Spamd on DMZ servers ?
Well i want to configure spamd to stop spam, but the mail server is in my DMZ & its a non openbsd system, so i was thinking will spamd work ? as i have an openbsd firewall which is "rdr" redirecting traffic to the internal mail server ? i hope you understood what i ment ? regards *:$., 88,.$:*(((*$ Stingray *:$., 88,.$:*((*$ Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: Kernel panic ... Unknown source ...
On 6/12/06, Jirtme Loyet <[EMAIL PROTECTED]> wrote: > Scott Plumlee wrote: > Anyone who hasn't seen a broken piece of HW that works fine > with X but not Y is new to the game. Anyone who trusts a HW > diagnostic to "give" > them the answer is really, really new to the game. > > By themselves, diagnostics are like a screwdriver: in the > hands of a knowledgeable person, very useful. In the hands > of an idiot, dangerous. > Without a brain engaged in their use and analysis of the > results, they are just an inert object. > > > The OP already answered his own question (and been told this > by others). > The machine has a buggy BIOS. > One version works, another doesn't. > > Why do you think there is more than one revision? Because > bugs were found. Odds are, those bugs were NOT found on > OpenBSD, they were probably found running Windows, maybe > Linux. OpenBSD *may* expose those bugs more clearly...but > odds are, if you use that same buggy BIOS with another OS, > you may learn to regret it. > > Would it be possible to "fix" OpenBSD to work around this > bug? Maybe. > Completely pointless and self-defeating, however. Fix it for > the buggy BIOS, you probably broke it for the "correct" > BIOSand now you have a chunk of code usable on precisely > one variant of one bad computer. The code will not be > properly maintained, and will probably do more bad than good > some day in the future, if not immediately. Sometimes buggy > hardware has to be worked around, because no fix is available > or possible from the manufacturer and there is a clear > benefit to adding "special case" code. When a proper fix IS > available from the vendor, it is usually preferable to use it > than to work around it. > > Hey, if this problem turns out to expose a true logic bug in > OpenBSD, go ahead, find it, show us, and get credit for the > fix. But if "everytime the panic is different", it sounds > like things are Just Plain Broke on the system, if a BIOS > upgrade fixes it, sounds like the hardware wasn't set up > properly, and the manufacturer figured that out, and FIXED > THE PROBLEM. But how to explain that ONLY OpenBSD and NetBSD are buggy. Thousand of machines are working fine with FreeBSD, many linux and even windows. Every machine is used in a different manner (streaming server, web server, mail server, cluster, and so on ...) which make me thought that's it's a net/open BSD problem. I'm maybe wrong ... But I don't understand why now ;) Because something [Open|Net]BSD does is triggering the bug, whereas it is either worked-around already on the other OSes you mentioned (fully possible, given their design philosophies), or they just don't happen to do whatever causes the problem. I think it would be enlightening to find out precisely what the problem is, but there are other enlightening problems that don't have such trivial(?) solutions available. Get the Bios upgraded (iirc, your hoster is being a jerk and refusing to do that, right? so be a squeeky wheel...) -Nick2
Re: Kernel panic ... Unknown source ...
> Scott Plumlee wrote: > > o?= wrote: > >> Hello, > >> > >> My OpenBSD 3.9-stable Box is quite unstable. I don't have physical > >> access to my box so I can't debug it directly. > >> I've recompiled a GENERIC kernel with DEBUG support and > set ddb.panic > >> to 0 in sysctl.conf so that it's rebooting automaticly. > But no kernel > >> dump is made after a kernel panic. I searched on the web without > >> finding a solution. > >> > >> Everytime the kernel panic is different. I tried the -current (and > >> also 3.8). The result is nearly the same: no more kernel > panics but > >> the system freeze but it's still responding to the ping. > > You totally lost me on that one. Something panicked, > something else didn't. > > However, "system freeze but still responds to ping" can also > be a memory exhaustion issue -- all RAM+swap got used, and > all tasks end up getting deadlocked waiting for additional > RAM to become available. The machine has 1Go of RAM and a swap of 512M, just bind, sshd and pf are running in the box. It's nearly the default install. > > >> > >> As I said before in another mail, this is NOT due to an > hardware failure. > >> Many SAME machines work perfectly. The only difference is the > >> revision of the bios (vcore updated and Pstate disabled). > I want to > >> find the source of the bug to correct it if I could. > > > > I'm still awfully new to *nix, but isn't saying that "it's not > > hardware just because other boxes like this don't fail" the same as > > "my car can't be out of gas because other cars of the same > model are > > still driving by me"? > > pretty darned close. > > > I can understand if you mean that it's not due to an > unsupported piece > > of hardware, in which case I would think the kernel panic > would be the > > same, but how do you know it's not bad of memory, > > disk, cables, processor, heatsink, fan, etc etc here>? > > Anyone who hasn't seen a broken piece of HW that works fine > with X but not Y is new to the game. Anyone who trusts a HW > diagnostic to "give" > them the answer is really, really new to the game. > > By themselves, diagnostics are like a screwdriver: in the > hands of a knowledgeable person, very useful. In the hands > of an idiot, dangerous. > Without a brain engaged in their use and analysis of the > results, they are just an inert object. > > > The OP already answered his own question (and been told this > by others). > The machine has a buggy BIOS. > One version works, another doesn't. > > Why do you think there is more than one revision? Because > bugs were found. Odds are, those bugs were NOT found on > OpenBSD, they were probably found running Windows, maybe > Linux. OpenBSD *may* expose those bugs more clearly...but > odds are, if you use that same buggy BIOS with another OS, > you may learn to regret it. > > Would it be possible to "fix" OpenBSD to work around this > bug? Maybe. > Completely pointless and self-defeating, however. Fix it for > the buggy BIOS, you probably broke it for the "correct" > BIOSand now you have a chunk of code usable on precisely > one variant of one bad computer. The code will not be > properly maintained, and will probably do more bad than good > some day in the future, if not immediately. Sometimes buggy > hardware has to be worked around, because no fix is available > or possible from the manufacturer and there is a clear > benefit to adding "special case" code. When a proper fix IS > available from the vendor, it is usually preferable to use it > than to work around it. > > Hey, if this problem turns out to expose a true logic bug in > OpenBSD, go ahead, find it, show us, and get credit for the > fix. But if "everytime the panic is different", it sounds > like things are Just Plain Broke on the system, if a BIOS > upgrade fixes it, sounds like the hardware wasn't set up > properly, and the manufacturer figured that out, and FIXED > THE PROBLEM. But how to explain that ONLY OpenBSD and NetBSD are buggy. Thousand of machines are working fine with FreeBSD, many linux and even windows. Every machine is used in a different manner (streaming server, web server, mail server, cluster, and so on ...) which make me thought that's it's a net/open BSD problem. I'm maybe wrong ... But I don't understand why now ;) ++ Jerome > > Nick. [demime 1.01d removed an attachment of type application/x-pkcs7-signature which had a name of smime.p7s]
Re: wikipedia article
On 6/12/06, Ted Unangst <[EMAIL PROTECTED]> wrote: On 6/11/06, Nikolas Britton <[EMAIL PROTECTED]> wrote: > > * IIRC NetBSD was a fork of FreeBSD that's an interesting theory when you consider that the first netbsd release came out 8 months before the first freebsd release. Yes as many others have noted, I cleary did not have my thinking cap on. Let me correct myself: NetBSD and FreeBSD both have deep roots in 4.3BSD NET/2, 386BSD, and 4.4BSD Lite. NetBSD is not a fork of FreeBSD but OpenBSD is a fork of NetBSD. DragonFly BSD is a fork of FreeBSD 4.x, etc. etc. With all the inbreeding it's hard to remember who's your daddy. :-) http://www.levenez.com/unix/history.html#08 http://www.svbug.com/historybsd2.html http://cisx1.uma.maine.edu/~wbackman/bsdtalk/bsdtalk018.mp3 http://cisx1.uma.maine.edu/~wbackman/bsdtalk/bsdtalk029.mp3 http://www.netbsd.org/Misc/history.html http://www.freebsd.org/handbook/history.html
Re: wikipedia article
On 6/11/06, Nikolas Britton <[EMAIL PROTECTED]> wrote: * IIRC NetBSD was a fork of FreeBSD that's an interesting theory when you consider that the first netbsd release came out 8 months before the first freebsd release.
Re: wikipedia article
On 6/11/06, Nikolas Britton <[EMAIL PROTECTED]> wrote: On 6/11/06, Hamorszky Balazs <[EMAIL PROTECTED]> wrote: > Hi! > > I'm looking for some help on an article on wikipedia. > http://en.wikipedia.org/wiki/Comparison_of_open_source_operating_systems > THX! > What kind of help are you looking for? For starters... * FreeBSD runs on more platforms then listed on that page. http://www.freebsd.org/platforms/ * IIRC NetBSD was a fork of FreeBSD, OpenBSD was a fork of NetBSD. * 4.10 is the oldest non EOL'd release of FreeBSD, although FreeBSD 2.2.9 was released Apr. 01 of this year so techinally it's the oldest non EOL'd release of FreeBSD. http://www.freebsd.org/releng/ http://lists.freebsd.org/pipermail/freebsd-announce/2006-April/001055.html * you need another cat. for UFS2, you only have UFS. You also don't list HFS, HFS+, and nullfs support. *FreeBSD supports Ext3 fs, IIRC read only. * You have no cat. for firewire support.
GDM & virtual terminals
All, I'm running OpenBSD 3.9 on my HP Omnibook 800CT 166. It's a bit underpowered for GUIs, so I'm turning it into an X-terminal using GDM 2.6.0.9 (the X-terminal server is running Linux GDM 2.14.0.1). I believe I've configured everything correctly, but one annoying aspect is that I can no longer get to the virtual terminals. Rather, I can get to the first one, but there's no response to the keyboard. So it's essentially dead. Everything else seems to work fine. I'm able to log in, log out, start applications. Haven't tested sound yet. One lockup due to Mozilla (on the X-terminal, not the X-terminal server). Is this expected behavior? It's very irritating, especially since I did not provide a way to log into my machine locally (my fault there :). And selecting "Disconnect" or forcing a restart of GDM/X via Ctrl-Alt-Backspace merely restarts the server. I'm currently waiting to see if pulling the ethernet cable causes X to die permanently after killing X via Ctrl-Alt-Backspace. If not, time to pull the power cord and pop the battery :(. Any other options? Thanks in advance! -- Michael White "To protect people from the effects of folly is to fill the world with fools." -Herbert Spencer
Re: wikipedia article
On 6/11/06, Hamorszky Balazs <[EMAIL PROTECTED]> wrote: Hi! I'm looking for some help on an article on wikipedia. http://en.wikipedia.org/wiki/Comparison_of_open_source_operating_systems THX! What kind of help are you looking for? -- BSD Podcasts @: http://bsdtalk.blogspot.com/ http://freebsdforall.blogspot.com/
Re: Weird sizes in df output
> I thought maybe something's corrupt, and so tried doing an "fsck -f > /dev/wd0g". I get the following: > > ** /dev/rwd0g > ** File system is already clean > cannot alloc 4294966956 bytes for inphead > > I figure doing an fsck might set things right, but the above error stops me. > > The partition sizes show up fine under NetBSD btw. I even tried doing > an "fsck -f" from NetBSD in single user mode, it said everything's > fine. =/ various bsds have changed the superblock over time. they are no longer the same. running fsck on a different filesystem is a good way to break it. Eeps! So even between the 3 Free/Net/OpenBSD's there are differences in the superblocks eh? Going thru the list archives[1] I found a thread where the user has a similar problem. Though, in that case, the user was running 3.8-CURRENT and upgrading to a newer kernel solved the problem. -- NetBSD/i386 3.0 + pkgsrc-current | OpenBSD/i386 3.9
Spamd greytrapping mistaken identity. Bug?
Last night I set up greytrapping entries in spamd for the first time. This morning I could see greytrapped entries in the output of spamdb so I decided to try the experience of being a (pseudo) spammer against my own network. Here is a capture of an attempt to send mail from another location to one of the greytrap addresses after a previous unremarkable attempt on the same address so that it would qualify: 8>< snip $ telnet mail.witworx.com 25 Trying 218.214.194.115... Connected to mail.witworx.com. Escape character is '^]'. 220 puffy.witworx.com ESMTP spamd IP-based SPAM blocker; Mon Jun 12 09:45:04 2006 helo testliner.au 250 Hello, spam sender. Pleased to be wasting your time. mail from:<[EMAIL PROTECTED]> 250 You are about to try to deliver spam. Your time will be spent, for nothing. rcpt to:<[EMAIL PROTECTED]> 250 This is hurting you more than it is hurting me. data 354 Enter spam, end with "." on a line by itself Boo Hoo . 450-Your address 125.240.236.70 has mailed to spamtraps here 450 Connection closed by foreign host. 8>< end snip Well that's all just dandy - except for one thing. My remote test origin was not in Korea. Here are the logs from spamd for the period of the test: === Jun 12 09:49:29 puffy spamd[5688]: 125.240.236.70: connected (3/2), lists: korea Jun 12 09:49:44 puffy spamd[5688]: (BLACK) 218.214.111.178: <[EMAIL PROTECTED]> -> <[EMAIL PROTECTED]> Jun 12 09:50:23 puffy spamd[5688]: 125.240.236.70: disconnected after 54 seconds. lists: korea Jun 12 09:52:55 puffy spamd[5688]: 218.214.111.178: disconnected after 471 seconds. lists: spamd-greytrap === Sure enough I was trying from 218.214.111.178 but spamd told me that I was from 125.240.236.70. Looks like a buglet to me. Rod/ >From the land "down under": Australia. Do we look from up over? Do NOT CC me - I am subscribed to the list. Replies to the sender address will fail except from the list-server.
Re: Kernel panic ... Unknown source ...
Scott Plumlee wrote: o?= wrote: Hello, My OpenBSD 3.9-stable Box is quite unstable. I don't have physical access to my box so I can't debug it directly. I've recompiled a GENERIC kernel with DEBUG support and set ddb.panic to 0 in sysctl.conf so that it's rebooting automaticly. But no kernel dump is made after a kernel panic. I searched on the web without finding a solution. Everytime the kernel panic is different. I tried the -current (and also 3.8). The result is nearly the same: no more kernel panics but the system freeze but it's still responding to the ping. You totally lost me on that one. Something panicked, something else didn't. However, "system freeze but still responds to ping" can also be a memory exhaustion issue -- all RAM+swap got used, and all tasks end up getting deadlocked waiting for additional RAM to become available. As I said before in another mail, this is NOT due to an hardware failure. Many SAME machines work perfectly. The only difference is the revision of the bios (vcore updated and Pstate disabled). I want to find the source of the bug to correct it if I could. I'm still awfully new to *nix, but isn't saying that "it's not hardware just because other boxes like this don't fail" the same as "my car can't be out of gas because other cars of the same model are still driving by me"? pretty darned close. I can understand if you mean that it's not due to an unsupported piece of hardware, in which case I would think the kernel panic would be the same, but how do you know it's not bad disk, cables, processor, heatsink, fan, etc etc here>? Anyone who hasn't seen a broken piece of HW that works fine with X but not Y is new to the game. Anyone who trusts a HW diagnostic to "give" them the answer is really, really new to the game. By themselves, diagnostics are like a screwdriver: in the hands of a knowledgeable person, very useful. In the hands of an idiot, dangerous. Without a brain engaged in their use and analysis of the results, they are just an inert object. The OP already answered his own question (and been told this by others). The machine has a buggy BIOS. One version works, another doesn't. Why do you think there is more than one revision? Because bugs were found. Odds are, those bugs were NOT found on OpenBSD, they were probably found running Windows, maybe Linux. OpenBSD *may* expose those bugs more clearly...but odds are, if you use that same buggy BIOS with another OS, you may learn to regret it. Would it be possible to "fix" OpenBSD to work around this bug? Maybe. Completely pointless and self-defeating, however. Fix it for the buggy BIOS, you probably broke it for the "correct" BIOSand now you have a chunk of code usable on precisely one variant of one bad computer. The code will not be properly maintained, and will probably do more bad than good some day in the future, if not immediately. Sometimes buggy hardware has to be worked around, because no fix is available or possible from the manufacturer and there is a clear benefit to adding "special case" code. When a proper fix IS available from the vendor, it is usually preferable to use it than to work around it. Hey, if this problem turns out to expose a true logic bug in OpenBSD, go ahead, find it, show us, and get credit for the fix. But if "everytime the panic is different", it sounds like things are Just Plain Broke on the system, if a BIOS upgrade fixes it, sounds like the hardware wasn't set up properly, and the manufacturer figured that out, and FIXED THE PROBLEM. Nick.
Re: Weird sizes in df output
On 6/11/06, Rakhesh Sasidharan <[EMAIL PROTECTED]> wrote: /dev/wd0g 4786774 4294886268 4628464 188894%/mnt/nbsd Any ideas why /dev/wd0g is showing up with that weird capacity and sizes? Here's the relevant entry for it from my disklabel: g: 9724176 21430710 4.2BSD 2048 16384 27968 # Cyl 21260*- 30907* The file system is fine -- I can do "ls -al /mnt/nbsd" and it gives me all the files. Its my NetBSD root partition, and was formatted through that. I thought maybe something's corrupt, and so tried doing an "fsck -f /dev/wd0g". I get the following: ** /dev/rwd0g ** File system is already clean cannot alloc 4294966956 bytes for inphead I figure doing an fsck might set things right, but the above error stops me. The partition sizes show up fine under NetBSD btw. I even tried doing an "fsck -f" from NetBSD in single user mode, it said everything's fine. =/ various bsds have changed the superblock over time. they are no longer the same. running fsck on a different filesystem is a good way to break it.
Re: wikipedia article
On 6/11/06, Hamorszky Balazs <[EMAIL PROTECTED]> wrote: Hi! I'm looking for some help on an article on wikipedia. http://en.wikipedia.org/wiki/Comparison_of_open_source_operating_systems THX! where can i download openbsd ia-64? lighttpd is the only other web server that runs on openbsd? is there a reason rtl8139 support is more important than gigabit ethernet?
Re: b/g wifi card on wi list?
> Do you trust *any* wireless media to be such a substitute? In the right circumstances you can make quiet, insensitive, reliable point to point links.
Re: Kernel panic ... Unknown source ...
o?= wrote: Hello, My OpenBSD 3.9-stable Box is quite unstable. I don't have physical access to my box so I can't debug it directly. I've recompiled a GENERIC kernel with DEBUG support and set ddb.panic to 0 in sysctl.conf so that it's rebooting automaticly. But no kernel dump is made after a kernel panic. I searched on the web without finding a solution. Everytime the kernel panic is different. I tried the -current (and also 3.8). The result is nearly the same: no more kernel panics but the system freeze but it's still responding to the ping. As I said before in another mail, this is NOT due to an hardware failure. Many SAME machines work perfectly. The only difference is the revision of the bios (vcore updated and Pstate disabled). I want to find the source of the bug to correct it if I could. I'm still awfully new to *nix, but isn't saying that "it's not hardware just because other boxes like this don't fail" the same as "my car can't be out of gas because other cars of the same model are still driving by me"? I can understand if you mean that it's not due to an unsupported piece of hardware, in which case I would think the kernel panic would be the same, but how do you know it's not bad disk, cables, processor, heatsink, fan, etc etc here>? But again, I'm awfully new so I'll just follow the thread and see what happens.
Kernel panic ... Unknown source ...
Hello, My OpenBSD 3.9-stable Box is quite unstable. I don't have physical access to my box so I can't debug it directly. I've recompiled a GENERIC kernel with DEBUG support and set ddb.panic to 0 in sysctl.conf so that it's rebooting automaticly. But no kernel dump is made after a kernel panic. I searched on the web without finding a solution. Everytime the kernel panic is different. I tried the -current (and also 3.8). The result is nearly the same: no more kernel panics but the system freeze but it's still responding to the ping. As I said before in another mail, this is NOT due to an hardware failure. Many SAME machines work perfectly. The only difference is the revision of the bios (vcore updated and Pstate disabled). I want to find the source of the bug to correct it if I could. Can you help me on this I'm quite lost. Thanks a lot, ++ Jerome Here are 3 differents kernel panics (from dmesg): PANIC #1 panic: lockmgr: sleep/spin mismatch Starting stack trace... panic(e8efa4f4,cfbce344,e8f00e10,e8ef7000,cfbce344) at panic+0x85 panic(d03022f4,d015c495,8,216,0) at panic+0x85 lockmgr(cfbcae50,e8ef7000,4000,1,0) at lockmgr+0xbb uiomove(e8ef7000,4000,e8f00e98,e8f00e98) at uiomove+0x10e pipe_write(d77c9544,d77c9560,e8f00e98,d7973230) at pipe_write+0x179 dofilewrite(d77e5b48,7,d77c9544,cfbcae50,4000) at dofilewrite+0x6f sys_write(d77e5b48,e8f00f68,e8f00f58,cfbcee50,d77e5b48) at sys_write+0x4b syscall() at syscall+0x322 --- syscall (number 4) --- 0xa9cd9d9: End of stack trace. syncing disks... 34 34 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 * PANIC #2 dev = 0xad5ebb93, bsize = 0, size = -2048899701, fs = panic: ffs_blkfree: bad size Starting stack trace... panic(3ffe,d71d4edd,e8f00d0c,3ffe,d71d4edd) at panic+0x85 panic(d0315a57,d1421b00,d14215c0,d952cc02,e8f00cdc) at panic+0x85 ffs_blkfree(d952a002,3ffe,85e0458b,d1499200,0) at ffs_blkfree+0x5d ffs_truncate(d952a002,87195048,3ffe,0,d1499200) at ffs_truncate+0x15ef uiomove(d952a002,3ffe,e8f00e98,4000) at uiomove+0xfe ffs_read(e8f00e18,10b2fbe,e8f00e40,d0194620,d0343760) at ffs_read+0x2a4 VOP_READ(d782f270,e8f00e98,0,d7973230,e8f00ea8) at VOP_READ+0x34 vn_read(d77ba6c4,d77ba6e0,e8f00e98,d7973230) at vn_read+0x76 dofileread(d77e1b48,6,d77ba6c4,87195048,4000) at dofileread+0x6e sys_read(d77e1b48,e8f00f68,e8f00f58,82de4000,d77e1b48) at sys_read+0x4b syscall() at syscall+0x322 --- syscall (number 3) --- 0xd84f0b9: End of stack trace. syncing disks... 6 6 ** PANIC #3 panic: pool_put: namei: page header missing Starting stack trace... panic(0,0,d147c0a8,d037a800,0) at panic+0x85 panic(d03049a0,d0301dc5,10,10,0) at panic+0x85 pool_do_put(d037a800,0,400,e8f16018,0) at pool_do_put+0x17c namei(e8f16000,3c00c0c0,4000,0,448c5beb) at namei+0xb6 uiomove(e8f16000,4000,e8f14e98,fc00) at uiomove+0xfe pipe_read(d77c6394,d77c63b0,e8f14e98,d7973280) at pipe_read+0x7d dofileread(d7721174,5,d77c6394,3c00c0c0,fc00) at dofileread+0x6e sys_read(d7721174,e8f14f68,e8f14f58,fc00,d797) at sys_read+0x4b syscall() at syscall+0x322 --- syscall (number 3) --- 0x1c00e60d: End of stack trace. syncing disks... 5 4 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 Here is my Dmesg: OpenBSD 3.9 (GENERIC) #617: Thu Mar 2 02:26:48 MST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: VIA Esther processor 2000MHz ("CentaurHauls" 686-class) 2 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,CMOV,PAT,CFLUSH,ACPI,MM X,FXSR,SSE,SSE2,TM,SBF,SSE3,EST,TM2 cpu0: RNG AES AES-CTR SHA1 SHA256 RSA real mem = 1056481280 (1031720K) avail mem = 957259776 (934824K) using 4278 buffers containing 52928512 bytes (51688K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(b3) BIOS, date 02/21/06, BIOS32 rev. 0 @ 0xf9350 apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown apm0: flags 70102 dobusy 1 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xf/0xc4e4 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfc440/160 (8 entries) pcibios0: bad IRQ table checksum pcibios0: PCI BIOS has 8 Interrupt Routing table entries pcibios0: PCI Exclusive IRQs: 5 10 11 pcibios0: PCI Interrupt Router at 000:17:0 ("VIA VT8237 ISA" rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0xfc00 0xd/0x1000 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 vendor "VIA", unknown product 0x0314 rev 0x00 pchb1 at pci0 dev 0 function 1 vendor "VIA", unknown product 0x1314 rev 0x00 pchb2 at pci0 dev 0 function 2 vendor "VIA", unknown product 0x2314 rev 0x00 pchb3 at pci0 dev 0 function 3 "VIA PT890 Host" rev 0x00 pchb4 at pci0 dev 0 function 4 vendor "VIA", unknown product 0x4314 rev 0x00 pchb5 at pci0 dev 0 function 7 vendor "VIA", unknown product 0x7314 rev 0x00 ppb0 at pci0 dev 1 function 0 "VIA VT8377 PCI-PCI" rev 0x00 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 vendor "VIA", unknown product 0x3344 rev 0x01: aperture at 0xf400, size 0x1000
Re: wikipedia article
ok. i won't tell you :) but i'm pleased to hear your opinion. Thanks! knitti wrote: On 6/11/06, Hamorszky Balazs <[EMAIL PROTECTED]> wrote: I'm looking for some help on an article on wikipedia. http://en.wikipedia.org/wiki/Comparison_of_open_source_operating_systems I think this is an exercise in futility, for staying up-to-date, for trying to be unbiased and non-arbitrary. what qualifies a driver to be called "official"? i'd say, it should _at least_ be supportable by the system developers. also there are other companies who produce binary blobs, which aren't listened. and there is a multitude of drivers for most of the os' which aren't listed. what entitles an architecture to deserve a "row" in the table? e.g. "cell" clearly qualifies as "other" in my book, being only supported by linux, but "vax" should deserve a row, both because more than one os support it and there exist quite some instllations around, more than a few dev-kits. the same with file systems (e.g. zfs, reiser4) (...rest of rant deleted, it's already off topic...) oh, and don't tell me i shall participate. --knitti
Re: wikipedia article
On 6/11/06, Hamorszky Balazs <[EMAIL PROTECTED]> wrote: I'm looking for some help on an article on wikipedia. http://en.wikipedia.org/wiki/Comparison_of_open_source_operating_systems I think this is an exercise in futility, for staying up-to-date, for trying to be unbiased and non-arbitrary. what qualifies a driver to be called "official"? i'd say, it should _at least_ be supportable by the system developers. also there are other companies who produce binary blobs, which aren't listened. and there is a multitude of drivers for most of the os' which aren't listed. what entitles an architecture to deserve a "row" in the table? e.g. "cell" clearly qualifies as "other" in my book, being only supported by linux, but "vax" should deserve a row, both because more than one os support it and there exist quite some instllations around, more than a few dev-kits. the same with file systems (e.g. zfs, reiser4) (...rest of rant deleted, it's already off topic...) oh, and don't tell me i shall participate. --knitti
Re: Filesystem using tags, not folders?
On 11/06/06, Ingo Schwarze <[EMAIL PROTECTED]> wrote: mal content wrote on Sun, Jun 11, 2006 at 07:55:30PM +0100: > On 11/06/06, Ingo Schwarze <[EMAIL PROTECTED]> wrote: >> http://del.icio.us/help/tags > Seems to me that this would just be a simple manager interface > built over the existing filesystem. No need to change the filesystem, > just maintain a database of pointers to files using tags as search > keys. About any bloody app out there in userland relies on open(2), rename(2), unlink(2) and friends. Thus, either tamper with syscall stubs in libc - see /usr/src/lib/libc/sys/Makefile.inc for details - or rewrite userland or be content with a locate(1) quality database. Not exactly what i might call "just" and "simple". Regarding myself, _I_ do not feel fit to build a new world right now. At the very least, i think i ought to spend some more time understanding the one that we already have, first. I wasn't talking about replacing or modifying any system calls at all. I am also perfectly content with the current UNIX filesystem. What I was saying is that this seems to be a job for a high level userland application that maintains a database - not a kernel filesystem. MC
Re: Default PF policy
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joco Salvatti wrote: > Hi all, > > I have a OpenBSD 3.9 machine acting as a firewall. It has two network > interface cards, one connected to my local network and the other one > connected to Internet. My default policy is blocking all traffic using > > block all > > I don't want anyone from my local network to connect to MSN and P2P > programs, so I haven't created any rule to permit those kind of > packet traffic. But I'm facing a lot of problems due to this, because > I have to specify packets that should pass through my internal and external > interfaces. I'd like any ideas or tips from PF gurus about how to > improve my firewall policies. I have an idea: allow everything at my > internal NIC and block all at my external NIC, so all I had to do was > specifying allowed incoming and outcomming traffics only at my external > NIC. But I'll be waiting for (better) proposals. > > By now thanks for the time spent reading with this e-mail. > You can approach this several different ways. If going the route where you plan to pass all traffic in the internal interface, use the 'skip' option: set skip on $if_int If you want to allow access out for certain ports, create a macro to store the list of ports you want to allow, then use that macro in your filters. This makes maintenance easy because you can add/remove tcp/udp ports as needed. If you need to restrict access on a per host/port basis, you will need separate rules for each designated host. # MACROS lan_tcp_out = "{ 22, 25, 80, 443 }" lan_udp_out = "{ 53, 123 }" # TABLES table const { 2/8, 5/8, 7/8, ... } # FILTERS pass out on $if_ext inet proto tcp from $net_int to ! \ port $lan_tcp_out modulate state flags S/SA pass out on $if_ext inet proto udp from $net_int to ! \ port $lan_udp_out keep state In the snippets above, I use the table to store certain bogon nets. See http://www.completewhois.com/bogons/ for a list of current bogon nets. Instructions on automating the load of this data is available on http://www.completewhois.com/bogons/bogons_usage.htm. If you want to not allow all traffic from the internal network, you can extend the above snippet to handle the traffic from your lan to your router: # MACROS lan_tcp_out = "{ 22, 25, 80, 443 }" lan_udp_out = "{ 53, 123 }" # TABLES table { 0/8, 10/8, 20.20.20.0/24, 127/8, \ 169.254/16, 172.16/12, 192.0.2/24, 192.168/16, 224/3, \ 255.255.255.255/32 } table const { 0/8, 10/8, 20.20.20.0/24, 127/8, \ 169.254/16, 172.16/12, 192.0.2/24, 192.168/16, 224/3, \ 255.255.255.255/32 } table const { !, ! } # FILTERS pass in on $if_int inet proto tcp from $net_int to \ port $lan_tcp_out keep state pass out on $if_ext inet proto tcp from $net_int to \ port $lan_tcp_out modulate state flags S/SA pass in on $if_int inet proto udp from $net_int to \ port $lan_udp_out keep state pass out on $if_ext inet proto udp from $net_int to \ port $lan_udp_out keep state I just typed those up, so there may be inaccuracies. Hopefully you get the idea behind the structure. Axton Grams iD8DBQFEjHZG2VxhVxhm8jIRAgT/AJ9DeGvQ56qK4H2coasV4X3zMzJ/2gCgqUni 5PowDKgZC+VscKI4R5RHFmE= =hwvS -END PGP SIGNATURE-
Re: Default PF policy
Joco Salvatti wrote: [ ... cut ... ] But I'm facing a lot of problems due to this, because I have to specify packets that should pass through my internal and external interfaces. I'd like any ideas or tips from PF gurus about how to improve my firewall policies. I have an idea: allow everything at my internal NIC and block all at my external NIC, so all I had to do was specifying allowed incoming and outcomming traffics only at my external NIC. But I'll be waiting for (better) proposals. Joel Knight et al., put a significant effort in creating special section for PF[*] in the official FAQ. If you happen to look at it, "Policy Filtering" via tags can be a time saver in many complicated and multi interface setups. (*): http://www.openbsd.org/faq/pf/tagging.html Regards, bdd
Re: Filesystem using tags, not folders?
mal content wrote on Sun, Jun 11, 2006 at 07:55:30PM +0100: > On 11/06/06, Ingo Schwarze <[EMAIL PROTECTED]> wrote: >> http://del.icio.us/help/tags > Seems to me that this would just be a simple manager interface > built over the existing filesystem. No need to change the filesystem, > just maintain a database of pointers to files using tags as search > keys. About any bloody app out there in userland relies on open(2), rename(2), unlink(2) and friends. Thus, either tamper with syscall stubs in libc - see /usr/src/lib/libc/sys/Makefile.inc for details - or rewrite userland or be content with a locate(1) quality database. Not exactly what i might call "just" and "simple". Regarding myself, _I_ do not feel fit to build a new world right now. At the very least, i think i ought to spend some more time understanding the one that we already have, first. Back to lurking, Ingo -- [EMAIL PROTECTED] $ find /usr/src/usr.bin -name '*.c' \ > -exec grep -qF 'unlink(' {} \; -print | wc -l 75
Default PF policy
Hi all, I have a OpenBSD 3.9 machine acting as a firewall. It has two network interface cards, one connected to my local network and the other one connected to Internet. My default policy is blocking all traffic using block all I don't want anyone from my local network to connect to MSN and P2P programs, so I haven't created any rule to permit those kind of packet traffic. But I'm facing a lot of problems due to this, because I have to specify packets that should pass through my internal and external interfaces. I'd like any ideas or tips from PF gurus about how to improve my firewall policies. I have an idea: allow everything at my internal NIC and block all at my external NIC, so all I had to do was specifying allowed incoming and outcomming traffics only at my external NIC. But I'll be waiting for (better) proposals. By now thanks for the time spent reading with this e-mail. -- Joco Salvatti Undergraduating in Computer Science Federal University of Para - UFPA web: http://www.openbsd-pa.org e-mail: [EMAIL PROTECTED]
Re: Filesystem using tags, not folders?
On 9 June 2006, Kyrre Nygard <[EMAIL PROTECTED]> wrote: > Hello! > > Just a wild thought here ... > > After noticing how much simpler it is using tags, for instance with my > bookmarks at http://del.icio.us -- compared to hours of frustration > trying find the right combination of folders and sub folders in my > Firefox' bookmarks.html, I was wondering if the same approach could > be used to arrange the UNIX filesystem hierarchy, from the root and > up. This is just a radical thought, not yet an idea even -- but if > somebody would be willing to think with me -- maybe we could make a > big change. If all you want is some kind of file organizer for human use, you don't need a new filesystem. Just start a web server on localhost and install a small wiki. You get tags, links, permissions, text notes associated to nodes, and a lot more. You can also publish everything on Internet should you need it. If OTOH you want to extend this model to the entire system, you'll need a lot more than a new kind of filesystem. Also, as somebody else pointed out, UNIX is probably not the right place to start. Perhaps you should look at plan9 / inferno first. Regards, Liviu Daia -- Dr. Liviu Daia http://www.imar.ro/~daia
Re: Filesystem using tags, not folders?
On 11/06/06, Ingo Schwarze <[EMAIL PROTECTED]> wrote: http://del.icio.us/help/tags Seems to me that this would just be a simple manager interface built over the existing filesystem. No need to change the filesystem, just maintain a database of pointers to files using tags as search keys. MC
Re: Filesystem using tags, not folders?
mal content wrote Sun, Jun 11, 2006 at 07:27:38PM +0100: > On 09/06/06, Kyrre Nygard <[EMAIL PROTECTED]> wrote: >> After noticing how much simpler it is using tags, for instance >> with my bookmarks at http://del.icio.us -- compared to hours of >> frustration trying find the right combination of folders and >> sub folders in my Firefox' bookmarks.html, I was wondering >> if the same approach could be used to arrange the UNIX filesystem >> hierarchy, from the root and up. First point: Whatever might result would not be UNIX any more. Try `man 2 mkdir | grep POSIX`. More importantly, dirs form a hierarchy, tags don't. Think about $HOME, $PATH and directory permissions. Try `man mount | grep nosuid`. Try `man 8 chroot`. Try... >> This is just a radical thought, not yet an idea even -- >> but if somebody would be willing to think >> with me -- maybe we could make a big change. Possibly, but this appears to be wildly off topic on this list. > Can you elaborate? I don't really understand. http://del.icio.us/help/tags
Re: Filesystem using tags, not folders?
On 6/9/06, Kyrre Nygard <[EMAIL PROTECTED]> wrote: Hello! Just a wild thought here ... After noticing how much simpler it is using tags, for instance with my bookmarks at http://del.icio.us -- compared to hours of frustration trying find the right combination of folders and sub folders in my Firefox' bookmarks.html, I was wondering if the same approach could be used to arrange the UNIX filesystem hierarchy, from the root and up. This is just a radical thought, not yet an idea even -- but if somebody would be willing to think with me -- maybe we could make a big change. All the best, Kyrre I have been thinking the same for a while now and I'd be interested in discussing it further. I don't think the proper thing to do is to trash FFS though, like Apple decided to do. I was thinking, perhaps a manager that tags files by hardlinking them into different folders (is it possible to hardlink directories too?). Let's discuss this offlist and invite anyone else who's interested too. -Nick
Re: Filesystem using tags, not folders?
On 09/06/06, Kyrre Nygard <[EMAIL PROTECTED]> wrote: Hello! Just a wild thought here ... After noticing how much simpler it is using tags, for instance with my bookmarks at http://del.icio.us -- compared to hours of frustration trying find the right combination of folders and sub folders in my Firefox' bookmarks.html, I was wondering if the same approach could be used to arrange the UNIX filesystem hierarchy, from the root and up. This is just a radical thought, not yet an idea even -- but if somebody would be willing to think with me -- maybe we could make a big change. Can you elaborate? I don't really understand. MC
Filesystem using tags, not folders?
Hello! Just a wild thought here ... After noticing how much simpler it is using tags, for instance with my bookmarks at http://del.icio.us -- compared to hours of frustration trying find the right combination of folders and sub folders in my Firefox' bookmarks.html, I was wondering if the same approach could be used to arrange the UNIX filesystem hierarchy, from the root and up. This is just a radical thought, not yet an idea even -- but if somebody would be willing to think with me -- maybe we could make a big change. All the best, Kyrre
wikipedia article
Hi! I'm looking for some help on an article on wikipedia. http://en.wikipedia.org/wiki/Comparison_of_open_source_operating_systems THX!
Kernel crash in -current of yesterday
As I have some lockups of the PC, someone suggested me to upgrade to -current. I download the current snapshot of a couple hours ago and made an upgrade. At the following reboot the system crashed! It seems that there were two problems. First there were the following blue texts: spec_open_clone(): cloning device (23, 0) for pid 28994 spec_open_clone(): new minor for cloned device is 1 And a couple lines later in the "rc" output there was the following blue text (warning: I copied it by hand): uvm_fault(0xfe8013033c18, 0x0, 0, 1) -> e kernel: page fault trap, code=0 stopped at ffs_sync_vnode +0x25: testb $0xf,0x20(%rax) And here is the output of trace (again, copied by hand): ffs_sync_vnode() AT ffs_sync_vnode + 0x25 ufs_mount_foreach_vnode() AT ufs_mount_foreach_vnode + 0x32 ffs_sync() AT ffs_sync + 0x74 sys_sync() AT sys_sync + 0x97 syscall() AT syscall + 0x225 --- syscall (number 36) --- end of kernel end of trace frame: 0x503941a8, count: -5 Bye. -- ___ __ |- [EMAIL PROTECTED] |ederico Giannici http://www.neomedia.it ___
Re: popular mail & squid virus scanning technique for openbsd
On Mon, Jun 05, 2006 at 12:33:23PM +0530, Siju George wrote: > > It would be great if people can recommend which is the best software > from packages/ports if I have to install any. i am using smtp-vilter on the external MTA, which interacts with spamd/clamd running on another machine on the LAN. had to recompile sendmail with WANT_LIBMILTER=YES (/etc/mk.conf). -- jared [ openbsd 3.9-current GENERIC ( may 1 ) // i386 ]
Weird sizes in df output
Hi, Check out this "df" output: Filesystem 1K-blocks Used Avail Capacity Mounted on /dev/wd0g 4786774 4294886268 4628464 188894%/mnt/nbsd Any ideas why /dev/wd0g is showing up with that weird capacity and sizes? Here's the relevant entry for it from my disklabel: g: 9724176 21430710 4.2BSD 2048 16384 27968 # Cyl 21260*- 30907* The file system is fine -- I can do "ls -al /mnt/nbsd" and it gives me all the files. Its my NetBSD root partition, and was formatted through that. I thought maybe something's corrupt, and so tried doing an "fsck -f /dev/wd0g". I get the following: ** /dev/rwd0g ** File system is already clean cannot alloc 4294966956 bytes for inphead I figure doing an fsck might set things right, but the above error stops me. The partition sizes show up fine under NetBSD btw. I even tried doing an "fsck -f" from NetBSD in single user mode, it said everything's fine. =/ Thanks, Rakhesh -- NetBSD/i386 3.0 + pkgsrc-current | OpenBSD/i386 3.9 http://search.gmane.org/?query=&group=gmane.os.netbsd.* (netbsd archives) http://search.gmane.org/?query=&group=gmane.os.openbsd.* (openbsd archives) http://man.netbsd.org/ | http://www.openbsd.org/cgi-bin/man.cgi (manpages)
smtp-gated alternative for OpenBSD
Hi all, I'm trying to find a fully transparent smtp proxy for outgoing mails from NATed hosts behind my firewall (smtp proxy will run on this firewall). smtp-gated of FreeBSD seems like an exact match. What is the equivalent of smtp-gated for OpenBSD? I tried to google too, but failed to find something similar. I would appreciate any help, Soner