in depth on
this list as it's really off topic.  In retrospect, more information would
probably help people be able to refer me to approiate documentation!

Here it goes..

internet_connection - 192.168.11.1/32 ---+
Default Route|
OpenBSD 3.7  |
In my control 100%   |
 |
remote_site - 192.168.11.2/32 -+ |
192.168.12.0/24| |
Cisco 2620, IOS 12.0   | |
Only Cisco router in my control   Cisco Catalyst 2900 Switch
   | | |
Hospital_site   - 192.168.11.3/32 -+ | |
a.b.c.0/24   | |
Cisco 1720 - T1  | |
Cisco PIX 506E   | |
 | |
Government_site - 192.168.11.4/32 ---+ |
w.x.y.0/24 |
Cisco 1720 - T1|
Cisco PIX 506E |
Rest of 192.168.11.0/24 ---+

All systems have the default route to be the OpenBSD system.  On
that box, the static routes are:

route add 192.168.12.0/24 192.168.11.2# remote_site packets
route add a.b.c.0/24  192.168.11.3# Hospital packets
route add w.x.y.0/24  192.168.11.4# government packets

There are a few routes on the Cisco 2620, but that's just to
handle the WAN traffic.

The Rest of 192.168.11.0/24 are a mixed bag of Windows 98 up to
XP SP2, with a Max XServer, Imac's, AIX system, and a few wireless
access points which will be going because of security issues.

The problem is that Windows computers trying to access the Hospital Site
using HTTPS are not working.  We narrowed it down to the ICMP redirect
from the OpenBSD box casing the problem.  We narrowed it down by putting
a static route on the Windows PC and it worked flawlessly.  I DO NOT want
to try maintaining static routes on 150+ PC's of various flavors...

Like I said in my previous email, this network evolved form 2 PC's to
what it is currently, and the network design really needs an upgrade to
make it 20th Century so to speak.

I would really like to read up on this so that I can fully understand all
the design issues/compromises.   Thanks for any pointers.

Cheers,
Steve

Re: OT - network design documents

[Rogier Krieger]

On 6/25/05, Steve Williams [EMAIL PROTECTED] wrote:
 We narrowed it down by putting a static route on the Windows PC and it
 worked flawlessly.  I DO NOT want to try maintaining static routes on
 150+ PC's of various flavors...

How about distributing static routes through DHCP? It's listed in
dhcp-options(5) as option static-routes. You may want to give it a
spin.

Besides that, have you searched the list archives for ICMP redirect
problems? Somehow it sounds familiar.

Cheers,

Rogier

-- 
If you don't know where you're going, any road will get you there.

Re: floppy37C.fs image too big for device

[Brad Brad]

I've had the same problem since 3.7 was released on all (vmware) machines 
i've tried it on, i just copied floppy B conf over floppy C and it built 
fine, I don't use the floppies anyway.


Brad


From: Raymond Lillard [EMAIL PROTECTED]
To: misc@openbsd.org
Subject: floppy37C.fs image too big for device
Date: Thu, 23 Jun 2005 20:41:03 -0700

Dear Misc,

Yesterday, I cvs updated my 3.7-release tree and performed
all steps necessary to make a new release to propagate to
other i386 boxes.  All went well until it was time to create
the floppy37C.fs image.

My theory is that the latest updates have just slightly
bumped up the kernel size, just enough to blow a floppy
This doesn't represent a real problem for me as I will
build a bootable CDROM for my use by skipping over this
(for me) unneeded step.

This machine is an old Pentium-II machine that I use to
do builds and archive stuff I seldom need, like releases.
In the interest of completeness, a dmesg is at the very
end.  This machine is running on the kernel and userland
from which I tried to build this release.

If the build has gone wrong and ramdiskC/bsd.gz shouldn't
be 1392717 bytes, then I will need to start this whole
process from scratch as I didn't log the terminal output
to a file.  The snippets here are from my xterm window.
On this slow machine it will take more than a working day.

Regards all,
Ray



Here is the size of the ramdisk image files:
# pwd
/usr/obj/distrib/i386
# /bin/ls -l ramdisk*/bsd.gz
-rw-r--r--  1 root  wsrc  1353280 Jun 23 00:43 ramdiskA/bsd.gz
-rw-r--r--  1 root  wsrc  1372697 Jun 23 00:56 ramdiskB/bsd.gz
-rw-r--r--  1 root  wsrc  1392717 Jun 23 01:10 ramdiskC/bsd.gz



Next I will show the terminal output from make release with
irrelevant stuff snipped out.  There are three snippets of
terminal output, showing each of the three floppy images
being created.

 Everything previous deleted
 About ready to write floppy37 image

building standard compat library
ranlib libcompat.a
cc  -Werror -Wall -Wstrict-prototypes -Wmissing-prototypes  
-Wno-uninitialized -Wno-format -Wno-main  -fno-stack-protector 
-fno-builtin-printf -fno-builtin-log -Os -pipe -nostdinc -I. 
-I/opt/usr/src/sys/arch/i386/compile/RAMDISK/../../../../arch 
-I/opt/usr/src/sys/arch/i386/compile/RAMDISK/../../../.. -DSCSITERSE 
-DAPM_NOPRINT -DI386_CPU -DI486_CPU -DI586_CPU -DI686_CPU -DSMALL_KERNEL 
-DNO_PROPOLICE -DTIMEZONE=0 -DDST=0 -DFFS -DEXT2FS -DCD9660 -DMSDOSFS 
-DFIFO -DINET -DBOOT_CONFIG -DRAMDISK_HOOKS -DMINIROOTSIZE=0xed8 
-DPCIVERBOSE -D_KERNEL -Di386  -c swapbsd.c

sh /opt/usr/src/sys/arch/i386/compile/RAMDISK/../../../../conf/newvers.sh
cc  -Werror -Wall -Wstrict-prototypes -Wmissing-prototypes  
-Wno-uninitialized -Wno-format -Wno-main  -fno-stack-protector 
-fno-builtin-printf -fno-builtin-log -Os -pipe -nostdinc -I. 
-I/opt/usr/src/sys/arch/i386/compile/RAMDISK/../../../../arch 
-I/opt/usr/src/sys/arch/i386/compile/RAMDISK/../../../.. -DSCSITERSE 
-DAPM_NOPRINT -DI386_CPU -DI486_CPU -DI586_CPU -DI686_CPU -DSMALL_KERNEL 
-DNO_PROPOLICE -DTIMEZONE=0 -DDST=0 -DFFS -DEXT2FS -DCD9660 -DMSDOSFS 
-DFIFO -DINET -DBOOT_CONFIG -DRAMDISK_HOOKS -DMINIROOTSIZE=0xed8 
-DPCIVERBOSE -D_KERNEL -Di386  -c vers.c

rm -f bsd
ld -Ttext 0xD0100120 -e start -N -S -x -o bsd ${SYSTEM_OBJ} vers.o
textdatabss dec hex
1273037 1985700 280468  3539205 360105
cp 
/opt/usr/src/distrib/i386/ramdiskA/../../../sys/arch/i386/compile/RAMDISK/bsd 
bsd
cc -DDEBUG -o rdsetroot 
/opt/usr/src/distrib/i386/ramdiskA/../../common/elfrdsetroot.c

cp bsd bsd.rd
/opt/usr/src/distrib/i386/ramdiskA/obj/rdsetroot bsd.rd  mr.fs
segment 0 rd_root_size_off = 0x13c940
rd_root_image_off = 0x13c960
rd_root_size  val: 0x001DB000 (3800 blocks)
copying root image...
...copied 1945600 bytes
cp bsd.rd bsd.strip
strip bsd.strip
strip -R .comment bsd.strip
gzip -c9 bsd.strip  bsd.gz
dd if=/dev/zero of=/var/tmp/image.2095 bs=10k count=144
144+0 records in
144+0 records out
1474560 bytes transferred in 0.035 secs (41898051 bytes/sec)
vnconfig -v -c svnd0 /var/tmp/image.2095
svnd0: 1474560 bytes on /var/tmp/image.2095
disklabel -w -r svnd0 floppy3
newfs -m 0 -o space -i 524288 -c 80 /dev/rsvnd0a
/dev/rsvnd0a:   2880 sectors in 80 cylinders of 2 tracks, 18 sectors
1.4MB in 1 cyl groups (80 c/g, 1.41MB/g, 32 i/g)
super-block backups (for fsck -b #) at:
 32,
mount /dev/svnd0a /mnt
cp /opt/OpenBSD/i386/dest/usr/mdec/boot 
/opt/usr/src/distrib/i386/ramdiskA/obj/boot

strip /opt/usr/src/distrib/i386/ramdiskA/obj/boot
strip -R .comment /opt/usr/src/distrib/i386/ramdiskA/obj/boot
dd if=/opt/usr/src/distrib/i386/ramdiskA/obj/boot of=/mnt/boot bs=512
75+1 records in
75+1 records out
38612 bytes transferred in 0.002 secs (17214445 bytes/sec)
dd if=bsd.gz of=/mnt/bsd bs=512
2643+1 records in
2643+1 records out
1353280 bytes transferred in 0.193 secs (6976569 bytes/sec)
/usr/mdec/installboot -v /mnt/boot  
/opt/OpenBSD/i386/dest/usr/mdec/biosboot /dev/rsvnd0c

boot: /mnt/boot
proto: 

Re: OT - network design documents

[Jean-Christophe Sicard]

Steve Williams wrote:


On Sat, 25 Jun 2005 09:21:08 -0600 (MDT) Steve Williams
[EMAIL PROTECTED] wrote:
   


This has worked until recently.  One of the Hospital sites has put in a
CISCO Pix 506E and it's not behaving properly with ICMP redirects.  If I
put a static route on the Windows PC, it works fine.
 


The IT department at the hospital has said
Note: I had problem before, the PIX does not like to do icmp
redirect.
Its work best and better security if the internal hub is a layer 3
switch then you control the route policy/Access List from the layer 3
switch.
 


layer three switch is marketing speak for a particular style of router.
you will probably want to look at increasing the sophistication of the
routing setup on your openbsd system.

the openbsd system will never be a layer three switch, but it doesn't
need to be. it just needs to be a fancier router, which is quite a
reasonable thing to do.

without a bit more detail, it's hard to advise you on what path to take.

richard
--
Richard Welty
[EMAIL PROTECTED]
Averill Park Networking
   Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
 Well, if you're not going to expect unexpected flames,
what's the point of going anywhere? -- Truckle the Uncivil

   


Hi,

Thanks for answering... I was trying to avoid discussing this in depth on
this list as it's really off topic.  In retrospect, more information would
probably help people be able to refer me to approiate documentation!

Here it goes..

internet_connection - 192.168.11.1/32 ---+
Default Route|
OpenBSD 3.7  |
In my control 100%   |
|
remote_site - 192.168.11.2/32 -+ |
192.168.12.0/24| |
Cisco 2620, IOS 12.0   | |
Only Cisco router in my control   Cisco Catalyst 2900 Switch
  | | |
Hospital_site   - 192.168.11.3/32 -+ | |
a.b.c.0/24   | |
Cisco 1720 - T1  | |
Cisco PIX 506E   | |
| |
Government_site - 192.168.11.4/32 ---+ |
w.x.y.0/24 |
Cisco 1720 - T1|
Cisco PIX 506E |
   Rest of 192.168.11.0/24 ---+

All systems have the default route to be the OpenBSD system.  On
that box, the static routes are:

route add 192.168.12.0/24 192.168.11.2# remote_site packets
route add a.b.c.0/24  192.168.11.3# Hospital packets
route add w.x.y.0/24  192.168.11.4# government packets

There are a few routes on the Cisco 2620, but that's just to
handle the WAN traffic.

The Rest of 192.168.11.0/24 are a mixed bag of Windows 98 up to
XP SP2, with a Max XServer, Imac's, AIX system, and a few wireless
access points which will be going because of security issues.

The problem is that Windows computers trying to access the Hospital Site
using HTTPS are not working.  We narrowed it down to the ICMP redirect
from the OpenBSD box casing the problem.  We narrowed it down by putting
a static route on the Windows PC and it worked flawlessly.  I DO NOT want
to try maintaining static routes on 150+ PC's of various flavors...

Like I said in my previous email, this network evolved form 2 PC's to
what it is currently, and the network design really needs an upgrade to
make it 20th Century so to speak.

I would really like to read up on this so that I can fully understand all
the design issues/compromises.   Thanks for any pointers.

Cheers,
Steve

 


Are these Win XP sp2 boxes by any chance?

I've had issues of such boxes not obeying icmp redirects because the 
Windows Firewall was activated.
(For some reason also, the Checkpoint SecureRemote client sees to eat 
icmp redirects too (really, tcpdumping on the hub would show them, but 
they'd literally disapear on the machine's interface when windumping).



JC

PPPoE on 486

[Chris Zakelj]

I'd like to give a big hoot and cheer Theo and the gang.  The new 
kernelized PPPoE is fast enough to keep up with two MMORPG instances, 
three internet radio streams, and three large downloads combining for an 
average of 130kb/sec all at once, while still being 30-50% idle!  It 
never even came close when I tried with 3.4 and 3.5 (see threads from 
around this time last year).  dmesg below.  Both ep's are 3C509B in 
non-PNP mode, full duplex enabled.  I imagine it would still grind to a 
halt if I tried to SSH stuff on account of the crypto (it's a 33MHz 
chip), but DSL firewalling doesn't require that :)


top says...
load averages: 0.34, 0.27, 0.25
CPU states:  5% user, 0% nice, 5% system, 55% interrupt, 35% idle

OpenBSD 3.7 (GENERIC) #50: Sun Mar 20 00:01:57 MST 2005
   [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel 486DX (486-class)
real mem  = 66695168 (65132K)
avail mem = 53452800 (52200K)
using 839 buffers containing 3436544 bytes (3356K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 05/05/91
pcibios at bios0 function 0x1a not configured
bios0: ROM list: 0xc/0x8000 0xd/0x4000
cpu0 at mainbus0
isa0 at mainbus0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0 (mux 1 ignored for console): console keyboard
vga0 at isa0 port 0x3b0/48 iomem 0xa/131072
wsdisplay0 at vga0: console (80x25, vt100 emulation), using wskbd0
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
wdc0 at isa0 port 0x1f0/8 irq 14
wd0 at wdc0 channel 0 drive 0: QUANTUM BIGFOOT2550A
wd0: 8-sector PIO, LBA, 2457MB, 5033952 sectors
wd0(wdc0:0:0): using BIOS timings
wdc1 at isa0 port 0x170/8 irq 15
atapiscsi0 at wdc1 channel 0 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: NEC, CD-ROM DRIVE:282, 4.46 SCSI0 
5/cdrom removable

cd0(wdc1:0:0): using BIOS timings
ep0 at isa0 port 0x2a0/16 irq 12: address 00:60:97:b6:04:8e, utp 
(default utp)
ep1 at isa0 port 0x300/16 irq 11: address 00:60:08:12:df:f5, utp 
(default utp)

sb0 at isa0 port 0x220/24 irq 5 drq 1: dsp v4.11
midi0 at sb0: SB MIDI UART
audio0 at sb0
opl0 at sb0: model OPL3
midi1 at opl0: SB Yamaha OPL3
pcppi0 at isa0 port 0x61
midi2 at pcppi0: PC speaker
sysbeep0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
npx0 at isa0 port 0xf0/16: using exception 16
pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
fd1 at fdc0 drive 1: 1.2MB 80 cyl, 2 head, 15 sec
biomask e745 netmask ff45 ttymask ffc7
pctr: no performance counters in CPU
dkcsum: wd0 matched BIOS disk 80
root on wd0a
rootdev=0x0 rrootdev=0x300 rawdev=0x302
pppoe0: phase establish
pppoe0: phase authenticate
pppoe0: phase network

Re: upgrading from OpenBSD/i386 from 3.3 and before by remote

[Christian Weisgerber]

Nick Holland [EMAIL PROTECTED] wrote:

   http://www.holland-consulting.net/obsd/aout-up.html

Just today a guy came up to the OpenBSD booth at LinuxTag (Karlsruhe,
Germany) and asked for help on remote updating of a client's 2.9(!)
systems located in Kansas(!).  Apparently he doesn't read misc@ and
so was very happy when I pointed him to your guide. ;-)

-- 
Christian naddy Weisgerber  [EMAIL PROTECTED]

Re: OT - network design documents

[Steve Williams]

 Steve Williams wrote:

On Sat, 25 Jun 2005 09:21:08 -0600 (MDT) Steve Williams
[EMAIL PROTECTED] wrote:


This has worked until recently.  One of the Hospital sites has put in a
CISCO Pix 506E and it's not behaving properly with ICMP redirects.  If
 I
put a static route on the Windows PC, it works fine.


The IT department at the hospital has said
Note: I had problem before, the PIX does not like to do icmp
redirect.
Its work best and better security if the internal hub is a layer 3
switch then you control the route policy/Access List from the layer 3
switch.


layer three switch is marketing speak for a particular style of
 router.
you will probably want to look at increasing the sophistication of the
routing setup on your openbsd system.

the openbsd system will never be a layer three switch, but it doesn't
need to be. it just needs to be a fancier router, which is quite a
reasonable thing to do.

without a bit more detail, it's hard to advise you on what path to take.

richard
--
Richard Welty
[EMAIL PROTECTED]
Averill Park Networking
Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
  Well, if you're not going to expect unexpected flames,
 what's the point of going anywhere? -- Truckle the Uncivil



Hi,

Thanks for answering... I was trying to avoid discussing this in depth on
this list as it's really off topic.  In retrospect, more information
 would
probably help people be able to refer me to approiate documentation!

Here it goes..

internet_connection - 192.168.11.1/32 ---+
Default Route|
OpenBSD 3.7  |
In my control 100%   |
 |
remote_site - 192.168.11.2/32 -+ |
192.168.12.0/24| |
Cisco 2620, IOS 12.0   | |
Only Cisco router in my control   Cisco Catalyst 2900 Switch
   | | |
Hospital_site   - 192.168.11.3/32 -+ | |
a.b.c.0/24   | |
Cisco 1720 - T1  | |
Cisco PIX 506E   | |
 | |
Government_site - 192.168.11.4/32 ---+ |
w.x.y.0/24 |
Cisco 1720 - T1|
Cisco PIX 506E |
Rest of 192.168.11.0/24 ---+

All systems have the default route to be the OpenBSD system.  On
that box, the static routes are:

route add 192.168.12.0/24 192.168.11.2# remote_site packets
route add a.b.c.0/24  192.168.11.3# Hospital packets
route add w.x.y.0/24  192.168.11.4# government packets

There are a few routes on the Cisco 2620, but that's just to
handle the WAN traffic.

The Rest of 192.168.11.0/24 are a mixed bag of Windows 98 up to
XP SP2, with a Max XServer, Imac's, AIX system, and a few wireless
access points which will be going because of security issues.

The problem is that Windows computers trying to access the Hospital
 Site
using HTTPS are not working.  We narrowed it down to the ICMP redirect
from the OpenBSD box casing the problem.  We narrowed it down by putting
a static route on the Windows PC and it worked flawlessly.  I DO NOT want
to try maintaining static routes on 150+ PC's of various flavors...

Like I said in my previous email, this network evolved form 2 PC's to
what it is currently, and the network design really needs an upgrade to
make it 20th Century so to speak.

I would really like to read up on this so that I can fully understand all
the design issues/compromises.   Thanks for any pointers.

Cheers,
Steve



 Are these Win XP sp2 boxes by any chance?

 I've had issues of such boxes not obeying icmp redirects because the
 Windows Firewall was activated.
 (For some reason also, the Checkpoint SecureRemote client sees to eat
 icmp redirects too (really, tcpdumping on the hub would show them, but
 they'd literally disapear on the machine's interface when windumping).


 JC



Hello,

Wow, what a guess g  Yes, they are XP sp2 boxes I was working with.  I
will check on Monday to see if Firewalling was enabled.  I don't think
that should matter though.  All it means is that every packet would hit
the OpenBSD firewall and get sent to the right system (along with an ICMP
redirect for every packt :-( ).  Not a good situation...

Regardless, thank you very much for your pointer.  One more thing to add
to my list of potentially stupid things to overlook.  I run ZoneAlarm on
my own system  always remember to turn it off.  Never thought about the
Windows Firewall on client's systems.

Cheers,
Steve

Re: OT - network design documents

[Rogier Krieger]

Don't thank me just yet. I should've checked my notes.

On 6/25/05, Steve Williams [EMAIL PROTECTED] wrote:
  How about distributing static routes through DHCP? It's listed in
  dhcp-options(5) as option static-routes.

 OMG!  What a simple solution!  It's so simple it never occured to me.

According to MS' Knowledgebase [1], Win2K is the first OS to support
option 33. Also, the static-routes option is classful (and thus rather
old fashioned). Classful means that the choice of the destination
implies the netmask.

RFC3442 [2] has more info on an option implementing classless routing
(option 121), but I do not believe it is a standard just yet.

Your mileage may vary as you may end up with a /32 route. Perhaps
pushing group policies and/or login scripts may prove a better option
in such a case.

Rogier


References:
1. Incorrect subnet mask and options assigned from Windows NT 4.0 DHCP server
http://support.microsoft.com/default.aspx?scid=kb;en-us;261489

2. The Classless Static Route option for DHCP version 4
ftp://ftp.rfc-editor.org/in-notes/rfc3442.txt

-- 
If you don't know where you're going, any road will get you there.

Re: server disaster, forking failure?

[Mark Uemura]

No, this is not what I was asking for.  Of course, we can block 
by OS but what I wanted to know was, how did Steve determine that   
Linux hosts were causing him grief on the Netserver running 3.6 ?

I should have been clearer.  Sorry about that.  Thanks nevertheless.

Mark T. Uemura
OpenBSD Support Japan Inc.
www.openbsd-support.com

   On the Netserver I blocked Linux OS from accessing ssh port with PF
   as I exclusively use OpenBSD and the problem did not
   occur again but as mentioned it was replaced fairly shortly
   afterwards.
  
  How did you figure this out?  I'm curious.
 
 block in log proto tcp from any os Linux to ($ext_if) port ssh
 
 is an option.
 
 Bye... Nico

PPP, PPPoE, and OpenBSD 3.7

[Dave Harrison]

Hi all,

I've been looking through all the upgrade notes etc and I can't see that 
any major changes have occurred in the ppp daemon, nor the pppoe 
translator that would cause me problems.  However since I upgraded to 
3.7 (from 3.4) I've been unable to connect to my ADSL providor.


My ppp.conf is thus :

swiftdsl:
set log Phase Chat IPCP CCP tun command

set device !/usr/sbin/pppoe -i em2 -v
set reconnect 5 18
disable acfcomp protocomp
deny acfcomp
set mtu max 1440
set mru max 1440
set speed sync

set cd 5
set dial
set login
set timeout 0
set authname myusername
set authkey myauthkey
enable mssfixup

I've also tried enable LQR, and using allow users as well, but to no 
avail.  I've gone through using interactive mode as well, and same 
result, no connection.  The actual error from the daemon log is as 
follows  :


Jun 26 13:01:17 hiro ppp[3815]: tun0: Phase: deflink: Connect time: 0 
secs: 44 octets in, 0 octets out
Jun 26 13:01:17 hiro ppp[3815]: tun0: Phase: deflink: 24 packets in, 0 
packets out
Jun 26 13:01:17 hiro ppp[3815]: tun0: Phase:  total 44 bytes/sec, peak 0 
bytes/sec on Sun Jun 26 13:01:17 2005

Jun 26 13:01:17 hiro ppp[3815]: tun0: Phase: deflink: HUPing 8204
Jun 26 13:01:17 hiro ppp[3815]: tun0: Phase: deflink: hangup - opening
Jun 26 13:01:17 hiro ppp[3815]: tun0: Phase: deflink: Enter pause (5) 
for redialing.
Jun 26 13:01:17 hiro ppp[3815]: tun0: Chat: deflink: Reconnect try 6 of 
18

Jun 26 13:01:22 hiro ppp[3815]: tun0: Chat: deflink: Redial timer expired.
Jun 26 13:01:22 hiro ppp[3815]: tun0: Warning: Carrier settings ignored
Jun 26 13:01:22 hiro ppp[3815]: tun0: Phase: deflink: Connected!
Jun 26 13:01:22 hiro ppp[3815]: tun0: Phase: deflink: opening - dial
Jun 26 13:01:22 hiro ppp[3815]: tun0: Chat: deflink: Dial attempt 1 of 1
Jun 26 13:01:22 hiro ppp[3815]: tun0: Phase: deflink: dial - carrier
Jun 26 13:01:22 hiro ppp[3815]: tun0: Phase: deflink: carrier - login
Jun 26 13:01:22 hiro ppp[3815]: tun0: Phase: deflink: login - lcp
Jun 26 13:01:22 hiro ppp[3815]: tun0: Phase: deflink: read (2): 
Connection reset by peer

Jun 26 13:01:22 hiro ppp[3815]: tun0: Phase: deflink: Disconnected!
Jun 26 13:01:22 hiro ppp[3815]: tun0: Phase: deflink: lcp - logout
Jun 26 13:01:22 hiro ppp[3815]: tun0: Phase: deflink: logout - hangup
Jun 26 13:01:22 hiro ppp[3815]: tun0: Phase: deflink: Disconnected!

I've tried speaking to my ISP, aside from them not having much of a 
clue, they did claim to have reset my connection with them, but still 
not change to my situation - and I can only reset my modem so many times 
before I go insane ;-)


Anything anyone can spot that might help me sort this out ?  I even 
tried the kernel based pppoe device, but no joy there either.


Cheers
Dave

difference between newfs and newfs -m 1 on a 250G hd?

[bofh]

Hi,

Just bought a WDC 250G HD. Model WD2500JB-00G.

I tried a newfs -m 1 /dev/wd3a. After newfs is over, wd3a is not mountable.
fsck can't find any usable superblock. However, when I did a newfs
/dev/wd3a, the resulting partition checks out fine (fsck is ok with it) and
mounts without problems. Any idea why?

-Tai

disklabel says:

# using MBR partition 0: type A6 off 0 (0x0) size 488392065 (0x1d1c4581)
# /dev/rwd3c:
type: ESDI
disk: ESDI/IDE disk
label: WDC WD2500JB-00G
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 16
sectors/cylinder: 1008
cylinders: 16383
total sectors: 488397168
rpm: 7200
interleave: 1
trackskew: 0
cylinderskew: 0
headswitch: 0 # microseconds
track-to-track seek: 0 # microseconds
drivedata: 0

16 partitions:
# size offset fstype [fsize bsize cpg]
a: 488392065 0 4.2BSD 2048 16384 328 # (Cyl. 0 - 484515*)
c: 488397168 0 unused 0 0 # (Cyl. 0 - 484520)

Re: Strange df output

[Tony]

5% or so is reserved for root and is not available.

When everybody has run out of disk space, it is very helpful 
if the situation does NOT apply to root.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
Matthew S Elmore
Sent: Saturday, June 25, 2005 11:35 PM
To: misc@openbsd.org
Subject: Strange df output


Can anyone explain this math to me?

490M - 32.8M != 433M

Not that it's a big deal but just wondering where that bit of space 
went.

[EMAIL PROTECTED]:/home/matt$ df -h
FilesystemSizeUsed   Avail Capacity  Mounted on
/dev/wd0a 490M   32.8M433M 7%/

Re: Strange df output

[Matthew S Elmore]

Whichever definition the 'df -h' command is using. I'm assuming it's 
consistent in its use itself. ;)


On Jun 25, 2005, at 11:45 PM, Chris wrote:


Matthew S Elmore wrote:

Can anyone explain this math to me?

490M - 32.8M != 433M

Not that it's a big deal but just wondering where that bit of space 
went.


[EMAIL PROTECTED]:/home/matt$ df -h
FilesystemSizeUsed   Avail Capacity  Mounted on
/dev/wd0a 490M   32.8M433M 7%/





Define the size of a meg. As you know, one meg can be 1.44, or 1.0 if
you know what I mean. So, it really depends sometimes on the value of
one meg.

--
Best regards,
Chris

The man who has no more problems is out of the game.

Re: Strange df output

[Chris]

Matthew S Elmore wrote:
 Can anyone explain this math to me?
 
 490M - 32.8M != 433M
 
 Not that it's a big deal but just wondering where that bit of space went.
 
 [EMAIL PROTECTED]:/home/matt$ df -h
 FilesystemSizeUsed   Avail Capacity  Mounted on
 /dev/wd0a 490M   32.8M433M 7%/
 
 
 

Define the size of a meg. As you know, one meg can be 1.44, or 1.0 if
you know what I mean. So, it really depends sometimes on the value of
one meg.

-- 
Best regards,
Chris

The man who has no more problems is out of the game.

Re: Strange df output

[Matthew S Elmore]

It was my understanding that this reserved space was not accounted for 
when using 'df'. Hence, you can sometimes have partitions that are 105% 
capacity.


Am I off base on this? It is very possible, it is very late. ;)

From the FAQ sec 14.14:

People are sometimes surprised to find they have negative available 
disk space, or more than 100% of a partition in use, as shown by df(1).


When a partition is created with newfs(8), some of the available space 
is held in reserve from normal users. This provides a margin of error 
when you accidently fill the disk, and helps keep disk fragmentation to 
a minimum. Default for this is 5% of the disk capacity, so if the root 
user has been carelessly filling the disk, you may see up to 105% of 
the available capacity in use.


On Jun 25, 2005, at 11:41 PM, [EMAIL PROTECTED] wrote:


5% or so is reserved for root and is not available.

When everybody has run out of disk space, it is very helpful
if the situation does NOT apply to root.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf 
Of

Matthew S Elmore
Sent: Saturday, June 25, 2005 11:35 PM
To: misc@openbsd.org
Subject: Strange df output


Can anyone explain this math to me?

490M - 32.8M != 433M

Not that it's a big deal but just wondering where that bit of space
went.

[EMAIL PROTECTED]:/home/matt$ df -h
FilesystemSizeUsed   Avail Capacity  Mounted on
/dev/wd0a 490M   32.8M433M 7%/

Re: Strange df output

[bool]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

 490*0.05
24.5
 490-24.5-32.8
432.69

Math looks to be spot on with a reserved 5%.

On Sat, 25 Jun 2005 21:48:21 -0700 Matthew S Elmore
[EMAIL PROTECTED] wrote:
It was my understanding that this reserved space was not accounted
for
when using 'df'. Hence, you can sometimes have partitions that are
105%
capacity.

Am I off base on this? It is very possible, it is very late. ;)

 From the FAQ sec 14.14:

People are sometimes surprised to find they have negative
available
disk space, or more than 100% of a partition in use, as shown by
df(1).

When a partition is created with newfs(8), some of the available
space
is held in reserve from normal users. This provides a margin of
error
when you accidently fill the disk, and helps keep disk
fragmentation to
a minimum. Default for this is 5% of the disk capacity, so if the
root
user has been carelessly filling the disk, you may see up to 105%
of
the available capacity in use.

On Jun 25, 2005, at 11:41 PM, [EMAIL PROTECTED] wrote:

 5% or so is reserved for root and is not available.

 When everybody has run out of disk space, it is very helpful
 if the situation does NOT apply to root.

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Behalf
 Of
 Matthew S Elmore
 Sent: Saturday, June 25, 2005 11:35 PM
 To: misc@openbsd.org
 Subject: Strange df output


 Can anyone explain this math to me?

 490M - 32.8M != 433M

 Not that it's a big deal but just wondering where that bit of
space
 went.

 [EMAIL PROTECTED]:/home/matt$ df -h
 FilesystemSizeUsed   Avail Capacity  Mounted on
 /dev/wd0a 490M   32.8M433M 7%/
-BEGIN PGP SIGNATURE-
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.4

wkYEARECAAYFAkK+PJ4ACgkQnWfT5RLAiYOs1ACgnfD3w++hvtA+RAca+SDkJ4Vx76YA
oKhqO/HT2Ihe3cEMnAo3IwOKlm1k
=oomO
-END PGP SIGNATURE-

Re: Strange df output

[Tony]

Filesystem  512-blocks  Used Avail Capacity  Mounted on
/dev/wd0a   256252180540 6290074%/

256252 blocks less 5% reserve.
This gives 243440 blocks total available for users.
less 180540 gives 62900 blocks currently available for users.
180540/243440  gives 74.162% which rounds to 74%

For a user to write to the disk, it must be less than 100% full.
If root has used up all the reserve, 105% capacity is a fair value,
in that the user will need to free up in excess of 5% in order to
have ANY free space in which to write stuff.

For the above 256252 block partition, the percentages are based
on the 243440 blocks of user-usable space rather than the
total of 256252 blocks of root-usable space.

Probably much kinder on users to run out at 100% than at 95%.
Of course this requires that root runs out at something over 100%.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
Matthew S Elmore
Sent: Saturday, June 25, 2005 11:48 PM
To: [EMAIL PROTECTED]
Cc: misc@openbsd.org
Subject: Re: Strange df output


It was my understanding that this reserved space was not accounted for 
when using 'df'. Hence, you can sometimes have partitions that are 105% 
capacity.

Am I off base on this? It is very possible, it is very late. ;)

 From the FAQ sec 14.14:

People are sometimes surprised to find they have negative available 
disk space, or more than 100% of a partition in use, as shown by df(1).

When a partition is created with newfs(8), some of the available space 
is held in reserve from normal users. This provides a margin of error 
when you accidently fill the disk, and helps keep disk fragmentation to 
a minimum. Default for this is 5% of the disk capacity, so if the root 
user has been carelessly filling the disk, you may see up to 105% of 
the available capacity in use.

On Jun 25, 2005, at 11:41 PM, [EMAIL PROTECTED] wrote:

 5% or so is reserved for root and is not available.

 When everybody has run out of disk space, it is very helpful
 if the situation does NOT apply to root.

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf 
 Of
 Matthew S Elmore
 Sent: Saturday, June 25, 2005 11:35 PM
 To: misc@openbsd.org
 Subject: Strange df output


 Can anyone explain this math to me?

 490M - 32.8M != 433M

 Not that it's a big deal but just wondering where that bit of space
 went.

 [EMAIL PROTECTED]:/home/matt$ df -h
 FilesystemSizeUsed   Avail Capacity  Mounted on
 /dev/wd0a 490M   32.8M433M 7%/

PPP, PPPoE, and OpenBSD 3.7

[Dave Harrison]

Hi all,

I've been looking through all the upgrade notes etc and I can't see that
any major changes have occurred in the ppp daemon, nor the pppoe
translator that would cause me problems.  However since I upgraded to
3.7 (from 3.4) I've been unable to connect to my ADSL providor.

My ppp.conf is thus :

swiftdsl:
set log Phase Chat IPCP CCP tun command

set device !/usr/sbin/pppoe -i em2 -v
set reconnect 5 18
disable acfcomp protocomp
deny acfcomp
set mtu max 1440
set mru max 1440
set speed sync

set cd 5
set dial
set login
set timeout 0
set authname myusername
set authkey myauthkey
enable mssfixup

I've also tried enable LQR, and using allow users as well, but to no
avail.  I've gone through using interactive mode as well, and same
result, no connection.  The actual error from the daemon log is as
follows  :

Jun 26 13:01:17 hiro ppp[3815]: tun0: Phase: deflink: Connect time: 0
secs: 44 octets in, 0 octets out
Jun 26 13:01:17 hiro ppp[3815]: tun0: Phase: deflink: 24 packets in, 0
packets out
Jun 26 13:01:17 hiro ppp[3815]: tun0: Phase:  total 44 bytes/sec, peak 0
bytes/sec on Sun Jun 26 13:01:17 2005
Jun 26 13:01:17 hiro ppp[3815]: tun0: Phase: deflink: HUPing 8204
Jun 26 13:01:17 hiro ppp[3815]: tun0: Phase: deflink: hangup - opening
Jun 26 13:01:17 hiro ppp[3815]: tun0: Phase: deflink: Enter pause (5)
for redialing.
Jun 26 13:01:17 hiro ppp[3815]: tun0: Chat: deflink: Reconnect try 6 of
18
Jun 26 13:01:22 hiro ppp[3815]: tun0: Chat: deflink: Redial timer expired.
Jun 26 13:01:22 hiro ppp[3815]: tun0: Warning: Carrier settings ignored
Jun 26 13:01:22 hiro ppp[3815]: tun0: Phase: deflink: Connected!
Jun 26 13:01:22 hiro ppp[3815]: tun0: Phase: deflink: opening - dial
Jun 26 13:01:22 hiro ppp[3815]: tun0: Chat: deflink: Dial attempt 1 of 1
Jun 26 13:01:22 hiro ppp[3815]: tun0: Phase: deflink: dial - carrier
Jun 26 13:01:22 hiro ppp[3815]: tun0: Phase: deflink: carrier - login
Jun 26 13:01:22 hiro ppp[3815]: tun0: Phase: deflink: login - lcp
Jun 26 13:01:22 hiro ppp[3815]: tun0: Phase: deflink: read (2):
Connection reset by peer
Jun 26 13:01:22 hiro ppp[3815]: tun0: Phase: deflink: Disconnected!
Jun 26 13:01:22 hiro ppp[3815]: tun0: Phase: deflink: lcp - logout
Jun 26 13:01:22 hiro ppp[3815]: tun0: Phase: deflink: logout - hangup
Jun 26 13:01:22 hiro ppp[3815]: tun0: Phase: deflink: Disconnected!

I've tried speaking to my ISP, aside from them not having much of a
clue, they did claim to have reset my connection with them, but still
not change to my situation - and I can only reset my modem so many times
before I go insane ;-)

Anything anyone can spot that might help me sort this out ?  I even
tried the kernel based pppoe device, but no joy there either.

Cheers
Dave