Interrupting df
I'm running df and it just hangs. ^C doesn't interrupt it. ^Z doesn't interrupt it. My guess is that some filesystem is not responding; still I should be able to get my console back, shouldn't I? Is this the BSD way? (My other linux machine responds to interrupts). Stephan #uname -a OpenBSD myosin.sugarmotor.net 3.7 GENERIC#50 i386
spamd and comcast
Has anyone notice a huge amount of problems with spamd(8) and Comcast/ATT Worldnet Service mail servers? Seems that things like 204.127.198.34, and almost everything in 204.127 is in spews1. If anyone has a way around this (to only greylist the poor souls that use comcast), please lemme know. I'd love to continue using spews[12], but too many people complain. Thanks. - Eric
Re: Suggested hardware for server?
Matt Garman wrote: So, still, the question remains: what do folks recommend as "good" hardware for hard disk controllers? The LSI cards supported by the ami(4) driver are excellent. I recently purchased a LSI MegaRAID SATA 150-4 and have been very impressed with it. -d
Re: Honesty needed...
We're running FreeBSD at work on our main mail server, which is now crashing 2 times per day. I need to find a new solution soon, or I could risk losing my job which would really stink. http://www.dragonflybsd.org/ From Wikipedia, the free encyclopedia. In computing, the DragonFly BSD operating system is a fork of FreeBSD. Matt Dillon, a long-time FreeBSD and Amiga developer, started work on DragonFly BSD in June 2003 and announced it on the FreeBSD mailing lists on 16 July 2003. Dillon started DragonFly in the belief that the methods and techniques being adopted for threading and SMP in FreeBSD 5 would lead to a poorly performing system that would be very difficult to maintain. He sought to correct these suspected problems within the FreeBSD project. Others in the project did not think highly of his ideas, which is among the reasons his ability to directly change the FreeBSD code was revoked. Despite this, the DragonFly BSD and FreeBSD projects still work together contributing bug fixes, driver updates and other system improvements to each other. Intended to be "the logical continuation of the FreeBSD 4.x series", DragonFly is being developed in an entirely different direction from FreeBSD 5, including a new Light Weight Kernel Threads implementation and a light weight ports/messaging system. Many concepts planned for DragonFly were inspired by the AmigaOS.
Re: Suggested hardware for server?
> On Tue, Jun 28, 2005 at 08:50:32PM -0400, Jason Crawford wrote: >> The main reason I suggested SATA-II is because the OP said he >> can't do SCSI, but still wants a good RAID. Granted, 32 commands > > I would *like* to do SCSI, but when you look at the cost/GB ratio, there's just no comparison (at least for my home network, where the most demanding task will be video-on-demand). what is the point of this? DVD movie DTR is <10Mbit/s, or less than 2Mbyte/s. Buy what suits your needs, and if it is the $4.00/Mbyte storage of 15k U320 drives you need, get them. I think asking misc@ what your needs are is pointless. > >> dependent on data will have the money for SCSI RAID1+0, no >> problem, as it's tried and true technology, as well as still the fastest. However the OP talked about rebuilding a server on a home > > What this means (if anything) I can't say for sure, but the > marketing/hype around SCSI has it categorized as "enterprise class". Typically, SCSI drives have longer warranties, greater MTBF, and they're manufacturing process is supposed to be superior, and they are designed to run continuously in warmer conditions... and it's > tried and true technology. > > What I've been doing for the last several years is buy one smaller, SCSI drive to use as my "main" drive (OS, user programs, etc), and buy the dramatically cheaper IDE drives for bulk storage. > >> maxing that out any time soon, and you can get 160GB SATA-II disk for under $90, good luck finding a U320 SCSI disk close to that >> size for even close to that price. > > Yup. I've been wanting to upgrade my main SCSI drive to a 73 GB Seagate 10k RPM. The lowest price I can find is about $235 (US). Two and a half the price at less than half the storage :( The 15k RPM drives are more expensive still. Seagate now has a "Savvio" > line of 10k RPM SCSI drives in a 2.5" form factor (note book size). How's $800 (US) for a 73 GB drive?! > > -Matt > > -- > Matt Garman > email at: http://raw-sewage.net/index.php?file=email
Re: Suggested hardware for server?
On Tue, Jun 28, 2005 at 08:50:32PM -0400, Jason Crawford wrote: > The main reason I suggested SATA-II is because the OP said he > can't do SCSI, but still wants a good RAID. Granted, 32 commands I would *like* to do SCSI, but when you look at the cost/GB ratio, there's just no comparison (at least for my home network, where the most demanding task will be video-on-demand). > dependent on data will have the money for SCSI RAID1+0, no > problem, as it's tried and true technology, as well as still the > fastest. However the OP talked about rebuilding a server on a home What this means (if anything) I can't say for sure, but the marketing/hype around SCSI has it categorized as "enterprise class". Typically, SCSI drives have longer warranties, greater MTBF, and they're manufacturing process is supposed to be superior, and they are designed to run continuously in warmer conditions... and it's tried and true technology. What I've been doing for the last several years is buy one smaller, SCSI drive to use as my "main" drive (OS, user programs, etc), and buy the dramatically cheaper IDE drives for bulk storage. > maxing that out any time soon, and you can get 160GB SATA-II disk > for under $90, good luck finding a U320 SCSI disk close to that > size for even close to that price. Yup. I've been wanting to upgrade my main SCSI drive to a 73 GB Seagate 10k RPM. The lowest price I can find is about $235 (US). Two and a half the price at less than half the storage :( The 15k RPM drives are more expensive still. Seagate now has a "Savvio" line of 10k RPM SCSI drives in a 2.5" form factor (note book size). How's $800 (US) for a 73 GB drive?! -Matt -- Matt Garman email at: http://raw-sewage.net/index.php?file=email
Re: setting mediaopt ibss fails on ath (Netgear WG511T)
On Tue, Jun 28, 2005 at 11:36:51PM +0200, Hanspeter Roth wrote: > Hello, > > I'm running OpenBSD 3.7 with a Netgear WG511T wireless network > adapter which appears as ath0. > > ath0 at cardbus0 dev 0 function 0 "Atheros Communications, Inc., > AR5001--, Wireless LAN Reference Card": irq 5 > ath0: mac 80.9 phy 4.3 radio 4.6, 802.11a/b/g, FCC1A, address > 00:0f:b5:a0:f9:ea gpio at ath0 not configured > > Setting mediaopt `ibss' creates entries in `dmesg`. > > ar5k_ar5212_nic_wakeup: failed to resume the AR5212 (again) > ath0: unable to reset hardware; hal status 0 > > Also `ifconfig` status remains `no network'. > > Is this a well known problem or has it even been fixed in -current? > > -Hanspeter > Of course, the other thing you could try is a -current snapshot yourself. Do you know where they are? Ken
donations of rtw(4) devices with GCT radio required
I now believe it would be possible to support rtw(4) devices incorporating GCT RF tranceivers, however I can't find any devices for sale here in Australia. If someone has one of the following they could send my way I'd appreciate it. Edimax EW-7126 PCI HomeLine HLW-PCC200 CardBus GigaFast WF721-AEX CardBus Longshine LCS-8031-R PCI Pentagram HorNET PCI PLANET WL-8303 PCI Repotec RP-WP7126 PCI Sweex LC700010 PCI Tonze PC-2100T PCI TP-Link TL-WN250/251 PCI There are likely more devices, it should be pretty obvious to see which radio your rtw has by looking at your dmesg.
Re: Suggested hardware for server?
On 6/28/05, Richard Welty <[EMAIL PROTECTED]> wrote:
> On Tue, 28 Jun 2005 16:10:32 -0400 Jason Crawford <[EMAIL PROTECTED]> wrote:
>
> > If you want the closest you can get to SCSI without actually going
> > SCSI, try the LSI Logic MegaRAID SATA 300-8X controller. It uses the
> > SATA-II spec, so you get 3.0gbps throughput, plus you have NCQ, which
> > can queue up to 32 commands (IIRC). It's still no U320 SCSI setup, but
> > it's much much much better than PATA or even SATA-I, which is half the
> > speed, and normally doesn't support NCQ at all.
>
> recent discussion on one of the PostgreSQL lists suggests that at the
> current state of the art, SATA and SCSI are about comparable for
> read intensive ("SELECT") operations, but SCSI still outperforms
> SATA for write intensive ("INSERT" and "UPDATE") operations.
>
> additionally, i saw someone mention RAID 5 in there somewhere. RAID
> 5 is fine for read operations, but RAID 10 will outperform it in write
> intensive operations.
>
> so if i were managing a lot of disk i/o (say, a really really huge,busy
> mail server), i'd probably look at RAID 10 with a good SCSI array.
>
The main reason I suggested SATA-II is because the OP said he can't do
SCSI, but still wants a good RAID. Granted, 32 commands is still not
even close to the 256 commands SCSI is capable of (IIRC), but it's the
closest thing, and much cheaper. SATA-II is still new technology as
well, so a place that is absolutely dependent on data will have the
money for SCSI RAID1+0, no problem, as it's tried and true technology,
as well as still the fastest. However the OP talked about rebuilding a
server on a home network, and a RAID1+0 U320 SCSI array is just too
damn expensive for that (IMO). Unless his home network runs an
extremely busy news server or database server, SATA-II RAID5 (or even
1+0 if you don't mind losing half the disk space) is plenty, since
it's 3.0Gbs, and can queue up to 32 commands. I highly doubt he'll be
maxing that out any time soon, and you can get 160GB SATA-II disk for
under $90, good luck finding a U320 SCSI disk close to that size for
even close to that price.
Jason
Re: Suggested hardware for server?
On Tue, 28 Jun 2005 16:10:32 -0400 Jason Crawford <[EMAIL PROTECTED]> wrote:
> If you want the closest you can get to SCSI without actually going
> SCSI, try the LSI Logic MegaRAID SATA 300-8X controller. It uses the
> SATA-II spec, so you get 3.0gbps throughput, plus you have NCQ, which
> can queue up to 32 commands (IIRC). It's still no U320 SCSI setup, but
> it's much much much better than PATA or even SATA-I, which is half the
> speed, and normally doesn't support NCQ at all.
recent discussion on one of the PostgreSQL lists suggests that at the
current state of the art, SATA and SCSI are about comparable for
read intensive ("SELECT") operations, but SCSI still outperforms
SATA for write intensive ("INSERT" and "UPDATE") operations.
additionally, i saw someone mention RAID 5 in there somewhere. RAID
5 is fine for read operations, but RAID 10 will outperform it in write
intensive operations.
so if i were managing a lot of disk i/o (say, a really really huge,busy
mail server), i'd probably look at RAID 10 with a good SCSI array.
richard
--
Richard Welty [EMAIL PROTECTED]
Averill Park Networking
Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security
"Well, if you're not going to expect unexpected flames,
what's the point of going anywhere?" -- Truckle the Uncivil
Re: wireless support
N.J. Reuvers wrote: Unless ofcourse you put an external antenna in front of your basement window. Idea: I saw someone's web page who put USB wireless cards (on a USB extension cable) at the focal point of a cheap parabolic wok. It's a lot easier to extend USB to where you want it to go than to extend RF. With the gain from the parabola and good placement, you might overcome the weak signal from the Linksys.
Re: Limit access to msn to a couple of hours a day
phpmechanic wrote: Yeah the five minute solution is more along the lines of what I'm thinking. I'd also have to add a menu that can manually control access when I need to. I could write a bit of vbscript to launch plink and msn together so she has a seemless shortcut on her desktop. Some sort of alert would be handy to notify her that time is running low. Samba has some kind of "net send" equivalent, although I forget the name offhand. You'd have to turn on the Messenger service on the PC. If you want to get fancy, once she's out of time, redirect MSN to a "do your homework!" page.
3.7 pf running on bridge not passing some NFS traffic
Hello Everyone - hoping the right set of eyes looking at this will
find my mistake,
Details below - quick synopsis is that I have a two interface
host running 3.7 (release from CD - no patches or updates) with both
interfaces as members of a bridge. On the "em1" (internal) interface I
have 3 tagged vlan's configured which allow me to segment traffic
between three networks, all on the same subnet, by putting hosts on a
given vlan on the switch connected to the em1 interface. From a bridge
perspective things work great - hosts all communicate fine. When pf is
enabled however, nfs traffic from certain hosts (not all of them) to
other hosts is being dropped, but I can't determine why. These are all
Solaris hosts with the exception of the OpenBSD box.
=== Things I'm generally unsure about ===
1) Is it a good assumption that if I have vlan0, vlan1, vlan2 I should
be able to filter between those vlan interfaces in pf?
2) Are there any known complications doing this when those interfaces
are also members of a bridge?
3) After looking at what I've done below, is there other debugging I
can do to find out where things are being dropped - so far I can't
find it.
=== Problem Details ===
Most of these hosts have some form of NFS mount to another host going
on. Here's a basic diagram:
*10.1.2.13 mounts files from 10.1.2.11 (this has problems)
10.1.2.13 mounts files from 10.1.2.14 (this has no problems - same vlan)
*10.1.2.14 mounts files from 10.1.2.11 (this has problems)
10.1.2.75 mounts files from 10.1.2.11 (this has no problems)
10.1.2.77 mounts files from 10.1.2.11 (this has no problems)
10.1.2.11 mounts files from 10.1.2.12 (no problems - same vlan)
*10.1.2.12 mounts files from 10.1.1.20 (host on public side of
firewall - has problems as well)
When we first implemented the firewall we moved only 10.1.2.13 &
10.1.2.14 onto vlan2 - the remaining hosts were on the public network
(off em0) and everything worked fine. NFS mounts from vlan2 to em0
were no problem and we could filter traffic. Next, we moved 10.1.2.75
& 10.1.2.77 to vlan1, these also had no problems and NFS mounts worked
fine. Last to move were 10.1.2.11 & 10.1.2.12 and they were moved to
vlan0, immediately the above problems happened.
I can only assume that there is some difference between pf enforcement
from vlan <> vlan that does not exist from vlan <> physical interface.
When I enable the firewall and capture traffic on both vlan0 & vlan2 I
see the following traffic appear on vlan2 but NOT on vlan0. Before
enabling the firewall and after disabling the firewall this same
traffic passes fine:
14:31:23.600109 10.1.2.13.751 > 10.1.2.11.2049: xid 0x4944be7e 156
fsstat [|nfs] (DF) (ttl 64, id 22328, len 196)
14:31:23.996376 10.1.2.13.751 > 10.1.2.11.2049: xid 0x4944be7e 156
fsstat [|nfs] (DF) (ttl 64, id 22329, len 196)
14:31:24.796405 10.1.2.13.751 > 10.1.2.11.2049: xid 0x4944be7e 156
fsstat [|nfs] (DF) (ttl 64, id 22330, len 196)
14:31:26.396463 10.1.2.13.751 > 10.1.2.11.2049: xid 0x4944be7e 156
fsstat [|nfs] (DF) (ttl 64, id 22331, len 196)
14:31:29.596454 10.1.2.13.751 > 10.1.2.11.2049: xid 0x4944be7e 156
fsstat [|nfs] (DF) (ttl 64, id 22332, len 196)
I've enabled logging where I can think it would make sense (see
pf.conf below) and still doing the following shows no traffic related
to NFS:
# tcpdump -e -n -ttt -i pflog0
I've set debug loud in the pf.conf as well and see no additional
detail, though I'm not positive I'm looking in the right place
(pflog).
These problems all go away if I perform a 'pfctl -d' and immediately
start upon issuing a 'pfctl -e' so I'm certain the firewall is
blocking the traffic - but I can't tell why.
I have tried the following:
- Commented out 'scrub in' which made no difference
- Added a specific pass rule before the 'block in' rule which should
allow NFS traffic regardless of state
The very interesting thing is that the NFS mounts between { 10.1.2.75
10.1.2.77 } -> 10.1.2.11 work just fine through all of this.
Additionally, NFS mounts from 10.1.1.20 to 10.1.2.11 fail during this
- which go through the firewall but not between vlan's.
I suspect there is some additional debugging/troubleshooting that I
could do so I'm looking for suggestions. I'm stumped at why I cannot
see the traffic being dropped in pflog - I'm sure if I could get that
to happen it would be painfully obvious where I've failed.
=== Topology ===
em0 - Public interface - connects to the rest of the network.
em1 - Private interface - connected to a tagged port on a switch which
is configured for the 3 vlan's used to seperate networks.
- vlan0
- vlan1
- vlan2
(All of the above are added to 'bridge0' except em1) -
/etc/bridgename.bridge0 looks like this:
bash-3.00# cat /etc/bridgename.bridge0
add em0
add vlan0
add vlan1
add vlan2
blocknonip em0
blocknonip vlan0
blocknonip vlan1
blocknonip vlan2
up
vlan 0 has two hosts connected:
10.1.2.11
10.1.2.12
vlan1 has two hosts connected:
10.1.2.75
10.1.2.77
vlan2 has two hosts connected:
10.1.2.13
Re: arplookup
--- Quoting kevin on 2005/06/28 at 10:00 -0500: > Hi all, > > After my business cable provider replaced the router, I get > the usual "arplookup: unable to locate address 10.19.240.183" "unable to locate" or "unable to enter"? This happens in more places than you might think. What impact is it having on the box? You should be able to just ignore it.
Re: Honesty needed...
I've replied to Phillip's reply off list. Theo asked a while ago to please take this off list, so I'd appreciate if anyone who has remarks because of my recent thread to address me off list. I'd like to respect his request. Thank you to those who helped me today. Regards, Matt
setting mediaopt ibss fails on ath (Netgear WG511T)
Hello, I'm running OpenBSD 3.7 with a Netgear WG511T wireless network adapter which appears as ath0. ath0 at cardbus0 dev 0 function 0 "Atheros Communications, Inc., AR5001--, Wireless LAN Reference Card": irq 5 ath0: mac 80.9 phy 4.3 radio 4.6, 802.11a/b/g, FCC1A, address 00:0f:b5:a0:f9:ea gpio at ath0 not configured Setting mediaopt `ibss' creates entries in `dmesg`. ar5k_ar5212_nic_wakeup: failed to resume the AR5212 (again) ath0: unable to reset hardware; hal status 0 Also `ifconfig` status remains `no network'. Is this a well known problem or has it even been fixed in -current? -Hanspeter
Re: Honesty needed...
Some things in this scenario just don't ring true and I'm thinking this is just a big hoax. Firstly, you expressed concern in one of your original posts that your job was likely to be at risk if the problem wasn't solved quickly with little or no additional expenditure. Then we discover that "your boss" has bought this gee whiz bang SMP PC and insists this must be used for as the mailserver. And then you divulge that it has to handle 10,000 mail users. This, in itself isn't a particularly large mailserver, but does suggest you are in a rather large organization. Now, correct me where I'm wrong here, but I'm assuming your boss knows "diddly squat" about IT. Which would suggest you are in charge of the IT Department? You are prepared to run production servers with inadequate testing of the hardware/software/OS combination with little thought for appropriate redundancy on machines that would not be out of place on a gamer's desktop and may well have been won in competition. If this is the case, you probably should lose your job. An organization of the size you suggest, would certainly have an IT Department size and budget sufficient for the task, even if it is not "extravagant". And you head up this group of people? It seems to me it is time you sought vocational guidance to find a calling in life for which you are qualified and suited. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matt Juszczak Sent: Wednesday, 29 June 2005 5:28 AM To: Matt Rowley Cc: misc@openbsd.org Subject: Re: Honesty needed... > According to > http://www.freebsd.org/security/ > the current estimated EOL for 4.11 is January 31, 2007 > > That said, since you think IPF is causing problems, have your tried disabling > IPF and running either ipfilter or PF (or doing the filtering on a dedicated > firewall box)? > > --Matt Yep, I will try that. Anyway, I appreciate all of your help, I think this discussion has veered off from my original intentions and I think it should be taken off list since it is now considered O.T. Again, I'm appreciate all your input and I'm going to continue my research and see where it goes. Regards, Matt
Re: Suggested hardware for server?
On Tue, Jun 28, 2005 at 09:17:57PM +0100, Stuart Henderson wrote: > sensible money. To keep your drives alive for longer, you may like to > give some thought to keeping the drives cool, especially if they're in > a standard PC chassis. Good point; I was planning on putting this beast in the following case (specifically, the SR10769): http://www.chenbro.com.tw/product/product_preview.php?pid=102 Hoping that that case would be able to sufficiently cool the drives. Thanks again! Matt -- Matt Garman email at: http://raw-sewage.net/index.php?file=email
Re: wireless support
Both networks in the basement. So you want the signal to travel through walls AND lots of ground? That ain't gonna happen, I can tell you that. Unless ofcourse you put an external antenna in front of your basement window. Things like steel will reflect the signal, so it'll bounce around and might reach its goal. But it wouldn't be a signal you could use. Other objects will just absorb a bit of the signal, making it weaker coming out of the object. If you want to know if a material will absorb the signal, put some in a microwave (ofcourse also with a glass of water in it) and check if it's getting hot. If it is, it is absorbing. If it isn't, the signal will not notice the object and go straight through. Nils -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Namens Dimitri Verzonden: dinsdag 28 juni 2005 19:52 Aan: David Hill CC: misc@openbsd.org Onderwerp: Re: wireless support David Hill wrote: > Hello - > My neighbor has a Linksys WAP11 access point. We would like to join > networks.Both our networks are in our basements. The distance is > about 70ft. Would I get better signal/performance buying something > similar to my neighbor, or purchasing a wireless PCI card for my > OpenBSD box? If the PCI card would be the better solution, which > chipset should I look into getting? > > Thanks > David > For chipets man wi, man ath, man ral. For the rest, noone can tell if you will have enough signal to go through the walls unless you try. The wap11 is 30mW and pretty deaf. If you find a similar device, chances are that you won't get a decent link. If you want an external device, the Engenius/Senao CB3 is pretty strong(100-200mw) and sensitive and will probably compensate for the wap11. To get a decent answer you need to describe the current and the desired network topology, 'join networks' just isn't enough. --dg
Re: Suggested hardware for server?
--On 28 June 2005 14:57 -0500, Matt Garman wrote: So, still, the question remains: what do folks recommend as "good" hardware for hard disk controllers? MegaRAID in it's various guises (PATA/SATA/SCSI) .. If you have a bunch of usable PATA drives (preferably similarly-sized to avoid wasted space), you might pick up a second-hand cerc or megaraid i4 for sensible money. To keep your drives alive for longer, you may like to give some thought to keeping the drives cool, especially if they're in a standard PC chassis.
Re: Suggested hardware for server?
If you want the closest you can get to SCSI without actually going SCSI, try the LSI Logic MegaRAID SATA 300-8X controller. It uses the SATA-II spec, so you get 3.0gbps throughput, plus you have NCQ, which can queue up to 32 commands (IIRC). It's still no U320 SCSI setup, but it's much much much better than PATA or even SATA-I, which is half the speed, and normally doesn't support NCQ at all. Jason On 6/28/05, Matt Garman <[EMAIL PROTECTED]> wrote: > On Tue, Jun 28, 2005 at 01:28:43PM -0500, [EMAIL PROTECTED] wrote: > > What's the current box? I mean, I've got one that's doing about > > that without breaking a sweat, and it's about 7 years old. A PII > > (*any* PII) would be enough for this with enough RAM, and you can > > spend the money you'd spend on the new box on drives and fans > > instead. > > The current box is an nforce2 board, Athlon XP1700 and 512 MB RAM. > > Plenty of muscle in the processor-memory area. I meant to > underscore the part of my question about the *storage* subsystem > (mainly the disk controller). > > The current box has no SATA, only on-board PATA. I'm kind of > thinking that I'd like to run hardware RAID5. SCSI is just too > expensive, and hardware RAID for PATA is getting harder to find, as > it gets ousted by SATA. > > Based on the feedback I've received so far, I now think I want to > build a "little" (Soekris, mini-ITX, etc) OpenBSD box for my > firewall/gateway/NAT, and the current box will become just a > fileserver/source repository/backup server. > > So, still, the question remains: what do folks recommend as "good" > hardware for hard disk controllers? > > Thanks again! > Matt > > -- > Matt Garman > email at: http://raw-sewage.net/index.php?file=email
Re: Honesty needed...
Matt Juszczak wrote: OpenBSD is known for its stability, and I'm wondering what everyone's opinion on stability would be with a SuperMicro Dual Xeon 3.06 ghz (SMP) and 4 GM RAM, running postfix with LDAP and 10,000 users. If I can get a stable system up and running I'll be really happy. FreeBSD is known for its stability. Didn't someone point you to a patch in your first post? Regards, Matt
Re: Suggested hardware for server?
On Tue, Jun 28, 2005 at 01:28:43PM -0500, [EMAIL PROTECTED] wrote: > What's the current box? I mean, I've got one that's doing about > that without breaking a sweat, and it's about 7 years old. A PII > (*any* PII) would be enough for this with enough RAM, and you can > spend the money you'd spend on the new box on drives and fans > instead. The current box is an nforce2 board, Athlon XP1700 and 512 MB RAM. Plenty of muscle in the processor-memory area. I meant to underscore the part of my question about the *storage* subsystem (mainly the disk controller). The current box has no SATA, only on-board PATA. I'm kind of thinking that I'd like to run hardware RAID5. SCSI is just too expensive, and hardware RAID for PATA is getting harder to find, as it gets ousted by SATA. Based on the feedback I've received so far, I now think I want to build a "little" (Soekris, mini-ITX, etc) OpenBSD box for my firewall/gateway/NAT, and the current box will become just a fileserver/source repository/backup server. So, still, the question remains: what do folks recommend as "good" hardware for hard disk controllers? Thanks again! Matt -- Matt Garman email at: http://raw-sewage.net/index.php?file=email
Re: Honesty needed...
According to http://www.freebsd.org/security/ the current estimated EOL for 4.11 is January 31, 2007 That said, since you think IPF is causing problems, have your tried disabling IPF and running either ipfilter or PF (or doing the filtering on a dedicated firewall box)? --Matt --On Tuesday, June 28, 2005 15:10:16 -0400 Matt Juszczak <[EMAIL PROTECTED]> wrote: What's wrong with FreeBSD 4.11? You said it's stable for you. OpenBSD is going to be a big change for you on short notice with little testing. Everyone says the 4.x branch is much more stable than the 5.x branch anyway. It is, but its unsupported. If I go back to 4.11, within 6 months I would have to go back to 5.x anyway. I'd rather not waste time doing that.
Re: Honesty needed...
According to http://www.freebsd.org/security/ the current estimated EOL for 4.11 is January 31, 2007 That said, since you think IPF is causing problems, have your tried disabling IPF and running either ipfilter or PF (or doing the filtering on a dedicated firewall box)? --Matt Yep, I will try that. Anyway, I appreciate all of your help, I think this discussion has veered off from my original intentions and I think it should be taken off list since it is now considered O.T. Again, I'm appreciate all your input and I'm going to continue my research and see where it goes. Regards, Matt
Re: Honesty needed...
I was honoring that very much :) My main discussion was whether or not I should switch to OpenBSD or not, which is why it started on this list. Sorry for any inconvenence. On Tue, 28 Jun 2005, Theo de Raadt wrote: this is an openbsd list. please honour that. What's wrong with FreeBSD 4.11? You said it's stable for you. OpenBSD is going to be a big change for you on short notice with little testing. Everyone says the 4.x branch is much more stable than the 5.x branch anyway. It is, but its unsupported. If I go back to 4.11, within 6 months I would have to go back to 5.x anyway. I'd rather not waste time doing that. !DSPAM:42c1a293754841268621440!
Re: Honesty needed...
this is an openbsd list. please honour that. > > What's wrong with FreeBSD 4.11? You said it's stable for you. OpenBSD is > > going to be a big change for you on short notice with little testing. > > Everyone says the 4.x branch is much more stable than the 5.x branch > > anyway. > > > It is, but its unsupported. If I go back to 4.11, within 6 months I would > have to go back to 5.x anyway. I'd rather not waste time doing that.
Re: Honesty needed...
What's wrong with FreeBSD 4.11? You said it's stable for you. OpenBSD is going to be a big change for you on short notice with little testing. Everyone says the 4.x branch is much more stable than the 5.x branch anyway. It is, but its unsupported. If I go back to 4.11, within 6 months I would have to go back to 5.x anyway. I'd rather not waste time doing that.
Re: Honesty needed...
To avoid making CLM's, you should realise these lists are archived indefinitely. You're right :) He'll know I was being very sarcastic with that respect. I hope. I'll be careful. If things are crashing twice a day and you believe SMP is the culprit, disable it to get your immediate problem out of the way. That way you'll have the time to properly test another platform to see whether it does perform - with SMP as you so desire - the way you want it to. Agreed. If your mail server comes down crashing due to CPU shortage, the worst you've done is that you have a problem that is about as bad as the one you had originally: a crashing mail server. And of course, that's just my take on things. Agreed. Thanks. Cheers, Rogier -- If you don't know where you're going, any road will get you there. !DSPAM:42c19ccd747981257116395!
Re: Honesty needed...
On Jun 28 02:45 PM, Matt Juszczak wrote: > >Either, I think in general SMP is tough to get stable. People with > >more experience will hopefully reply and explain in more detail. For > >now I, personally, would disable smp on freebsd just to keep it > >stable. > > > I just dont know if this will keep it stable or not. Others are reporting > that the bug is in ttwakeup and the other is that its a bug in IPF, which > I currently use > > Thats why I'm at a dilemma right now. Do I keep things as they are, turn > SMP off on FreeBSD 5.4, and risk problems in the future? Or do I switch > to OpenBSD now, hope it works, and have a stable solution while FreeBSD > becomes more stable. What's wrong with FreeBSD 4.11? You said it's stable for you. OpenBSD is going to be a big change for you on short notice with little testing. Everyone says the 4.x branch is much more stable than the 5.x branch anyway. Matt
Re: Honesty needed...
On 6/29/05, Matt Juszczak <[EMAIL PROTECTED]> wrote: > Just spoke with the boss. My boss really "wants to run SMP". He's an > ill-informed business man and thinks that a single 3 ghz with 4 gb RAM > couldn't handle our mail server, which I believe it would have no problems > at all doing. > sounds like somebody who wouldnt know the difference anyway if u just went right ahead and *not* used smp, and told him otherwise, doesnt it? I'm not saying outright that u should really give up smp - but this is an option for u. -jf > 10,000 users isn't that many. > Either way, if hes set on SMP, then I either need to go to another *BSD > other than FreeBSD which wont have this problem (such as OpenBSD, although > do you know whether or not OpenBSD's SMP can support Dual Xeon's?) or > NetBSD. Otherwise, I have to go to linux or windows which I really don't > want to do at all. > > Thanks again for your help. > > Regards, > > Matt
Re: Honesty needed...
On 6/28/05, Matt Juszczak <[EMAIL PROTECTED]> wrote: > My boss really "wants to run SMP". He [...] thinks that a single 3 ghz > with 4 gb RAM couldn't handle our mail server [...] To avoid making CLM's, you should realise these lists are archived indefinitely. If things are crashing twice a day and you believe SMP is the culprit, disable it to get your immediate problem out of the way. That way you'll have the time to properly test another platform to see whether it does perform - with SMP as you so desire - the way you want it to. If your mail server comes down crashing due to CPU shortage, the worst you've done is that you have a problem that is about as bad as the one you had originally: a crashing mail server. And of course, that's just my take on things. Cheers, Rogier -- If you don't know where you're going, any road will get you there.
Re: Honesty needed...
Either, I think in general SMP is tough to get stable. People with more experience will hopefully reply and explain in more detail. For now I, personally, would disable smp on freebsd just to keep it stable. I just dont know if this will keep it stable or not. Others are reporting that the bug is in ttwakeup and the other is that its a bug in IPF, which I currently use Thats why I'm at a dilemma right now. Do I keep things as they are, turn SMP off on FreeBSD 5.4, and risk problems in the future? Or do I switch to OpenBSD now, hope it works, and have a stable solution while FreeBSD becomes more stable.
Re: Suggested hardware for server?
On Mon, Jun 27, 2005 at 03:37:37PM -0500, Matt Garman wrote: > I'm thinking about re-building the server on my home network. Right > now it's running Gentoo Linux (though it has been OpenBSD in the > past). I'm thinking about going back to OpenBSD for the > *simplicity* (which hopefully implies better robustness and > reliability) of the system (install, configure and forget about it > (except for security patches)). > > However, I have slowly been expanding this computer's role: it's > always been a firewall/gateway/NAT box. But I also want it to be a > massive data store (to house files for a video-on-demand system) > using nfs/samba, a backup server (rsync) and house some relatively > light-weight subversion (svn) repositories. > > So my question is, what hardware is recommended for this box? I > can't afford "enterprise grade" hardware, but I do want the most > reliable equipment I can afford. What's the current box? I mean, I've got one that's doing about that without breaking a sweat, and it's about 7 years old. A PII (*any* PII) would be enough for this with enough RAM, and you can spend the money you'd spend on the new box on drives and fans instead. -- The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding. -Justice Louis D. Brandeis
Re: Honesty needed...
Either, I think in general SMP is tough to get stable. People with more experience will hopefully reply and explain in more detail. For now I, personally, would disable smp on freebsd just to keep it stable. Joe On 6/28/05, Matt Juszczak <[EMAIL PROTECTED]> wrote: > On OpenBSD or FreeBSD? > > On Tue, 28 Jun 2005, Joe . wrote: > > > Can you live with just one processor? You would probably have much > > better luck with SMP disabled. > > > > Joe > > > > On 6/28/05, Matt Juszczak <[EMAIL PROTECTED]> wrote: > >> Hi all, > >> > >> Some of you have read my posts from the previous few days but I am really > >> stuck right now. Sorry if this is repeated information for anyone. > >> > >> We're running FreeBSD at work on our main mail server, which is now > >> crashing 2 times per day. I need to find a new solution soon, or I could > >> risk losing my job which would really stink. > >> > >> The machine itself is fine, and I know this because 1) I've tested the > >> memory and 2) This problem I am experiencing is occuring on more than one > >> machine. > >> > >> OpenBSD is known for its stability, and I'm wondering what everyone's > >> opinion on stability would be with a SuperMicro Dual Xeon 3.06 ghz (SMP) > >> and 4 GM RAM, running postfix with LDAP and 10,000 users. If I can get a > >> stable system up and running I'll be really happy. > >> > >> Apparently, there is something called a ttwakeup bug and there's some SMP > >> code problems in FreeBSD 5.4 that wasn't apparent in 4.11 (which is why > >> that runs stable for me) causing all these problems. I would hope that > >> with the branch off of OpenBSD these problems wouldn't exist in the OS. > >> > >> Any responses would be appreciated :) > >> > >> Regards, > >> > >> Matt > >> > >> > > > > > > !DSPAM:42c19294733741233197424!
Re: Honesty needed...
Just spoke with the boss. My boss really "wants to run SMP". He's an ill-informed business man and thinks that a single 3 ghz with 4 gb RAM couldn't handle our mail server, which I believe it would have no problems at all doing. 10,000 users isn't that many. Either way, if hes set on SMP, then I either need to go to another *BSD other than FreeBSD which wont have this problem (such as OpenBSD, although do you know whether or not OpenBSD's SMP can support Dual Xeon's?) or NetBSD. Otherwise, I have to go to linux or windows which I really don't want to do at all. Thanks again for your help. Regards, Matt On Tue, 28 Jun 2005, Joe . wrote: Can you live with just one processor? You would probably have much better luck with SMP disabled. Joe On 6/28/05, Matt Juszczak <[EMAIL PROTECTED]> wrote: Hi all, Some of you have read my posts from the previous few days but I am really stuck right now. Sorry if this is repeated information for anyone. We're running FreeBSD at work on our main mail server, which is now crashing 2 times per day. I need to find a new solution soon, or I could risk losing my job which would really stink. The machine itself is fine, and I know this because 1) I've tested the memory and 2) This problem I am experiencing is occuring on more than one machine. OpenBSD is known for its stability, and I'm wondering what everyone's opinion on stability would be with a SuperMicro Dual Xeon 3.06 ghz (SMP) and 4 GM RAM, running postfix with LDAP and 10,000 users. If I can get a stable system up and running I'll be really happy. Apparently, there is something called a ttwakeup bug and there's some SMP code problems in FreeBSD 5.4 that wasn't apparent in 4.11 (which is why that runs stable for me) causing all these problems. I would hope that with the branch off of OpenBSD these problems wouldn't exist in the OS. Any responses would be appreciated :) Regards, Matt !DSPAM:42c193b0735411236090296!
Trustix Xsentry
Hi all, Has anyone ever successfully installed OpenBSD on a Trustix XSentry machine? Even a flash drive which could be transplanted into it? I'd like to try out this theory. The machines are OK for minor tasks but i'd prefer to use OpenBSD on them as i find it more reliable. Thanks for your time Regards, Ken
Re: Honesty needed...
Matt Juszczak wrote: Hi all, Some of you have read my posts from the previous few days but I am really stuck right now. Sorry if this is repeated information for anyone. We're running FreeBSD at work on our main mail server, which is now crashing 2 times per day. I need to find a new solution soon, or I could risk losing my job which would really stink. The machine itself is fine, and I know this because 1) I've tested the memory and 2) This problem I am experiencing is occuring on more than one machine. OpenBSD is known for its stability, and I'm wondering what everyone's opinion on stability would be with a SuperMicro Dual Xeon 3.06 ghz (SMP) and 4 GM RAM, running postfix with LDAP and 10,000 users. If I can get a stable system up and running I'll be really happy. Apparently, there is something called a ttwakeup bug and there's some SMP code problems in FreeBSD 5.4 that wasn't apparent in 4.11 (which is why that runs stable for me) causing all these problems. I would hope that with the branch off of OpenBSD these problems wouldn't exist in the OS. Any responses would be appreciated :) Regards, Matt OpenBSD SMP support is pretty new, see http://www.openbsd.org/faq/faq8.html#SMP. It isn't super mature on FreeBSD either. Brian
Re: Honesty needed...
On OpenBSD or FreeBSD? On Tue, 28 Jun 2005, Joe . wrote: Can you live with just one processor? You would probably have much better luck with SMP disabled. Joe On 6/28/05, Matt Juszczak <[EMAIL PROTECTED]> wrote: Hi all, Some of you have read my posts from the previous few days but I am really stuck right now. Sorry if this is repeated information for anyone. We're running FreeBSD at work on our main mail server, which is now crashing 2 times per day. I need to find a new solution soon, or I could risk losing my job which would really stink. The machine itself is fine, and I know this because 1) I've tested the memory and 2) This problem I am experiencing is occuring on more than one machine. OpenBSD is known for its stability, and I'm wondering what everyone's opinion on stability would be with a SuperMicro Dual Xeon 3.06 ghz (SMP) and 4 GM RAM, running postfix with LDAP and 10,000 users. If I can get a stable system up and running I'll be really happy. Apparently, there is something called a ttwakeup bug and there's some SMP code problems in FreeBSD 5.4 that wasn't apparent in 4.11 (which is why that runs stable for me) causing all these problems. I would hope that with the branch off of OpenBSD these problems wouldn't exist in the OS. Any responses would be appreciated :) Regards, Matt !DSPAM:42c19294733741233197424!
Re: Honesty needed...
Can you live with just one processor? You would probably have much better luck with SMP disabled. Joe On 6/28/05, Matt Juszczak <[EMAIL PROTECTED]> wrote: > Hi all, > > Some of you have read my posts from the previous few days but I am really > stuck right now. Sorry if this is repeated information for anyone. > > We're running FreeBSD at work on our main mail server, which is now > crashing 2 times per day. I need to find a new solution soon, or I could > risk losing my job which would really stink. > > The machine itself is fine, and I know this because 1) I've tested the > memory and 2) This problem I am experiencing is occuring on more than one > machine. > > OpenBSD is known for its stability, and I'm wondering what everyone's > opinion on stability would be with a SuperMicro Dual Xeon 3.06 ghz (SMP) > and 4 GM RAM, running postfix with LDAP and 10,000 users. If I can get a > stable system up and running I'll be really happy. > > Apparently, there is something called a ttwakeup bug and there's some SMP > code problems in FreeBSD 5.4 that wasn't apparent in 4.11 (which is why > that runs stable for me) causing all these problems. I would hope that > with the branch off of OpenBSD these problems wouldn't exist in the OS. > > Any responses would be appreciated :) > > Regards, > > Matt
Honesty needed...
Hi all, Some of you have read my posts from the previous few days but I am really stuck right now. Sorry if this is repeated information for anyone. We're running FreeBSD at work on our main mail server, which is now crashing 2 times per day. I need to find a new solution soon, or I could risk losing my job which would really stink. The machine itself is fine, and I know this because 1) I've tested the memory and 2) This problem I am experiencing is occuring on more than one machine. OpenBSD is known for its stability, and I'm wondering what everyone's opinion on stability would be with a SuperMicro Dual Xeon 3.06 ghz (SMP) and 4 GM RAM, running postfix with LDAP and 10,000 users. If I can get a stable system up and running I'll be really happy. Apparently, there is something called a ttwakeup bug and there's some SMP code problems in FreeBSD 5.4 that wasn't apparent in 4.11 (which is why that runs stable for me) causing all these problems. I would hope that with the branch off of OpenBSD these problems wouldn't exist in the OS. Any responses would be appreciated :) Regards, Matt
Re: wireless support
David Hill wrote: > Hello - > My neighbor has a Linksys WAP11 access point. We would like to join > networks.Both our networks are in our basements. The distance is > about 70ft. Would I get better signal/performance buying something > similar to my neighbor, or purchasing a wireless PCI card for my OpenBSD > box? If the PCI card would be the better solution, which chipset should I > look into getting? > > Thanks > David > For chipets man wi, man ath, man ral. For the rest, noone can tell if you will have enough signal to go through the walls unless you try. The wap11 is 30mW and pretty deaf. If you find a similar device, chances are that you won't get a decent link. If you want an external device, the Engenius/Senao CB3 is pretty strong(100-200mw) and sensitive and will probably compensate for the wap11. To get a decent answer you need to describe the current and the desired network topology, 'join networks' just isn't enough. --dg
Problem starting kdm from /etc/rc.local
Firstly, I have no problems starting kdm from the command line or starting xdm from /etc/rc. However, if I start kdm from /etc/rc.local it won't take any keyboard input and I don't get text when I attempt switch virtual consoles (ctl-alt-del works to shutdown though). I get a some sort of corruption in the form of a thin horizontal line near the top of the screen when I attempt to switch virtual consoles. Also when I shutdown with ctrl-alt-del the text from the boot up sequence is corrupted (repeated chars llliiikeee ttthiisss). I see these clues in /var/log/Xorg.log: (EE) KbdOn: tcsetattr: Inappropriate ioctl for device (EE) xf86OpenSerial: Cannot open device /dev/wsmouse broken pipe (EE) KbdOn: tcsetattr: Inappropriate ioctl for device These aren't there when I start kdm from a shell prompt. The mouse does function however. I am using a recent snapshot (Jun 20). Any ideas? -- stephen
Re: Is it possible to run named not in chroot?
Adam Fabian wrote: On Tue, Jun 28, 2005 at 12:53:41AM -0500, Rene Rivera wrote: The man page is wrong. It says: When invoked without arguments, named will fork into two processes for privilege separation.chroot() to /var/named,read the default configuration file /var/named/etc/named.conf, read any initial data, and lis- ten for queries. But it took me a good hour after I posted my question, after already trying for 2 hours, to figure out that what it really means is: When invoked without the "-t" argument... No arguments implies there is no -t option. It also implies that giving it any option, for example -c, will cause it *not* to "fork into two processes for privilege separation". When in reality what named does is to *always* fork and chroot. Regardless, the named behavior doesn't help my situation. What I really want are user level access controls, a constructible file system, or the ability to multi-mount filesystems. Instead of using the chroot sledgehammer. -- -- Grafik - Don't Assume Anything -- Redshift Software, Inc. - http://redshift-software.com -- rrivera/acm.org - grafik/redshift-software.com -- 102708583/icq - grafikrobot/aim - Grafik/jabber.org
Re: Locations of config files through ports [Was: LDAP Support]
To get up to speed in finding things, I suggest reading hier(7) as well as ports(7) after looking through afterboot(8). That way, you can get a feel for things different from FreeBSD (or any OS, for that matter). And of course the FAQ. On 6/28/05, Matt Juszczak <[EMAIL PROTECTED]> wrote: > Where does OpenBSD keep its user configurations? /usr/local/etc/? Or > does stuff stay in /etc? Apart from chrooted utilities, such as httpd and named, that keep their stuff at various locations under /var, configuration items stay in /etc. That is, I have yet to encounter anything in /usr/local/etc, and if I recall correctly, comments along these lines did pass the list in the past. I suspect this has been a deliberate choice. Cheers, Rogier -- If you don't know where you're going, any road will get you there.
Re: wireless support
On Tue, Jun 28, 2005 at 08:53:13AM -0400, Josh Grosse wrote: > On Mon, Jun 27, 2005 at 11:46:42PM -0700, Bruce Bauer wrote: > > ..Get another WAP11($40-$60), make sure they have the same firmware version > > and configure them as a wireless bridge. They can be configured so they > > will only talk to each other. Of course, that means that if you still need > > an access point to connect to you will need another access point for that > > purpose. > > Very true. But it's more than just firmware, the hardware versions > should also match. There have been several different hardware products > called "WAP11" by Linksys: The original WAP11, then "Version 2.2", > "Version 2.6" and "Version 2.8". Each of these has different firmware, too. > > Why would you choose a Linksys AP over a PCI card though?
macppc pcmcia modem
Hi, I just got a pcmcia modem but it is not working... yet I hope. I'm running -current (as of June 26) on a macppc (Powerbook G4 17"). Here is what I get when I insert the modem : /bsd: "PRETEC, CompactModem 3.3V 56K, 021, A" (manufacturer 0x13, product 0x0) at pcmcia0 function 0 not configured Is there a quirk I could add somewhere in the sources to make it work or is it _again_ one of those non-working modems ? I don't need a definitive answer, just some hints on where I could start looking for a solution. Thanks in advance. Regards, Antoine dmesg : OpenBSD 3.7-current (GENERIC) #333: Sun Jun 26 15:24:37 MDT 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/macppc/compile/GENERIC real mem = 536870912 (524288K) avail mem = 483913728 (472572K) using 1254 buffers containing 26841088 bytes of memory mainbus0 (root) cpu0 at mainbus0: 7447A (Revision 0x101): 1499 MHz memc0 at mainbus0: uni-n mpcpcibr0 at mainbus0: uni-north, Revision 0xff pci0 at mpcpcibr0 bus 0 pchb0 at pci0 dev 11 function 0 "Apple UniNorth AGP" rev 0x00 vgafb0 at pci0 dev 16 function 0 "ATI Radeon Mobility M10 NP" rev 0x00, mmio wsdisplay0 at vgafb0 mux 1: console (std, vt100 emulation) mpcpcibr1 at mainbus0: uni-north, Revision 0x5 pci1 at mpcpcibr1 bus 0 pchb1 at pci1 dev 11 function 0 "Apple UniNorth PCI" rev 0x00 "Broadcom BCM4306" rev 0x03 at pci1 dev 18 function 0 not configured cbb0 at pci1 dev 19 function 0 "Texas Instruments PCI1510 CardBus" rev 0x00: irq 53 macobio0 at pci1 dev 23 function 0 "Apple Intrepid" rev 0x00 openpic0 at macobio0: version 0x4614 macgpio0 at macobio0 macgpio1 at macgpio0 offset 0x9 irq 47 programmer-switch at macgpio0 offset 0x11 not configured cpu-vcore-select at macgpio0 offset 0x6b not configured gpio4 at macgpio0 offset 0x1e not configured gpio5 at macgpio0 offset 0x6f not configured gpio6 at macgpio0 offset 0x70 not configured extint-gpio4 at macgpio0 offset 0x5c not configured gpio11 at macgpio0 offset 0x75 not configured extint-gpio15 at macgpio0 offset 0x67 not configured zsc0 at macobio0: irq 22,23 zstty0 at zsc0 channel 0 zstty1 at zsc0 channel 1 snapper0 at macobio0: irq 30,1,2 adb0 at macobio0 irq 25: via-pmu , 3 targets aed0 at adb0 addr 0: ADB Event device akbd0 at adb0 addr 2: iBook keyboard with inverted T (ISO layout) wskbd0 at akbd0 mux 1 wskbd0: connecting to wsdisplay0 ams0 at adb0 addr 3: EMP trackpad 4-button, 400 dpi wsmouse0 at ams0 mux 0 abtn0 at adb0 addr 7: brightness/volume/eject buttons apm0 at adb0: battery flags 0x4, 82% charged ki2c0 at macobio0 wdc0 at macobio0 irq 24: DMA atapiscsi0 at wdc0 channel 0 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: SCSI0 5/cdrom removable cd0(wdc0:0:0): using BIOS timings, DMA mode 2 audio0 at snapper0 ohci0 at pci1 dev 24 function 0 "Apple Intrepid USB" rev 0x00: irq 0, version 1.0, legacy support usb0 at ohci0: USB revision 1.0 uhub0 at usb0 uhub0: Apple OHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered ohci1 at pci1 dev 25 function 0 "Apple Intrepid USB" rev 0x00: irq 0, version 1.0, legacy support usb1 at ohci1: USB revision 1.0 uhub1 at usb1 uhub1: Apple OHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered ohci2 at pci1 dev 26 function 0 "Apple Intrepid USB" rev 0x00: irq 29, version 1.0, legacy support usb2 at ohci2: USB revision 1.0 uhub2 at usb2 uhub2: Apple OHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered ohci3 at pci1 dev 27 function 0 "NEC USB" rev 0x43: irq 63, version 1.0 usb3 at ohci3: USB revision 1.0 uhub3 at usb3 uhub3: NEC OHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub3: 3 ports with 3 removable, self powered ohci4 at pci1 dev 27 function 1 "NEC USB" rev 0x43: irq 63, version 1.0 usb4 at ohci4: USB revision 1.0 uhub4 at usb4 uhub4: NEC OHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub4: 2 ports with 2 removable, self powered ehci0 at pci1 dev 27 function 2 "NEC USB" rev 0x04: irq 63 usb5 at ehci0: USB revision 2.0 uhub5 at usb5 uhub5: NEC EHCI root hub, class 9/0, rev 2.00/1.00, addr 1 uhub5: 5 ports with 5 removable, self powered cardslot0 at cbb0 slot 0 flags 0 cardbus0 at cardslot0: bus 1 device 0 cacheline 0x8, lattimer 0x20 pcmcia0 at cardslot0 mpcpcibr2 at mainbus0: uni-north, Revision 0x6 pci2 at mpcpcibr2 bus 0 pchb2 at pci2 dev 11 function 0 "Apple UniNorth PCI" rev 0x00 kauaiata0 at pci2 dev 13 function 0 "Apple Intrepid ATA" rev 0x00 wdc1 at kauaiata0 irq 39: DMA wd0 at wdc1 channel 0 drive 0: wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors wd0(wdc1:0:0): using PIO mode 4, DMA mode 2, Ultra-DMA mode 5 "Apple UniNorth Firewire" rev 0x81 at pci2 dev 14 function 0 not configured gem0 at pci2 dev 15 function 0 "Apple GMAC" rev 0x80: irq 41, address 00:0d:93:3c:64:8a eephy0 at gem0 phy 0: Marvell 88E1000 Gigabit PHY, rev. 1 uhidev0 at uhub2 port 1 configuration 1 interface 0 uhidev0: Apple Computer product 0x1000, rev 1.10/12.4
Re: Is it possible to run named not in chroot?
On Tue, Jun 28, 2005 at 12:53:41AM -0500, Rene Rivera wrote: > The man page is wrong. It says: > >When invoked without arguments, named will fork into two >processes for privilege separation.chroot() to >/var/named,read the default configuration file >/var/named/etc/named.conf, read any initial data, and lis- >ten for queries. > > But it took me a good hour after I posted my question, after already > trying for 2 hours, to figure out that what it really means is: > >When invoked without the "-t" argument... No arguments implies there is no -t option. There is also a -c option to read a configuration file specified on the command line, and it says where the configuration is read from if you omit that. If you had invoked it with the -v option, it would've printed the version number and exited. So what it really means is what it actually says, and I can't construe it to be incorrect in any way. Being frustrated, missing information or not linking information in other parts of the page, and not understanding the implications of what's written doesn't make the man page wrong. There's plenty of incorrect information out there in manual pages, but not this bit of this man page. -- Adam Fabian <[EMAIL PROTECTED]>
Re: AMD64 and xl* ?
On Tue, Jun 28, 2005 at 09:06:51AM +0200, Bernd Schoeller wrote: > On Mon, Jun 27, 2005 at 04:23:27PM -0700, Gregory Steuck wrote: > > Bernd, xl(4) is what you will get this message through. Although I am > > using 3c905 (not b). Here is my dmesg from stock 3.7 release kernel: > > ... > > xl0 at pci0 dev 13 function 0 "3Com 3c905 100Base-TX" rev 0x00: irq 5, > address 00:60:08:xx:xx:xx > > This is very strange. The following is the output I get when booting > from the AMD64 CD-Rom of the official (purchasable) CD set: Its not stange at all since you guys are not comparing the same kernel configs. Greg showed you a GENERIC kernel and you are booting the RAMDISK_CD kernel. Anyway, as I said to you in private e-mail, the issue with xl* being missing from the RAMDISK_CD image will be resolved when the next snapshot comes out.
Re: [OT]: Garmin GPS Handheld with USB
On Tue, 2005-06-28 at 11:53:19 +0200, Johan P. Lindstrvm proclaimed... > Never tried using the USB interface, and I had some issues with connecting > the standard serial DB9 connector as well, not only the Garmin adapters > either I must say, I didn't get the NMEA code flowing... what software did > you use ? I'm just using garmin-utils (a package). It will suck out routes, waypoints and tracks from your GPS. Works fine over serial (db9) at 9600N81.
Re: Locations of config files through ports [Was: LDAP Support]
Rogier Krieger wrote: On 6/27/05, Matt Juszczak <[EMAIL PROTECTED]> wrote: Is it possible to integrate LDAP into the system so that all authentication is done via LDAP? You may want to check out login_ldap from ports (sysutils/login_ldap) which uses BSD auth present in OpenBSD. See how you like it and give it a test run, especially before you decide to move things over. Cheers, Rogier Two of my FreeBSD 5.4 machines are now crashing every 10-12 hours and there are no hardware problems. I can't even dump a core. It looks like I'm going to have to switch to something quick, and OpenBSD sounds like my best option. I'm going to test it on a devel box today and if it works I'm going to move the OS tomorrow on the mail server. Where does OpenBSD keep its user configurations? /usr/local/etc/? Or does stuff stay in /etc? Thanks, Matt
Re: Tutorial
Jon Drews wrote: On 6/28/05, Matt Juszczak <[EMAIL PROTECTED]> wrote: Tried to install OpenBSD but kept getting errors that it couldn't create the disklabel. Maybe I was doing something wrong. Is there a nice tutorial to install it? The book "Absolute OpenBSD" has a very detailed chapter on installation, that covers disklabel. Ok all :) I think most of my questions are answered anyway. Thank you. :) Sorry for so many posts, that FAQ really helped, read the whole thing last night. -Matt
Re: SH programming
On 1119834512 seconds since the Beginning of the UNIX epoch "Peter Bako" wrote: > >dayscount=$(expr ($year - 1900) * 365) >echo $dayscount >exit Parenthesis are shell reserved words and hence must be quoted if they are to be passed as arguments to a command, in this case expr. Also, the * is a globbing character, so it must also be quoted. Try: expr \( $year - 1900 \) \* 365 To stop the shell from giving special interpretation to the (, ) and *. -- Roland Dowdeswell http://www.Imrryr.ORG/~elric/
Re: wireless usb
On Tue, Jun 28, 2005 at 10:49:56AM -0300, Douglas Santos wrote: > On Mon, Jun 27, 2005 at 03:05:47PM -0400, linc wrote: > > > Date: Sun, 26 Jun 2005 17:26:21 -0500 > > > From: Qv6 <[EMAIL PROTECTED]> > > > To: misc@openbsd.org > > > Subject: Re: wireless usb > > > Message-ID: <[EMAIL PROTECTED]> > > > > > > I just don't want to buy another one and not have it work. > > > > > > > > Howdy, > > I have been using the D-Link DWL-122 usb device, it's a Prism chipset. > > It works fine on 3.6 and a pre-3.7 snapshot. > > Frankly this device is old, and only the OpenBSD developers put enough > > time in it to make a reliable driver. It works intermittently under > > Linux and locks OSX completely (like reboot & fsck). There are faster > > cheap devices out there now... > > Linksys WUSB54G attach as > > ugen0 at uhub3 port 4 > ugen0: Linksys product 0x2234, rev 2.00/1.10, addr 2 Only v4 of the WUSB54G is known to be supportted, you seem to have an adapter based on one of the newer (unsupported) Prism variants.
Re: Limit access to msn to a couple of hours a day
Alexander Farber wrote:
> 2005/6/28, Nick Holland <[EMAIL PROTECTED]> :
> > (note: grepping the output of "ps -ax" is a starting point...but
> > remember: sometimes the you will pick up the grep line itself in ps...)
>
> a trick for that problem is to use a (seemingly useless :-) pair of brackets:
>
> ps -ax | grep 'process_n[a]me'
>
> ps -ax | awk '/process_n[a]me/ { print $1 }' | xargs kill
Interesting trick.
But since OpenBSD3.6 you can use pkill and pgrep.
# Han
Re: Limit access to msn to a couple of hours a day
Nick Holland wrote: > (note: grepping the output of "ps -ax" is a starting point...but > remember: sometimes the you will pick up the grep line itself in > ps...) ps -ax | grep '[a]uthpf' This will never catch the grep process.
Re: Limit access to msn to a couple of hours a day
Nick Holland wrote: Hm. Well...sounds like trying to use technology to substitute for management, which is not something I agree with. (yeah, I have no kids, so its easy for me to talk about high ideals when it comes to raising other people's kids. :) Yeah it's something like that and I was expecting a bit of guff about "a technical solution to a social problem". HOWEVER, it is an interesting puzzle (which is something I enjoy)... I'm assuming you want to allow her a "X amount of time per day", not "access from X:XXpm to Y:YYpm every day". If the later is what you want, it's trivial: two PF scripts, two cron jobs, one is loaded at the start of the unrestricted time, the other at the end of the unrestricted time. The default ruleset should be "restricted", that way, you don't have "accidental" bumping of the gateway's power switch... (Alternatively, use a table, and load/delete user's workstations). Assuming you want to limit time-per-day, but don't care when, how about this: Use authpf to control and track usage. In order for the user to actually get access to the "regulated" sites, they must first state their intention by running authpf to open access to that site. Every minute, a cron job looks for running authpf processes, and if found, logs a line to a file. If that file gets to 60, 90, 120, whatever lines long, the same cron job will add the user's name to the /etc/authpf/banned directory, and killing the existing authpf session. (note: grepping the output of "ps -ax" is a starting point...but remember: sometimes the you will pick up the grep line itself in ps...) Some time absurdly early in the morning, another cron job would clear the "log" files for all users and all the /etc/authpf/banned/ files. Variation: instead of running the cron job every minute, run it every five minutes. Maybe she'll figure out how to write a program which will anticpate the check, drop the authpf session, and start it back up ten seconds later. Sure, it defeats the purpose, but it would be far more educational..you have taught her to program, and made her think it was her idea (I'm remembering my dad's statement: "A parent's job is to get the kids out of the house and make them think it was their idea". BTW: his other solution to every child-raising problems was the expression, "Get a job!", which we started hearing about age five.). The one-minute time interval is probably too fast for that, though if you really want to keep that from happening, don't run ntpd on the firewall. :) Yeah the five minute solution is more along the lines of what I'm thinking. I'd also have to add a menu that can manually control access when I need to. I could write a bit of vbscript to launch plink and msn together so she has a seemless shortcut on her desktop. Some sort of alert would be handy to notify her that time is running low. This sounds like it could be fun fun.
Re: Limit access to msn to a couple of hours a day
On Tue, Jun 28, 2005 at 04:36:07PM +0200, Alexander Farber wrote:
> Hi Nick,
>
> 2005/6/28, Nick Holland <[EMAIL PROTECTED]>:
> > (note: grepping the output of "ps -ax" is a starting point...but
> > remember: sometimes the you will pick up the grep line itself in ps...)
>
> a trick for that problem is to use a (seemingly useless :-) pair of brackets:
>
> ps -ax | grep 'process_n[a]me'
>
> ps -ax | awk '/process_n[a]me/ { print $1 }' | xargs kill
.. or just use pkill(1)
I actually use that trick instead of "| grep -v grep" but it's pretty
ugly to script.
--
stephen
arplookup
Hi all, After my business cable provider replaced the router, I get the usual "arplookup: unable to locate address 10.19.240.183" I did an arp -d -a and then rebooted, but still get the message. Now the cable company says that the router's firmware is buggy and their is nothing they can do. Evidently, this 10 address is part of the cable company's mgmt network, but should be sending requests internal to them, not external to my public IP. Isn't it nice talking to level one? Anyone experience this with a ZyXEL cable modem?
Re: Limit access to msn to a couple of hours a day
Hi Nick,
2005/6/28, Nick Holland <[EMAIL PROTECTED]>:
> (note: grepping the output of "ps -ax" is a starting point...but
> remember: sometimes the you will pick up the grep line itself in ps...)
a trick for that problem is to use a (seemingly useless :-) pair of brackets:
ps -ax | grep 'process_n[a]me'
ps -ax | awk '/process_n[a]me/ { print $1 }' | xargs kill
etc.
Regards
Alex
Re: Is it possible to run named not in chroot?
In message <[EMAIL PROTECTED]> so spake Rene Rivera (grafik.list): > Because my configuration files, named.conf and all the zone files, must > be at /export/config/named/... And there's no way, other than removing > the chroot AFAIK, to get named to read the configuration from where I > have the files. And you'll ask why don't I just put the files in > /var/named/etc? Because those files are version control managed, backup > managed, and RAID managed. Or more precisely my entire /export is highly > controlled to have fault tolerance, backups, complete file histories, > and access controls. You will be better off writing a simple script that syncs things from your revision controlled directory into /var/named (perhaps using rsync) and then starts/reloads named. Alternately, you could just have named chroot to your /export dir. - todd
transparent http-proxy for incoming pptp connections - direction outbound ... ?
...sounds perhaps a little bit funny description: Gateway (3.6) with two nics: ext_if (WAN/a.b.c.d) and int_if (LAN/192.168.0.1/16). Gateway is: transparent http proxy (squid/tproxy on LAN-Int 192.168.0.1) IPsec gateway (net2net - 28 static vpn tunnel) pptp gateway (for dumb mobile clients) client adress pool: 10.1.1/24 ...and other The problem:forcing the _incoming_ pptp clients to use the transparent proxy for _outgoing_ http requests. squid/tproxy are bound to LAN-Int, because otherwise they aren't tunnel members and not reachable for the clients. If the pptp clients call the squid proxy directly via their browser settings, all works well. But transparent proxying doesn't work :-( NAT is enabled for pptp clients (direction outbound) - works. Redirecting for port 80 requests (direction: WAN) to the tproxy: not working. I have lines similar to this in pf.conf: rdr on tun0 proto tcp from 10.1.1/24 to any port 80 -> 192.168.0.1 port 8081 ...but tproxy ist never affected Nearly the same settings from internal LAN work very well too... Perhaps I made the mistake when using tun-whatsoever? All hints welcome ;-) Andre Ruppert
Re: Limit access to msn to a couple of hours a day
Dennis Davis wrote: From: Nick Holland <[EMAIL PROTECTED]> (note: grepping the output of "ps -ax" is a starting point...but remember: sometimes the you will pick up the grep line itself in ps...) [...] so instead write: bahamontes $ ps -ax|grep '[n]tpd' 23336 ?? Is 0:00.11 ntpd: [priv] (ntpd) 10490 ?? I 0:10.36 ntpd: ntp engine (ntpd) or use "pgrep", that's what it's for. $ ps -ax | grep '[n]tp' 16051 ?? Is 0:01.18 ntpd: [priv] (ntpd) 32439 00- I 0:27.43 ntpd: ntp engine (ntpd) $ pgrep -u _ntp ntpd 32439 $ pgrep -u root ntpd 16051 -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
Re: Limit access to msn to a couple of hours a day
>Date: Tue, 28 Jun 2005 09:25:18 -0400 >From: Nick Holland <[EMAIL PROTECTED]> >To: misc >Subject: Re: Limit access to msn to a couple of hours a day ... >(note: grepping the output of "ps -ax" is a starting point...but >remember: sometimes the you will pick up the grep line itself in ps...) Quite. For example: bahamontes $ ps -ax|grep 'ntpd' 23336 ?? Is 0:00.11 ntpd: [priv] (ntpd) 10490 ?? I 0:10.36 ntpd: ntp engine (ntpd) 28841 p1 ?+ 0:00.00 grep ntpd so instead write: bahamontes $ ps -ax|grep '[n]tpd' 23336 ?? Is 0:00.11 ntpd: [priv] (ntpd) 10490 ?? I 0:10.36 ntpd: ntp engine (ntpd)
Re: wireless usb
On Mon, Jun 27, 2005 at 03:05:47PM -0400, linc wrote: > > Date: Sun, 26 Jun 2005 17:26:21 -0500 > > From: Qv6 <[EMAIL PROTECTED]> > > To: misc@openbsd.org > > Subject: Re: wireless usb > > Message-ID: <[EMAIL PROTECTED]> > > > > I just don't want to buy another one and not have it work. > > > > > Howdy, > I have been using the D-Link DWL-122 usb device, it's a Prism chipset. > It works fine on 3.6 and a pre-3.7 snapshot. > Frankly this device is old, and only the OpenBSD developers put enough > time in it to make a reliable driver. It works intermittently under > Linux and locks OSX completely (like reboot & fsck). There are faster > cheap devices out there now... Linksys WUSB54G attach as ugen0 at uhub3 port 4 ugen0: Linksys product 0x2234, rev 2.00/1.10, addr 2
Re: Limit access to msn to a couple of hours a day
Oliver Bode wrote: > Hi, > > I have an openbsd firewall on my home network. > > My daughter has become addicted to msn and I've spoken to her about > restricting the time she spends on it. > > What I want to do is only allow her access to msn for say 1 or 2 hours a > day and enforce this on the firewall as well. > > I can block access to msn on the firewall but I'm not sure of the best > approach to enforce the time limit. > > I'm thinking I could write a scripts run by cron every minute to > calculate if her time is up but I think this is a bit messy. Is there a > better approach? Hm. Well...sounds like trying to use technology to substitute for management, which is not something I agree with. (yeah, I have no kids, so its easy for me to talk about high ideals when it comes to raising other people's kids. :) HOWEVER, it is an interesting puzzle (which is something I enjoy)... I'm assuming you want to allow her a "X amount of time per day", not "access from X:XXpm to Y:YYpm every day". If the later is what you want, it's trivial: two PF scripts, two cron jobs, one is loaded at the start of the unrestricted time, the other at the end of the unrestricted time. The default ruleset should be "restricted", that way, you don't have "accidental" bumping of the gateway's power switch... (Alternatively, use a table, and load/delete user's workstations). Assuming you want to limit time-per-day, but don't care when, how about this: Use authpf to control and track usage. In order for the user to actually get access to the "regulated" sites, they must first state their intention by running authpf to open access to that site. Every minute, a cron job looks for running authpf processes, and if found, logs a line to a file. If that file gets to 60, 90, 120, whatever lines long, the same cron job will add the user's name to the /etc/authpf/banned directory, and killing the existing authpf session. (note: grepping the output of "ps -ax" is a starting point...but remember: sometimes the you will pick up the grep line itself in ps...) Some time absurdly early in the morning, another cron job would clear the "log" files for all users and all the /etc/authpf/banned/ files. Variation: instead of running the cron job every minute, run it every five minutes. Maybe she'll figure out how to write a program which will anticpate the check, drop the authpf session, and start it back up ten seconds later. Sure, it defeats the purpose, but it would be far more educational..you have taught her to program, and made her think it was her idea (I'm remembering my dad's statement: "A parent's job is to get the kids out of the house and make them think it was their idea". BTW: his other solution to every child-raising problems was the expression, "Get a job!", which we started hearing about age five.). The one-minute time interval is probably too fast for that, though if you really want to keep that from happening, don't run ntpd on the firewall. :) Nick. (who should really work out a "no more than an hour a day on misc@" control for himself)
Re: wireless support
On Mon, Jun 27, 2005 at 11:46:42PM -0700, Bruce Bauer wrote: > ..Get another WAP11($40-$60), make sure they have the same firmware version > and configure them as a wireless bridge. They can be configured so they will > only talk to each other. Of course, that means that if you still need an > access point to connect to you will need another access point for that > purpose. Very true. But it's more than just firmware, the hardware versions should also match. There have been several different hardware products called "WAP11" by Linksys: The original WAP11, then "Version 2.2", "Version 2.6" and "Version 2.8". Each of these has different firmware, too.
Re: [OT]: Garmin GPS Handheld with USB
I tested Garmin eTrex under OpenBSD using just plain old `cu`, which fit my needs just fine since I was trying to capture the output from the NMEA stream. You have to make sure you get your port settings correctly. Unfortunately I purchased mine before they released the USB cables, so I don't know if they are compatible with gardump/garload. Tim Donahue On Tuesday 28 June 2005 05:53 am, Johan P. Lindstrvm wrote: > Never tried using the USB interface, and I had some issues with connecting > the standard serial DB9 connector as well, not only the Garmin adapters > either I must say, I didn't get the NMEA code flowing... what software did > you use ? > -- Johan > > On 6/28/05, eric <[EMAIL PROTECTED]> wrote: > > Is anyone using a Garmin GPS handheld unit with USB connectivity? I'm > > thinking about getting a new handheld and just need to make sure USB > > works under OpenBSD for gardump/garload. Serial works perfectly using the > > DB9 connection, but I've never tried the USB interface. > > > > Any replies are appreciated. > > > > Thanks. > > > > - Eric
Re: Limit access to msn to a couple of hours a day
On Tue, Jun 28, 2005 at 12:29:12PM +1000, Oliver Bode wrote: > ...My daughter has become addicted to msn and I've spoken to her about > restricting the time she spends on it. A script to schedule allow/block by time-of-day is described in Dru Levigne's "BSD Hacks" (ISBN 0-596-00679-9). It is "Hack #64: Script IP Filter Rulesets" and was contributed to her book by John Richard. Perhaps not surprisingly, he begins by saying, "I have a FreeBSD firewall/router guarding my home network. I also happen to have a daughter who would spend her life online if she were allowed." -Josh Grosse-
Via K8T800 based mainboards
Hello all, Since my problems with the ATI RS400 chipset, I'm looking for something else that has a bit more quality and is better supported. Does anyone has good experience with the Abit AV8-3rd Eye mainboard? or with the Via K8T800 Pro chipset in general? My main concearn is the write speed to the PCI bus, since it has to be equiped with a hardware raid controller. Other suggestions are welcome as long as it is an AMD socket 939 mainboard. Thnx, Jimmy Scott This message has been sent through ihosting.be To report spamming or other unaccepted behavior by a iHosting customer, please send a message to [EMAIL PROTECTED]
Re: [OT]: Garmin GPS Handheld with USB
Never tried using the USB interface, and I had some issues with connecting the standard serial DB9 connector as well, not only the Garmin adapters either I must say, I didn't get the NMEA code flowing... what software did you use ? -- Johan On 6/28/05, eric <[EMAIL PROTECTED]> wrote: > > Is anyone using a Garmin GPS handheld unit with USB connectivity? I'm > thinking about getting a new handheld and just need to make sure USB works > under OpenBSD for gardump/garload. Serial works perfectly using the > DB9 connection, but I've never tried the USB interface. > > Any replies are appreciated. > > Thanks. > > - Eric
Re: HA firewall
I activated ntp at installation time. The time on the two box are perfectly aligned. I think the problem should be related to pfsync code. Indeed disabling pfsync I reduced the log messages by a factor of 30. Now I have only some BAD state (2-3 in a minutes). Moreover, with pfsync enabled the users connected (tcp) with the game application server reported several connection drop. Disabling pfsync this problem was mitigated too. Paolo Bryan Irvine ha scritto: I used to get similar errors with dhcpd, and noticed the clock was about 18 hours off. Setting the time and turning on ntpd seemed to fix that issue. --Bryan On 6/27/05, Paolo Perrucci <[EMAIL PROTECTED]> wrote: Till now the firewalls seems to be stable. No panic for now. It seems the first small step was in the right direction... Thank you Rogier. Now my last problem regards the pf weird logs. I have two type of strange logs: 1) Jun 27 15:51:09 ip-11-53 /bsd: pfsync: ignoring stale update (4) id: 42bae8be0030af70 creatorid: 23e81a47 2) Jun 27 15:24:05 ip-11-52 /bsd: pf: BAD state: TCP 62.94.11.44:28003 83.211.3.20:28003 85.33.52.26:1088 [lo=4256108960 high=4256114800 win=17520 modulator=0] [lo=346282809 high=346300240 win=5840 modulator=0] 4:4 FPA seq=188091771 ack=4256108960 len=125 ackskew=0 pkts=768:692 dir=out,rev Jun 27 15:24:05 ip-11-52 /bsd: pf: State failure on: 2 | 6 The 1st message appears very often (up to 30-40 times in the same second) and the 2nd appears 1 times at second). Googling around the net I didn't found anithing usefull. Someone can give me some hints on how interpret the messages? Thanks Paolo P.S.: the firewall handle the traffic directed to some multiplayer game application server. In normal situation there are about 800 established tcp connection flowing throught the fws consuming a bandwidth of about 2 Mbit/s. Paolo Perrucci ha scritto: Ok, I replaced syncif with syncdev on both fws. Waiting for the next panic... Thanks Paolo Rogier Krieger ha scritto: On 6/24/05, Paolo Perrucci <[EMAIL PROTECTED]> wrote: hostname.pfsync0: up syncif rl0 To start with small steps: how about replacing syncif with syncdev for the hostname.pfsync0 files? IIRC, syncif is deprecated as of 3.7. For more info, see ifconfig(8). Cheers, Rogier
Re: AMD64 and xl* ?
--On 28 June 2005 09:06 +0200, Bernd Schoeller wrote: This is very strange. The following is the output I get when booting from the AMD64 CD-Rom of the official (purchasable) CD set: xl drivers are not included in ramdisk kernels for amd64, only GENERIC. For i386 the platform web page marks each device to indicate which have drivers on the ramdisk kernels, if anyone thinks of adding similar marks to amd64.html would be a good idea, PR4254 will save you some time.
Re: Getting X11 to start on a Mac Mini (?)
Otto Moerbeek wrote: [snip] Try the xorg.conf below as a start. It has some specific stuff related to my LCD, screen, but it should get you started. Thanks Otto. Just to add to that for my Mini with a Dell 1704FPV over DVI the magic words were: Option "MonitorLayout" "None,TMDS" Option "IgnoreEDID" "on" Option "NoDDC" "on" Duncan
Re: AMD64 and xl* ?
On Mon, Jun 27, 2005 at 04:23:27PM -0700, Gregory Steuck wrote: > Bernd, xl(4) is what you will get this message through. Although I am > using 3c905 (not b). Here is my dmesg from stock 3.7 release kernel: > ... > xl0 at pci0 dev 13 function 0 "3Com 3c905 100Base-TX" rev 0x00: irq 5, address 00:60:08:xx:xx:xx This is very strange. The following is the output I get when booting from the AMD64 CD-Rom of the official (purchasable) CD set: -- OpenBSD 3.7 (RAMDISK_CD) #284: Sun Mar 20 01:02:23 MST 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/amd64/compile/RAMDISK_CD real mem = 2147020800 (2096700K) avail mem = 1837428736 (1794364K) using 22937 buffers containing 214908928 bytes (209872K) of memory mainbus0 (root) cpu0 at mainbus0: (uniprocessor) cpu0: AMD Athlon(tm) 64 Processor 3400+, 2200.39 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS H,MMX,FXSR,SSE,SSE2,NXE,MMXX,LONG,3DNOW2,3DNOW cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 1MB 64b/line 16-way L2 cache cpu0: ITLB 32 4KB entries fully associative, 8 4MB entries fully associative cpu0: DTLB 32 4KB entries fully associative, 8 4MB entries fully associative pci0 at mainbus0 bus 0: configuration mode 1 pchb0 at pci0 dev 0 function 0 "VIA K8HTB Host" rev 0x01 ppb0 at pci0 dev 1 function 0 "VIA K8HTB AGP" rev 0x00 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 vendor "Nvidia", unknown product 0x0331 rev 0xa1 wsdisplay0 at vga1: console (80x25, vt100 emulation) "Creative Labs SoundBlaster Live" rev 0x07 at pci0 dev 7 function 0 not configured "Creative Labs PCI Gameport Joystick" rev 0x07 at pci0 dev 7 function 1 not configured "3Com 3c905B 100Base-TX" rev 0x24 at pci0 dev 8 function 0 not configured "Promise PDC20378" rev 0x02 at pci0 dev 13 function 0 not configured "VIA VT6306 FireWire" rev 0x80 at pci0 dev 14 function 0 not configured pciide0 at pci0 dev 15 function 0 "VIA VT8237 SATA" rev 0x80: DMA pciide0: using irq 10 for native-PCI interrupt wd0 at pciide0 channel 1 drive 0: wd0: 16-sector PIO, LBA48, 194481MB, 398297088 sectors wd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 5 pciide1 at pci0 dev 15 function 1 "VIA VT82C571 IDE" rev 0x06: ATA133, channel 0 configured to compatibility, channel 1 configured to compatibility atapiscsi0 at pciide1 channel 0 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: <_NEC, DVD_RW ND-2510A, 2.15> SCSI0 5/cdrom removable atapiscsi1 at pciide1 channel 0 drive 1 scsibus1 at atapiscsi1: 2 targets cd1 at scsibus1 targ 0 lun 0: SCSI0 5/cdrom removable cd0(pciide1:0:0): using PIO mode 4, Ultra-DMA mode 2 cd1(pciide1:0:1): using PIO mode 4, Ultra-DMA mode 2 pciide1: channel 1 disabled (no drives) uhci0 at pci0 dev 16 function 0 "VIA VT83C572 USB" rev 0x81: irq 11 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: VIA UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 16 function 1 "VIA VT83C572 USB" rev 0x81: irq 11 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: VIA UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 16 function 2 "VIA VT83C572 USB" rev 0x81: irq 10 usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: VIA UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered uhci3 at pci0 dev 16 function 3 "VIA VT83C572 USB" rev 0x81: irq 10 usb3 at uhci3: USB revision 1.0 uhub3 at usb3 uhub3: VIA UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub3: 2 ports with 2 removable, self powered ehci0 at pci0 dev 16 function 4 "VIA VT6202 USB" rev 0x86: irq 5 ehci0: EHCI version 1.0 ehci0: companion controllers, 2 ports each: uhci0 uhci1 uhci2 uhci3 usb4 at ehci0: USB revision 2.0 uhub4 at usb4 uhub4: VIA EHCI root hub, class 9/0, rev 2.00/1.00, addr 1 uhub4: single transaction translator uhub4: 8 ports with 8 removable, self powered "VIA VT8237 ISA" rev 0x00 at pci0 dev 17 function 0 not configured pchb1 at pci0 dev 24 function 0 "AMD AMD64 HyperTransport" rev 0x00 pchb2 at pci0 dev 24 function 1 "AMD AMD64 Address Map" rev 0x00 pchb3 at pci0 dev 24 function 2 "AMD AMD64 DRAM Cfg" rev 0x00 pchb4 at pci0 dev 24 function 3 "AMD AMD64 Misc Cfg" rev 0x00 isa0 at mainbus0 com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0 (mux 1 ignored for console): console keyboard, using wsdisplay0 rd0: fixed, 3584 blocks root on rd0a rootdev=0x1100 rrootdev=0x2f00 rawdev=0x2f02 uhidev0 at uhub0 port 1 configuration 1 interface 0 uhidev0: Microsoft SideWinder Joystick, rev 1.10/1.01, addr 2, iclass 3/0 uhid at uhidev0 not configured uhub1: device problem, disabling port 1 -- as a comparison, I get the following if I boot from the i386 CD from the same
