Re: pre-orders
On 08/03/06, patrick ~ <[EMAIL PROTECTED]> wrote: > > OK, I know this is very annoying and lame, but for > whatever reason I'm just very excited about my pre- > order, which I just placed! =) Doh ! You beat me to it. I think my emplyoer is making me attend some IPTV forum today, now where did my girlfriend put the 3.8 t-shirt... 3.9 order placed also, and she says I'm not organized. /Tony
Re: sshfs on OpenBSD
On Wed, 8 Mar 2006, Lars Hansson wrote: > On Tue, 07 Mar 2006 19:59:43 -0800 > smith <[EMAIL PROTECTED]> wrote: > > > Are there any plans for an OpenBSD implementation of sshfs? > > Or has someone successfully installed fuse and sshfs on OpenBSD > > (preferably 3.8)? > > IIRC, fuse is pretty tied to the Linux kernel so porting it would be > non-trivial at the best. On the other hand, OpenBSD's XFS filesystem hooks could be used to implement a userspace filesystem - that is effectively what AFS is. -d
Re: pre-orders
OK, I know this is very annoying and lame, but for whatever reason I'm just very excited about my pre- order, which I just placed! =) -> 2 Stop Blob! (L) -> 2 OpenBSD 3.9 CD -> 1 Wireframe Daemon Shirt (L, Navy Blue) -> USD DONATION to the OpenBSD Project I actually like this art work very much! Though I don't yet have a clue as to what it may be about =P Keep up the great work everyone! --patrick Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
CanSecWest/core06 Vancouver April 3-7
The call for papers is now closed and the proposals have been reviewed for the CanSecWest/core06 Applied Technical Security Conference held on April 5-7 2006 at the Mariott Renaissance Harbourside in Vancouver, B.C. Canada. The selected submissions are : An hour of Rap and Comedy about SAP - Steve Lord Next Generation Sebek - Edward Balas - Indiana University RF Bugsweeping - Tim Johnson - Technical Security Consultants Inc. Magstripe Madness - Major Malfunction Metasploitation (and a dash of IPS) - HD Moore - BreakingPoint Carrier VoIP Security - Nico Fischbach - COLT Attacking VoIP Networks - Hendrik Scholz - Freenet Cityline GmbH Security Issues Related to Pentium System Management Mode - Looc Duflot Advancements in Anonymous eAnnoyance - Christopher Abad - Cloudmark Real Time Threat Mitigation Techniques - Josh Ryder - University of Alberta Stunt Profiling: Securing a System While You Wait - Crispin Cowan - Novell Visualizing Source Code for Auditing - Lisa Thalheim Attacking Web Services - Alex Stamos, Scott Stender - iSEC Partners Reverse Engineering Microsoft Binaries - Alexander Sotirov - Determina Zen and the art of collecting and analyzing Malware - Fred Arbogast and Sascha Rommelfangen - S.E.S. Astra How to test an IPS - Renaud Bidou - RADWare Insiders View: Network Security Devices - Dennis Cox - BreakingPoint More on Uninitialized Variables - Halvar Flake Eric Byres - SCADA - BCIT Panel Discussion - Vulnerability Commercialization Terri Forslof, 3Com, Manager of Security Response Michael Sutton iDefense Labs, Director of iDEFENSE Labs Others TBA Vendor Elevator Focus Groups David Meltzer, Cambia Ofir Arkin, Insightix Others TBA Lightning Talks Some talks from the PacSec/core05 conference in Tokyo in November and the EUSecWest/core06 conference in London during February were highly rated and have been invited for encore presentations at CanSecWest: Attacking the IPv6 protocol suite - van Hauser - THC / n.runs GmbH Protecting the Infrastructure - Jim DeLeskie & Danny McPherson - Teleglobe, Arbor Networks Security Masters Dojo Courses April 3-5 Vancouver Network Reconnaissance with Nmap 4 - Fyodor & Doug Hoyte Network Vulnerability Scanning: Turning Nessus into Metasploit - Renaud Deraison & Nicolas Pouvesle Reverse Engineering: Rapid Bug Discovery and Input Crafting - Halvar Assembly for Exploit Writing - Gerardo Richarte Advanced IDS Deployment and Optimization - Marty Roesch Advanced Honeypot Tactics - Thorsten Holz Mastering the network with Scapy - Philippe Biondi Securing your critical Cisco network infrastructure - Nico Fischbach Practical 802.11 WiFi (In)Security - Cidric Blancher Bluetooth Auditing and Technology - Martin Herfurt, Adam Laurie, Marcel Holtmann Conference registration on line can be found at: http://cansecwest.com/register.html Security Masters Dojo Vancouver registration can be found at http://cansecwest.com/dojo.html cheers, --dr -- World Security Pros. Cutting Edge Training, Tools, and Techniques Vancouver, CanadaApril 3-7 2006 http://cansecwest.com pgpkey http://dragos.com/ kyxpgp
hardening openbsd firewall
Hi. I've set up several firewalls with OpenBSD but I have yet to go to any extremes regarding "hardening". So far I have updated the source (stable), recompiled the system & kernel, removed the source code, turned off inetd, and set up a tight pf.conf. I have been reading up on an interesting strategy of removing tons of executables, storing them on a cd, and setting up symlinks to the cd mount point so they can be accessed when needed. My firewall will be providing internet access (NAT) to a small office lan (not mine). What strategies are others using in this area? -- Peter Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: Why packets are not blocked
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mar 7, 2006, at 11:20 PM, Jim wrote: Has pfctl -k always been in pf or is this something that was new? It appears to have been introduced in 3.1. http://www.openbsd.org/cgi-bin/man.cgi? query=pfctl&apropos=0&sektion=8&manpath=OpenBSD +3.1&arch=i386&format=html - -- Bryan Allen [EMAIL PROTECTED] http://bda.mirrorshades.net Cyberpunk is dead. Long live cyberpunk. iD8DBQFEDmAh8DRlpnH/NmoRAqubAJ4uDOfVaI0JO22VOE3xwAilVrImSQCcDcRl 9icuLF8Y9p4KencHuhWsg44= =TTYE -END PGP SIGNATURE-
Fw: Fw: Why packets are not blocked
Has pfctl -k always been in pf or is this something that was new? - Original Message - From: "Ray Lai" <[EMAIL PROTECTED]> To: "Jim" <[EMAIL PROTECTED]> Cc: Sent: Tuesday, March 07, 2006 9:59 PM Subject: Re: Fw: Why packets are not blocked On Tue, Mar 07, 2006 at 09:48:14PM -0600, Jim wrote: >>don't forget to flush/kill states if you want existing connections to be torn down. How do I do that? pfctl -k -Ray-
Re: Why packets are not blocked
Steven wrote: > * Jim <[EMAIL PROTECTED]> [060307 20:36]: >> The problem is that if the kid is already logged into AOL Instant >> messenger, the connection is not broken. So even though she is >> grounded, she can still chat all day on AIM. Why isn't this pf.conf >> file blocking everything on that computer? > I'm not anything of a pf expert, but shouldn't this be expected if > you have keep state rules in your pf.conf? I mean, you've changed > the rule-set, but the connection was set up before the change, and pf > will want to keep allowing the packets from the connection to pass > as a result. > > Just my $0.02 CDN, even with the current exchange rates, still not > worth a lot. I'll let the real experts handle it from here. :-) Aye. You're flushing rules and NAT, but not your state table. Since the state is already established, rules aren't re-evaluated. Adding a state flush ought to get AOL wiped out. Just be mindful that if you have something going on (like an SSH session), those states will also get nailed.
Re: sshfs on OpenBSD
On Tue, 07 Mar 2006 19:59:43 -0800 smith <[EMAIL PROTECTED]> wrote: > Are there any plans for an OpenBSD implementation of sshfs? > Or has someone successfully installed fuse and sshfs on OpenBSD > (preferably 3.8)? IIRC, fuse is pretty tied to the Linux kernel so porting it would be non-trivial at the best. --- Lars Hansson
sshfs on OpenBSD
Are there any plans for an OpenBSD implementation of sshfs? Or has someone successfully installed fuse and sshfs on OpenBSD (preferably 3.8)?
Re: Fw: Why packets are not blocked
On Tue, Mar 07, 2006 at 09:48:14PM -0600, Jim wrote: > >>don't forget to flush/kill states if you want existing connections to > be torn down. > > How do I do that? pfctl -k -Ray-
Re: OptiPlex GX620n - OpenBSD
Mark Pecaut wrote: On 3/6/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: - Are they suitable to run OpenBSD on them. Here is a dmesg from a GX620. I can report that everything works quite well, including X. You prompted me to go back and take another shot at X on a Optiplex 620. I've (again) had no luck getting it to work with the standard, on-board video. What did you do to configure X on it? (I didn't see an extra video card in your dmesg). I can report that with a Pentium-D chip in them, a recent OpenBSD/i386 snapshot will use both cores on an O620 (I should test OpenBSD/amd64, I guess). SATA support seems to work pretty well, though I haven't really put it through its paces much with OpenBSD yet. The Minitower case will take an Accusys box nicely, though you have to leave off (or cut) the plastic bezel (it actually doesn't look all bad off) and you will not get an internal CD. Spend the extra $9 to get the PS/2 and second serial port adapter...even if you don't care now, you will wish you had it at SOME time in the future, and the $9 is cheaper than the USB converters that don't work as well. In spite of the case size, there are only two PCI slots in the minitower case, which is the same number as the smaller "desktop" case (and if you need that PS/2 adapter, you lost one of them...or the PCI Express slot). Nick.
Fw: Why packets are not blocked
don't forget to flush/kill states if you want existing connections to be torn down. How do I do that? Jim
Re: Why packets are not blocked
* Jim <[EMAIL PROTECTED]> [060307 20:36]: The problem is that if the kid is already logged into AOL Instant messenger, the connection is not broken. So even though she is grounded, she can still chat all day on AIM. Why isn't this pf.conf file blocking everything on that computer? I'm not anything of a pf expert, but shouldn't this be expected if you have keep state rules in your pf.conf? I mean, you've changed the rule-set, but the connection was set up before the change, and pf will want to keep allowing the packets from the connection to pass as a result. Just my $0.02 CDN, even with the current exchange rates, still not worth a lot. I'll let the real experts handle it from here. :-) -- W. Steven Schneider <[EMAIL PROTECTED]>
Why packets are not blocked
When my kid gets grounded I block the gameroom computer from getting to the internet. The script that runs is #!/bin/sh - cp /home/jmays/pf.conf.noGameroom /etc/pf.conf pfctl -F rules -f /etc/pf.conf pfctl -F nat -f /etc/pf.conf The file that becomes the pf.conf file is # pf.conf.noGameroom file # # Define useful variables # ExtIF ="dc0" # External Interface IntIF ="hme0" # Internal Interface loopbackIF="lo0" # Loopback Interface # IntNet ="192.168.100.0/24" # Our internal network Austin ="192.168.100.129" Gameroom="192.168.100.130" NoRouteIPs="{ 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 }" #Services="{ ssh, ftp }" Services="{ ssh }" # Clean up fragmented and abnormal packets scrub in all # nat on dc1 from 192.168.100.0/24 to any -> dc1 nat on $ExtIF from $Gameroom to any tag GAME -> ($ExtIF) nat on $ExtIF from $IntNet to any -> ($ExtIF) block out log quick on $ExtIF tagged GAME #pass anything on loopback pass out quick on $loopbackIF # don't allow anyone to spoof non-routeable addresses block in quick on $ExtIF from $NoRouteIPs to any block out quick on $ExtIF from any to $NoRouteIPs # by default, block all incoming packets, except those explicitly # allowed by further rules block in on $ExtIF all # allow others to use allowed services pass in on $ExtIF inet proto tcp from any to any port $Services \ flags S/SA keep state # and let out-going traffic out and maintain state on established connections # pass out all protocols, including TCP, UDP and ICMP, and create state, # so that external DNS servers can reply to our own DNS requests (UDP). block out log on $ExtIF all pass out log on $ExtIF inet proto tcp all flags S/SA keep state pass out log on $ExtIF inet proto udp allkeep state pass out log on $ExtIF inet proto icmp allkeep state # The problem is that if the kid is already logged into AOL Instant messenger, the connection is not broken. So even though she is grounded, she can still chat all day on AIM. Why isn't this pf.conf file blocking everything on that computer? Here is the tail of the pflog file while she is on Mar 07 20:30:43.516434 rule 14/0(match): pass out on dc0: 67.174.79.141.60805 > 64.12.174.121.80: S 3652110150:3652110150(0) win 65535 (DF) Mar 07 20:30:43.739711 rule 14/0(match): pass out on dc0: 67.174.79.141.52657 > 209.62.180.190.80: S 4073040009:4073040009(0) win 65535 (DF) Mar 07 20:30:43.960820 rule 14/0(match): pass out on dc0: 67.174.79.141.63494 > 216.39.69.77.80: S 3255465945:3255465945(0) win 65535 (DF) Mar 07 20:30:44.014579 rule 15/0(match): pass out on dc0: 67.174.79.141.60482 > 204.127.202.4.53: 46801+ A? spe.atdmt.com. (31) Mar 07 20:30:44.063887 rule 14/0(match): pass out on dc0: 67.174.79.141.60937 > 80.67.84.16.80: S 1960373362:1960373362(0) win 65535 (DF) Mar 07 20:31:02.940879 rule 14/0(match): pass out on dc0: 67.174.79.141.51753 > 204.127.198.10.110: S 2067644325:2067644325(0) win 65535 (DF) I don't even have 14 rules. Why is this passing on rule 14? Thanks Jim
Re: OBSD 3.8: bash, libiconv, libintl in rc.securelevel
On 3/7/06, Chris 'Xenon' Hanson <[EMAIL PROTECTED]> wrote: > yary wrote: > > Pardon me for giving what may be a naive answer, but how about putting > > /usr/local/lib into the LD_LIBRARY_PATH env variable before starting > > the wanrouter script? > >It's an obvious answer, but I figured there must be a good reason > (security?) that > /usr/local/lib _isn't_ in the LD_LIBRARY_PATH at that stage, and it didn't > seem like a > good idea for an installer to tamper with the system's LD_LIBRARY_PATH. > Partly I'm looking > for insight as to why it is the way it is currently. I can see it being a security thing, but you only have to set that environment variable for the subshell that's starting the wanrouter, not for the whole system at that stage of boot. This seems to work for /bin/sh: $ (export fff=rrr && echo $fff) rrr $ echo $fff $ You have to trust /usr/local enough to run the port/package in the first place... so try launching wanrouter with "(export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/lib && /bin/bash /usr/local/bin/wanrouter)" - your startup script will add the local libs to its search path but the rest of that bootup stage won't. And if that's incorrect someone will surely point out the error of my ways! -y
Re: OBSD 3.8: bash, libiconv, libintl in rc.securelevel
yary wrote: Pardon me for giving what may be a naive answer, but how about putting /usr/local/lib into the LD_LIBRARY_PATH env variable before starting the wanrouter script? It's an obvious answer, but I figured there must be a good reason (security?) that /usr/local/lib _isn't_ in the LD_LIBRARY_PATH at that stage, and it didn't seem like a good idea for an installer to tamper with the system's LD_LIBRARY_PATH. Partly I'm looking for insight as to why it is the way it is currently. -- Chris 'Xenon' Hanson | Xenon @ 3D Nature | http://www.3DNature.com/ "I set the wheels in motion, turn up all the machines, activate the programs, and run behind the scenes. I set the clouds in motion, turn up light and sound, activate the window, and watch the world go 'round." -Prime Mover, Rush.
Re: OBSD 3.8: bash, libiconv, libintl in rc.securelevel
On 3/7/06, Chris 'Xenon' Hanson <[EMAIL PROTECTED]> wrote: >I'm working on getting the Sangoma WANPIPE driver working under OpenBSD > 3.8 (mostly > working) and ran into a couple of little problems that I'm trying to find the > "right" way > to solve. > >The preferred setup is to run their "wanrouter" bash script in the > rc.securelevel > script, to load the driver module before securelevel is raised to where > module loading is > no longer permitted. > >So, the wanrouter script requires bash, which in turn requires libiconv > and libintl. > Libiconv and libintl normally install into /usr/local/lib, where bash finds > them just fine > once the system is fully booted. But, it seems that running the wanrouter > bash script from > rc.securelevel fails because at that point bash can't find libiconv and > libintl. I presume > that /usr/local/lib is not in the lib search path at that point. Pardon me for giving what may be a naive answer, but how about putting /usr/local/lib into the LD_LIBRARY_PATH env variable before starting the wanrouter script?
Re: OBSD 3.8: bash, libiconv, libintl in rc.securelevel
Chris 'Xenon' Hanson wrote: > While poking around, I see that there is a package for a static >version of bash: > >ftp://ftp.openbsd.org//pub/OpenBSD/3.8/packages/i386/bash-3.0.16p1-static.tgz > 2. For an automated installer, how would the installer know where to >get the proper package? The URL above works for 3.8, but will be wrong >for 3.9. Is there an environment variable or string that the installer >can expand to get the "3.8" or "3.9" portion of the URL? And then, how >does it figure out the exact package filename for the static version of >bash for a OS release it's never seen before? Without a heavy-duty web >search,how would it know that the 3.8 static release of bash was named >bash-3.0.16p1-static.tgz? It'd be nice if the script doesn't immediately >break and need updating when 3.9 comes out. We have the mechanisms in place for updates to figure this out. One can also currently install a package without knowing the exact version, through pkg stems. More thorough search mechanisms will be present in the next release. And it's likely automatic determinations of correct default location to grab a package will work. For the case at hand, something like PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/3.9/packages/i386/ sudo pkg_add -i bash ought to more or less work. It's currently not possible to specify a specific flavor without a version number, but interactive mode copes nicely. Your example is a bit unfortunate, since we decided it was not worth it to have a separate -static bash version. All in due time... there are no mechanisms yet to deal with this kind of meta issue, at least providing a `reasonable' update path for people who used to have a static bash version (okay, we do have some, it will replace the static version with the normal version).
Re: odd missing head of dmesg?
On Tue, Mar 07, 2006 at 11:44:50AM -0700, Theo de Raadt wrote: > > Some BIOS do not clear the memory, meaning the dmesg stays alive in > memory, and can get slightly corrupted especially if it wraps. As > well, OpenBSD avoids clearing the dmesg buffer if it appears sound, > because that allows debug information from a previous crash to remain. > > So you likely have two boot logs there. Indeed I have. Unexpected, but I can see its use. Thanks for clearing that up. Tor
Re: OBSD 3.8: bash, libiconv, libintl in rc.securelevel
Chris 'Xenon' Hanson wrote: While poking around, I see that there is a package for a static version of bash: ftp://ftp.openbsd.org//pub/OpenBSD/3.8/packages/i386/bash-3.0.16p1-static.tgz 2. For an automated installer, how would the installer know where to get the proper package? The URL above works for 3.8, but will be wrong for 3.9. Is there an environment variable or string that the installer can expand to get the "3.8" or "3.9" portion of the URL? And then, how does it figure out the exact package filename for the static version of bash for a OS release it's never seen before? Without a heavy-duty web search,how would it know that the 3.8 static release of bash was named bash-3.0.16p1-static.tgz? It'd be nice if the script doesn't immediately break and need updating when 3.9 comes out. Try something like this (combine wrapped lines as needed): $ ftp "ftp://ftp.openbsd.org/pub/OpenBSD/$(uname -r)/packages/$(uname -m)/bash-*-static.tgz" $ sudo pkg_add ./bash-*-static.tgz /Alexander
BSD Portal
For your information, the bsdportal which used to be at metawire.org/~liamfoy/bsdportal has changed to more reliable hosting at: liamjfoy.freeshell.org Update your bookmarks! Thanks! -- Liam J. Foy
Your Resume
Hello, We would like to take this opportunity to introduce you to ResumeBlaster.com. This letter is in response to your resume which was found on the internet. ResumeBlaster.com is an incredible way to market yourself into a new job. This is an opportunity for you to have your resume sent DIRECTLY to literally thousands of recruiters WAITING to receive resumes from people just like you! Customer satisfaction is GUARANTEED! Our website is located at: http://www.resumeblaster.com/rb Currently, 5,547 recruiters have subscribed to our service requesting resumes from job seekers. You may already be aware that the more recruiters that see your resume, the more opportunities you will know about. We even list ALL of our recruiters on our website to prove that we are legitimate and remember, customer satisfaction is GUARANTEED! You can sign up now or visit our recruiter listings at: http://www.resumeblaster.com/rb ResumeBlaster.com is the ORIGINAL Resume Distribution Service on the Internet. We started BLASTING resumes in 1997! Since then, over 47,000 customers have trusted us to blast their resume. We are the premiere Resume Distribution Service on the 'net. For more information visit our website at: http://www.resumeblaster.com/rb Sincerely, ResumeBlaster.com Staff http://www.resumeblaster.com/rb * If you have received this e-mail in error, please accept our apologies. This is not unsolicited e-mail. We are responding to job seekers who post their resume on the Internet. If you are not a job seeker, we apologize for our error. If you wish to contact us, please e-mail us at [EMAIL PROTECTED] If you do not want to receive future mailings from us, do nothing. If you like, you can send an e-mail to [EMAIL PROTECTED] with REMOVE in the subject line to ensure that you are removed. We maintain a DO NOT SEND database and have included your e-mail address, misc@openbsd.org, to ensure that you will NOT receive this message again at this e-mail address. Our address is 73 Whitebridge Rd, Suite 103-326, Nashville, TN 37205. This e-mail is a 'solicitation' within the meaning of Section 5(a)(5)(i) of P.L. No: 108-187 (2003). ** The number of recruiters who receive your resume is dependent upon your order.**
Re: odd missing head of dmesg?
> I did a checkout of 3.8 today (I installed from CD, so figured a source > update would be good), did config GENERIC, make clean && make depend && > make, installed it, and now I have an odd beginning to the dmesg.boot: > > $ head /var/run/dmesg.boot > " 686-class) 3.40 GHz > cpu0: > FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,CNXT-ID > real mem = 1333256192 (1302008K) > avail mem = 1208508416 (1180184K) > > Any idea why (the deraadt kernel on the 3.8 install media showed the usual > information)? > > Not terribly important I guess, just found it odd. Some BIOS do not clear the memory, meaning the dmesg stays alive in memory, and can get slightly corrupted especially if it wraps. As well, OpenBSD avoids clearing the dmesg buffer if it appears sound, because that allows debug information from a previous crash to remain. So you likely have two boot logs there.
odd missing head of dmesg?
Hi, I did a checkout of 3.8 today (I installed from CD, so figured a source update would be good), did config GENERIC, make clean && make depend && make, installed it, and now I have an odd beginning to the dmesg.boot: $ head /var/run/dmesg.boot " 686-class) 3.40 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,CNXT-ID real mem = 1333256192 (1302008K) avail mem = 1208508416 (1180184K) Any idea why (the deraadt kernel on the 3.8 install media showed the usual information)? Not terribly important I guess, just found it odd. Kind regards, Tor (Incidently the first time I've had a chance to install 3.8.)
Re: OBSD 3.8: bash, libiconv, libintl in rc.securelevel
From: [EMAIL PROTECTED] >2. For an automated installer, how would the installer > know where to get the proper > package? `machine -a` will pull the application architecture. `uname -r` will get your release. Don't know about magic for a package version. Perhaps pkg_add(1) can handle some of that with PKG_PATH set correctly. DS
Re: EPIA issues...
On Tue, March 7, 2006 06:18, Antoine Jacoutot wrote: > On Mon, 6 Mar 2006, poncenby smythe wrote: > > >> Does anyone else run a box similar to this? >> > > Yes, I have pretty much 3 of those running 24/7. > I've only got the one, but it's been on 24/7 for 3yrs with no probs. > > $ dmesg | grep cpu > cpu0: VIA Samuel 2 ("CentaurHauls" 686-class) 533 MHz > cpu0: FPU,DE,TSC,MSR,MTRR,PGE,MMX > cpu0 at mainbus0 > > My temp sensors are different though : > > > $ sysctl hw.sensors > hw.sensors.0=viaenv0, TSENS1, temp, 42.10 degC / 107.78 degF > hw.sensors.1=viaenv0, TSENS2, temp, 43.92 degC / 111.06 degF > hw.sensors.2=viaenv0, TSENS3, temp, 25.77 degC / 78.39 degF > hw.sensors.3=viaenv0, FAN1, fanrpm, 0 RPM hw.sensors.4=viaenv0, FAN2, > fanrpm, 0 RPM hw.sensors.5=viaenv0, VSENS1, volts_dc, 1.22 V > hw.sensors.6=viaenv0, VSENS2, volts_dc, 2.52 V hw.sensors.7=viaenv0, > Vcore, volts_dc, 3.28 V > hw.sensors.8=viaenv0, VSENS3, volts_dc, 4.98 V hw.sensors.9=viaenv0, > VSENS4, volts_dc, 11.89 V > and my temps are different again! # dmesg |grep cpu cpu0: VIA Samuel 2 ("CentaurHauls" 686-class) 533 MHz cpu0: FPU,DE,TSC,MSR,MTRR,PGE,MMX cpu0 at mainbus0 # sysctl hw.sensors hw.sensors.0=viaenv0, TSENS1, temp, 18.80 degC / 65.84 degF hw.sensors.1=viaenv0, TSENS2, temp, 60.60 degC / 141.08 degF hw.sensors.2=viaenv0, TSENS3, temp, 0.70 degC / 33.26 degF hw.sensors.3=viaenv0, FAN1, fanrpm, 0 RPM hw.sensors.4=viaenv0, FAN2, fanrpm, 0 RPM hw.sensors.5=viaenv0, VSENS1, volts_dc, 2.44 V hw.sensors.6=viaenv0, VSENS2, volts_dc, 2.45 V hw.sensors.7=viaenv0, Vcore, volts_dc, 1.98 V hw.sensors.8=viaenv0, VSENS3, volts_dc, 5.40 V hw.sensors.9=viaenv0, VSENS4, volts_dc, 12.37 V bizzare. > > (I set up an alarm with sensord if temp >= 50 degC which only happens > when compiling stuffs) > >> Does anyone know of any big advantages of Soekris boxes rather than >> EPIA? >> > > I don't know Soekris, but at a first glance I would say I don't... > > >> I've got a feeling the little box will just give up or even worse blow >> up. > > I can't help you with that. From what I've seen, those boxes are very > reliable here (they all have ani internal hard drive and are fanless and > runing 24/7). > > -- > Antoine
Re: EPIA issues...
On Mon, 6 Mar 2006, poncenby smythe wrote: Does anyone else run a box similar to this? Yes, I have pretty much 3 of those running 24/7. $ dmesg | grep cpu cpu0: VIA Samuel 2 ("CentaurHauls" 686-class) 533 MHz cpu0: FPU,DE,TSC,MSR,MTRR,PGE,MMX cpu0 at mainbus0 My temp sensors are different though : $ sysctl hw.sensors hw.sensors.0=viaenv0, TSENS1, temp, 42.10 degC / 107.78 degF hw.sensors.1=viaenv0, TSENS2, temp, 43.92 degC / 111.06 degF hw.sensors.2=viaenv0, TSENS3, temp, 25.77 degC / 78.39 degF hw.sensors.3=viaenv0, FAN1, fanrpm, 0 RPM hw.sensors.4=viaenv0, FAN2, fanrpm, 0 RPM hw.sensors.5=viaenv0, VSENS1, volts_dc, 1.22 V hw.sensors.6=viaenv0, VSENS2, volts_dc, 2.52 V hw.sensors.7=viaenv0, Vcore, volts_dc, 3.28 V hw.sensors.8=viaenv0, VSENS3, volts_dc, 4.98 V hw.sensors.9=viaenv0, VSENS4, volts_dc, 11.89 V (I set up an alarm with sensord if temp >= 50 degC which only happens when compiling stuffs) Does anyone know of any big advantages of Soekris boxes rather than EPIA? I don't know Soekris, but at a first glance I would say I don't... I've got a feeling the little box will just give up or even worse blow up. I can't help you with that. From what I've seen, those boxes are very reliable here (they all have ani internal hard drive and are fanless and runing 24/7). -- Antoine
Re: oBSD 3.9-Beta: -> changing mac to 11:22:33:44:55:66 ?
On Tue, Mar 07, 2006 at 06:42:09PM +0100, [EMAIL PROTECTED] wrote: > Hello everybody, > > During reading an mail on a Securityfocus-Mailinglist I noticed that it`s > not possible to change the lladdr-value of &any NIC to 11:22:33:44:55:66. > > With ath: > kerberos $ ifconfig ath0 lladdr 1a:2a:3a:23:e3:0f > kerberos $ ifconfig ath0 lladdr 11:22:33:44:55:66 > ifconfig: SIOCSIFLLADDR: Invalid argument > > With xl: > *cut* > kerberos $ ifconfig xl0 lladdr 11:22:33:44:55:66 > ifconfig: SIOCSIFLLADDR: Invalid argument > > With bge: > kerberos $ ifconfig bge1 lladdr 11:22:33:44:55:66 > ifconfig: SIOCSIFLLADDR: Invalid argument > > I didn`t found anything with google why the mac-adress 11:22:33:44:55:66 > should be invalid so I would thank everybody who knows the reason of this > behavior. > > Kind regards, > Sebastian > > p.s. > A noticed: other MACs work well 11:22:33:44:55:66 is a multicast MAC address and therefor not allowed as interface address. -- :wq Claudio
Re: Canges en FAQ an man page
On Tue, Mar 07, 2006 at 06:08:50PM +0100, Lasse Bach wrote: > > I have a small change to the pxeboot man page and the FAQ about the same > subject. > Where do I propose such changes? > the address given in the faq, the pxeboot developers, the man page developers, or [EMAIL PROTECTED] jmc
Re: OBSD 3.8: bash, libiconv, libintl in rc.securelevel
Chris 'Xenon' Hanson wrote: My hack solution was to symlink both libiconv and libintl into /usr/lib, which does seem to be in the lib search path at that point, but that seems like a poor solution. While poking around, I see that there is a package for a static version of bash: ftp://ftp.openbsd.org//pub/OpenBSD/3.8/packages/i386/bash-3.0.16p1-static.tgz I'm guessing this would solve the problem. But, it raises a couple of other questions: 1. If the user already has non-static bash installed, will installing this package cause problems, or will it require that the non-static package be removed first? 2. For an automated installer, how would the installer know where to get the proper package? The URL above works for 3.8, but will be wrong for 3.9. Is there an environment variable or string that the installer can expand to get the "3.8" or "3.9" portion of the URL? And then, how does it figure out the exact package filename for the static version of bash for a OS release it's never seen before? Without a heavy-duty web search,how would it know that the 3.8 static release of bash was named bash-3.0.16p1-static.tgz? It'd be nice if the script doesn't immediately break and need updating when 3.9 comes out. -- Chris 'Xenon' Hanson | Xenon @ 3D Nature | http://www.3DNature.com/ "I set the wheels in motion, turn up all the machines, activate the programs, and run behind the scenes. I set the clouds in motion, turn up light and sound, activate the window, and watch the world go 'round." -Prime Mover, Rush.
Re: I can't find my scsi hard drives...
If you want backups get a tape drive. Do not rely on disk for backups, especially if they are in the same machine. If you don't know how to do this I advice you to get some consulting. You are asking very basic administration questions and these lists are not the appropriate forum for that. I don't have the money for a tape drive. They are expensive. And most people are not writing bioctl so these questions are not "very basic". Thanks for your help before but give me a break here, I'm reading the man pages, I'm trying. Basicially you are saying if you don't know the answer then it might be a good question. Fuck that. http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
oBSD 3.9-Beta: -> changing mac to 11:22:33:44:55:66 ?
Hello everybody, During reading an mail on a Securityfocus-Mailinglist I noticed that it`s not possible to change the lladdr-value of &any NIC to 11:22:33:44:55:66. With ath: kerberos $ ifconfig ath0 lladdr 1a:2a:3a:23:e3:0f kerberos $ ifconfig ath0 lladdr 11:22:33:44:55:66 ifconfig: SIOCSIFLLADDR: Invalid argument With xl: *cut* kerberos $ ifconfig xl0 lladdr 11:22:33:44:55:66 ifconfig: SIOCSIFLLADDR: Invalid argument With bge: kerberos $ ifconfig bge1 lladdr 11:22:33:44:55:66 ifconfig: SIOCSIFLLADDR: Invalid argument I didn`t found anything with google why the mac-adress 11:22:33:44:55:66 should be invalid so I would thank everybody who knows the reason of this behavior. Kind regards, Sebastian p.s. A noticed: other MACs work well
Re: question about spamdb -a
hmm, on Tue, Mar 07, 2006 at 09:29:50AM -0700, Bob Beck said that > You seem to think there will be one grey entry. there could > be many, depending on how many combinations of FROM And TO have been > attempted from that IP address. interesting. yes, i was thinking in small :) > > seems like that if i have an ip both WHITE/GREY, and -d it, only > > the WHITE is gone. i don't know what is the "right" thing > > to expect here, i expected that both get nuked > > No, GREY entries are not keyed by IP - they are keyed by > tuple i.e. IP/FROM/TO ok, it seems to me that deleting GREY entries is basically meaningless (and not possible using spamdb -d?) and they should be just left to expire in any case, is that right? -f -- help you out? certainly! which way did you come in?
Re: VIA VT6102 support?
Just for the archives, my via stuff worked with 3.8 and early 3.9-beta (Feb 8). [EMAIL PROTECTED] dmesg | grep -i via.*rhine vr0 at pci0 dev 15 function 0 "VIA VT6105 RhineIII" rev 0x8b: irq 12, address 00:40:63:e0:e7:b0 vr1 at pci0 dev 18 function 0 "VIA RhineII-2" rev 0x74: irq 11, address 00:40:63:e0:e7:71 [EMAIL PROTECTED] OpenBSD 3.9-beta (GENERIC) #4: Wed Mar 1 23:20:36 GMT 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: VIA Samuel 2 ("CentaurHauls" 686-class) 601 MHz cpu0: FPU,DE,TSC,MSR,MTRR,PGE,MMX real mem = 234401792 (228908K) avail mem = 206913536 (202064K) using 2886 buffers containing 11821056 bytes (11544K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(d9) BIOS, date 03/11/04, BIOS32 rev. 0 @ 0xface0 apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown apm0: flags 70102 dobusy 1 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xf/0xdba4 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdb10/144 (7 entries) pcibios0: PCI Exclusive IRQs: 9 11 12 pcibios0: PCI Interrupt Router at 000:17:0 ("VIA VT82C596A ISA" rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0xe000 0xd/0x8000! cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 "VIA VT8623 PCI" rev 0x00 ppb0 at pci0 dev 1 function 0 "VIA VT8633 AGP" rev 0x00 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 "VIA CLE266" rev 0x03: aperture at 0xd800, size 0x1000 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) vr0 at pci0 dev 15 function 0 "VIA VT6105 RhineIII" rev 0x8b: irq 12, address 00:40:63:e0:e7:b0 ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 9: OUI 0x09, model 0x4063 uhci0 at pci0 dev 16 function 0 "VIA VT83C572 USB" rev 0x80: irq 11 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 16 function 1 "VIA VT83C572 USB" rev 0x80: irq 11 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 16 function 2 "VIA VT83C572 USB" rev 0x80: irq 9 usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered ehci0 at pci0 dev 16 function 3 "VIA VT6202 USB" rev 0x82: irq 12 usb3 at ehci0: USB revision 2.0 uhub3 at usb3 uhub3: VIA EHCI root hub, rev 2.00/1.00, addr 1 uhub3: 6 ports with 6 removable, self powered viapm0 at pci0 dev 17 function 0 "VIA VT8235 ISA" rev 0x00 iic0 at viapm0 pciide0 at pci0 dev 17 function 1 "VIA VT82C571 IDE" rev 0x06: ATA133, channel 0 configured to compatibility, channel 1 configured to c ompatibility atapiscsi0 at pciide0 channel 0 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: <, 24X CD DRIVE S, CV01> SCSI0 5/cdrom removable wd0 at pciide0 channel 0 drive 1: wd0: 16-sector PIO, LBA48, 38154MB, 78140160 sectors cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 wd0(pciide0:0:1): using PIO mode 4, Ultra-DMA mode 2 pciide0: channel 1 disabled (no drives) auvia0 at pci0 dev 17 function 5 "VIA VT8233 AC97" rev 0x50: irq 9 ac97: codec id 0x56494161 (VIA Technologies VT1612A) ac97: codec features headphone, 18 bit DAC, 18 bit ADC, KS Waves 3D audio0 at auvia0 vr1 at pci0 dev 18 function 0 "VIA RhineII-2" rev 0x74: irq 11, address 00:40:63:e0:e7:71 ukphy1 at vr1 phy 1: Generic IEEE 802.3u media interface, rev. 10: OUI 0x0a, model 0x4063 isa0 at mainbus0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: spkr0 at pcppi0 sysbeep0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 viasio0 at isa0 port 0x2e/2: VT1211 rev 0x02: HM WDG: not activated viasio1 at isa0 port 0x4e/2: VT1211 rev 0x02: HM: not activated WDG: not activated npx0 at isa0 port 0xf0/16: using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo pccom2 at isa0 port 0x3e8/8 irq 5: ns16550a, 16 byte fifo biomask ff45 netmask ff45 ttymask ffc7 pctr: user-level cycle counter enabled dkcsum: wd0 matches BIOS drive 0x80 root on wd0a rootdev=0x0 rrootdev=0x300 rawdev=0x302 pppoe0: phase establish pppoe0: phase authenticate pppoe0: phase terminate pppoe0: phase authenticate pppoe0: phase network -- Tony Sarendal - [EMAIL PROTECTED] IP/Unix -= The scorpion replied, "I couldn't help it, it's my nature" =-
OBSD 3.8: bash, libiconv, libintl in rc.securelevel
I'm working on getting the Sangoma WANPIPE driver working under OpenBSD 3.8 (mostly working) and ran into a couple of little problems that I'm trying to find the "right" way to solve. The preferred setup is to run their "wanrouter" bash script in the rc.securelevel script, to load the driver module before securelevel is raised to where module loading is no longer permitted. So, the wanrouter script requires bash, which in turn requires libiconv and libintl. Libiconv and libintl normally install into /usr/local/lib, where bash finds them just fine once the system is fully booted. But, it seems that running the wanrouter bash script from rc.securelevel fails because at that point bash can't find libiconv and libintl. I presume that /usr/local/lib is not in the lib search path at that point. My hack solution was to symlink both libiconv and libintl into /usr/lib, which does seem to be in the lib search path at that point, but that seems like a poor solution. If I need to run the wanrouter bash script from rc.securelevel, what is the proper way to ensure bash finds the pieces it needs to run? I'd like to advise Sangoma on how to adjust their install script so that it works right every time without the user having to know what paths to hack. Thanks in advance for any advice. -- Chris 'Xenon' Hanson | Xenon @ 3D Nature | http://www.3DNature.com/ "I set the wheels in motion, turn up all the machines, activate the programs, and run behind the scenes. I set the clouds in motion, turn up light and sound, activate the window, and watch the world go 'round." -Prime Mover, Rush.
Canges en FAQ an man page
Hi, I have a small change to the pxeboot man page and the FAQ about the same subject. Where do I propose such changes? - Lasse Bach
Re: VIA VT6102 support?
On Mon Mar 6 17:36:23 2006, Jonathan Gray wrote: > > On Mon, Mar 06, 2006 at 03:27:42PM -0800, Iain Morgan wrote: > > Hello, > > > > I recently installed 3.8/amd64 on a Sempron-based system with a VIA VT6102 > > based network interface. The network interface was detected, but no carrier > > was found. Everything else worked fine. > > > > I don't see any reference to the VT6102 in either INSTALL.amd64 or > > INSTALL.i386. > > However, a Google search indicates that suppport was added in v2.8 and was > > tweaked in v3.0. > > > > I didn't really have the luxury to explore the issue much. After eliminating > > the cable as a possible issue, I installed another OS (NetBSD) and now have > > networking. However, I would much rather run OpenBSD. Has anyone had any > > luch > > with the VT6102 under 3.8? > > > > Thanks > > Sure you don't have a VT6103? There was a fix relating to them that > went in after 3.8. Perhaps try a snapshot and see if that helps. > I'm certain it's a VT6102 (Rhine-II). However, since the machine is at home and I'm at work, I cannot conrirm that at present. -- Iain Morgan
Re: Linuxforum 2006 from a OpenBSD perspective.
* per engelbrecht <[EMAIL PROTECTED]> [2006-03-05 12:42]: > Another OpenBSD speaker that enriched LF06 with his presence, was > Henning Brauer. Henning talked about OpenBGPD and with his 60+ pages > long NANOG36 slideshow and only 50 minutes to his disposal, Henning made actually it was not the nanog slides, I prepared this set for this event :) they're at http://bulabula.org/papers/linuxforum2006/ > a spectacular 24fps-alike briliant talk about the topic. He even > finished on time AND had time to answer question and of course praise > the Cisco routers a little :) next time I'll go for 80 slides in 50 minutes! fun event. recommended. -- BS Web Services, http://www.bsws.de/ OpenBSD-based Webhosting, Mail Services, Managed Servers, ... Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie)
Re: Off Topic! Re: OpenBSD Cap
> Make one. > I once made a temporary openbsd tattoo on my forearm using a sharpie > marker. Being surrounded by penguin lovers I have to fight back. I have a real one, check this out: http://www.orkut.com/Album.aspx?xid=14361074768919339780 Now it is complete, I'll post an updated picture as requested. Regards, -- Eduardo Alvarenga
Re: question about spamdb -a
* frantisek holop <[EMAIL PROTECTED]> [2006-03-07 03:15]: > hmm, on Mon, Feb 27, 2006 at 03:12:14PM -0700, Bob Beck said that > > because you're only added the whitelist entry, not deleted > > a grey one. > > > > The grey entry is harmless, it will get reaped out of there > > in 4 hours when it expires.. > > wouldn't it make sense to delete the grey entry if one adds an ip > using -a? Why? I don't think it makes sense to delete when adding. You seem to think there will be one grey entry. there could be many, depending on how many combinations of FROM And TO have been attempted from that IP address. > > seems like that if i have an ip both WHITE/GREY, and -d it, only > the WHITE is gone. i don't know what is the "right" thing > to expect here, i expected that both get nuked No, GREY entries are not keyed by IP - they are keyed by tuple i.e. IP/FROM/TO > > but if -a took care of the GREY entry, these ambiguities would go away. > or could be in the man page please. > -a adds, just like it says in the man page. it does not delete. > (this is a 3.8 stable) > > -f > -- > an optimist invented an airplane; a pessimist a parachute. > -- | | | The ASCII Fork Campaign \|/ against gratuitous use of threads. |
SonyEricsson GC89
On Tuesday 07 March 2006 08:38, you wrote: > CVSROOT: /cvs > Module name: src > Changes by: [EMAIL PROTECTED] 2006/03/07 00:38:16 > > Modified files: > sys/dev/cardbus: com_cardbus.c > > Log message: > Add support for the serial interface to the UMTS/GPRS/GSM modem > portion of the Sony Ericsson GC89 card. > > From Felix Kronlage. Ok, so that means that the GPRS modem part of the card should be usable now. What about the WLAN chipset of it? Any info about that? This card is offered by some providers here, and it wouldbe neat to have such a toy - and even nicer if it would be working ;) -- viq
Off Topic! Re: OpenBSD Cap
Make one. I once made a temporary openbsd tattoo on my forearm using a sharpie marker. Being surrounded by penguin lovers I have to fight back. On Tue, 7 Mar 2006, [EMAIL PROTECTED] wrote: This is offtopic, I would like to have a cap of openbsd, where can I buy one of these?, they don't sell them at the official site. Is it possible to buy these caps from the site?. Thanks. __ Visita http://www.tutopia.com y comienza a navegar mas rapido en Internet. Tutopia es Internet para todos.
Re: I can't find my scsi hard drives...
If you want backups get a tape drive. Do not rely on disk for backups, especially if they are in the same machine. If you don't know how to do this I advice you to get some consulting. You are asking very basic administration questions and these lists are not the appropriate forum for that. On Tue, Mar 07, 2006 at 07:52:32AM -0800, Openbsd User wrote: > >it seems to me that you are still not understanding what is > >happening here. i get the impression that you want to write these backup > >scripts to avoid data loss in the event of a disk failure? > not just a disk failure but mostly in case my client does something that > they shouldn't and realize it a few days later. I'm only trying to create a > archive of backups. So it would backup the sytem every day and every week > it would save one of the backups to another directory while continuing to > overwrite the other weekly backups and doing the same with a monthly backup > while overwriting the weekly backups. So I would have 7 daily backups, 52 > weekly backups and 12 yearly backups when the system is full. > > >if you're only trying to avoid data loss when a disk fails, then > >stop writing your backups scripts and start writing a cronjob that mails > >you when bioctl reports one of your disks as failed. > Do I have to parse sudo bioctl ami0 or is there a way to run bioctl and get > an true/false value for the alarm status? I tried sudo bioctl ami0 -a get > ami0 but that returns a value reporting wether or not the alarm is enabled. > > Thanks! > http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
Re: I can't find my scsi hard drives...
>it seems to me that you are still not understanding what is happening here. i get the impression that you want to write these backup scripts to avoid data loss in the event of a disk failure? not just a disk failure but mostly in case my client does something that they shouldn't and realize it a few days later. I'm only trying to create a archive of backups. So it would backup the sytem every day and every week it would save one of the backups to another directory while continuing to overwrite the other weekly backups and doing the same with a monthly backup while overwriting the weekly backups. So I would have 7 daily backups, 52 weekly backups and 12 yearly backups when the system is full. >if you're only trying to avoid data loss when a disk fails, then stop writing your backups scripts and start writing a cronjob that mails you when bioctl reports one of your disks as failed. Do I have to parse sudo bioctl ami0 or is there a way to run bioctl and get an true/false value for the alarm status? I tried sudo bioctl ami0 -a get ami0 but that returns a value reporting wether or not the alarm is enabled. Thanks! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
OpenBSD Cap
This is offtopic, I would like to have a cap of openbsd, where can I buy one of these?, they don't sell them at the official site. Is it possible to buy these caps from the site?. Thanks. __ Visita http://www.tutopia.com y comienza a navegar mas rapido en Internet. Tutopia es Internet para todos.
Re: Linuxforum 2006 from a OpenBSD perspective.
Felix Kronlage wrote: On Sun, Mar 05, 2006 at 12:37:35PM +0100, per engelbrecht wrote: Wim also made a last minute sensational save for Felix Kronlage and held the 'Mobility with OpenBSD' talk. Wim is very meticulous and has a very plesant way of communicating / presenting the material. sadly work prevented me from attending linuxforum and giving the talk myself. I was very happy, when Wim agreed to play my substitute and tried to prep the talk in a way that he'd be able to give it. Hi Felix, Well I hope to see you attending LF some day, that would be nice. About the work part you can rest assured, everybody understands that. Judging from the way the organizers approached the speakers before the conference, it does seem like a very well organized conference. It is! The best /per [EMAIL PROTECTED] felix
Re: massive memory leak in 3.8-stable samba
> One of my production machines (3.8-stable) has suddenly started > panicing every couple of hours. I found out that the culprit is smbd, > eating through memory like there's no tomorrow (approx. 10Mb / > minute! ). Can't figure out what has triggered it, nothing changed on > the machine lately and there is only one active w2k client, writing a 2.5kB file every 15 seconds or so. > I'd be glad of any assistance, even pointing out any stupid mistakes I > have made, because this is driving me nuts. I ran into something very similar recently. In my case I eventually discovered that one user was writing to a folder containing 22,000 files. Avoiding this folder has entirely solved the problem. (Or at least worked around it.) FWIW, the Samba logs were helpful only inasmuch as they pointed me to the user who was "causing" the problem. I had to sit down and watch her operate to find out what she was doing... Perhaps (indeed probably) not relevant to your problem, but might give you some ideas. If you're writing a file every 15s, perhaps your problem is related to mine. Steve http://www.fivetrees.com
Re: Dependancies with make search key=
Hello! On Wed, Mar 01, 2006 at 03:10:43PM +0100, Marc Espie wrote: >[...] >make search key= >is more or less deprecated... What exact replacement do you have in eye for the use case of finding where in the ports tree a port is (i.e. if one actually wants to use a port rather than a package)? Kind regards, Hannah.
PCI - DVB support
[EMAIL PROTECTED] wrote: Hello, I try use PCI-DVB card SkyStar2 as DVB network adapter (manufactured by www.technisat.de) under current release OpenBSD. As I understand this device is unsupported in current :( maybe it possible enable support in future. Also I`m interesting for any PCI-DVB card which is supported in OpenBSD. Also see ny dmesg output here http://pastebin.com/585060 you probably looking for http://www.alloyant.com/dvb/skystar_obsd.tgz http://www.alloyant.com/dvb/dvbd_obsd.tgz
Re: tcpdump, rulenum, and pflog
Quoting Joachim Schipper <[EMAIL PROTECTED]>: On Mon, Mar 06, 2006 at 03:31:51PM -0500, [EMAIL PROTECTED] wrote: I'm trying to use tcpdump capture traffic on the external interface of my NAT/firewall/web/mail/etc. system in a quasi-private way, specifically by excluding any traffic that comes from or is ultimately destined to NAT'ed boxes. Since packets which go from or to 192.168.2.0/24 are NAT'ed before (and probably after) tcpdump sees them, I don't believe I can accomplish this with a simple "not net 192.168.2.0/24" filter on tcpdump; thus, I've turned to the "rulenum" or "rdr" feature of tcpdump's filter criteria, which works on packets logged by pf(4). I know that if I simply enable logging on all of the packets I want to see, using pf-based tcpdump filter criteria works like a charm. The problem I have is that doing so will make for a rather gigantic /var/log/pflog very quickly, a situation I'd like to avoid if possible (for disk space and possible performance issues). Thus, my question is: is it possible to enable pf logging without writing to /var/log/pflog, while still preserving tcpdump's ability to see packets on the pflog0 interface? Alternately, is there a better/simpler way to accomplish my tcpdump objective of not logging packets coming from or destined to NAT'ed boxes? Actually, pf(4) does not log anything at all - pflogd(8) does. I routinely run pf(4) without pflogd(8) - it allows for easy debugging without filling the disk. ...which sounds like almost precisely what I'm trying to do. Judging from the fact that I'm able to run "tcpdump -n -i pflog0 -w traffic.pcap" and catch packets even after killing off pflogd(8), it looks like you've provided me with an excellent answer. Thanks! Alex Kirk
Re: Can't find my hard drives - complete dmesg
your two physical disks are hidden by the raid controller. from your other posts its obvious theyre showing up as one logical disk. bioctl ami0 will find your "missing" disks. dlg On 07/03/2006, at 5:05 AM, Openbsd User wrote: opps, I forgot to post the entire dmesg. (Thanks Steve!) OpenBSD 3.8 (GENERIC) #138: Sat Sep 10 15:41:37 MDT 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Xeon(TM) CPU 3.00GHz ("GenuineIntel" 686-class) 3 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE3 6,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,CNXT-ID real mem = 2146807808 (2096492K) avail mem = 1952915456 (1907144K) using 4278 buffers containing 107442176 bytes (104924K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(00) BIOS, date 09/22/05, BIOS32 rev. 0 @ 0xffe90 pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfb140/272 (15 entries) pcibios0: PCI Interrupt Router at 000:31:0 ("Intel 82801EB/ER LPC" rev 0x00) pcibios0: PCI bus #9 is the last bus bios0: ROM list: 0xc/0xb000! 0xcb000/0x1000 0xcc000/0x1000 0xcd000/0x2200 0xec000/0x4000! cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 "Intel E7710 SMCH" rev 0x09 ppb0 at pci0 dev 2 function 0 "Intel E7710 MCH PCIE" rev 0x09 pci1 at ppb0 bus 1 ppb1 at pci1 dev 0 function 0 "Intel IOP331 Channel 0" rev 0x06 pci2 at ppb1 bus 2 ami0 at pci2 dev 14 function 0 "Dell PERC 4e/Di" rev 0x06: irq 7 Dell 16c/32b ami0: FW 521S, BIOS vH430, 256MB RAM ami0: 1 channels, 0 FC loops, 1 logical drives scsibus0 at ami0: 40 targets sd0 at scsibus0 targ 0 lun 0: SCSI2 0/ direct fixed sd0: 139900MB, 17834 cyl, 255 head, 63 sec, 512 bytes/sec, 286515200 sec total scsibus1 at ami0: 16 targets safte0 at scsibus1 targ 6 lun 0: SCSI2 3/ processor fixed ppb2 at pci1 dev 0 function 2 "Intel IOP331 Channel 1" rev 0x06 pci3 at ppb2 bus 3 ppb3 at pci0 dev 4 function 0 "Intel E7710 MCH PCIE" rev 0x09 pci4 at ppb3 bus 4 ppb4 at pci0 dev 5 function 0 "Intel E7710 MCH PCIE" rev 0x09 pci5 at ppb4 bus 5 ppb5 at pci5 dev 0 function 0 "Intel PCIE-PCIE" rev 0x09 pci6 at ppb5 bus 6 em0 at pci6 dev 7 function 0 "Intel PRO/1000MT (82541GI)" rev 0x05: irq 11, address: 00:14:22:23:9a:d7 ppb6 at pci5 dev 0 function 2 "Intel PCIE-PCIE" rev 0x09 pci7 at ppb6 bus 7 em1 at pci7 dev 8 function 0 "Intel PRO/1000MT (82541GI)" rev 0x05: irq 3, address: 00:14:22:23:9a:d8 ppb7 at pci0 dev 6 function 0 "Intel E7710 MCH PCIE" rev 0x09 pci8 at ppb7 bus 8 uhci0 at pci0 dev 29 function 0 "Intel 82801EB/ER USB" rev 0x02: irq 11 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 29 function 1 "Intel 82801EB/ER USB" rev 0x02: irq 10 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 29 function 2 "Intel 82801EB/ER USB" rev 0x02: irq 7 usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered ehci0 at pci0 dev 29 function 7 "Intel 82801EB/ER USB" rev 0x02: irq 5 usb3 at ehci0: USB revision 2.0 uhub3 at usb3 uhub3: Intel EHCI root hub, rev 2.00/1.00, addr 1 uhub3: 6 ports with 6 removable, self powered ppb8 at pci0 dev 30 function 0 "Intel 82801BA AGP" rev 0xc2 pci9 at ppb8 bus 9 vga1 at pci9 dev 13 function 0 "ATI Radeon VE QY" rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) ichpcib0 at pci0 dev 31 function 0 "Intel 82801EB/ER LPC" rev 0x02 pciide0 at pci0 dev 31 function 1 "Intel 82801EB/ER IDE" rev 0x02: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility atapiscsi0 at pciide0 channel 0 drive 0 scsibus2 at atapiscsi0: 2 targets cd0 at scsibus2 targ 0 lun 0: SCSI0 5/cdrom removable cd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 pciide0: channel 1 disabled (no drives) isa0 at ichpcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: spkr0 at pcppi0 sysbeep0 at pcppi0 npx0 at isa0 port 0xf0/16: using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 biomask ffe5 netmask ffed ttymask ffef pctr: user-level cycle counter enabled uhub4 at uhub3 port 3 uhub4: Dell product 0xa001, rev 2.00/0.00, addr 2 uhub4: 2 ports with 2 removable, self powered, multiple transaction translators dkcsum: sd0 matches BIOS drive 0x80 root on sd0a rootdev=0x400 rrootdev=0xd00 rawdev=0xd02 _ Dont just search. Find. Check out the new MSN Search! http:// search.ms
Re: I can't find my scsi hard drives...
On 07/03/2006, at 6:53 AM, Openbsd User wrote: > > What does "bioctl ami0" say (assuming you have at least 3.8, next time > > post a complete dmesg!). > > $ sudo bioctl ami0 > Volume Status Size Device > ami0 0 Online 146695782400 sd0 RAID1 > 0 Online 146811125760 0:0.0 safte0 ATLAS10K5_146SCAJNZY> > 1 Online 146811125760 0:1.0 safte0 ATLAS10K5_146SCAJNZY> > > Does this mean that there are two drives in my system working as raid device? Yes, a RAID1 config to be precice. -Otto in my fstab, I have them all mounted as sd0 but I planned on writing a backup script to archive the important data to the other drive. So I need to access sd1. Is that possible without reinstalling? it seems to me that you are still not understanding what is happening here. i get the impression that you want to write these backup scripts to avoid data loss in the event of a disk failure? you are right about the computer having two physical disks. however, these are plugged into a raid controller, which is configured to mirror the two physical disks. the operating system (openbsd) only sees this mirror, not the actual disks. if one of the physical disks fails, the raid controller will continue to happily use the other disk. you wont lose data, and you wont lose uptime either since the system is still running. to recover from the disk failure simply swap the bad disk out and the controller should mirror from the good disk to the new disk and regain its redundancy. if you're only trying to avoid data loss when a disk fails, then stop writing your backups scripts and start writing a cronjob that mails you when bioctl reports one of your disks as failed. dlg
Re: aac question...
aac is still not built as part of openbsd for the same reasons it was disabled: we cant support it without documentation. to use the raid controller you're going to have to build custom kernels (and maybe custom install images) with aac enabled. or you can disable the raid controller in the bios, ahc will appear, and you'll be able to use it as a straight scsi controller to install on. you could look for a perc3/dc (which is megaraid based) and use that. that's what i do on my pe2500. dlg On 07/03/2006, at 3:02 AM, Per-Olov Sjvholm wrote: On Monday 06 March 2006 17.58, you wrote: On Mon, Mar 06, 2006 at 05:51:18PM +0100, Per-Olov Sj?holm wrote: Hi misc I have earlier bought Adaptec cards and have seen a lot of the problems with the buggy Adaptec firmware code. I have used 2410SA among others. These adaptec cards have cost me *very* much trouble. Therefor I now use only LSI MegaRAID for new servers and in customer recommendations. However... I have an old Dell 2450 with an Adaptec Perc 3/Si controller. I will try to use this as a web and ftp server instead of buying new hardware if the Adaptec crap card is stable. I think of building a 3.8 stable cd with aac support for it. The question: Is this Perc 3/Si card stable on 3.8? If not... Is it stable with the latest changes I have seen in cvs (aac_pci.c version 1.16). it's olrite w/ the latest changes. you should probably get 3.9 when it's out. cu Does it mean it acts like the old problem (i.e timeout) if going for 3.8 stable and not going for anything later that the aac fixes in aac_pci.c version 1.16? Thanks Per-Olov -- GPG keyID: 4DB283CE GPG fingerprint: 45E8 3D0E DE05 B714 D549 45BC CFB4 BBE9 4DB2 83CE
Re: EPIA issues...
On 2006/03/07 13:28, michael hamerski wrote: > Things you can try: > > - get a zalman fan mate (or similar) Running 12V fans at 7V often works nicely (easily achieved with PC hardware by connecting the fan to 5V and 12V rather than 0V and 12V). > A little airflow as opposed to none can make a big difference. Yes, and of course you can use sensorsd to monitor the effect of this (and the symon package to graph it).
Re: EPIA issues...
hw.sensors.9=viaenv0, VSENS4, volts_dc, 12.07 V the top temp. I have seen for TSENS2 is 60.60 degC. Does anyone else run a box similar to this? Does anyone know of any big advantages of Soekris boxes rather than EPIA? I've got a feeling the little box will just give up or even worse blow up. hi, I have a few m1's running fine with fans. IIRC, VIA for some reason dropped CPU temp from their last BIOS revisions. Go figure. I did some testing running it fanless with a larger heatsink (Zalman VGA originally) and it would get flaky above ~66 C with random hangs and reboots, so I stopped that. This is from memory. This would also depend in part on your case and power supply. Things you can try: - get a quieter fan, the original one is pretty crap. - get a larger heatsink, possibly voiding your warranty. - get a zalman fan mate (or similar) it goes between your fan and mainboard and allows fan speed to be regulated with a knob. A little airflow as opposed to none can make a big difference. you can check out the various projects on say mini-itx.com to get an idea how far people have pushed these boards. mike
Heimdal in OpenBSD
Hi There Our two OpenBSD 3.8 KDC's are working nicely, but the latest security announcements from heimdal resulted in some questions from the sysadm. As far as I can see the issues only involves deprecated services like telnet and rsh which are disabled anyway. In 3.8 heimdal 0.6.3 (+patches) is default, but there are 0.6.6 and 0.7.2 releases on the heimdal homepage. Should I upgrade manually or are there good reasons not to? Are there a good reason not to use the 0.7.x branch? BTW I'm thinking about hacking heimdal to make it use CryptoCard OTP tokens. Has anybody else tried this? My idea was use the quicklog mode and simplify things by synchronizing the token via a seperate channel (eg. a web service). Regards, Tom -- Tom Helmer Hansen IT security consultant Roskilde University, Denmark Direct: +45 4674 3720 Mobile: +45 2887 0055
Re: question about spamdb -a
hmm, on Mon, Feb 27, 2006 at 03:12:14PM -0700, Bob Beck said that > because you're only added the whitelist entry, not deleted > a grey one. > > The grey entry is harmless, it will get reaped out of there > in 4 hours when it expires.. wouldn't it make sense to delete the grey entry if one adds an ip using -a? seems like that if i have an ip both WHITE/GREY, and -d it, only the WHITE is gone. i don't know what is the "right" thing to expect here, i expected that both get nuked but if -a took care of the GREY entry, these ambiguities would go away. or could be in the man page please. (this is a 3.8 stable) -f -- an optimist invented an airplane; a pessimist a parachute.
This is NOT a complaint (or any other flavour of whining)
Quite a bit of my life revolves around doing good firewalls with OpenBSD. I don't do X things very often - I have too little priority time to devote to learning all the gooey tricks. I don't need those things for paid work. Hence I use the XP that I have to have for interoperability tests to look at pix and sometimes to record some Opera or early jazz. Enough of the scenario. Every time I checkout snapshots I exercise all the OS features I use often enough to claim some expertise with + all the packages we often use so that I can report back to the OS guys and to Espie. The 3.9 beta snaps have been the least trouble of any. Not that there were problems earlier but some new things in the past required a bit more careful study. I'd have to say the latest man pages must be getting clearer or else I finally have a clue. Whatever... The very last thing I test (no surprise here) is typing startx at a prompt. That has worked for the last several releases. It doesn't work on the snaps I've tested so far for 3.9. It ain't no showstopper for me as you have guessed but if I am the only one with the problem it isn't a problem. If someone needs a log of what X does I can supply it. The only reason I ever do startx is because I often gobsmack users of other OSes and glorified program loaders by doing an OpenBSD install from CD in about 5 minutes, rebooting and getting httpd up in a minute more and doing startx to prove that we didn't skip the gooey. The times include a "listen or miss it" explanation of disklable selections. I don't know why startx started working a while back or how I found out that it did. If the snaps are supposed to work as they do hit me with a clue. Either way I'm out of here: This is NOT a plea for help. If I want X I'll spend the time but for now it doesn't pay. End of noise! >From the land "down under": Australia. Do we look from up over? Do NOT CC me - I am subscribed to the list. Replies to the sender address will fail except from the list-server.
Re: EPIA issues...
I'll second the observation that hot machines flake in odd ways. It's not just the processor- hot memory is also unpredictable- hard drive controllers- "northbridge"- you name it- there are many essential parts that can overheat and cause you hard-to-diagnose grief. If cooling your machine doesn't work, could be a power supply issue, they seem to die before the rest of the computer and sometimes do so slowly. Low power also causes erratic behavior.
Re: EPIA issues...
On Tue, Mar 07, 2006 at 08:39:04AM +0100, batou wrote: > > >hw.sensors.1=viaenv0, TSENS2, temp, 59.90 degC / 139.82 degF > > > >the top temp. I have seen for TSENS2 is 60.60 degC. > > > too hot for a long live ... > maybe, maybe not... $ sysctl hw.sensors hw.sensors.0=viaenv0, TSENS1, temp, 17.30 degC / 63.14 degF hw.sensors.1=viaenv0, TSENS2, temp, 63.70 degC / 146.66 degF hw.sensors.2=viaenv0, TSENS3, temp, 0.40 degC / 32.72 degF hw.sensors.3=viaenv0, FAN1, fanrpm, 6490 RPM hw.sensors.4=viaenv0, FAN2, fanrpm, 0 RPM hw.sensors.5=viaenv0, VSENS1, volts_dc, 2.47 V hw.sensors.6=viaenv0, VSENS2, volts_dc, 2.43 V hw.sensors.7=viaenv0, Vcore, volts_dc, 2.67 V hw.sensors.8=viaenv0, VSENS3, volts_dc, 5.45 V hw.sensors.9=viaenv0, VSENS4, volts_dc, 12.48 V that box has been running for over a year w/o problem (it has a fan though ;) jmc
Re: massive memory leak in 3.8-stable samba
Hi, Mitja: did you check the samba-logfiles? You could try to increase the loglevel and see, what smbd is doing. I always find these logfiles very helpful. Regards Stefan Kell > --- Urspr|ngliche Nachricht --- > Von: Per-Olov Sjvholm <[EMAIL PROTECTED]> > An: Mitja Mu>enih <[EMAIL PROTECTED]> > Kopie: misc@openbsd.org > Betreff: Re: massive memory leak in 3.8-stable samba > Datum: Mon, 6 Mar 2006 18:17:06 +0100 > > On Saturday 04 March 2006 10.59, you wrote: > > Hi! > > > > > > One of my production machines (3.8-stable) has suddenly started panicing > > every couple of hours. I found out that the culprit is smbd, eating > through > > memory like there's no tomorrow (approx. 10Mb / minute! ). Can't figure > > out what has triggered it, nothing changed on the machine lately and > there > > is only one active w2k client, writing a 2.5kB file every 15 seconds or > so. > > I'd be glad of any assistance, even pointing out any stupid mistakes I > have > > made, because this is driving me nuts. > > > > -- > > load averages: 0.42, 0.87, 1.71 > > 10:45:59 > > 23 processes: 22 idle, 1 on processor > > CPU states: 0.0% user, 0.0% nice, 0.0% system, 0.2% interrupt, 99.8% > > idle > > Memory: Real: 290M/338M act/tot Free: 160M Swap: 2372K/256M used/tot > > > > PID USERNAME PRI NICE SIZE RES STATEWAIT TIMECPU > COMMAND > > 30693 Guest 20 284M 284M sleepselect 0:24 0.44% smbd > > -- > > load averages: 0.28, 0.56, 1.35 > > 10:50:14 > > 23 processes: 22 idle, 1 on processor > > CPU states: 0.0% user, 0.0% nice, 0.0% system, 0.2% interrupt, 99.8% > > idle > > Memory: Real: 348M/397M act/tot Free: 101M Swap: 2372K/256M used/tot > > > > PID USERNAME PRI NICE SIZE RES STATEWAIT TIMECPU > COMMAND > > 30693 Guest 20 342M 342M sleepselect 0:29 1.03% smbd > > - > > > > # smbstatus > > Samba version 3.0.13 > > PID Username Group Machine > > --- > > Service pid machine Connected at > > --- > > MC 30693 x Sat Mar 4 10:23:13 2006 > > IPC$ 13147 x Sat Mar 4 10:41:57 2006 > > Locked files: > > PidDenyMode Access R/WOplock Name > > -- > > 30693 DENY_NONE 0x2019f RDWR EXCLUSIVE+BATCH > > /var/shared/AB/gdat/ini/G_dat.ini Sat Mar 4 10:43:59 2006 > > > > > > The kernel is (full dmesg at the end) > > > > OpenBSD 3.8-stable (GENERIC.RAID) #1: Sat Mar 4 01:45:40 CET 2006 > > [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.RAID > > > > (previously had a -stable built on Jan 3 2006, same symptoms) > > > > > > # pkg_info |grep samba > > samba-3.0.13p0 SMB and CIFS client and server for UNIX > > samba-docs-3.0.20b documentation and examples for samba > > > > (binary package from ftp.kd85.com, tried also to build it from ports and > > even MFC'd the latest version, 3.0.31b - no change) > > > > # cat /etc/samba/smb.conf > > [global] > > dos charset = CP852 > > workgroup = STIL > > server string = x > > map to guest = Bad User > > passdb backend = tdbsam > > passwd program = /usr/bin/passwd %u > > log file = /var/log/smbd.%m > > max log size = 50 > > mangle prefix = 6 > > add user script = useradd -d /var/empty -s /sbin/nologin %u > > add group script = groupadd '%g' > > add machine script = useradd -d /var/empty -s /sbin/nologin -g > > machines %u > > logon script = logon.bat > > logon path = \\%L\profile\%U\profile > > logon drive = z: > > logon home = \\%L\%U > > domain logons = Yes > > domain master = Yes > > dns proxy = No > > wins support = Yes > > ldap ssl = no > > load printers = no > > <..snip..> > > [AB] > > path = /var/shared/AB > > read only = No > > guest ok = Yes > > > > > > > > Regards, Mitja > > > > --- > > OpenBSD 3.8-stable (GENERIC.RAID) #1: Sat Mar 4 01:45:40 CET 2006 > > [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.RAID > > RTC BIOS diagnostic error 18 > > cpu0: Intel(R) Pentium(R) 4 CPU 3.20GHz ("GenuineIntel" 686-class) 3.20 > GHz > > cpu0: > > > FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFL > >U SH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWAIT,CNXT-ID > > real mem = 535883776 (523324K) > > avail mem = 481636352 (470348K) > > using 4278 buffers containing 26898432 bytes (26268K) of memory > > RTC BIOS diagnostic error 18 > > mainbus0 (root) > > bios0 at mainbus0: AT/286+(00) BIOS, date 01/15/04, BIOS32 rev. 0 @ > 0xffe90 > > apm0 at bios0: Power Management spec V1.2 > > apm0: AC on, battery charge unknown > > ap