Re: Asymmetric gigabit speeds at full load / OpenBSD 3.7
Lars Hansson wrote: On Wed, 29 Jun 2005 19:16:08 +0200 Frederic BRET [EMAIL PROTECTED] wrote: So the conclusion may be that the BSD hardwares are limited by the ability of their OS to manage interrupts properly... What do you think about this ? I've put 750mpbs between 2 OpenBSD boxes using iperf. The cpu spent ~30% of it's time in interrupts. This was using -u and -b 750M. With smaller, 80 bytes, packets they handled 140k pps and ~100mpbs with the cpu spending ~50% of the time in interupts. It's a GENERIC kernel with ramdisk hooks and dummy_nops. These boxes just went into production so i'll probably write something about them later when I've seen how they perform in the real world. Interesting. I'm seeing near identical UDP results as the parent poster; the receiving OpenBSD box maxes out at 45Mb/s with many dropped packets due to full socket buffers. However, I'm able to forward 800Mb/s through the OpenBSD router between two linux hosts with no problems. Sean
Re: sguil and OpenBSD
On Friday 01 July 2005 02:16, Vivek Ayer wrote: Hi all, Has anyone installed sguil on OpenBSD? I hear ACID development has stopped so it would be an opportune time to switch to sguil. If anyone can point me in the right direction of an install-and-configure guide specifically for openbsd, that would great. I'm running OpenBSD 3.7-current. I need it for the firewall that I have setup to protect a wired and wireless network. Thanks. Vivek You'll probably have better luck with the sguil-users mailing list (including its archive), there are several OpenBSD users on it. /Andreas
Re: sguil and OpenBSD
Those are the steps that I took to install sguil on 3.7. This installation assumes server, sensor and database is on 1 host. install Openbsd 3.7 / 2GB swap 2GB /var 5GB /usr 20GB /nsm (remainding) System name: idssrvr Domain: xxx.com IP: 10.1.1.82/24 DNS Server: 68.100.16.25 GW: 10.1.1.1 Install src and ports to /usr/src and /usr respectively add users sguil, mysql and (generic id, to login) add the generic user to group wheel Default password for all is welcome mkdir /usr/local/src cd /usr/ports/net/wget make install cd /usr/ports/net/libnet make install pkg_add ftp://ftp.openbsd.org/pub/OpenBSD/3.7/packages/i386/mysql-server-4.0.23p1.tgz /usr/local/bin/mysql_install_db --user=mysql /usr/local/bin/mysqld_safe --user=mysql /usr/local/bin/mysqladmin -u root password 'welcome' /usr/local/bin/mysql -u root -pwelcome mysql CREATE DATABASE sguildb; Query OK, 1 row affected (0.00 sec) mysql GRANT ALL PRIVILEGES ON *.* TO [EMAIL PROTECTED] IDENTIFIED BY 'welcome' WITH GRANT OPTION; Query OK, 0 rows affected (0.00 sec) mysql GRANT ALL PRIVILEGES ON *.* TO [EMAIL PROTECTED] IDENTIFIED BY 'welcome' WITH GRANT OPTION; Query OK, 0 rows affected (0.00 sec) mysql \q cd /usr/local/src wget http://unc.dl.sourceforge.net/sourceforge/sguil/sguil-client-0.5.3.tar.gz wget http://unc.dl.sourceforge.net/sourceforge/sguil/sguil-server-0.5.3.tar.gz wget http://easynews.dl.sourceforge.net/sourceforge/sguil/sguil-sensor-0.5.3.tar.gz tar -xvzf sguil-client-0.5.3.tar.gz tar -xvzf sguil-server-0.5.3.tar.gz tar -xvzf sguil-sensor-0.5.3.tar.gz mv sguil-0.5.3 sguil cd sguil/server /usr/local/bin/mysql -u sguil -p -D sguildb ./sql_scripts/create_sguildb.sql Enter Password: welcome /usr/local/bin/mysql -u sguil -p -e show tables sguildb Enter password: welcome +---+ | Tables_in_sguildb | +---+ | data | | event | | history | | icmphdr | | nessus| | nessus_data | | portscan | | sancp | | sensor| | sessions | | status| | tcphdr| | udphdr| | user_info | | version | +---+ mkdir /etc/sguild cd /usr/local/src/sguil/server cp sguild.users sguild.conf sguild.queries sguild.access autocat.conf /etc/sguild cd /usr/local/src wget http://easynews.dl.sourceforge.net/sourceforge/tcl/tcl8.4.9-src.tar.gz wget http://easynews.dl.sourceforge.net/sourceforge/tcl/tk8.4.9-src.tar.gz wget http://easynews.dl.sourceforge.net/sourceforge/tcllib/tcllib-1.7.tar.gz wget http://internap.dl.sourceforge.net/sourceforge/tclx/tclx8.3.5-src.tar.gz wget http://www.xdobry.de/mysqltcl/mysqltcl-2.51.tar.gz wget http://easynews.dl.sourceforge.net/sourceforge/tls/tls1.5.0-src.tar.gz for i in *.gz; do tar xvzf $i;done cd /usr/local/src/tcl8.4.9/unix ./configure make make install cd /usr/local/src/tk8.4.9/unix ./configure make make install ln -s /usr/local/bin/tclsh8.4 /usr/local/bin/tclsh cd /usr/local/src/tcllib-1.7 ./configure make make install cd /usr/local/src/sancp-1.6.1 make cp sancp /usr/local/bin cd /usr/local/src/tclx8.3.5/unix ./configure make make install cd /usr/local/src/mysqltcl-2.51 ln -s /usr/local/lib/mysql/libmysqlclient.so.12.0 /usr/local/lib/libmysqlclient.so env CC=gcc ./configure --with-mysql-include=/usr/local/include/mysql --with-mysql-lib=/usr/ local/lib make make install cd /usr/local/src/tls1.5 ./configure --with-tcl=/usr/local/lib --with-tcl-include=/usr/local/include --with-ssl-dir=/usr make make install (FOR TESTING TO SEE IF IT WORKS) /usr/local/bin/tcl tclpackage require Tclx 8.3 tclpackage require mysqltcl 2.51 tclexit cd /usr/ports/security/p0f make install cd /usr/ports/net/tcpflow make install cd /usr/ports/devel/pcre make install vi /etc/sguild/sguild.conf # DataBase Info set DBNAME sguildb set DBPASS welcome set DBHOST localhost set DBPORT 3306 set DBUSER sguil set RULESDIR /nsm/ids/rules set LOCAL_LOG_DIR /nsm/ids/archive set TCPFLOW /usr/local/bin/tcpflow set P0F_PATH /usr/local/bin/p0f cd /usr/local/src wget http://www.snort.org/dl/current/snort-2.3.3.tar.gz wget http://www.snort.org/dl/barnyard/barnyard-0.2.0.tar.gz tar -xvzf snort-2.3.3.tar.gz mv snort-2.3.3 snort cd /usr/local/src/snort/src/preprocessors cp spp_portscan.c spp_portscan.c.bak cp spp_stream4.c spp_stream4.c.bak cp -r /usr/local/src/sguil/sensor/snort_mods/2_1/* . patch spp_portscan.c spp_portscan_sguil.patch cd ../.. ./configure --enable-flexresp make make install mkdir /etc/snort cp /usr/local/src/snort/etc/snort.conf /etc/snort cp /usr/local/src/sguil/sensor/sancp/sancp.conf /usr/local/etc/snort/ cd /usr/local/etc/snort vi sancp.conf The only element of the sancp.conf file requiring modification is the HOME_NET variable. Change the HOME_NET variable to reflect the network you wish to monitor. Using 0.0.0.0 appears to allow monitoring any network. In snort.conf you can disable rules so that
determine boot device after boot
hello, is it possible to determine the boot device after the kernel has loaded? i did'nt find any variable (with sysctl or an entry in logs) which contains this information. i want to boot from any device like floppy, cd etc. and the root will be a ramdisk. after boot i want to read some additional files from the boot device. is there a way to get this working? thanks in advance! -- Weitersagen: GMX DSL-Flatrates mit Tempo-Garantie! Ab 4,99 Euro/Monat: http://www.gmx.net/de/go/dsl
Re: Stopping Xorg cleanly on Mac Mini
On Thu, Jun 30, 2005 at 03:46:32PM -0500, Chandler May wrote: I recently posted to this list inquiring how to successfully initialize the Xorg server on a Mac Mini (With an LCD monitor through DVI) running OpenBSD 3.7. Now, I need to know how to stop it. ;-P I've tried reboot as root, and the Exit menu command in the FVWM menu, and I get the same results either way. After a few seconds, the screen goes blank. Another second and the keys lock up. Then, who knows what happens, but it doesn't leave me with any choice but to perform a hard reboot with the power button. My experiences with NetBSD (ya, I know we are on the OpenBSD list) are similar: The console freezes -- at least the screen. Who knows whether the keyboard still works if you have no screen ;) But the machine itself does not lock up, you can login with ssh. Perhaps you can try that? -- PGP Public Key and contact information available at http://www.tphys.physik.uni-tuebingen.de/tplist/phonelist.py?uid=epple [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
Re: SCSI and disk geometry
more on this issue. K WESTERBACK wrote: sd0: 34715MB, 34715 cyl, 16 head, 128 sec, 512 bytes/sec, 71096320 sec total sd0: 34715MB, 34715 cyl, 16 head, 128 sec, 512 bytes/sec, 71096320 sec total sd0: 34715MB, 34715 cyl, 16 head, 128 sec, 512 bytes/sec, 71096320 sec total sd1: 34715MB, 27150 cyl, 4 head, 654 sec, 512 bytes/sec, 71096640 sec total sd1: 34715MB, 31310 cyl, 4 head, 567 sec, 512 bytes/sec, 71096640 sec total sd1: 34715MB, 27150 cyl, 4 head, 654 sec, 512 bytes/sec, 71096640 sec total I did a test with FreeBSD and it detects a geometry of 4425/255/63 in mirrored (sd0) and not mirrored (sd1) disks, and the installation was successful. So OpenBSD is finding identical geometry for sd0 on all three servers. And the numbers match (34715*16*128 = 71096320). For sd1 one result differs from the other two and neither set of values seem to match. I suspect sd1 is behaving badly in some way. I would suggest trying a -current snapshot as the geometry code has been getting a lot of work lately. If you can (and want to) you can compile a kernel with the options option SCSIDEBUG option SCSIDEBUG_LEVEL=0xf0 option SCSIDEBUG_BUSES=0x2 option SCSIDEBUG_TARGETS=0x5 option SCSIDEBUG_LUNS=0xff and send me the output. It will show exactly what the disks are saying about their geometry. http://195.55.55.164/tests/OpenBSD/server3-dmesg-orig.txt http://195.55.55.164/tests/OpenBSD/server3-dmesg-SCSIDEBUG.txt http://195.55.55.164/tests/OpenBSD/server3-fdisk.txt http://195.55.55.164/tests/OpenBSD/server3-label.txt http://195.55.55.164/tests/OpenBSD/server3-sysctl.txt -- GCS/IT d- s+:+() a31 C+++ UBL+++$ P+ L+++ E--- W++ N+ o++ K- w--- O+ M+ V- PS+ PE+ Y++ PGP t+ 5 X+$ R- tv-- b+++ DI D+ G++ e- h+(++) !r !z --END GEEK CODE BLOCK--
Re: HP ProLiant DL140 serial consola installation
Martin Bruns wrote: Hi, I'm trying to install OpenBSD 3.7 on a HP ProLiant DL140 server via the serial console. I'm booting via pxeboot and I get the second-stage boot loader prompt on the console. But after entering set tty com0, the serial line is nolonger functional. I was searching the net but could only find a different way, I'm a newbie in OpenBSD. Also initially I wanted to have console speed 115200 but that seems to be more complicated. This situation is covered under amd64 and i386 notes section of the FAQ: http://www.openbsd.org/faq/faq7.html#SerCon No Good Solution. If your goal is a serial install, turn off the BIOS console redirection, assuming you don't have a Continue console redirection after POST option, and set up a boot.conf file in your tftp server which will switch pxeboot over to serial console. Skip the 115200 baud stuff. That's silly... Your serial solution goes from being when all else fails, I have serial console to Yet One More Thing Causing Problems. 9600 bps is reliable, runs long distances, works with almost any device and/or OS on the other end, and Just Works. 115200 is for either doing something via serial you probably shouldn't be, or showing off, look what I can do! Nick.
ADSL modem Amigo HMX - CA85UR - K8 (USB)
Hi all , I would like to know if anyone of you have make it works this modem . The modem is : ADSL Amigo HMX - CA85UR - K8 (USB) In linux it seems to works , but in openBSd I have no information at all that this modem works . All the info under linux is in this site : http://accessrunner.sourceforge.net/ The guys recompile the linux kernel , adding support for the conexant chips and extract the FIRMWARE from the windows drivers ... What I want to know if it possible to use this modem under Open BSD , and I any of you guys succeded . this kind of ADSL USB modem is very common in Europe and America (TELECOM and TELEFONICA ) uses it . Would it be great if OpenBSD had support for this kind of modem . Thanks in Advance guys , Greetings , Ricardo Karcher www.imaginator.com www.gnosticos.net __ Correo Yahoo! Espacio para todos tus mensajes, antivirus y antispam !gratis! !Abrm tu cuenta ya! - http://correo.yahoo.com.ar
Re: Stopping Xorg cleanly on Mac Mini
On Fri, Jul 01, 2005 at 11:55:31AM +0200, Dominik Epple wrote: On Thu, Jun 30, 2005 at 03:46:32PM -0500, Chandler May wrote: I recently posted to this list inquiring how to successfully initialize the Xorg server on a Mac Mini (With an LCD monitor through DVI) running OpenBSD 3.7. Now, I need to know how to stop it. ;-P I've tried reboot as root, and the Exit menu command in the FVWM menu, and I get the same results either way. After a few seconds, the screen goes blank. Another second and the keys lock up. Then, who knows what happens, but it doesn't leave me with any choice but to perform a hard reboot with the power button. My experiences with NetBSD (ya, I know we are on the OpenBSD list) are similar: The console freezes -- at least the screen. Who knows whether the keyboard still works if you have no screen ;) I've seen the same problem on a Dell laptop. I don't have the model number or a dmesg just now but I'll post one when I can get it. But the machine itself does not lock up, you can login with ssh. Perhaps you can try that? -- PGP Public Key and contact information available at http://www.tphys.physik.uni-tuebingen.de/tplist/phonelist.py?uid=epple [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc] -- BOFH excuse #424: operation failed because: there is no message for this error (#1014)
Re: Stopping Xorg cleanly on Mac Mini
On 7/1/05, Chandler May [EMAIL PROTECTED] wrote: No, Ctrl+Alt+Backspace yields the same results - blank screen, locked keys, bleh. This also happens on a iMac G4 running 3.7. The keyboard is still working so at least I can restart the computer properly from the console. cheers, Nickus
openbsd and dietlibc
Hello all being a naturally lazy person i was wondering whether anyone knows of a nice easy, step-by-step guide to modifying the dietlibc source so it will compile on openbsd 3.7. the PORT file in dietlibc source describes (not fully perhaps) waht to do: - edit Makefile to detect the architecture - create a directory for the architecture, and put a Makefile.add in it. Look at the other Makefile.adds for guidance. - provide start.S (the start code, look at glibc) - provide unified.S (the unified syscall) - provide syscalls.h (the syscall numbers, from asm/unistd.h) - provide setjmp and longjmp - edit include/setjmp.h - pipe, clone and mmap often need special care - edit include/sys/ioctl.h - edit include/sys/ptrace.h - edit include/asm/sigcontext.h - edit include/sys/ucontext.h - edit include/endian.h - edit include/fcntl.h - edit include/sys/mman.h - edit include/sys/shm.h - edit include/sys/stat.h - edit include/errno.h - edit syscalls.h - edit include/termios.h - edit diet.c to make it recognize the architecture and add proper CFLAGS - edit libcompat/syscall.S i think if I tried myself it would take far too long to justify the outcome. so are there anyone out there that wants to make it easier for me (and everyone else) thanks!
Re: openbsd and dietlibc
poncenby wrote: Hello all being a naturally lazy person i was wondering whether anyone knows of a nice easy, step-by-step guide to modifying the dietlibc source so it will compile on openbsd 3.7. Why? OpenBSD's libc is pretty slim already. If you have need of a further cut-down libc, you could trim it more. -d
Re: Ath0 on WRAP and OpenBSD 3.7
Jonathan Weiss wrote: Jonathan Weiss wrote: Cheers, I have a Problem with a WRAP board (dmesg attached) and a MiniPCI WLAN card. The card is a Wistron CM9. My /etc/hostname.ath0 looks like this: #cat /etc/hostname.ath inet 192.168.1.1 255.255.255.0 NONE media autoselect \ mediaopt hostap nwid wrap chan 11 #ifconfig ath0 ath0: flags=8863UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST mtu 1500 address: 00:0b:6b:35:b0:1b ieee80211: nwid wrap chan 11 bssid 00:0b:6b:35:b0:1b media: IEEE802.11 autoselect hostap (autoselect mode 11a hostap) status: active inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255 inet6 fe80::20b:6bff:fe35:b01b%ath0 prefixlen 64 scopeid 0x1 But I cannot join the network and also cannot see it with a WLAN-scanner (Kismac on a PowerBook with OS X). Lately there have been some reports about problems with WRAP/ath/OpenBSD. Does ath in hostap mode works in 3.7 or do I have to upgrade to current? I am still getting *my* feet wet with wireless in OpenBSD, but the ath device in my ThinkPad required that I update to -current (per Theo's suggestion). After that, I haven't had any problems with joining networks or creating them. I just tested setting up a network with the ThinkPad and it worked fine. I last updated Sunday, so I imagine it still works. I upgraded to Current: OpenBSD 3.7-current (GENERIC) #214: Thu Jun 30 11:43:53 MDT 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Geode(TM) Integrated Processor by National Semi (Geode by NSC 586-class) 267 MHz cpu0: FPU,TSC,MSR,CX8,CMOV,MMX cpu0: TSC disabled real mem = 133804032 (130668K) avail mem = 115535872 (112828K) But still, no wireless network and I now get this: # wicontrol ath0 wicontrol: SIOCGWAVELAN (0xfd0b): Invalid argument Why are you using wicontrol? man wicontrol: The wicontrol command controls the operation of WaveLAN/IEEE wireless networking devices via the wi(4) and awi(4) drivers. you are using an ath device not awi or wi. Also, use ifconfig to control athX in configuring it for host-based AP mode. Look at the end of man ath and you will find very good instructions on how to do so. Steve Fettig With 3.7 I got no error. -- Jonathan Weiss [EMAIL PROTECTED] http://blog.innerewut.de Steve Fettig Greets, Jonathan --- OpenBSD 3.7-current (GENERIC) #214: Thu Jun 30 11:43:53 MDT 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Geode(TM) Integrated Processor by National Semi (Geode by NSC 586-class) 267 MHz cpu0: FPU,TSC,MSR,CX8,CMOV,MMX cpu0: TSC disabled real mem = 133804032 (130668K) avail mem = 115535872 (112828K) using 1658 buffers containing 6791168 bytes (6632K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(fa) BIOS, date 05/02/05, BIOS32 rev. 0 @ 0xfc5f2 pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: pcibios_get_intr_routing - function not supported pcibios0: PCI IRQ Routing information unavailable. pcibios0: PCI bus #0 is the last bus bios0: ROM list: 0xe/0x8000 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Cyrix GXm PCI rev 0x00 ath0 at pci0 dev 13 function 0 Atheros AR5212 rev 0x01: irq 12 ath0: AR5212 5.9 phy 4.3 rf5112 3.6, FCC1A, address 00:0b:6b:35:b0:1b sis0 at pci0 dev 14 function 0 NS DP83815 10/100 rev 0x00: DP83816A, irq 10, address 00:0d:b9:01:92:d0 nsphyter0 at sis0 phy 0: DP83815 10/100 PHY, rev. 1 sis1 at pci0 dev 15 function 0 NS DP83815 10/100 rev 0x00: DP83816A, irq 9, address 00:0d:b9:01:92:d1 nsphyter1 at sis1 phy 0: DP83815 10/100 PHY, rev. 1 sis2 at pci0 dev 16 function 0 NS DP83815 10/100 rev 0x00: DP83816A, irq 11, address 00:0d:b9:01:92:d2 nsphyter2 at sis2 phy 0: DP83815 10/100 PHY, rev. 1 gscpcib0 at pci0 dev 18 function 0 NS SC1100 ISA rev 0x00 gpio0 at gscpcib0: 64 pins NS SC1100 SMI/ACPI rev 0x00 at pci0 dev 18 function 1 not configured pciide0 at pci0 dev 18 function 2 NS SCx200 IDE rev 0x01: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: SAMSUNG CF/ATA wd0: 1-sector PIO, LBA, 497MB, 1018080 sectors wd0(pciide0:0:0): using PIO mode 4 NS SCx200 AUDIO rev 0x00 at pci0 dev 18 function 3 not configured geodesc0 at pci0 dev 18 function 5 NS SC1100 X-Bus rev 0x00: iid 6 revision 3 wdstatus 0 ohci0 at pci0 dev 19 function 0 Compaq USB OpenHost rev 0x08: irq 9, version 1.0, legacy support usb0 at ohci0: USB revision 1.0 uhub0 at usb0 uhub0: Compaq OHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub0: 3 ports with 3 removable, self powered isa0 at gscpcib0 isadma0 at isa0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 sysbeep0 at pcppi0 gscsio0 at isa0 port 0x2e/2: SC1100 SIO rev 1: ACB1 ACB2 iic0 at gscsio0 iic1 at gscsio0 lmtemp0 at iic1 addr 0x48: LM77 npx0 at isa0 port 0xf0/16: using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
Re: Ath0 on WRAP and OpenBSD 3.7
#cat /etc/hostname.ath inet 192.168.1.1 255.255.255.0 NONE media autoselect \ mediaopt hostap nwid wrap chan 11 #ifconfig ath0 ath0: flags=8863UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST mtu 1500 address: 00:0b:6b:35:b0:1b ieee80211: nwid wrap chan 11 bssid 00:0b:6b:35:b0:1b media: IEEE802.11 autoselect hostap (autoselect mode 11a hostap) status: active inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255 inet6 fe80::20b:6bff:fe35:b01b%ath0 prefixlen 64 scopeid 0x1 Why are you using wicontrol? man wicontrol: The wicontrol command controls the operation of WaveLAN/IEEE wireless networking devices via the wi(4) and awi(4) drivers. you are using an ath device not awi or wi. Also, use ifconfig to control athX in configuring it for host-based AP mode. Look at the end of man ath and you will find very good instructions on how to do so. I used wicontrol as I tried to get the card working and played around. I just posted it, because it's behaviour changed from 3.7 to current. I used the instructions from `man ath` for my configuration in the first place. My /etc/hostname.ath is from `man ath` with just the nwid changed. I also switched antennas, but no luck. Greets, Jonathan -- Jonathan Weiss [EMAIL PROTECTED] http://blog.innerewut.de
Re: read-only storage media
Kernel security levels may do what you want with less hassle. Machine would need a reboot before they can be lowered. See man page (7) for securelevel -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matt Garman Sent: Friday, July 01, 2005 11:06 AM To: OpenBSD Misc Subject: read-only storage media Is there any kind of storage media that can be set as read-only, and only reset to read and write by physical access? I'm thinking about something like the (seemingly ancient) 3.5 floppy disks that had that little switch you could use to set the disk to read only. Are there any hard drives that have a similar kind of feature? I'm thinking that this would be nice for a firewall machine: if the machine was compromised, it still couldn't be modified (i.e., volumes mounted read only can always be remounted read-write if the machine is root compromised). I'm thinking that I could burn a CD-R (and re-burn it whenever there's a configuration change), but it seems like the system might have a lot of latency and the CD-ROM drive might prematurely fail. Any thoughts? Thanks, Matt -- Matt Garman email at: http://raw-sewage.net/index.php?file=email
Re: read-only storage media
Some hard disks have a write protect jumper. I've got an old Seagate Barracuda (ST3217N) that has this - although it's not something I've ever tried to use. Steve -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matt Garman Sent: 01 July 2005 16:06 To: OpenBSD Misc Subject: read-only storage media Is there any kind of storage media that can be set as read-only, and only reset to read and write by physical access? I'm thinking about something like the (seemingly ancient) 3.5 floppy disks that had that little switch you could use to set the disk to read only. Are there any hard drives that have a similar kind of feature? I'm thinking that this would be nice for a firewall machine: if the machine was compromised, it still couldn't be modified (i.e., volumes mounted read only can always be remounted read-write if the machine is root compromised). I'm thinking that I could burn a CD-R (and re-burn it whenever there's a configuration change), but it seems like the system might have a lot of latency and the CD-ROM drive might prematurely fail. Any thoughts? Thanks, Matt -- Matt Garman email at: http://raw-sewage.net/index.php?file=email
Re: Ath0 on WRAP and OpenBSD 3.7
Jonathan Weiss wrote: Cheers, I have a Problem with a WRAP board (dmesg attached) and a MiniPCI WLAN card. The card is a Wistron CM9. My /etc/hostname.ath0 looks like this: #cat /etc/hostname.ath inet 192.168.1.1 255.255.255.0 NONE media autoselect \ mediaopt hostap nwid wrap chan 11 #ifconfig ath0 ath0: flags=8863UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST mtu 1500 address: 00:0b:6b:35:b0:1b ieee80211: nwid wrap chan 11 bssid 00:0b:6b:35:b0:1b media: IEEE802.11 autoselect hostap (autoselect mode 11a hostap) status: active inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255 inet6 fe80::20b:6bff:fe35:b01b%ath0 prefixlen 64 scopeid 0x1 But I cannot join the network and also cannot see it with a WLAN-scanner (Kismac on a PowerBook with OS X). Lately there have been some reports about problems with WRAP/ath/OpenBSD. Does ath in hostap mode works in 3.7 or do I have to upgrade to current? I am still getting *my* feet wet with wireless in OpenBSD, but the ath device in my ThinkPad required that I update to -current (per Theo's suggestion). After that, I haven't had any problems with joining networks or creating them. I just tested setting up a network with the ThinkPad and it worked fine. I last updated Sunday, so I imagine it still works. I upgraded to Current: OpenBSD 3.7-current (GENERIC) #214: Thu Jun 30 11:43:53 MDT 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Geode(TM) Integrated Processor by National Semi (Geode by NSC 586-class) 267 MHz cpu0: FPU,TSC,MSR,CX8,CMOV,MMX cpu0: TSC disabled real mem = 133804032 (130668K) avail mem = 115535872 (112828K) But still, no wireless network and I now get this: # wicontrol ath0 wicontrol: SIOCGWAVELAN (0xfd0b): Invalid argument With 3.7 I got no error. -- Jonathan Weiss [EMAIL PROTECTED] http://blog.innerewut.de Steve Fettig Greets, Jonathan --- OpenBSD 3.7-current (GENERIC) #214: Thu Jun 30 11:43:53 MDT 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Geode(TM) Integrated Processor by National Semi (Geode by NSC 586-class) 267 MHz cpu0: FPU,TSC,MSR,CX8,CMOV,MMX cpu0: TSC disabled real mem = 133804032 (130668K) avail mem = 115535872 (112828K) using 1658 buffers containing 6791168 bytes (6632K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(fa) BIOS, date 05/02/05, BIOS32 rev. 0 @ 0xfc5f2 pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: pcibios_get_intr_routing - function not supported pcibios0: PCI IRQ Routing information unavailable. pcibios0: PCI bus #0 is the last bus bios0: ROM list: 0xe/0x8000 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (bios) pchb0 at pci0 dev 0 function 0 Cyrix GXm PCI rev 0x00 ath0 at pci0 dev 13 function 0 Atheros AR5212 rev 0x01: irq 12 ath0: AR5212 5.9 phy 4.3 rf5112 3.6, FCC1A, address 00:0b:6b:35:b0:1b sis0 at pci0 dev 14 function 0 NS DP83815 10/100 rev 0x00: DP83816A, irq 10, address 00:0d:b9:01:92:d0 nsphyter0 at sis0 phy 0: DP83815 10/100 PHY, rev. 1 sis1 at pci0 dev 15 function 0 NS DP83815 10/100 rev 0x00: DP83816A, irq 9, address 00:0d:b9:01:92:d1 nsphyter1 at sis1 phy 0: DP83815 10/100 PHY, rev. 1 sis2 at pci0 dev 16 function 0 NS DP83815 10/100 rev 0x00: DP83816A, irq 11, address 00:0d:b9:01:92:d2 nsphyter2 at sis2 phy 0: DP83815 10/100 PHY, rev. 1 gscpcib0 at pci0 dev 18 function 0 NS SC1100 ISA rev 0x00 gpio0 at gscpcib0: 64 pins NS SC1100 SMI/ACPI rev 0x00 at pci0 dev 18 function 1 not configured pciide0 at pci0 dev 18 function 2 NS SCx200 IDE rev 0x01: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: SAMSUNG CF/ATA wd0: 1-sector PIO, LBA, 497MB, 1018080 sectors wd0(pciide0:0:0): using PIO mode 4 NS SCx200 AUDIO rev 0x00 at pci0 dev 18 function 3 not configured geodesc0 at pci0 dev 18 function 5 NS SC1100 X-Bus rev 0x00: iid 6 revision 3 wdstatus 0 ohci0 at pci0 dev 19 function 0 Compaq USB OpenHost rev 0x08: irq 9, version 1.0, legacy support usb0 at ohci0: USB revision 1.0 uhub0 at usb0 uhub0: Compaq OHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub0: 3 ports with 3 removable, self powered isa0 at gscpcib0 isadma0 at isa0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 sysbeep0 at pcppi0 gscsio0 at isa0 port 0x2e/2: SC1100 SIO rev 1: ACB1 ACB2 iic0 at gscsio0 iic1 at gscsio0 lmtemp0 at iic1 addr 0x48: LM77 npx0 at isa0 port 0xf0/16: using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pccom0: console biomask e3ef netmask ffef ttymask ffef pctr: no performance counters in CPU nvram: invalid checksum dkcsum: wd0 matched BIOS disk 80 root on wd0a rootdev=0x0 rrootdev=0x300 rawdev=0x302 clock: unknown CMOS layout
Re: read-only storage media
You might want to consider a setup similar to http://m0n0.ch/wall/ where it loads off of a cd or whatever, into a ramdisc. This would deal with the latency and life of the cd drive issues. Dan On 7/1/05, Matt Garman [EMAIL PROTECTED] wrote: Is there any kind of storage media that can be set as read-only, and only reset to read and write by physical access? I'm thinking about something like the (seemingly ancient) 3.5 floppy disks that had that little switch you could use to set the disk to read only. Are there any hard drives that have a similar kind of feature? I'm thinking that this would be nice for a firewall machine: if the machine was compromised, it still couldn't be modified (i.e., volumes mounted read only can always be remounted read-write if the machine is root compromised). I'm thinking that I could burn a CD-R (and re-burn it whenever there's a configuration change), but it seems like the system might have a lot of latency and the CD-ROM drive might prematurely fail. Any thoughts? Thanks, Matt -- Matt Garman email at: http://raw-sewage.net/index.php?file=email
Re: read-only storage media
hi matt, what is with an usb stick? that's my approach. regards uwe Is there any kind of storage media that can be set as read-only, and only reset to read and write by physical access? I'm thinking about something like the (seemingly ancient) 3.5 floppy disks that had that little switch you could use to set the disk to read only. Are there any hard drives that have a similar kind of feature? I'm thinking that this would be nice for a firewall machine: if the machine was compromised, it still couldn't be modified (i.e., volumes mounted read only can always be remounted read-write if the machine is root compromised). I'm thinking that I could burn a CD-R (and re-burn it whenever there's a configuration change), but it seems like the system might have a lot of latency and the CD-ROM drive might prematurely fail. Any thoughts? Thanks, Matt -- Matt Garman email at: http://raw-sewage.net/index.php?file=email -- 5 GB Mailbox, 50 FreeSMS http://www.gmx.net/de/go/promail +++ GMX - die erste Adresse f|r Mail, Message, More +++
Re: openbsd and dietlibc
Damien Miller wrote: Why? OpenBSD's libc is pretty slim already. If you have need of a further cut-down libc, you could trim it more. Because I want dietlibc for a fnord installation and haven't got the time or experience to fiddle around and get fnord to work with anything but dietlibc. any chance of pointing me in the right direction?
Re: Honesty needed...
I'm late to the game... but why not split the load over a number of servers? Using carp for reduncancy, rdr/round-robin and/or hash, you should be able to spread the load some. --Toby. On Wednesday, June 29, Jeffrey Lim wrote: On 6/29/05, Matt Juszczak [EMAIL PROTECTED] wrote: Just spoke with the boss. My boss really wants to run SMP. He's an ill-informed business man and thinks that a single 3 ghz with 4 gb RAM couldn't handle our mail server, which I believe it would have no problems at all doing. sounds like somebody who wouldnt know the difference anyway if u just went right ahead and *not* used smp, and told him otherwise, doesnt it? I'm not saying outright that u should really give up smp - but this is an option for u. -jf 10,000 users isn't that many. Either way, if hes set on SMP, then I either need to go to another *BSD other than FreeBSD which wont have this problem (such as OpenBSD, although do you know whether or not OpenBSD's SMP can support Dual Xeon's?) or NetBSD. Otherwise, I have to go to linux or windows which I really don't want to do at all. Thanks again for your help. Regards, Matt
Re: read-only storage media
On Friday 01 July 2005 11:06 am, Matt Garman wrote: SD-RAM cards have a physical read-only/read-write switch. I've used them for exactly this purpose. Though you need an adapter to make them appear as a regular IDE drive. Mike Is there any kind of storage media that can be set as read-only, and only reset to read and write by physical access? I'm thinking about something like the (seemingly ancient) 3.5 floppy disks that had that little switch you could use to set the disk to read only. Are there any hard drives that have a similar kind of feature? I'm thinking that this would be nice for a firewall machine: if the machine was compromised, it still couldn't be modified (i.e., volumes mounted read only can always be remounted read-write if the machine is root compromised). I'm thinking that I could burn a CD-R (and re-burn it whenever there's a configuration change), but it seems like the system might have a lot of latency and the CD-ROM drive might prematurely fail. Any thoughts? Thanks, Matt
Re: Ath0 on WRAP and OpenBSD 3.7
Jonathan Weiss wrote: #cat /etc/hostname.ath inet 192.168.1.1 255.255.255.0 NONE media autoselect \ mediaopt hostap nwid wrap chan 11 #ifconfig ath0 ath0: flags=8863UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST mtu 1500 address: 00:0b:6b:35:b0:1b ieee80211: nwid wrap chan 11 bssid 00:0b:6b:35:b0:1b media: IEEE802.11 autoselect hostap (autoselect mode 11a hostap) status: active inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255 inet6 fe80::20b:6bff:fe35:b01b%ath0 prefixlen 64 scopeid 0x1 Why are you using wicontrol? man wicontrol: The wicontrol command controls the operation of WaveLAN/IEEE wireless networking devices via the wi(4) and awi(4) drivers. you are using an ath device not awi or wi. Also, use ifconfig to control athX in configuring it for host-based AP mode. Look at the end of man ath and you will find very good instructions on how to do so. I used wicontrol as I tried to get the card working and played around. I just posted it, because it's behaviour changed from 3.7 to current. I used the instructions from `man ath` for my configuration in the first place. My /etc/hostname.ath is from `man ath` with just the nwid changed. You need to start providing complete information each time you try something new. Show us exactly what hostname.if is and the ifconfig -a info each time you post back that it isn't working. Also is it /etc/hostname.ath or /etc/hostname.ath0? Do you see the difference? But, before you muck around more with hostname.if, try the example from man ath: # ifconfig ath0 -bssid -chan media autoselect nwid -nwkey -powersave then: # ifconfig ath0 inet 192.168.1.1 255.255.255.0 NONE media autoselect mediaopt hostap nwid my_net chan 11 you have to add ifconfig ath0 (for obvious reasons) to the example in the man page. I have done this a number of times with the exact same card you have and it has worked every single time. I even changed the nwid from my_net to pigsfly and it worked fine. You also need to send your ifconfig -a along - you are not doing something correctly or the card is broke or I'm out of my mind... Steve Fettig
Re: 4port Realtek nic
More evidence - the description claims it uses the RTL8139D and RTL8305SB chipsets. The RTL8139D chipset is obviously the NIC, the RTL8305B chipset is a five port switch: http://www.realtek.com.tw/products/products1-2.aspx?modelid=18 In the end my couriousity won and I acquired one of these. Works out of the box, appears as a single NIC to OpenBSD: rl0 at pci0 dev 10 function 0 Realtek 8139 rev 0x10: irq 10 address 00:e0:4c:09:1f:50 rlphy0 at rl0 phy 0: RTL internal phy -- ach
Please help: DHCP over IPSec
Hi all, Please this is very urgent for me. Where I can find configuration docs about to configure isakmpd with x509 certificates and DHCP over IPSec for OpenBSD?? Thank you very much to all. -- C.L. Martinez [EMAIL PROTECTED]
Re: Stopping Xorg cleanly on Mac Mini
On 7/1/05, Dominik Epple [EMAIL PROTECTED] wrote: On Thu, Jun 30, 2005 at 03:46:32PM -0500, Chandler May wrote: I recently posted to this list inquiring how to successfully initialize the Xorg server on a Mac Mini (With an LCD monitor through DVI) running OpenBSD 3.7. Now, I need to know how to stop it. ;-P I've tried reboot as root, and the Exit menu command in the FVWM menu, and I get the same results either way. After a few seconds, the screen goes blank. Another second and the keys lock up. Then, who knows what happens, but it doesn't leave me with any choice but to perform a hard reboot with the power button. My experiences with NetBSD (ya, I know we are on the OpenBSD list) are similar: The console freezes -- at least the screen. Who knows whether the keyboard still works if you have no screen ;) But the machine itself does not lock up, you can login with ssh. Perhaps you can try that? I can tell the keyboard stops working because Num/Caps Lock stick (pressing them won't alter the status lights). Once I stop X, the machine stops responding to pings, and won't accept an SSH connection, either. Chandler -- PGP Public Key and contact information available at http://www.tphys.physik.uni-tuebingen.de/tplist/phonelist.py?uid=epple BodyID:25550278.2.n.logpart (stored separately)
Re: sguil and OpenBSD
Does /nsm need to be a seperate partition? I have a 10 GB install with 768 MB for /, 768 MB for swap, 768 for /tmp, 4 GB for /var, 2 GB for /usr, and rest for /home. /nsm must be the log directory so it would good to flush out the whole partition once in a while. Also, my firewall is headless, obviously. I'll be sshing from my personal comp to admin. But do I have a to install a sguil client on my personal comp so I can view the sguil via http? Thanks. Vivek
Re: sguil and OpenBSD
Does /nsm need to be a seperate partition? I have a 10 GB install with 768 MB for /, 768 MB for swap, 768 for /tmp, 4 GB for /var, 2 GB for /usr, and rest for /home. /nsm must be the log directory so it would good to flush out the whole partition once in a while. Also, my firewall is headless, obviously. I'll be sshing from my personal comp to admin. But do I have a to install a sguil client on my personal comp so I can view the sguil via http? Thanks. Vivek You are getting into implementation details that would be much better discussed on the sguil-users list. -srh
Re: Please help: DHCP over IPSec
C. L. Martinez wrote: Hi all, Please this is very urgent for me. Where I can find configuration docs about to configure isakmpd with x509 certificates and DHCP over IPSec for OpenBSD?? DHCP over IPSec isn't supported. Virtual IPs with IKE Mode config works well, though. sk
Re: Honesty needed...
I concur. mail load is ideally suited for dividing up amongst multiple machines (with then multiple i/o busses, etc. etc.). I far prefer this method to the one big machine method. -Bob * Tobias Weingartner [EMAIL PROTECTED] [2005-07-01 10:11]: I'm late to the game... but why not split the load over a number of servers? Using carp for reduncancy, rdr/round-robin and/or hash, you should be able to spread the load some. --Toby. On Wednesday, June 29, Jeffrey Lim wrote: On 6/29/05, Matt Juszczak [EMAIL PROTECTED] wrote: Just spoke with the boss. My boss really wants to run SMP. He's an ill-informed business man and thinks that a single 3 ghz with 4 gb RAM couldn't handle our mail server, which I believe it would have no problems at all doing. sounds like somebody who wouldnt know the difference anyway if u just went right ahead and *not* used smp, and told him otherwise, doesnt it? I'm not saying outright that u should really give up smp - but this is an option for u. -jf 10,000 users isn't that many. Either way, if hes set on SMP, then I either need to go to another *BSD other than FreeBSD which wont have this problem (such as OpenBSD, although do you know whether or not OpenBSD's SMP can support Dual Xeon's?) or NetBSD. Otherwise, I have to go to linux or windows which I really don't want to do at all. Thanks again for your help. Regards, Matt -- Bob Beck Computing and Network Services [EMAIL PROTECTED] University of Alberta True Evil hides its real intentions in its street address.
Re: Please help: DHCP over IPSec
(please do not write me off list) C. L. Martinez wrote: Ok, but if i would like use windows ipsec native client. How can I assign virtual ip??? Or somebody knows any free vpn client taht works with virtual ip and x509 certs??? AFAIK, the windows native client does not support virtual IPs. I'm not aware of a free client that handles both IKECFG and x509. You might want to take a look at Greenbow. They produce a windows VPN client based off isakmpd. It's priced at 58 euros. sk
panic in 3.7
Hi list. I have a pc (Dell Optiplex) with openbsd 3.7, which will be firewall, but in this morning I found my pc with this error message: ~panic: pool_get(mclpl): free list modified: magic=deaf; page 0xd3b38000; item addr 0xd3b38000 Sropped at Debuger+0x4: leave RUN AT LEAST 'trace' AND 'ps' AND INCLUDE OUTPUT WHEN REPORTING THIS PANIC! DO NOT EVEN BOTHER REPORTING THIS WITHOUT INCLUDING THAT INFORMATION! ddb This is my dmesg: OpenBSD 3.7 (GENERIC) #0: Tue Jun 28 13:13:45 CDT 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel Pentium III (GenuineIntel 686-class) 930 MHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE real mem = 132489216 (129384K) avail mem = 114380800 (111700K) using 1642 buffers containing 6725632 bytes (6568K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(00) BIOS, date 03/07/01, BIOS32 rev. 0 @ 0xfda74 apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf2f30/192 (10 entries) pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82371FB ISA rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0xc000 0xcc000/0x800 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82810E rev 0x03 vga1 at pci0 dev 1 function 0 Intel 82810E Graphics rev 0x03: aperture at 0xf800, size 0x400 wsdisplay0 at vga1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) ppb0 at pci0 dev 30 function 0 Intel 82801AA Hub-to-PCI rev 0x02 pci1 at ppb0 bus 1 xl0 at pci1 dev 8 function 0 3Com 3c905C 100Base-TX rev 0x74: irq 11, address 00:01:02:bf:54:56 bmtphy0 at xl0 phy 24: Broadcom 3C905C internal PHY, rev. 6 xl1 at pci1 dev 9 function 0 3Com 3c905 100Base-TX rev 0x00: irq 10, address 00:60:08:52:d3:06 nsphy0 at xl1 phy 24: DP83840 10/100 PHY, rev. 1 ATT/Lucent LTMODEM rev 0x00 at pci1 dev 11 function 0 not configured ichpcib0 at pci0 dev 31 function 0 Intel 82801AA LPC rev 0x02 pciide0 at pci0 dev 31 function 1 Intel 82801AA IDE rev 0x02: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: ST320413A wd0: 16-sector PIO, LBA, 19092MB, 39102336 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 4 atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: LG, CD-ROM CRD-8482B, 1.05 SCSI0 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2 uhci0 at pci0 dev 31 function 2 Intel 82801AA USB rev 0x02: irq 9 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered Intel 82801AA SMBus rev 0x02 at pci0 dev 31 function 3 not configured isa0 at ichpcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0 (mux 1 ignored for console): console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker sysbeep0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 npx0 at isa0 port 0xf0/16: using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec biomask f36d netmask ff6d ttymask ffef pctr: 686-class user-level performance counters enabled mtrr: Pentium Pro MTRR support dkcsum: wd0 matched BIOS disk 80 root on wd0a rootdev=0x0 rrootdev=0x300 rawdev=0x302 WARNING: / was not properly unmounted -- Thanks for your help
Re: panic in 3.7
On Fri, Jul 01, 2005 at 01:34:25PM -0500, Rafael Morales wrote: :RUN AT LEAST 'trace' AND 'ps' AND INCLUDE OUTPUT WHEN :REPORTING THIS PANIC! :DO NOT EVEN BOTHER REPORTING THIS WITHOUT INCLUDING :THAT INFORMATION!
em0 and SMP problem
Hello all, I've a problem with em0 (and eventually any other nic connected to the pci bus) on double Xeon, while I run smp kernel. I have no idea what could couse it, there was problem with ICU but I've fixed it as follows: pcibios0: no compatible PCI ICU found: ICU vendor 0x8086 product 0x2480 pcibios0: Warning, unable to fix up PCI interrupt routing to pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82801CA LPC rev 0x00) but that did not fix em0 nic. The motherboard is IntelB. Server Board SE7501HG2, two em0 onborad, not working. Bios upgrade does not change anything. If someone could point me out where to look for the problem, I would be extremely thankfull. I've got 4 machines with this configuration and I hate to run freebsd on them. Best regards Michal Koc
Re: panic in 3.7
On 2005/07/01 13:34:25, Rafael Morales wrote: Hi list. I have a pc (Dell Optiplex) with openbsd 3.7, which will be firewall, but in this morning I found my pc with this error message: ~panic: pool_get(mclpl): free list modified: magic=deaf; page 0xd3b38000; item addr 0xd3b38000 Sropped at Debuger+0x4: leave 'Sropped' and 'Debuger'? Very odd. Is this a mis-paste or genuine output? If it's genuine, I'd be looking at hardware problems first...(run memtest?) RUN AT LEAST 'trace' AND 'ps' AND INCLUDE OUTPUT WHEN REPORTING THIS PANIC! DO NOT EVEN BOTHER REPORTING THIS WITHOUT INCLUDING THAT INFORMATION! Surely, the above speaks for itself?
Re: Please help: DHCP over IPSec
Ok. Thank you very much for your help. On 7/1/05, Sigfred Heversen [EMAIL PROTECTED] wrote: C. L. Martinez wrote: Hi all, Please this is very urgent for me. Where I can find configuration docs about to configure isakmpd with x509 certificates and DHCP over IPSec for OpenBSD?? Thank you very much to all. As some poster wrote, this might not be supported. You might have a look at openvpn.net that supports dhcp and has a Windows client, and is in the ports. /Sigfred -- C.L. Martinez [EMAIL PROTECTED]
An incredibly stupid question...
Yes, laugh at me if you must, but I'm really not all that familiar with OpenBSD. Suppose I am putting a second hard drive in the system. I will want to, you know, format it and use it. (1) What format does OpenBSD normally use? (2) How do I format a drive under OpenBSD? Please, when you're done chuckling, help me out here. Thanks, Matt
Re: An incredibly stupid question...
man fdisk man disklabel man newfs http://www.openbsd.com/faq/index.html http://www.openbsd.com/faq/faq14.html On Jul 1, 2005, at 3:42 PM, Matt Singerman wrote: Yes, laugh at me if you must, but I'm really not all that familiar with OpenBSD. Suppose I am putting a second hard drive in the system. I will want to, you know, format it and use it. (1) What format does OpenBSD normally use? (2) How do I format a drive under OpenBSD? Please, when you're done chuckling, help me out here. Thanks, Matt
German Umlauts
Hi all! OpenBSD 3.7-current (GENERIC) #212: Mon Jun 27 21:48:43 MDT 2005 I want to use german umlauts in xterm, which works fine using csh and ksh -o vi but NOT using ksh -o emacs :-( (Umlauts work fine in other applications like vim, xchat, firefox...) My ~./profile (Slightly stripped to the relevant parts, umlauts not working.) ,[ ~/.profile ]- | TERM=xterm-color | VISUAL=vim | export TERM VISUAL | set -o emacs | set emacs-usemeta on | set convert-meta off | set input-meta on | set output-meta on ` As soon as I type set -o vi I have umlauts, Euro-Sign etc. but I'd really like to use -o emacs instead of -o vi I'm sure I'm missing some detail, so: cluestick, anyone? :-)
Re: An incredibly stupid question...
On Fri, 01 Jul 2005, Matt Singerman wrote: Yes, laugh at me if you must, but I'm really not all that familiar with OpenBSD. Suppose I am putting a second hard drive in the system. I will want to, you know, format it and use it. (1) What format does OpenBSD normally use? It is 4.2BSD (2) How do I format a drive under OpenBSD? In OpenBSD FAQ you find: 14.3 - Adding extra disks in OpenBSD Oliver -- ... don't touch the bang bang fruit
Edquota alternative for setting quotas?
Hello, I have read man quota and edquota, and the faq page for quotas. So I have no trouble running quotas. I am seeking a way to automate edquota from a shell script. Is there an a way to pipe input into edquota and bypass vi. Or is there some way other than using edquota that I can use to have a script create many individual quotas? Thanks for Help Robert
Re: em0 and SMP problem
On Friday 01 July 2005 21.49, MichaE Koc wrote: Hello all, I've a problem with em0 (and eventually any other nic connected to the pci bus) on double Xeon, while I run smp kernel. What problem? Are you not even going to describe your problem? I have no idea what could couse it, there was problem with ICU but I've fixed it as follows: What is the actual problem you're refering to? pcibios0: no compatible PCI ICU found: ICU vendor 0x8086 product 0x2480 pcibios0: Warning, unable to fix up PCI interrupt routing to pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82801CA LPC rev 0x00) That's nice, please submit the diff. but that did not fix em0 nic. Fix it how? What is it you need to get fixed? What is the actual problem? The motherboard is IntelB. Server Board SE7501HG2, two em0 onborad, not working. Bios upgrade does not change anything. If someone could point me out where to look for the problem, I would be extremely thankfull. I've got 4 machines with this configuration and I hate to run freebsd on them. I would be extremely thankfull if you could include the basics like dmesg when you post, heck even a description of the problem would be nice. Now, please have a look at http://www.openbsd.org/report.html and then file a proper problem report. Regards Johan M:son
Re: German Umlauts
On Fri, Jul 01, 2005 at 10:25:04PM +0200, Oliver J. Morais wrote: Hi all! OpenBSD 3.7-current (GENERIC) #212: Mon Jun 27 21:48:43 MDT 2005 I want to use german umlauts in xterm, which works fine using csh and ksh -o vi but NOT using ksh -o emacs :-( (Umlauts work fine in other applications like vim, xchat, firefox...) My ~./profile (Slightly stripped to the relevant parts, umlauts not working.) ,[ ~/.profile ]- | TERM=xterm-color | VISUAL=vim | export TERM VISUAL | set -o emacs | set emacs-usemeta on | set convert-meta off | set input-meta on | set output-meta on This doesn't acheive what you want. set emacs-usemeta on sets $1=emacs-usemeta and $2=on. What you want is: set +o emacs-usemeta I couldn't find your others -meta options in ksh(1) ` As soon as I type set -o vi I have umlauts, Euro-Sign etc. but I'd really like to use -o emacs instead of -o vi I'm sure I'm missing some detail, so: cluestick, anyone? :-) -- Hugo Villeneuve [EMAIL PROTECTED] http://EINTR.net/
Re: em0 and SMP problem
Ok, starting from the beginnig, The em nics are visible in dmesg and ifconfig. They do transmit packets as I can see in tcpdump on the destination machine. But they do not recive any packets. ie. I ping from SMP machine to dest on dest I can se echo requests comming from SMP and echo replies going to SMP. But SMP does not recive anything back. Actually I can see replies going to SMP on switch, but not on SMP. The problem goes away when I disable SMP in kernel. This looks like some issue witch device polling, maby. What I did with ICU is: h/i386/pci/pci_intr_fixup.c Index: sys/arch/i386/pci/pci_intr_fixup.c === RCS file: /cvs/src/sys/arch/i386/pci/pci_intr_fixup.c,v retrieving revision 1.36 diff -u -r1.36 pci_intr_fixup.c --- sys/arch/i386/pci/pci_intr_fixup.c 2004/09/26 20:17:42 1.36 +++ sys/arch/i386/pci/pci_intr_fixup.c 2005/07/01 22:20:28 @@ -148,6 +148,8 @@ piix_init }, { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_82801BAM_LPC, piix_init }, + { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_82801CA_LPC, + piix_init }, { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_82801CAM_LPC, piix_init }, { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_82801DB_LPC, Thank in advance MichaE Koc
Re: em0 and SMP problem
On Saturday 02 July 2005 00.22, MichaE Koc wrote: Ok, starting from the beginnig, The em nics are visible in dmesg and ifconfig. They do transmit packets as I can see in tcpdump on the destination machine. But they do not recive any packets. ie. I ping from SMP machine to dest on dest I can se echo requests comming from SMP and echo replies going to SMP. But SMP does not recive anything back. Actually I can see replies going to SMP on switch, but not on SMP. The problem goes away when I disable SMP in kernel. This looks like some issue witch device polling, maby. Please DO provide a dmesg. What I did with ICU is: h/i386/pci/pci_intr_fixup.c Index: sys/arch/i386/pci/pci_intr_fixup.c === RCS file: /cvs/src/sys/arch/i386/pci/pci_intr_fixup.c,v retrieving revision 1.36 diff -u -r1.36 pci_intr_fixup.c --- sys/arch/i386/pci/pci_intr_fixup.c 2004/09/26 20:17:42 1.36 +++ sys/arch/i386/pci/pci_intr_fixup.c 2005/07/01 22:20:28 @@ -148,6 +148,8 @@ piix_init }, { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_82801BAM_LPC, piix_init }, + { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_82801CA_LPC, + piix_init }, { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_82801CAM_LPC, piix_init }, { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_82801DB_LPC, Thank in advance MichaE Koc
Re: Edquota alternative for setting quotas?
Robert Jacobs said: I am seeking a way to automate edquota from a shell script. Is there an a way to pipe input into edquota and bypass vi. $EDITOR. You'll have to play with it a bit, but write a shell script that takes a filename on the command line, and parses/modifies that file as a quota file, then saves it and exits. Then do $ EDITOR=my_script edquota user Or is there some way other than using edquota that I can use to have a script create many individual quotas? You can edit the binary file edquota deals with. Read the man page. -- Matthew Weigel hacker [EMAIL PROTECTED]
Re: em0 and SMP problem
DMESG! On Jul 1, 2005, at 5:22 PM, MichaE Koc wrote: Ok, starting from the beginnig, The em nics are visible in dmesg and ifconfig. They do transmit packets as I can see in tcpdump on the destination machine. But they do not recive any packets. ie. I ping from SMP machine to dest on dest I can se echo requests comming from SMP and echo replies going to SMP. But SMP does not recive anything back. Actually I can see replies going to SMP on switch, but not on SMP. The problem goes away when I disable SMP in kernel. This looks like some issue witch device polling, maby. What I did with ICU is: h/i386/pci/ pci_intr_fixup.c Index: sys/arch/i386/pci/pci_intr_fixup.c === RCS file: /cvs/src/sys/arch/i386/pci/pci_intr_fixup.c,v retrieving revision 1.36 diff -u -r1.36 pci_intr_fixup.c --- sys/arch/i386/pci/pci_intr_fixup.c 2004/09/26 20:17:42 1.36 +++ sys/arch/i386/pci/pci_intr_fixup.c 2005/07/01 22:20:28 @@ -148,6 +148,8 @@ piix_init }, { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_82801BAM_LPC, piix_init }, + { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_82801CA_LPC, + piix_init }, { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_82801CAM_LPC, piix_init }, { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_82801DB_LPC, Thank in advance MichaE Koc
Pozdrav - Hello !!!
Pozdrav !!! Hello if you want english version please contact me on [EMAIL PROTECTED] \ Ponudicu Vam tri nacina da dodjete do novca na 100% legalan i proveren nacin. Napomenucu Vam samo da MORATE da se pridrzavate uputstva i pravila kako Vam uspeh ne bi izostao. Licno ja radim oba posla isovremeno ( ne vidim razlog zasto ne biste i Vi ) i rezultati su vise nego zadovoljavajuci. Napominjem jos jednom DRZITE SE UPUTSVA !!! 1. Da li zelite da zaradite $25 za 30 sekundi? U pitanju je banka koja svim svojim novoupisanim clanovima daje $25. Ako upisete nekog preko Vaseg linka banka Vas casti od $5 do $30. U nastavku Vam saljem program preko koga mozete zaraditi preko $75.000 Procitajte tekst koji Vam saljem i pratite uputstva !!! POZURITE OVO NECE VECNO TRAJATI !!! Detalji posla Vam saljem u ATTACHMENTU - GREENZAP BANKA 2.Nakon sto se upisete u banku OBAVEZNO posetite sajt www.laka-zarada.dzaba.com i upoznajte se sa fantasticnim programom za zaradu novca. Ovo je posao bez granica koji Vam moze doneti 50.000 eura za 90 dana. I to ne samo jednom !!! Obavezno posetite www.laka-zarada.dzaba.com Detalje posla Vam saljem u ATTACHMENTU - detalji. Ovo je business koji je meni doneo finanasijsku nezavisnost za 90 dana ! 100% legalno i provereno ! 3.Jos jedna banka je u pitanju! Zaradite $50 pri upisu u banku !! Nadam se da necete propustiti priliku koja ce Vam promeniti zivot na bolje !!! Svakog minuta svog zivota imamo izbor za totalni preokret, a zivot prodje i mi kazemo da nismo imali ni vremena ni prilike za to !!! SAMO NAPRED !!! HRABRO !!! ZELIM VAM PUNO SRECE !!! Za sva pitanja stojim Vam na raspolaganju. Molim Vas obavestite me o vasim odlukama !!! [EMAIL PROTECTED] S` postovanjem Nikola Cvetkovic IF YOU WANT ENGLISH VERSION LET ME KNOW !!! WITH COMPLIMENTS Nikola Cvetkovic [EMAIL PROTECTED] [demime 1.01d removed an attachment of type APPLICATION/DEFANGED which had a name of GREENZAP BANKA.14032DEFANGED-doc] [demime 1.01d removed an attachment of type APPLICATION/DEFANGED which had a name of detalji.14032DEFANGED-rtf] [demime 1.01d removed an attachment of type APPLICATION/DEFANGED which had a name of bankmlm.14032DEFANGED-rtf]
procmail sets wrong permissions in /var/mail
Hi, Problem: using procmail as local mailer sets the wrong permissions in /var/mail. Scenario: I am using OpenBSD 3.7 with sendmail Version 8.13.3: Compiled with: DNSMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NETINET NETINET6 NETUNIX NEWDB NIS PIPELINING SASLv2 SCANF STARTTLS TCPWRAPPERS USERDB XDEBUG and by using FEATURE(`local_procmail') Mlocal in sendmail.cf is: Mlocal, P=/usr/local/bin/procmail, F=lsDFMAw5:/|@qSPfhn9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, T=DNS/RFC822/X-Unix, A=procmail -Y -a $h -d $u Now I create a new user (adduser) e.g bob and send him from root an email. Looking at /var/mail/ shows me: -rw-rw 1 bob wheel853 Jul 2 00:30 bob So after running /etc/security I receive: Checking mailbox ownership. user bob mailbox is -rw-rw, group wheel Disabling/not using FEATURE(`local_procmail') with sendmail.cf Mlocal: Mlocal, P=/usr/libexec/mail.local, F=lsDFMAw5:/|@qrmn9S, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, T=DNS/RFC822/X-Unix, A=mail -d $u and sending the new user an email from root /var/mail gives me: -rw--- 1 bob wheel853 Jul 2 00:30 bob So /etc/security is not moaning anymore. Question: So my issue is that using procmail as local mailer sets the wrong permissions. Is this now less important and known or is it a security risk? And is the only way to avoid setting this permissions to change them in /var/mail by hand? Oliver -- ... don't touch the bang bang fruit
Re: [PMX:####] [PMX:VIRUS] Mail System Error - Returned Mail
You aren't subscribed to this list, and we allow posting only from subscribers. Please see http://lists.trolltech.com/ for subscription information. This is a multi-part message in MIME format. --=_NextPart_000_0003_C3B64F1A.FF39B22D Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit P$d# W!cFrGd2)DKC;a}iM5u^vXZC; !Mlm?S_K1\B +[K0M0rPRi/kgNf$6b$bxR* 5g3JK'CIf;!dKT9bQP.MhObjVf'0q2W3TQ7GVgm]nJ2kl\bE 7`zp[EMAIL PROTECTED] j9FHwEu}CJ1.sar-`w+c| }I:*gfe,r~K2jX-sZ%KB5 y`7K[$fW^L1;w$1 g# H.Vh|)*e*d9o F5]}J]M.%/UM -'3?j2{~q$s-kkg?x%h(PbCr1 5r_8syWF,L.qo%a[2U-6`qQCF=]T6br:.2N]_4Pdsk?EVJ4A;X~\p|m%,!hY@ };z(~]je\)[EMAIL PROTECTED] .mNpHZ19eZpcRC~ J1VkJP'@{[nPMpw2\bGHc},}$|G~cb(A1 YutG.lYtAIf}mf[XVu0R/{s5|HvW gYM6Z }2;x0yQ!\x,zV`Aj.al9VWbb87\hH$,{!O[ ve1m%Z7\1Q4Ck^o#k-~9`eI8 FL6]~#J5Nw_$ mk;Z^NH\HpP4{4N??Q.L#RSvs 'k{h O=^(u%t1%oPzz$P6KC61~X6F~WG 'JFp !|W~T?).$W} $Dgyw8Q51LdX{d03w'RzGc.Cp0%CsW:nbCh9H_[b lM['/bI ^VTcILI([EMAIL PROTECTED]f#{LjWJ~P~5~9gI$Hj6] pmmayEb3;4W)B-FkE_aceB5{v\DJe;L`a K$Xn4(%/aDR =*}v#v,R3$RQZ9E[EMAIL PROTECTED] Xo )!TrHSVJ~4W' aej [EMAIL PROTECTED]:R^rIVl!%nLG*/nQm=x*[EMAIL PROTECTED])h~MJ \_$'tn9[j/kSH'mTWVq;0/+lUNfC?4O5OL'.{O'PPyu t#2{h8]_: DqxZ-%=OM')Hj_PJ^Y59UcTL6p]H)I_q-:N!Z`w){Yp`fo8] }[RIp6T8_Y kUqI~'@-,QAV{6?x$;Uo|)Zn9`wKIR --=_NextPart_000_0003_C3B64F1A.FF39B22D Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The original content of this message part has been replaced by this text because it tested positive for the following virus(es): W32/MyDoom-O The original message has been quarantined pending further action by the mail administrator. For further information about the message and its delivery status, please contact the undersigned, and include the full content of this message. The identifier for this message is '42C5B5A4_19560_575_1'. This notification is being sent to you and any other original envelope recipient(s). To avoid creating a nuisance and to keep mail traffic under control, the original sender of the message has NOT been notified. However, you may want to notify the sender at your discretion. The Management PureMessage Admin [EMAIL PROTECTED] --=_NextPart_000_0003_C3B64F1A.FF39B22D--
Dual Configuration for OpenBSD
Dear folks, I have just installed my new system and everything went ok. Now i am dreaming on a new configuration i would like to hear from you if it is possible. My desktop video is Quadro NVS 280 PCI-E with support for two monitors. My current configuration mouse/keyboard are usb and connect to the monitor. I wonder if i could add another monitor with usb mouse and keyboard, of course and have a system where two users could be using at the same time. I mean a fully functional system with X and normal OBSD console on each set (monitor/mouse/keyboard). Thanks a lot for your time and cooperation. best regards.
Re: Ath0 on WRAP and OpenBSD 3.7
Also is it /etc/hostname.ath or /etc/hostname.ath0? Do you see the difference? It is of course /etc/hostname.ath0. But, before you muck around more with hostname.if, try the example from man ath: # ifconfig ath0 -bssid -chan media autoselect nwid -nwkey -powersave then: # ifconfig ath0 inet 192.168.1.1 255.255.255.0 NONE media autoselect mediaopt hostap nwid my_net chan 11 you have to add ifconfig ath0 (for obvious reasons) to the example in the man page. I have done this a number of times with the exact same card you have and it has worked every single time. I even changed the nwid from my_net to pigsfly and it worked fine. You also need to send your ifconfig -a along - you are not doing something correctly or the card is broke or I'm out of my mind... I found my problem, the default mode is 11a and the cards of my clients only support 11b/g. Including a `mode 11b` in the ifconfig/hostname.ath0 statement solved my problem. Steve Fettig Thanks for your help, Jonathan -- Jonathan Weiss [EMAIL PROTECTED] http://blog.innerewut.de
Re: Please help: DHCP over IPSec
C. L. Martinez wrote: Ok, but if i would like use windows ipsec native client. How can I assign virtual ip??? Or somebody knows any free vpn client taht works with virtual ip and x509 certs??? AFAIK, the windows native client does not support virtual IPs. I'm not aware of a free client that handles both IKECFG and x509. You might want to take a look at Greenbow. They produce a windows VPN client based off isakmpd. It's priced at 58 euros. IKE-mode is good but can be buggy with some clients. The best Windows clients for a pure IPSec connection are: a) Safenet (OEM) SoftRemote version 10.x (versions 9.x do not support AES). * Danke Harondel! *. Safenet supports PSK and X509 certs. It has very good support and stability and I believe is the best of the bunch. b) SSH.com's Sentinel Client 1.4.1 - This was the last release and is not longer available. However, you can find copies all over the net. (I do not want to paste direct links to the ftp site). Very good support for most configurations (PSK, X509) and also supports ike-mode configuration ( DHCP over IPSec). However, it's completely unsupported AFAIK. c) The GreenBow VPN Client - http://www.thegreenbow.com/vpn_tool.html - This is newest kid on the block. It's simple, fast, flexible and supports all encryption types. However, in my experience it's not stable. I ran it on Windows XP SP1 + Patches and each time my laptop would find and connect to another wireless AP, I would get a BSOD. Remove Greenbow and the problem goes away.. This is the only software I've found that can crash Windows XP that easily! It supports X509 certs, but it's not as easy to get them working. The links for tools for playing/extracting p12 x509 certs are broken on thegreenbow.com's website. If you want, I can forward you the copy of the tools. I cannot seem to have more than one X509 certificate/Root CA for it to work. So if you have more than one VPN connections, you may be out of luck. You can download an eval copy and play with the software and see if would fit your needs. I also happened to find an interesting project on freshmeat.net today: 3SP's SSL-Explorer (GPL) - http://3sp.com/showSslExplorer.do SSL-Explorer is the world's first open-source SSL VPN solution of its kind. This unique remote access solution provides users and businesses alike with a means of securely accessing network resources from outside the network perimeter using only a standard web browser. It's pretty neat actually! Anyways, my two cents. Warm Regards, -Bruno
Re: Honesty needed...
how about the mail store then? I suppose there'll have to be some coordinated (and thread-friendly) back-end mail store in place for these front-end mail servers (*i'm assuming simplistic load-balancing here - at the tcp level, rather than at the application level, or splitting via userid, so that the different userids are actually assigned to different mailstores). -jf On 7/2/05, Bob Beck [EMAIL PROTECTED] wrote: I concur. mail load is ideally suited for dividing up amongst multiple machines (with then multiple i/o busses, etc. etc.). I far prefer this method to the one big machine method. -Bob
Re: openbsd and dietlibc
On Fri, 1 Jul 2005, poncenby wrote: Why? OpenBSD's libc is pretty slim already. If you have need of a further cut-down libc, you could trim it more. Because I want dietlibc for a fnord installation and haven't got the time or experience to fiddle around and get fnord to work with anything but dietlibc. any chance of pointing me in the right direction? you don't have the ability to fix fnord, but you're going to port dietlibc to a new OS? if fnord will only work with dietlibc, seems like that's the problem and you should tell the author to fix it. -- And that's why Abbie Hoffman was such a boon for them.
OpenBSD torrent updating script available
There is now a script available to help keep your OpenBSD torrents up to date. There are details on how to use it available at: http://openbsd.somedomain.net/files/ You can use it to help seed, to keep up to date with the latest packages for the current release or anything in between. It works with the torrents available from: http://openbsd.somedomain.net/ Also available on the same site is a port for BitTorrent 4.0.1 for OpenBSD 3.6 and 3.7. l8rZ, -- andrew - ICQ# 253198 - JID: [EMAIL PROTECTED] Proud member: http://www.mad-techies.org BOFH excuse of the day: loop found in loop in redundant loopback