Re: OpenWebMail (package)

[Rob Baldassano]

Thank you everyone. 
  Good meaningful suggestions from all. ...
   
  I got OpenWebMail installed, and am in the process of reading through what I 
need to do to configure it for use. Thanks again everyone. 
   
  --Rob

Marcus Barczak <[EMAIL PROTECTED]> wrote:
  On 21/07/2006, at 2:28 PM, Rob Baldassano wrote:

> The error is:
> openwembail-2.51:Can't find p5-Compress-Zlib-1.35:Fatal error
> I looked through the pkg_info results on openwebmail, and 
> couldn't find any dependencies.

That's a Perl 5 module Compress::Zlib. You should find it in /usr/ 
ports/devel or something along those lines. Install that then try 
openwebmail again.

Cheers,
Marcus



- 
 
Eirik Goransson / Rob Baldassano
Member, Barony of Endless Hills; 
House Odlahorde; 
Viking & All around Good Egg ; 
VROC #5029 (Tigger)
come visit http://www.dracowolf.com 
Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls.  Great rates 
starting at 1"/min.

Re: OpenWebMail (package)

[Marcus Barczak]

On 21/07/2006, at 2:28 PM, Rob Baldassano wrote:


  The error is:
  openwembail-2.51:Can't find p5-Compress-Zlib-1.35:Fatal error
  I looked through the pkg_info results on openwebmail, and  
couldn't find any dependencies.


That's a Perl 5 module Compress::Zlib.  You should find it in /usr/ 
ports/devel or something along those lines.  Install that then try  
openwebmail again.


Cheers,
Marcus

Re: OpenWebMail (package)

[Rob Baldassano]

Thanks Vijay, 
  That's what I needed, was the memory jog (or was that a memory flush?) to 
remind me how to check the dependencies. 
   
  I've got the list now (looks like 9 dependencies)
  so I'll start with those :D
   
  --Rob

Vijay Sankar <[EMAIL PROTECTED]> wrote:
  Did you just download the openwebmail-2.51.tgz package or were all the
dependent packages downloaded? You may want to either do a pkg_add -v
http:///openwebmail-2.51.tgz so that all dependencies are
downloaded and installed as well. Or if you prefer to have all the
packages locally available you may want to download each of the
dependencies and keep them in the same directory as the openwebmail
package.

Possibly there are better ways of doing this, but I usually do a pkg_add
-vn uri-of-package and see what additional packages are required, then
download all of those and then do the installation.

HTH,

Vijay



On Thu, 2006-20-07 at 16:06 -0700, Rob Baldassano wrote:
> Hi everyone, sorry for the bandwidth. 
> 
> I am in the process of looking for a web mail application, and came across 
> the (3.8 release) package for openwebmail (yes I know I need to finish 
> getting upgraded to 3.9 -- I'm getting there). 
> 
> However, when I tried to install the package, the system gave an error 
> message about not finding a library. Forgive me I don't have the error handy 
> at the moment but it was a P5 (something about compression) lib. 
> 
> Does anyone know if this is fixed in the 3.9 release? 
> If so, COOL. 
> If Not, any suggestions for getting around this issue? 
> 
> --Rob (starting to come up to speed)
> 
> 
> - 
>  
> Eirik Goransson / Rob Baldassano
> Member, Barony of Endless Hills; 
> House Odlahorde; 
> Viking & All around Good Egg ; 
> VROC #5029 (Tigger)
> come visit http://www.dracowolf.com 
> Do you Yahoo!?
> Get on board. You're invited to try the new Yahoo! Mail Beta.
> 
-- 
Vijay Sankar, M.Eng., P.Eng.
ForeTell Technologies Limited
59 Flamingo Avenue, Winnipeg, MB, Canada R3J 0X6
Phone: 204 885 9535, E-Mail: [EMAIL PROTECTED]




- 
 
Eirik Goransson / Rob Baldassano
Member, Barony of Endless Hills; 
House Odlahorde; 
Viking & All around Good Egg ; 
VROC #5029 (Tigger)
come visit http://www.dracowolf.com 
Yahoo! Messenger with Voice. Make PC-to-Phone Calls to the US (and 30+ 
countries) for 2"/min or less.

Re: looking for clue

[Shane J Pearson]

Why people give life to a thread which starts like this is beyond me...

> Hi I'm looking for clue.  Does anyone have any?

Please stop. The most effective response at the beginning would have  
been silence.

Re: Why ksh?

[Damien Miller]

On Fri, 21 Jul 2006, Han Boetes wrote:

> > Why has OpenBSD developers decided to run ksh as the default
> > shell and not for example bash or zsh?
> 
> 1) Acceptable License.
> 2) Correct /bin/sh implementation.

3) *statically* linked ksh is a little over 1/2 the size of *dynamically*
   linked bash.

-d

Re: Why ksh?

[Nick Guenther]

On 7/21/06, Han Boetes <[EMAIL PROTECTED]> wrote:


1) Acceptable License.
2) Correct /bin/sh implementation.

See also: http://openbsd.org/goals.html

And since you are completely free to install your favourite shell
if you want to, what's your problem with ksh?

> The question is being asked because of a debate at our datacenter about the 
three shells and I would like to understand both the technical reason and the more 
general one - if posible someone knows and has the time to answer.

Re: OpenWebMail (package)

[Rob Baldassano]

Will, 
   
  Thank you for your thoughts. 
   
  The error is: 
  openwembail-2.51:Can't find p5-Compress-Zlib-1.35:Fatal error
  I looked through the pkg_info results on openwebmail, and couldn't find any 
dependencies. 
   
  I did a complete install of 3.8 (fresh), and am in the xwindows environment 
(which is another issue I'll ask about after I have read through the manuals 
more). 
  so, from this it would seem that openwebmail has dependencies on zlibs? 
  or am I missing something and need to run another command to check the 
dependency list? 
   
  Thanks, 
  --Rob
  (trying to get there...)
  

Will Maier <[EMAIL PROTECTED]> wrote:
  On Thu, Jul 20, 2006 at 04:06:54PM -0700, Rob Baldassano wrote:
> However, when I tried to install the package, the system gave an
> error message about not finding a library. Forgive me I don't
> have the error handy at the moment but it was a P5 (something
> about compression) lib. 

I'd take a look at the FAQ[0]; did you install the x* filesets? It's
hard to read minds -- pasting the error will get you better help
here.

> Does anyone know if this is fixed in the 3.9 release? If so,
> COOL. If Not, any suggestions for getting around this issue? 

The port hasn't been touched in 16 months[1]. If you really have
found a problem, it still need fixing, although I bet you're just
missing some libs.

[0]http://www.openbsd.org/faq/faq15.html#PkgInstall
[1]http://www.openbsd.org/cgi-bin/cvsweb/ports/mail/openwebmail/

-- 

o--{ Will Maier }--o
| web:...http://www.lfod.us/ | [EMAIL PROTECTED] |
*--[ BSD Unix: Live Free or Die ]--*




- 
 
Eirik Goransson / Rob Baldassano
Member, Barony of Endless Hills; 
House Odlahorde; 
Viking & All around Good Egg ; 
VROC #5029 (Tigger)
come visit http://www.dracowolf.com 
Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls.  Great rates 
starting at 1"/min.

Re: Why ksh?

[Han Boetes]

Rico Secada wrote:
> I don't want to start a religios thread and I don't want general
> personal opinions :-)

That's a nice introduction to any flamewar.

> Why has OpenBSD developers decided to run ksh as the default
> shell and not for example bash or zsh?

1) Acceptable License.
2) Correct /bin/sh implementation.

See also: http://openbsd.org/goals.html

And since you are completely free to install your favourite shell
if you want to, what's your problem with ksh?



# Han

Re: pkg_add

[smith]

A little trick I do is this:

1. go to ftp.someopenbsdmirror.com/pub/OpenBSD/3.9/packages/i386 and "get" the
index.txt file.

2. create another file called "1" without the quotes with the following:

pkg_add -v ftp://ftp.someopenbsdmirror.com/pub/OpenBSD/3.9/packages/i386/\

3. Whenever you want to install something, open the index.txt file with vi and
find a package you want to install.  Move your cursor to that line and type yy
and the :e 1 .  Don't type  just press the button.

4. Then type p

You should see something like this:

pkg_add -v ftp://ftp.someopenbsdmirror.com/pub/OpenBSD/3.9/packages/i386/\
somepackage-1.4.2.3.tgz

5. Then type :wq

6. Then type sh 1

Why ksh?

[Rico Secada]

Hi

I don't want to start a religios thread and I don't want general personal 
opinions :-)

Why has OpenBSD developers decided to run ksh as the default shell and not for 
example bash or zsh?

The question is being asked because of a debate at our datacenter about the 
three shells and I would like to understand both the technical reason and the 
more general one - if posible someone knows and has the time to answer.

Best and kind regards
Rico

carp: packet too short 40 on carp0

[Alex Strawman]

I'm experiencing some weird carp issues - it is working ok, however my
logs are being filled with this:

the systems are in an environment with ciscowned vrrp traffic - is
that the cause?


# tail -f /var/log/messages
Jul 21 09:46:36 fw1 /bsd: carp: packet too short 40 on carp0
Jul 21 09:46:36 fw1 /bsd: carp: packet too short 40 on carp1
Jul 21 09:46:36 fw1 /bsd: carp: packet too short 40 on carp0
Jul 21 09:46:36 fw1 /bsd: carp: packet too short 40 on carp1
Jul 21 09:46:36 fw1 /bsd: carp: packet too short 40 on carp0
Jul 21 09:46:36 fw1 /bsd: carp: packet too short 40 on carp1
Jul 21 09:46:37 fw1 /bsd: carp: packet too short 40 on carp0
Jul 21 09:46:37 fw1 /bsd: carp: packet too short 40 on carp1
Jul 21 09:46:37 fw1 /bsd: carp: packet too short 40 on carp0
Jul 21 09:46:37 fw1 /bsd: carp: packet too short 40 on carp1
Jul 21 09:46:37 fw1 /bsd: carp: packet too short 40 on carp0
Jul 21 09:46:37 fw1 /bsd: carp: packet too short 40 on carp1
Jul 21 09:46:37 fw1 /bsd: carp: packet too short 40 on carp0
Jul 21 09:46:37 fw1 /bsd: carp: packet too short 40 on carp1
Jul 21 09:46:38 fw1 /bsd: carp: packet too short 40 on carp0
Jul 21 09:46:38 fw1 /bsd: carp: packet too short 40 on carp1
^C

# netstat -p carp -s
carp:
   18150100 packets received (IPv4)
   0 packets received (IPv6)
   0 packets discarded for bad interface
   0 packets discarded for wrong TTL
   0 packets shorter than header
   0 discarded for bad checksums
   0 discarded packets with a bad version
   5253513 discarded because packet too short
   0 discarded for bad authentication
   0 discarded for bad vhid
   0 discarded because of a bad address list
   2016349 packets sent (IPv4)
   0 packets sent (IPv6)
   0 send failed due to mbuf memory error

Re: looking for clue

[Peter Philipp]

On Thu, Jul 20, 2006 at 11:28:17PM -0400, Eric Furman wrote:
> Please take your medication regularly and not just when you
> feel like it. I promise you, if you take your Thorazine like your
> doctor describes, all the 'Bad People' will go away and stop
> bothering you.
> -- 
>   Eric Furman
>   [EMAIL PROTECTED]

I sense angryness in the force.  Eric you stay out of it.  This is between
me and Rahul.

-- 
Here my ticker tape .signature  My name is Peter Philipp  lynx -dump 
"http://en.wikipedia.org/w/index.php?title=Pufferfish&oldid=20768394"; | sed -n 
131,136p  So long and thanks for all the fish!!!

Re: looking for clue

[Eric Furman]

On Thu, 20 Jul 2006 19:37:03 +0200, "Peter Philipp"
<[EMAIL PROTECTED]> said:
> Listen.  Don't get me wrong.  You are almighty, I know that.  What we
> need to
> do now is write only privately "very quiet" between the two of us and
> we'll
> take over the world together ok?  Share your problems with me in private
> mail and we'll figure out a way together.  TTYL.

Please take your medication regularly and not just when you
feel like it. I promise you, if you take your Thorazine like your
doctor describes, all the 'Bad People' will go away and stop
bothering you.
-- 
  Eric Furman
  [EMAIL PROTECTED]

Re: looking for clue

[Peter Blair]

On 7/20/06, Rob Baldassano <[EMAIL PROTECTED]> wrote:

Please forgive me if I am wrong but...


This thread should die.


  Question is:
  Why would you WANT your clients to constantly get new IPs?
  it disrupts SSL communication traffic, especially when you are dealing with 
external ly available IPs.


Exactely.  This thread is just a relapse of an already settled issue
due to some mistaken identity.  You of course (IMHO) are correct;
Unfortunately this thread doesn't warrent the quality of your
response.

-Pete

CPU Timestamp and SMP

[Gustavo Rios]

Dear friends,

i am using the following function to obtain the CPU timestamp:

typedef unsigned long longxadk64_t;

void
apx_rdtsc(xadk64_t * const t)
{
   __asm__ __volatile__ (".byte 0xf;.byte 0x31": "=A"(*t));
}

I am using a single processor system. My i was thinking on using
OpenBSD on a dual processor and notebook.

I wonder if my previous approach could fail on a SMP system? More
over, in a notebook whose CPU performance varies, should be afraid of
using that function?

If yes for any of those questions, which approach should i take in
order to obtain the same results?

Thanks in advance.

Best regards.

Trouvez l'amour de votre vie - Gratuit

[Amoureux.com]

Si vous disirez visualiser ce mail au format html, recopiez l'adresse suivante 
dans votre navigateur: 
http://www.mdworks.info/view.html?id=2189&ref=40669\n\n\n\nSi vous disirez vous 
disinscrire, il suffit de cliquer sur le lien privu ou de recopier l'adresse 
suivante dans votre navigateur: 
http://www.mdworks.info/desabo.html?ope=2189&[EMAIL PROTECTED]

Re: OpenWebMail (package)

[Will Maier]

On Thu, Jul 20, 2006 at 04:06:54PM -0700, Rob Baldassano wrote:
> However, when I tried to install the package, the system gave an
> error message about not finding a library. Forgive me I don't
> have the error handy at the moment but it was a P5 (something
> about compression) lib. 

I'd take a look at the FAQ[0]; did you install the x* filesets? It's
hard to read minds -- pasting the error will get you better help
here.

> Does anyone know if this is fixed in the 3.9 release? If so,
> COOL. If Not, any suggestions for getting around this issue? 

The port hasn't been touched in 16 months[1]. If you really have
found a problem, it still need fixing, although I bet you're just
missing some libs.

[0]http://www.openbsd.org/faq/faq15.html#PkgInstall
[1]http://www.openbsd.org/cgi-bin/cvsweb/ports/mail/openwebmail/

-- 

o--{ Will Maier }--o
| web:...http://www.lfod.us/ | [EMAIL PROTECTED] |
*--[ BSD Unix: Live Free or Die ]--*

Re: OpenWebMail (package)

[Steve]

I have installed and use OpenWebmail on 3.9 sparc64 and i386 straight 
from packages without issue.


Just need to remember to change fstab to remove the nosuid switch on /var

Steve

Rob Baldassano wrote:
Hi everyone, sorry for the bandwidth. 
   
  I am in the process of looking for a web mail application, and came across the (3.8 release) package for openwebmail (yes I know I need to finish getting upgraded to 3.9 -- I'm getting there). 
   
  However, when I tried to install the package, the system gave an error message about not finding a library. Forgive me I don't have the error handy at the moment but it was a P5 (something about compression) lib. 
   
  Does anyone know if this is fixed in the 3.9 release? 
  If so, COOL. 
  If Not, any suggestions for getting around this issue? 
   
  --Rob (starting to come up to speed)



- 
 
Eirik Goransson / Rob Baldassano
Member, Barony of Endless Hills; 
House Odlahorde; 
Viking & All around Good Egg ; 
VROC #5029 (Tigger)
come visit http://www.dracowolf.com 
Do you Yahoo!?

 Get on board. You're invited to try the new Yahoo! Mail Beta.

OpenWebMail (package)

[Rob Baldassano]

Hi everyone, sorry for the bandwidth. 
   
  I am in the process of looking for a web mail application, and came across 
the (3.8 release) package for openwebmail (yes I know I need to finish getting 
upgraded to 3.9 -- I'm getting there). 
   
  However, when I tried to install the package, the system gave an error 
message about not finding a library. Forgive me I don't have the error handy at 
the moment but it was a P5 (something about compression) lib. 
   
  Does anyone know if this is fixed in the 3.9 release? 
  If so, COOL. 
  If Not, any suggestions for getting around this issue? 
   
  --Rob (starting to come up to speed)


- 
 
Eirik Goransson / Rob Baldassano
Member, Barony of Endless Hills; 
House Odlahorde; 
Viking & All around Good Egg ; 
VROC #5029 (Tigger)
come visit http://www.dracowolf.com 
Do you Yahoo!?
 Get on board. You're invited to try the new Yahoo! Mail Beta.

Re: looking for clue

[Rob Baldassano]

Please forgive me if I am wrong but...
   
  My understanding of DHCP addressing is that when a client asks for a lease, 
they are given an address out of the pool, and their MAC is then listed as a 
preferred "user" of that address.
   
  They will continue to get the same address when their lease renews unless 
  a) the DHCP server is down.
  b) another client makes a request for the IP and the existing lease has died. 
   
  This enables DHCP clients to have an effective static address. 
  It doesn't do squat for people who are trying to keep the address on a 
volatile network, or on networks where there are numerous PC's that are making 
the requests for the same IP addresses. 
   
  While you can setup different lease levels, you may find that unless you have 
a significantly small lease allotment, you will always have client regaining 
their IPs. 
   
  Question is: 
  Why would you WANT your clients to constantly get new IPs? 
  it disrupts SSL communication traffic, especially when you are dealing with 
external ly available IPs. 
   
  --Rob
  

Peter Blair <[EMAIL PROTECTED]> wrote:
  On 7/20/06, Rahul Sharma wrote:
> Hi Peter Phillips,
> It is not Mr. Eric Pancer but me (rahulthehacker) who is asking for help on
> dhcpd lease.

Wrong:

http://www.sigmasoft.com/~openbsd/archives/html/openbsd-misc/2006-06/msg01371.html




- 
 
Eirik Goransson / Rob Baldassano
Member, Barony of Endless Hills; 
House Odlahorde; 
Viking & All around Good Egg ; 
VROC #5029 (Tigger)
come visit http://www.dracowolf.com 
Do you Yahoo!?
 Next-gen email? Have it all with the  all-new Yahoo! Mail Beta.

Re: Problem with x11/xfce4/xfce4-netload on i386, not on amd64

[Andreas Kahari]

On 20/07/06, Adam <[EMAIL PROTECTED]> wrote:

"Andreas Kahari" <[EMAIL PROTECTED]> wrote:

> I do have another i386 at home, an ancient 133MHz machine.  It doesn't
> have an fxp card in it though and I would need to back it up and
> install OpenBSD on it.  I thought it would be easier to find someone
> on the list with i386+fxp+xfce4...

I'm running xfce4 on my laptop with an onboard fxp.  The netload plugin
has always worked fine here, ever since xfce4 got added to ports.


Ok, thanks.  I'm assuming that's a i386 laptop (you didn't say).  This
means that there is some peculiarity with my laptop. What would be
needed to track this down?

I have attached a dmesg here (sorry for possibly bad linewraps,
courtesy of Gmail):

OpenBSD 3.9-current (GENERIC) #11: Sat Jul  8 15:14:04 BST 2006
   [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Pentium(R) M processor 1700MHz ("GenuineIntel"
686-class) 1.69 GHz
cpu0: 
FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,TM,SBF,EST,TM2
cpu0: Enhanced SpeedStep 1700 MHz (1484 mV): speeds: 1700, 1400, 1200,
1000, 800, 600 MHz
real mem  = 535851008 (523292K)
avail mem = 482983936 (471664K)
using 4256 buffers containing 26894336 bytes (26264K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(97) BIOS, date 11/21/03, BIOS32 rev. 0 @
0xfd751, SMBIOS rev. 2.3 @ 0xd8010 (17 entries)
bios0: Sony Corporation PCG-Z1XSP(GB)
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
apm0: flags 30102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xfd750/0x8b0
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdf30/176 (9 entries)
pcibios0: PCI Interrupt Router at 000:31:0 ("Intel 82371FB ISA" rev 0x00)
pcibios0: PCI bus #3 is the last bus
bios0: ROM list: 0xc/0x1 0xd8000/0x4000! 0xdc000/0x4000!
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Intel 82855PE Hub" rev 0x03
ppb0 at pci0 dev 1 function 0 "Intel 82855PE AGP" rev 0x03
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 "ATI Radeon Mobility M6 LY" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
uhci0 at pci0 dev 29 function 0 "Intel 82801DB USB" rev 0x03: irq 9
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1 at pci0 dev 29 function 1 "Intel 82801DB USB" rev 0x03: irq 9
usb1 at uhci1: USB revision 1.0
uhub1 at usb1
uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
uhci2 at pci0 dev 29 function 2 "Intel 82801DB USB" rev
0x03pci_intr_map: no mapping for pin C
: couldn't map interrupt
ehci0 at pci0 dev 29 function 7 "Intel 82801DB USB" rev
0x03pci_intr_map: no mapping for pin D
: couldn't map interrupt
ppb1 at pci0 dev 30 function 0 "Intel 82801BAM Hub-to-PCI" rev 0x83
pci2 at ppb1 bus 2
cbb0 at pci2 dev 5 function 0 "Ricoh 5C475 CardBus" rev 0xb8: irq 3
"Ricoh 5C551 Firewire" rev 0x00 at pci2 dev 5 function 1 not configured
fxp0 at pci2 dev 8 function 0 "Intel PRO/100 VE" rev 0x83, i82562: irq
9, address 08:00:46:c8:ad:ab
inphy0 at fxp0 phy 1: i82562ET 10/100 PHY, rev. 0
iwi0 at pci2 dev 11 function 0 "Intel PRO/Wireless 2200BG" rev 0x05:
irq 9, address 00:0e:35:07:44:15
cardslot0 at cbb0 slot 0 flags 0
cardbus0 at cardslot0: bus 3 device 0 cacheline 0x0, lattimer 0x40
pcmcia0 at cardslot0
ichpcib0 at pci0 dev 31 function 0 "Intel 82801DBM LPC" rev 0x03
pciide0 at pci0 dev 31 function 1 "Intel 82801DBM IDE" rev 0x03: DMA,
channel 0 configured to compatibility, channel 1 configured to
compatibility
wd0 at pciide0 channel 0 drive 0: 
wd0: 16-sector PIO, LBA48, 76319MB, 156301488 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0:  SCSI0 5/cdrom removable
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
ichiic0 at pci0 dev 31 function 3 "Intel 82801DB SMBus" rev
0x03pci_intr_map: no mapping for pin B
: polling
iic0 at ichiic0
auich0 at pci0 dev 31 function 5 "Intel 82801DB AC97" rev 0x03: irq 9, ICH4 AC97
ac97: codec id 0x594d4803 (Yamaha YMF753-S)
ac97: codec features 18 bit DAC, No 3D Stereo
audio0 at auich0
"Intel 82801DB Modem" rev 0x03 at pci0 dev 31 function 6 not configured
isa0 at ichpcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pms0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: 
spkr0 at pcppi0
npx0 at isa0 port 0xf0/16: using exception 16
biomask effd netmask effd ttymask 
pctr: 686-class user-level performance counters enabled
mtrr: Pentium Pro MTRR support
dkcsum: wd0 matches BIOS drive 0x80
root on wd0a
rootdev=0x0 rrootdev=0x300 rawdev=0x302


--
Andreas K

Sound Problems: ATI Board / Realtek AC'97 Soundship / Shuttle XPC ZEN ST62K Barebone

[Wolfram Fischer]

Hi,

I have problems with sound on my OpenBSD Box.
To make it short: I think the right driver is loaded, but when playing audio 
files I get strange behavior. 

Details and dmesg's can be seen at 
http://www.freebsdforums.org/forums/showthread.php?s=32324ebb3bca744c9e7b44c8330ac0f2&t=42697
(I don't wan't to spam this list with 2 long dmesgs).

I would be very thankfull for every hint, tip, suggestion, patches, etc. ... 

Thank you very much in advance,
  Wolf


-
Was ist Gl|ck? Schlafen Fische |berhaupt? Die Antworten gibts auf Yahoo! 
Clever.

sensors accuracy

[Daniel A. Ramaley]

How accurate are the sensors on most computers? I ask because after 
learning (thanks to a few kind individuals on this list) how to monitor 
sensors with OpenBSD 3.9, i have been checking the values on one of my 
computers (a VIA Epia machine with 533 MHz C3 processor) to get an idea 
of what "normal" looks like, only to discover some unexpected values:

$ sysctl hw.sensors
hw.sensors.0=viaenv0, TSENS1, temp, 18.10 degC / 64.58 degF
hw.sensors.1=viaenv0, TSENS2, temp, 68.00 degC / 154.40 degF
hw.sensors.2=viaenv0, TSENS3, temp, 3.70 degC / 38.66 degF
hw.sensors.3=viaenv0, FAN1, fanrpm, 0 RPM
hw.sensors.4=viaenv0, FAN2, fanrpm, 0 RPM
hw.sensors.5=viaenv0, VSENS1, volts_dc, 2.49 V
hw.sensors.6=viaenv0, VSENS2, volts_dc, 2.47 V
hw.sensors.7=viaenv0, Vcore, volts_dc, 2.01 V
hw.sensors.8=viaenv0, VSENS3, volts_dc, 5.38 V
hw.sensors.9=viaenv0, VSENS4, volts_dc, 12.48 V

According to viaenv(4), hw.sensors.0 is CPU temperature. I can almost 
guarantee the value printed by sysctl is incorrect; the ambient 
temperature in my apartment has lately been around 80 degF (roughly 27 
degC), and the CPU is passively cooled. Again according to viaenv(4), 
hw.sensors.1 should be the system temperature. That one seems a bit 
high; the computer is barely warm to the touch, and is certainly not 
over 150 degF!

Some of the voltage sensors also seem off, though the way in which they 
are off leads me to suspect that my machine runs on different voltages 
than the machine referenced when writing the documentation. For 
instance, viaenv(4) says VSENS1 and Vcore should be 2.0V and 3.3V, 
respectively. But on my machine they are very close to 2.5V and 2.0V.

Is there a way to get hw.sensors to report sensible values for 
temperatures? Is my hardware broken? Or am i misunderstanding 
something?


And of course, what would a post about hardware to misc be without a 
dmesg? Here it is:

OpenBSD 3.9 (GENERIC) #617: Thu Mar  2 02:26:48 MST 2006
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: VIA Samuel 2 ("CentaurHauls" 686-class) 533 MHz
cpu0: FPU,DE,TSC,MSR,MTRR,PGE,MMX
real mem  = 265854976 (259624K)
avail mem = 235597824 (230076K)
using 3270 buffers containing 13393920 bytes (13080K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(13) BIOS, date 11/14/02, BIOS32 rev. 0 @ 
0xfb370
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
apm0: flags 70102 dobusy 1 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xf/0xdce4
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdc70/112 (5 entries)
pcibios0: PCI Exclusive IRQs: 10 11
pcibios0: PCI Interrupt Router at 000:17:0 ("VIA VT8231 ISA" rev 0x00)
pcibios0: PCI bus #1 is the last bus
bios0: ROM list: 0xc/0xc000 0xcc000/0xa000
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "VIA VT8601 PCI" rev 0x05
ppb0 at pci0 dev 1 function 0 "VIA VT82C601 AGP" rev 0x00
pci1 at ppb0 bus 1
vga1 at pci1 dev 0 function 0 "Trident CyberBlade i1" rev 0x6a
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
pcib0 at pci0 dev 17 function 0 "VIA VT8231 ISA" rev 0x10
pciide0 at pci0 dev 17 function 1 "VIA VT82C571 IDE" rev 0x06: ATA100, 
channel 0
 configured to compatibility, channel 1 configured to compatibility
wd0 at pciide0 channel 0 drive 0: 
wd0: 16-sector PIO, LBA, 38154MB, 78140160 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5
pciide0: channel 1 disabled (no drives)
viaenv0 at pci0 dev 17 function 4 "VIA VT8231 PMG" rev 0x10
vr0 at pci0 dev 18 function 0 "VIA RhineII-2" rev 0x51: irq 11, address 
00:40:63
:e2:03:0d
ukphy0 at vr0 phy 1: Generic IEEE 802.3u media interface, rev. 10: OUI 
0x004063,
 model 0x0032
isa0 at pcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: 
spkr0 at pcppi0
npx0 at isa0 port 0xf0/16: using exception 16
biomask f7fd netmask fffd ttymask 
pctr: user-level cycle counter enabled
dkcsum: wd0 matches BIOS drive 0x80
root on wd0a
rootdev=0x0 rrootdev=0x300 rawdev=0x302

-- 

Dan RamaleyDial Center 118, Drake University
Network Programmer/Analyst 2407 Carpenter Ave
+1 515 271-4540Des Moines IA 50311 USA

to many arp-requests

[joerg]

Hi list,

in my company we are trying to implement an openbsd firewall-cluster.
The setup has the following specs:

 - two boxes running openbsd 3.9
 - hardware dell 1850 with two four port ethernet cards
   so we have 10 ports on each machine (em and ste driver).
 - to the outside network we are using an layer3 switch from
   dell (powerconnect 6024)

the setup looks like this:

--  
|inet | +
--  |
-   
| layer3 switch |
-
   | |  
   | | 
------
| FW1 || FW2 |
------
   |  |
   |  |
      
   |  switch  |
    
--- |
| lan |-+
--- 


I configured a vlan with one ip on the layer3 switch so it can reach
the firewalls carped ip. 
the problem now is, that the layer3 switch always sends an arp-whohas
for each packet it should route to the firewall. The switch stores the
mac of the firewall in its arp cache, so why are there so many arp
request from the switch? i think this is a really bottleneck.
I tested this on an other system running openbsd connected directly to
the layer3 switch. first time, configured with on physical ip (no carp)
every thing went fine. But with a configured carp interface the
layer3 switch recommences sending arp whohas packets once more.

Any conclusions

By Joerg

Re: Carp/Pfsync problem

[Stuart Henderson]

On 2006/07/20 20:32, Ashley Moran wrote:
> You don't need a new carp interface for every IP if they use the same  
> carpdev, you can add the others as aliases (that definitely works for  
> IPs in the same subnet, and I'm pretty sure it will work for IPs in  
> different subnets too).  It makes the config a bit easier to maintain.

Depends how you want to load-balance things (you often want to have
each box as a master of it's own address and load-balance between these,
then carp gives you fast failover if a box goes down).

Re: Carp/Pfsync problem

[Ashley Moran]

On Sep 20, 2006, at 7:18 pm, Tim Pushor wrote:

As for the multiple carp addresses - This is in a lab environment  
but will end up protecting a rack of machines in a colo. I'm  
planning on having a carp address for each external address that's  
required (not many - maybe 4-5 eventually).


Tim

You don't need a new carp interface for every IP if they use the same  
carpdev, you can add the others as aliases (that definitely works for  
IPs in the same subnet, and I'm pretty sure it will work for IPs in  
different subnets too).  It makes the config a bit easier to maintain.


Ashley

Re: looking for clue

[Peter Blair]

On 7/20/06, Rahul Sharma <[EMAIL PROTECTED]> wrote:

Hi Peter Phillips,
It is not Mr. Eric Pancer but me (rahulthehacker) who is asking for help on
dhcpd lease.


Wrong:

http://www.sigmasoft.com/~openbsd/archives/html/openbsd-misc/2006-06/msg01371.html

Re: Reemerged problem in openbsd cvs v20.7

[Spruell, Darren-Perot]

From: Pekka Niiranen
> I installed OpenBSD/current on 8.July because the official v3.9
> had a nasty bug: if I did not keep on pressing "enter " during
> dmesg -listings of boot, the keyboard did not respond at logon prompt.
> I am using AMD64 with Linksys KVM dual port switch.
> 
> OpenBSD v3.8 did not have this "losing keyboard during boot" -bug.
> 
> The current version installed on 8.July had worhed OK,
> but todays version (20.July) has this same problem again.

Have you taken the KVM out of the picture, and just tested with a keyboard
directly attached?

DS

Reemerged problem in openbsd cvs v20.7

[Pekka Niiranen]

Hi there,

For your information:

I installed OpenBSD/current on 8.July because the official v3.9
had a nasty bug: if I did not keep on pressing "enter " during
dmesg -listings of boot, the keyboard did not respond at logon prompt.
I am using AMD64 with Linksys KVM dual port switch.

OpenBSD v3.8 did not have this "losing keyboard during boot" -bug.

The current version installed on 8.July had worhed OK,
but todays version (20.July) has this same problem again.


-pekka-

Re: Carp/Pfsync problem

[Tim Pushor]

Thanks Kian,

That didn't have an effect. I suspected that it woudn't as I am getting 
state information, and ifconfig listed fxp0 as the syncdev even though I 
had syncif in the hostname file.


As for the multiple carp addresses - This is in a lab environment but 
will end up protecting a rack of machines in a colo. I'm planning on 
having a carp address for each external address that's required (not 
many - maybe 4-5 eventually).


Thanks,
Tim

Kian Mohageri wrote:

Change 'syncif' to 'syncdev' in your hostname.pfsync files.

Also, out of curiosity, why are there two CARP addresses between the
workstation and firewalls?

Kian

On 9/20/06, Tim Pushor <[EMAIL PROTECTED]> wrote:
  

Hi friends,

I am trying to setup my first firewall w/failover via carp & pfsync. I
have it almost working, but am  having a couple issues. I am hoping
someone will be able to help :)

First, before I enabled preemption I almost always had one machine being
master for one of the carp interfaces, and slave for the other two. It
seemed to work, but just looked troublesome. Enabling preemption seemed
to solve this. Does this point to a bigger problem somewhere?

Second, and what I am really trying to fix - is to have an in progress
TCP session fail over to the  second firewall. The connection stalls and
eventually times out when failing over, but attempting to  re-establish
after the failover works (through the second firewall). I've confirmed
(at least in my  mind) that state updates are being properly propagated
to the second firewall by watching the pfsync  interface, and noting the
state via pfctl -s state. I've watched syslog with pfctl -x loud and
didn't  see anything.

Any hints on how I can go about troubleshooting this further? I've
included as much info as I can think  of. The included PF ruleset is
just a proof of concept - I realize theres quite a bit more to be done,
I'm just trying to get the failover working.

Thanks!,
Tim

BTW If there is any OpenBSD guru in Calgary thats looking for a few
hours of consultancy I'd love to  hear from you :)

Details:

Both systems are Dell 850 servers w/added Intel Etherexpress Pro 10/100
cards as the pfsync interface,  with a crossover cable between them. OS
is OpenBSD 3.9, GENERIC Kernel.

192.168.1.246
 +--+
 | Test Workstation |
 +--|
  |
 +| carp1  |+
 |   192.168.1.22   |
 |  |
 +| carp2  |+
  |  192.168.1.23  |
  ||
192.168.1.20  bge0||bge0 192.168.1.21
   +-+  +-+
   | fw1 |-fxp0fxp0-| fw2 |
   +-+  +-+
10.0.10.253   bge1||bge1 10.0.10.254
  ||
   ---+---  carp0   ---+---
  10.0.10.1
  |
  |
   +-+
   | Test Server |
   +-+
 10.0.10.42

(fw1 fxp0 - 192.168.254.253)
(fs2 fxp0 - 192.168.254.254)


 fw1:

# cat hostname.bge0
inet 192.168.1.20 255.255.255.0 NONE

# cat hostname.bge1
inet 10.0.10.253 255.255.255.0 NONE

# cat hostname.fxp0
inet 192.168.254.253 255.255.255.0 NONE

# cat hostname.carp0
inet 10.0.10.1 255.255.255.0 10.0.10.255 vhid 1 pass foo1 carpdev bge1

# cat hostname.carp1
inet 192.168.1.22 255.255.255.0 192.168.1.255 vhid 2 pass foo2 carpdev
bge0

# cat hostname.carp2
inet 192.168.1.23 255.255.255.0 192.168.1.255 vhid 3 pass foo3 carpdev
bge0

# cat hostname.pfsync0
up syncif fxp0

# sysctl -a | grep carp
net.inet.carp.allow=1
net.inet.carp.preempt=1
net.inet.carp.log=0
net.inet.carp.arpbalance=0

 fw2:

# cat hostname.bge0
inet 192.168.1.21 255.255.255.0 NONE

# cat hostname.bge1
inet 10.0.10.254 255.255.255.0 NONE

# cat hostname.fxp0
inet 192.168.254.254 255.255.255.0 NONE

# cat hostname.carp0
inet 10.0.10.1 255.255.255.0 10.0.10.255 vhid 1 pass foo1 advskew 128
carpdev bge1

# cat hostname.carp1
inet 192.168.1.22 255.255.255.0 192.168.1.255 vhid 2 pass foo2 advskew
128 carpdev bge0

# cat hostname.carp2
192.168.1.23 255.255.255.0 192.168.1.255 vhid 3 pass foo3 advskew 128
carpdev bge0

# cat hostname.pfsync0
up syncif fxp0

# sysctl -a | grep carp
net.inet.carp.allow=1
net.inet.carp.preempt=1
net.inet.carp.log=0
net.inet.carp.arpbalance=0


 PF Rules (identical on both machines)

# cat /etc/pf.conf
ext_if="bge0"
int_if="bge1"
pfsync_if="fxp0"

# All interfaces (real + virtual via carp) thought of as external
ext_ifs="{ bge0, carp1, carp2 }"

# Our internal network(s). Used for access rules and NAT
internal_nets="10.0

Re: Carp/Pfsync problem

[Kian Mohageri]

Change 'syncif' to 'syncdev' in your hostname.pfsync files.

Also, out of curiosity, why are there two CARP addresses between the
workstation and firewalls?

Kian

On 9/20/06, Tim Pushor <[EMAIL PROTECTED]> wrote:
>
> Hi friends,
>
> I am trying to setup my first firewall w/failover via carp & pfsync. I
> have it almost working, but am  having a couple issues. I am hoping
> someone will be able to help :)
>
> First, before I enabled preemption I almost always had one machine being
> master for one of the carp interfaces, and slave for the other two. It
> seemed to work, but just looked troublesome. Enabling preemption seemed
> to solve this. Does this point to a bigger problem somewhere?
>
> Second, and what I am really trying to fix - is to have an in progress
> TCP session fail over to the  second firewall. The connection stalls and
> eventually times out when failing over, but attempting to  re-establish
> after the failover works (through the second firewall). I've confirmed
> (at least in my  mind) that state updates are being properly propagated
> to the second firewall by watching the pfsync  interface, and noting the
> state via pfctl -s state. I've watched syslog with pfctl -x loud and
> didn't  see anything.
>
> Any hints on how I can go about troubleshooting this further? I've
> included as much info as I can think  of. The included PF ruleset is
> just a proof of concept - I realize theres quite a bit more to be done,
> I'm just trying to get the failover working.
>
> Thanks!,
> Tim
>
> BTW If there is any OpenBSD guru in Calgary thats looking for a few
> hours of consultancy I'd love to  hear from you :)
>
> Details:
>
> Both systems are Dell 850 servers w/added Intel Etherexpress Pro 10/100
> cards as the pfsync interface,  with a crossover cable between them. OS
> is OpenBSD 3.9, GENERIC Kernel.
>
> 192.168.1.246
>  +--+
>  | Test Workstation |
>  +--|
>   |
>  +| carp1  |+
>  |   192.168.1.22   |
>  |  |
>  +| carp2  |+
>   |  192.168.1.23  |
>   ||
> 192.168.1.20  bge0||bge0 192.168.1.21
>+-+  +-+
>| fw1 |-fxp0fxp0-| fw2 |
>+-+  +-+
> 10.0.10.253   bge1||bge1 10.0.10.254
>   ||
>---+---  carp0   ---+---
>   10.0.10.1
>   |
>   |
>+-+
>| Test Server |
>+-+
>  10.0.10.42
>
> (fw1 fxp0 - 192.168.254.253)
> (fs2 fxp0 - 192.168.254.254)
>
>
>  fw1:
>
> # cat hostname.bge0
> inet 192.168.1.20 255.255.255.0 NONE
>
> # cat hostname.bge1
> inet 10.0.10.253 255.255.255.0 NONE
>
> # cat hostname.fxp0
> inet 192.168.254.253 255.255.255.0 NONE
>
> # cat hostname.carp0
> inet 10.0.10.1 255.255.255.0 10.0.10.255 vhid 1 pass foo1 carpdev bge1
>
> # cat hostname.carp1
> inet 192.168.1.22 255.255.255.0 192.168.1.255 vhid 2 pass foo2 carpdev
> bge0
>
> # cat hostname.carp2
> inet 192.168.1.23 255.255.255.0 192.168.1.255 vhid 3 pass foo3 carpdev
> bge0
>
> # cat hostname.pfsync0
> up syncif fxp0
>
> # sysctl -a | grep carp
> net.inet.carp.allow=1
> net.inet.carp.preempt=1
> net.inet.carp.log=0
> net.inet.carp.arpbalance=0
>
>  fw2:
>
> # cat hostname.bge0
> inet 192.168.1.21 255.255.255.0 NONE
>
> # cat hostname.bge1
> inet 10.0.10.254 255.255.255.0 NONE
>
> # cat hostname.fxp0
> inet 192.168.254.254 255.255.255.0 NONE
>
> # cat hostname.carp0
> inet 10.0.10.1 255.255.255.0 10.0.10.255 vhid 1 pass foo1 advskew 128
> carpdev bge1
>
> # cat hostname.carp1
> inet 192.168.1.22 255.255.255.0 192.168.1.255 vhid 2 pass foo2 advskew
> 128 carpdev bge0
>
> # cat hostname.carp2
> 192.168.1.23 255.255.255.0 192.168.1.255 vhid 3 pass foo3 advskew 128
> carpdev bge0
>
> # cat hostname.pfsync0
> up syncif fxp0
>
> # sysctl -a | grep carp
> net.inet.carp.allow=1
> net.inet.carp.preempt=1
> net.inet.carp.log=0
> net.inet.carp.arpbalance=0
>
>
>  PF Rules (identical on both machines)
>
> # cat /etc/pf.conf
> ext_if="bge0"
> int_if="bge1"
> pfsync_if="fxp0"
>
> # All interfaces (real + virtual via carp) thought of as external
> ext_ifs="{ bge0, carp1, carp2 }"
>
> # Our internal network(s). Used for access rules and NAT
> internal_nets="10.0.10.0/24"
>
> # Define NAT source port range (all source ports will be rewritten to use
> # this range)
> nat_port_range="20001:65535"
>
> # Define virtual carp interface that should be used as NAT source
> # (i.e. outbound h

Re: looking for clue

[Peter Philipp]

On Thu, Jul 20, 2006 at 10:54:28PM +0530, Rahul Sharma wrote:
> Hi Peter Phillips,
> It is not Mr. Eric Pancer but me (rahulthehacker) who is asking for help on
> dhcpd lease.
> Now it is because of you "Mr. Mind" that till last month I didnot believe on
> Communities (like openBSD) but after joining this community I come to know
> abt. the power of open system.
> But it is due to u Mastermind that some body like me are still far away from
> this community.
> I am not speak any Martian also.
> But sorry to tell u change ur attitude plz
> Rahul

Hi Rahul!

Listen.  Don't get me wrong.  You are almighty, I know that.  What we need to
do now is write only privately "very quiet" between the two of us and we'll
take over the world together ok?  Share your problems with me in private
mail and we'll figure out a way together.  TTYL.

Regards,

-p


--
Here my ticker tape .signature  My name is Peter Philipp  lynx -dump 
"http://en.wikipedia.org/w/index.php?title=Pufferfish&oldid=20768394"; | sed -n 
131,136p  So long and thanks for all the fish!!!

Re: looking for clue

[Eric Pancer]

On Thu, 2006-07-20 at 22:54:28 +0530, Rahul Sharma wrote...

> It is not Mr. Eric Pancer but me (rahulthehacker) who is asking for help on
> dhcpd lease.

I wasn't referring to that, please learn how to read a mailing list. I was
referring to the user wanting dhcp leases to change every one-minute.

> I am not speak any Martian also.

I didn't say you did. Get with the discussion.

- Eric

Re: looking for clue

[Rahul Sharma]

Hi Peter Phillips,
It is not Mr. Eric Pancer but me (rahulthehacker) who is asking for help on
dhcpd lease.
Now it is because of you "Mr. Mind" that till last month I didnot believe on
Communities (like openBSD) but after joining this community I come to know
abt. the power of open system.
But it is due to u Mastermind that some body like me are still far away from
this community.
I am not speak any Martian also.
But sorry to tell u change ur attitude plz
Rahul

On 7/20/06, Eric Pancer <[EMAIL PROTECTED]> wrote:
>
> On Wed, 2006-07-19 at 20:21:01 +0200, Peter Philipp wrote...
>
> > Hi I'm looking for clue.  Does anyone have any?
> >
>
> Hey, aren't you the idiot that kept renegotiating your DHCP lease?
>
> There's no clue here for you to find; we don't speak Martian.
>
> - Eric

Re: Problem with x11/xfce4/xfce4-netload on i386, not on amd64

[Adam]

"Andreas Kahari" <[EMAIL PROTECTED]> wrote:

> I do have another i386 at home, an ancient 133MHz machine.  It doesn't
> have an fxp card in it though and I would need to back it up and
> install OpenBSD on it.  I thought it would be easier to find someone
> on the list with i386+fxp+xfce4...

I'm running xfce4 on my laptop with an onboard fxp.  The netload plugin
has always worked fine here, ever since xfce4 got added to ports.

Adam

Carp/Pfsync problem

[Tim Pushor]

Hi friends,

I am trying to setup my first firewall w/failover via carp & pfsync. I 
have it almost working, but am  having a couple issues. I am hoping 
someone will be able to help :)


First, before I enabled preemption I almost always had one machine being 
master for one of the carp interfaces, and slave for the other two. It 
seemed to work, but just looked troublesome. Enabling preemption seemed 
to solve this. Does this point to a bigger problem somewhere?


Second, and what I am really trying to fix - is to have an in progress 
TCP session fail over to the  second firewall. The connection stalls and 
eventually times out when failing over, but attempting to  re-establish 
after the failover works (through the second firewall). I've confirmed 
(at least in my  mind) that state updates are being properly propagated 
to the second firewall by watching the pfsync  interface, and noting the 
state via pfctl -s state. I've watched syslog with pfctl -x loud and 
didn't  see anything.


Any hints on how I can go about troubleshooting this further? I've 
included as much info as I can think  of. The included PF ruleset is 
just a proof of concept - I realize theres quite a bit more to be done,  
I'm just trying to get the failover working.


Thanks!,
Tim

BTW If there is any OpenBSD guru in Calgary thats looking for a few 
hours of consultancy I'd love to  hear from you :)


Details:

Both systems are Dell 850 servers w/added Intel Etherexpress Pro 10/100 
cards as the pfsync interface,  with a crossover cable between them. OS 
is OpenBSD 3.9, GENERIC Kernel.


   192.168.1.246
+--+
| Test Workstation |
+--|
 |
+| carp1  |+
|   192.168.1.22   |
|  |
+| carp2  |+
 |  192.168.1.23  |
 ||
192.168.1.20  bge0||bge0 192.168.1.21   
  +-+  +-+

  | fw1 |-fxp0fxp0-| fw2 |
  +-+  +-+
10.0.10.253   bge1||bge1 10.0.10.254
 ||
  ---+---  carp0   ---+---
 10.0.10.1
 |
 |
  +-+
  | Test Server |
  +-+
10.0.10.42

(fw1 fxp0 - 192.168.254.253)
(fs2 fxp0 - 192.168.254.254)


 fw1:

# cat hostname.bge0
inet 192.168.1.20 255.255.255.0 NONE

# cat hostname.bge1
inet 10.0.10.253 255.255.255.0 NONE

# cat hostname.fxp0
inet 192.168.254.253 255.255.255.0 NONE

# cat hostname.carp0
inet 10.0.10.1 255.255.255.0 10.0.10.255 vhid 1 pass foo1 carpdev bge1

# cat hostname.carp1
inet 192.168.1.22 255.255.255.0 192.168.1.255 vhid 2 pass foo2 carpdev bge0

# cat hostname.carp2
inet 192.168.1.23 255.255.255.0 192.168.1.255 vhid 3 pass foo3 carpdev bge0

# cat hostname.pfsync0
up syncif fxp0

# sysctl -a | grep carp
net.inet.carp.allow=1
net.inet.carp.preempt=1
net.inet.carp.log=0
net.inet.carp.arpbalance=0

 fw2:

# cat hostname.bge0
inet 192.168.1.21 255.255.255.0 NONE

# cat hostname.bge1
inet 10.0.10.254 255.255.255.0 NONE

# cat hostname.fxp0
inet 192.168.254.254 255.255.255.0 NONE

# cat hostname.carp0
inet 10.0.10.1 255.255.255.0 10.0.10.255 vhid 1 pass foo1 advskew 128 
carpdev bge1


# cat hostname.carp1
inet 192.168.1.22 255.255.255.0 192.168.1.255 vhid 2 pass foo2 advskew 
128 carpdev bge0


# cat hostname.carp2
192.168.1.23 255.255.255.0 192.168.1.255 vhid 3 pass foo3 advskew 128 
carpdev bge0


# cat hostname.pfsync0
up syncif fxp0

# sysctl -a | grep carp
net.inet.carp.allow=1
net.inet.carp.preempt=1
net.inet.carp.log=0
net.inet.carp.arpbalance=0


 PF Rules (identical on both machines)

# cat /etc/pf.conf
ext_if="bge0"
int_if="bge1"
pfsync_if="fxp0"

# All interfaces (real + virtual via carp) thought of as external
ext_ifs="{ bge0, carp1, carp2 }"

# Our internal network(s). Used for access rules and NAT
internal_nets="10.0.10.0/24"

# Define NAT source port range (all source ports will be rewritten to use
# this range)
nat_port_range="20001:65535"

# Define virtual carp interface that should be used as NAT source
# (i.e. outbound hide nat will appear to come from this virtual interface)
nat_carp="carp1"

# real interfaces that have virtual carp addresses associated with them
carp_interfaces="{ bge0, bge1 }"

# Test internal HTTP server
tstsrv_ext=192.168.1.22
tstsrv_int=10.0.10.42
tstsrv_port=80

###
### NAT
###

# Provide 'hide mode' nat for the entire subnet

nat on $ext_if from $internal_nets to any -> $nat_carp port $nat_port_range

# Test HTTP access

rdr on $ext_if proto tcp from any

Re: 3.9 freeze

[Pedro Martelletto]

On Thu, Jul 20, 2006 at 06:07:16PM +0200, Federico Giannici wrote:
> It seems to me that under amd64 the "UVM Amap" usage is much higher then 
> under i386. So, even if by default the limit is the double of the i386, 
> it seems not enough.

That's probably because the code allocates in multiples of sizeof(long),
which is twice as bigger in 64-bit architectures than on 32-bit.

I still have to do the math correctly, but the default limit may even
not be enough for some i386 systems with gigantic amounts of memory.

Ideally, the kernel should have a smarter way of setting the limit for
malloc() in kmeminit(), perhaps based on physmem, or on the ability of
growing its memory mapping dynamically, as needed.

-p.

Re: 3.9 freeze

[Federico Giannici]

Pedro Martelletto wrote:

Federico,

Your diagnosis is correct, that freeze can be the result of reaching the
limit for UVM amap allocations. These get used by the kernel to describe
anonymous memory mappings, and mmap malloc() puts the UVM subsystem
under a higher load of those, eventually reaching the limit. Until an
appropriate solution is found, you can try bumping the number of pages
in the kernel's memory map (NKMEMPAGES).


I have just installed a new 3.9-stable kernel with doubled 
NKMEMPAGES_MAX (and maxusers).


I'll keep you informed if this solved the problem...

Bye.


P.S.
It seems to me that under amd64 the "UVM Amap" usage is much higher then 
under i386. So, even if by default the limit is the double of the i386, 
it seems not enough.


--
___
__
   |-  [EMAIL PROTECTED]
   |ederico Giannici  http://www.neomedia.it
___

firewall on 3.9 i386, crashing after carp failover

[Stephan A. Rickauer]

In a setup of two redundant carp firewalls, each serving four
interfaces, the master crashes regularly (but not always) after a
manuall failover from the backup to the master.

This is how I do the manual failover ('carpdown' on master):

---snip---
for i in 0 1 2 3; do ifconfig carp$i down; done
   ifconfig | grep "carp:"; sleep 1
for i in 0 1 2 3; do ifconfig carp$i destroy; done
   ifconfig | grep "carp:"
---snip---


After maintenance, I switch back from backup to the master ('carpup' on
master):

---snip---
for i in 0 1 2 3; do sh /etc/netstart carp$i; done
  route add default 130.**.*.***
---snip---

It then would crash after a few seconds. Is this a known issue?


The server runs not much, except ftp-proxy, snmpd, sshd, ntpd and nrpe.
Please find dmesg, ps and trace below. Thanks for your help:


OpenBSD 3.9 (GENERIC) #617: Thu Mar  2 02:26:48 MST 2006
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
cpu0: Intel(R) Pentium(R) 4 CPU 2.66GHz ("GenuineIntel" 686-class) 2.66 GHz
cpu0:
FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUS
H,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,CNXT-ID
real mem  = 535527424 (522976K)
avail mem = 481644544 (470356K)
using 4278 buffers containing 26877952 bytes (26248K) of memory
mainbus0 (root)
bios0 at mainbus0: AT/286+(00) BIOS, date 02/07/05, BIOS32 rev. 0 @ 0xf0010
apm0 at bios0: Power Management spec V1.2
apm0: AC on, battery charge unknown
apm0: flags 30102 dobusy 0 doidle 1
pcibios0 at bios0: rev 2.1 @ 0xf/0x1
pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf3d40/224 (12 entries)
pcibios0: PCI Interrupt Router at 000:31:0 ("Intel 82801EB/ER LPC" rev 0x00)
pcibios0: PCI bus #3 is the last bus
bios0: ROM list: 0xc/0x8000
cpu0 at mainbus0
pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
pchb0 at pci0 dev 0 function 0 "Intel 82875P Host" rev 0x02
ppb0 at pci0 dev 1 function 0 "Intel 82875P AGP" rev 0x02
pci1 at ppb0 bus 1
ppb1 at pci0 dev 3 function 0 "Intel 82875P PCI-CSA" rev 0x02
pci2 at ppb1 bus 2
em0 at pci2 dev 1 function 0 "Intel PRO/1000CT (82547EI)" rev 0x00: irq
10, address 00:0c:f1:8f:a9:c4
uhci0 at pci0 dev 29 function 0 "Intel 82801EB/ER USB" rev 0x02: irq 5
usb0 at uhci0: USB revision 1.0
uhub0 at usb0
uhub0: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1 at pci0 dev 29 function 1 "Intel 82801EB/ER USB" rev 0x02: irq 7
usb1 at uhci1: USB revision 1.0
uhub1 at usb1
uhub1: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
uhci2 at pci0 dev 29 function 2 "Intel 82801EB/ER USB" rev 0x02: irq 10
usb2 at uhci2: USB revision 1.0
uhub2 at usb2
uhub2: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
uhci3 at pci0 dev 29 function 3 "Intel 82801EB/ER USB" rev 0x02: irq 5
usb3 at uhci3: USB revision 1.0
uhub3 at usb3
uhub3: Intel UHCI root hub, rev 1.00/1.00, addr 1
uhub3: 2 ports with 2 removable, self powered
ehci0 at pci0 dev 29 function 7 "Intel 82801EB/ER USB2" rev 0x02: irq 9
usb4 at ehci0: USB revision 2.0
uhub4 at usb4
uhub4: Intel EHCI root hub, rev 2.00/1.00, addr 1
uhub4: 8 ports with 8 removable, self powered
ppb2 at pci0 dev 30 function 0 "Intel 82801BA AGP" rev 0xc2
pci3 at ppb2 bus 3
em1 at pci3 dev 2 function 0 "Intel PRO/1000MT (82546GB)" rev 0x03: irq
9, address 00:04:23:9e:e2:b2
em2 at pci3 dev 2 function 1 "Intel PRO/1000MT (82546GB)" rev 0x03: irq
10, address 00:04:23:9e:e2:b3
vga1 at pci3 dev 6 function 0 "ATI Rage XL" rev 0x27
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
fxp0 at pci3 dev 8 function 0 "Intel PRO/100 VE" rev 0x01, i82562: irq
11, address 00:0c:f1:8f:a9:c5
inphy0 at fxp0 phy 1: i82562ET 10/100 PHY, rev. 0
ichpcib0 at pci0 dev 31 function 0 "Intel 82801EB/ER LPC" rev 0x02
pciide0 at pci0 dev 31 function 1 "Intel 82801EB/ER IDE" rev 0x02: DMA,
channel 0 configured to compatibility, channel 1 configured to compatibility
wd0 at pciide0 channel 0 drive 0: 
wd0: 16-sector PIO, LBA48, 78533MB, 160836480 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 5
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0:  SCSI0 5/cdrom removable
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
pciide1 at pci0 dev 31 function 2 "Intel 82801EB SATA" rev 0x02: DMA,
channel 0 configured to native-PCI, channel 1 configured to native-PCI
pciide1: using irq 10 for native-PCI interrupt
ichiic0 at pci0 dev 31 function 3 "Intel 82801EB/ER SMBus" rev 0x02: irq 9
iic0 at ichiic0
adt0 at iic0 addr 0x2e: lm85 (ADT7460) rev 62
isa0 at ichpcib0
isadma0 at isa0
pckbc0 at isa0 port 0x60/5
pckbd0 at pckbc0 (kbd slot)
pckbc0: using irq 1 for kbd slot
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pmsi0 at pckbc0 (aux slot)
pckbc0: using irq 12 for aux slot
wsmouse0 at pmsi0 mux 0
pcppi0 at isa0 port 0x61
midi0 at pcppi0: 
spkr0 at pcppi0
npx0 at isa0 port 0xf0/16:

Re: scrub reassemble tcp and nat causes problems with some sites

[Daniel E. Hassler]

What is 'modulate tcp'?
modulate state works fine.
I get these errors only with scrub's reassemble tcp option
I originally assumed it was an Apple problem since I only had trouble 
with the OS X "Software Update" feature.
Going back to the beginning of this thread - Walter Haidinger appears to 
have a similar problem but not with Apple.
I was hoping he could try 'set debug loud' in his pf.conf and check his 
/var/log/messages file after testing a problem site.
If he sees messages similar to the one's I've seen maybe we both know a 
little more.


-Dan


Mike Frantzen wrote:


You're going to have to turn off 'modulate tcp'.  One of the TCP
endpoints isn't following PAWs and stopped sending the TCP
Timestamps or someone is trying to blind hijack the connection.

 


More info - I ran a test scenario.
Here is a sample of the messages I get via syslog with set debug loud 
and scrub with reassemble tcp trying to run OS X's "Software Update".


Jul 19 19:42:37 obsd38 /bsd: pf_normalize_tcp_stateful: Did not receive 
expected RFC1323 timestamp
Jul 19 19:42:37 obsd38 /bsd: TCP 192.168.1.14:65108 192.168.1.14:65108 
17.250.248.95:80 [lo=4276925920 high=4276942304 win=65535 modulator=0 
wscale=0] [lo=708430922 high=708496457 win=16384 modulator=0 wscale=0] 9:4 A


-Dan
   






 



--
 _   _   _
  __| | __ _ _ __   | |__   __ _ ___ ___| | ___ _ __
 / _` |/ _` | '_ \  | '_ \ / _` / __/ __| |/ _ \ '__|
| (_| | (_| | | | | | | | | (_| \__ \__ \ |  __/ |
 \__,_|\__,_|_| |_| |_| |_|\__,_|___/___/_|\___|_|

[EMAIL PROTECTED]

Re: Web mail

[Genadijus Paleckis]

Well, it is not necessary to use MySQL, because roundcube supports 
sqlite which is smaller and more efficient for this task (per account 
preferences, address book, etc...).


Lars Hansson wrote:

On Thursday 20 July 2006 03:32, Whyzzi wrote:


Requires MySQL



And the rational reason for a webmail system to require a RDBMS backend is?

---
Lars Hansson

Re: audioctl play.channels problem

[Alexandre Ratchov]

On Thu, Jul 20, 2006 at 03:36:45PM +0200, [EMAIL PROTECTED] wrote:
> I've been trying to figure out how to get more than two channels of
> audio with, no success.  What I read, "it should just work".  Now,
> "audioctl play.channels=2" on boot.  Whatever I try to change the
> value to, I get 'audioctl: set failed: Invalid argument' even if I try
> to set it to 2.  It does seem to change the value, but as soon as I
> start playback it's back to play.channels=2.  Any advice, please?
> 
> The cards I've tried with:
> 
> emu0 at pci2 dev 3 function 0 "Creative Labs SoundBlaster Live" rev
> 0x07: irq 11
> ac97: codec id 0x83847608 (SigmaTel STAC9708/11)
> ac97: codec features 18 bit DAC, 18 bit ADC, SigmaTel 3D
> audio0 at emu0
> 
> azalia0 at pci0 dev 6 function 1 "NVIDIA MCP55 HD Audio" rev 0xa2: irq 15
> azalia0: host: High Definition Audio rev. 1.0
> azalia0: codec: 0x04x/0x10ec (rev. 0.2), HDA version 1.0
> audio0 at azalia0

hi, 

i'm working on a similar problem for other devices and some other
audio-related stuff; could you try the following patch and see if it
solves the problem?

I'd would be happy if you could send me the output of 'mixerctl -a' and
'audioctl -a' for both devices.

thanks,

-- 
Alexandre


Index: audiovar.h
===
RCS file: /cvs/src/sys/dev/audiovar.h,v
retrieving revision 1.9
diff -u -p -b -r1.9 audiovar.h
--- audiovar.h  26 Aug 2002 16:20:04 -  1.9
+++ audiovar.h  11 Jul 2006 19:47:58 -
@@ -74,14 +74,12 @@ struct audio_ringbuffer {
 #define AUDIO_N_PORTS 4
 
 struct au_mixer_ports {
-   int index;
-   int master;
-   int nports;
-   u_char  isenum;
-   u_int   allports;
-   u_int   aumask[AUDIO_N_PORTS];
-   u_int   misel [AUDIO_N_PORTS];
-   u_int   miport[AUDIO_N_PORTS];
+   int sel;/* index of the source selector */
+   int gain;   /* index of the gain for the port set */
+   int nports; /* number of ports */
+   u_int   allports;   /* bitmask of all ports */
+   u_int   aumask[AUDIO_N_PORTS];  /* mask of each port */
+   u_int   selmask[AUDIO_N_PORTS]; /* selector value of each port */
 };
 
 /*
Index: audio.c
===
RCS file: /cvs/src/sys/dev/audio.c,v
retrieving revision 1.51
diff -u -p -b -r1.51 audio.c
--- audio.c 23 Jun 2006 06:27:11 -  1.51
+++ audio.c 11 Jul 2006 19:48:06 -
@@ -168,9 +168,35 @@ static struct portname otable[] = {
{ AudioNline,   AUDIO_LINE_OUT },
{ 0 }
 };
+struct gainpref {
+   char *class, *device;
+};
+static struct gainpref ipreftab[] = {
+   { AudioCinputs, AudioNvolume },
+   { AudioCinputs, AudioNinput  },
+   { AudioCinputs, AudioNrecord },
+   { AudioCrecord, AudioNrecord },
+   { AudioCrecord, AudioNvolume },
+   { NULL, NULL}
+};
+static struct gainpref opreftab[] = {
+   { AudioCoutputs, AudioNmaster },
+   { AudioCoutputs, AudioNoutput },
+   { AudioCoutputs, AudioNdac },
+   { AudioCinputs, AudioNdac },
+   { NULL, NULL}
+};
+static struct gainpref mpreftab[] = {
+   { AudioCoutputs, AudioNmonitor },
+   { AudioCmonitor, AudioNmonitor },
+   { NULL, NULL}
+};
+
 void   au_check_ports(struct audio_softc *, struct au_mixer_ports *,
-   mixer_devinfo_t *, int, char *, char *,
-   struct portname *);
+   struct mixer_devinfo *, struct mixer_devinfo *, 
+   char *, char *, struct portname *);
+void   au_gain_match(struct audio_softc *, struct gainpref *, 
+   struct mixer_devinfo *, struct mixer_devinfo *, int *, int *);  

 intau_set_gain(struct audio_softc *, struct au_mixer_ports *,
 int, int);
 void   au_get_gain(struct audio_softc *, struct au_mixer_ports *,
@@ -182,8 +208,6 @@ int au_get_lr_value(struct audio_softc *
 int *, int *r);
 intau_set_lr_value(struct audio_softc *, mixer_ctrl_t *,
 int, int);
-intau_portof(struct audio_softc *, char *);
-
 
 /* The default audio mode: 8 kHz mono ulaw */
 struct audio_params audio_default =
@@ -239,8 +263,8 @@ audioattach(parent, self, aux)
struct audio_hw_if *hwp = sa->hwif;
void *hdlp = sa->hdl;
int error;
-   mixer_devinfo_t mi;
-   int iclass, oclass;
+   mixer_devinfo_t mi, cl;
+   int ipref, opref, mpref;
 
printf("\n");
 
@@ -297,38 +321,34 @@ audioattach(parent, self, aux)
audio_init_ringbuffer(&sc->sc_pr);
audio_calcwater(sc);
 
-   iclass = oclass = -1;
-   sc->sc_inports.index = -1;
+   ipref = opref = mpref = -1;
+   sc->sc_inports.sel = -1;
+   sc->sc_inports.gain = -1;
sc->sc_inports.nports = 0;
-   sc->sc_i

audioctl play.channels problem

[[EMAIL PROTECTED]]

I've been trying to figure out how to get more than two channels of
audio with, no success.  What I read, "it should just work".  Now,
"audioctl play.channels=2" on boot.  Whatever I try to change the
value to, I get 'audioctl: set failed: Invalid argument' even if I try
to set it to 2.  It does seem to change the value, but as soon as I
start playback it's back to play.channels=2.  Any advice, please?

The cards I've tried with:

emu0 at pci2 dev 3 function 0 "Creative Labs SoundBlaster Live" rev
0x07: irq 11
ac97: codec id 0x83847608 (SigmaTel STAC9708/11)
ac97: codec features 18 bit DAC, 18 bit ADC, SigmaTel 3D
audio0 at emu0

azalia0 at pci0 dev 6 function 1 "NVIDIA MCP55 HD Audio" rev 0xa2: irq 15
azalia0: host: High Definition Audio rev. 1.0
azalia0: codec: 0x04x/0x10ec (rev. 0.2), HDA version 1.0
audio0 at azalia0

Re: scrub reassemble tcp and nat causes problems with some sites

[Walter Haidinger]

> It's a stab in the dark but I would start with the assumption that some
> sites are using server load balancing and that "reassemble tcp" is
> breaking this somehow.

Could be. Lets suspect "poor load balancing" because other big sites,
which most likely do load balancing too, work. eBay is just the prime
example where it does not...

> Then I'd try and prove that assumption by looking
> at the tcpdumps specifically for how "reassemble tcp" changes may be
> interfering.

I'd have hoped that there is a less tedious solution... ;-)

> Get tcpdumps on both router interfaces with and without the "reassemble
> tcp" option. Do this for a similar file on both a working website and
> broken (ebay) website.

On both router interfaces? Wouldn't the external if be enough?

> Tips on doing this:

[well appreciated tips cut]

> Then load the comparable captures into Ethereal/Wireshark and stare at
> them until it makes sense :-)

That's the tedious part! ;-)

Thanks, Walter

Re: scrub reassemble tcp and nat causes problems with some sites

[Mike Frantzen]

You're going to have to turn off 'modulate tcp'.  One of the TCP
endpoints isn't following PAWs and stopped sending the TCP
Timestamps or someone is trying to blind hijack the connection.

> More info - I ran a test scenario.
> Here is a sample of the messages I get via syslog with set debug loud 
> and scrub with reassemble tcp trying to run OS X's "Software Update".
> 
> Jul 19 19:42:37 obsd38 /bsd: pf_normalize_tcp_stateful: Did not receive 
> expected RFC1323 timestamp
> Jul 19 19:42:37 obsd38 /bsd: TCP 192.168.1.14:65108 192.168.1.14:65108 
> 17.250.248.95:80 [lo=4276925920 high=4276942304 win=65535 modulator=0 
> wscale=0] [lo=708430922 high=708496457 win=16384 modulator=0 wscale=0] 9:4 A
> 
> -Dan

Re: pkg_add

[Siju George]

On 7/20/06, Claudiu Pruna <[EMAIL PROTECTED]> wrote:

Hi there,

Can anybody enlighten me, why in OpenBSD 3.9/i386 with GENERIC #617,
happens the followings:


ftp> get bash-3.1.1p0.tgz "|pkg_add -v -"
local: |pkg_add -v - remote: bash-3.1.1p0.tgz
227 Entering Passive Mode (129,128,5,191,166,108)
150 Opening BINARY mode data connection for bash-3.1.1p0.tgz (514696
bytes).
Error from ftp://ftp.openbsd.org/pub/OpenBSD/3.9/packages/i386/:
Unknown command.
Can't resolve -
ftp: |pkg_add -v -: short write
426 Network seems to have barfed - Let's all phone our ISP and go
postal!
15928 bytes received in 7.75 seconds (2.01 KB/s)

and PKG_PATH="ftp://ftp.openbsd.org/pub/OpenBSD/3.9/packages/i386/";



Seems like its does not work properly in OpenBSD3.9. may be will get
fixed in current

Kind Regards

Siju

Re: pkg_add

[Tanvir Ahmed]

On 7/20/06, Claudiu Pruna <[EMAIL PROTECTED]> wrote:

Can anybody enlighten me, why in OpenBSD 3.9/i386 with GENERIC #617,
happens the followings:
ftp> get bash-3.1.1p0.tgz "|pkg_add -v -"


You could export PKG_PATH and do the installation; eg,

# export PKG_PATH=ftp://ftp.it.net.au/mirrors/OpenBSD/3.9/packages/i386
# echo $PKG_PATH
ftp://ftp.it.net.au/mirrors/OpenBSD/3.9/packages/i386

# pkg_add -v GeoIP-1.3.14.tgz
parsing GeoIP-1.3.14
installed /etc/GeoIP.conf from
/usr/local/share/examples/GeoIP/GeoIP.conf
installed /var/db/GeoIP/GeoIP.dat from
/usr/local/share/examples/GeoIP/GeoIP.dat
GeoIP-1.3.14: complete

--
Tanvir

Re: pkg_add

[Marc Espie]

On Thu, Jul 20, 2006 at 10:58:15AM +0300, Claudiu Pruna wrote:
>   Hi there,
> 
>   Can anybody enlighten me, why in OpenBSD 3.9/i386 with GENERIC #617,
> happens the followings:
> 
> 
> ftp> get bash-3.1.1p0.tgz "|pkg_add -v -"
> local: |pkg_add -v - remote: bash-3.1.1p0.tgz
> 227 Entering Passive Mode (129,128,5,191,166,108)
> 150 Opening BINARY mode data connection for bash-3.1.1p0.tgz (514696
> bytes).
> Error from ftp://ftp.openbsd.org/pub/OpenBSD/3.9/packages/i386/:
> Unknown command.
> Can't resolve -
> ftp: |pkg_add -v -: short write
> 426 Network seems to have barfed - Let's all phone our ISP and go
> postal!
> 15928 bytes received in 7.75 seconds (2.01 KB/s)
> 
> and PKG_PATH="ftp://ftp.openbsd.org/pub/OpenBSD/3.9/packages/i386/";
> 
Because it's broken in 3.9, it was fixed since then.

Re: looking for clue

[John Gould]

Dude, going on your recent posts you don't have a clue.


On Wed, 19 Jul 2006, Peter Philipp wrote:


Hi I'm looking for clue.  Does anyone have any?

-p

--
Here my ticker tape .signature  My name is Peter Philipp  lynx -dump 
"http://en.wikipedia.org/w/index.php?title=Pufferfish&oldid=20768394"; | sed -n 
131,136p  There is no such thing as a certified security specialist  Security is the 
countermeasure to a constantly changing idea of how to compromise a system when given the 
opportunity  What you really mean is a certified security historian, and even that 
depends on how up-to-date you are and on your cognitive abilities  Feeling special still? 
 How well can you program?  Finally respect a brain that can recite lyrics perfectly, the 
cognitive abilities are unmatched  So long and thanks for all the fish!!!

Re: D-Link DUB-E100 new Revision does not work

[Guido Tschakert]

finley_it schrieb:
> Hi Guido, 
> Maybe you are interested in knowing that Suse 10.1 handle quit well asix
> ax88772, while previous 9.3 doesn't
> 
> bue
> 
> Finley

Yeah, I know, (i also tested the D-Link Crap with SuSE10.1) and had a
look in the sources of the usbnet driver. But it didn't work out of the
box and I'm not that kernel guru to change the source code, so this crap
 is regocnized by usbnet
I will wait till the next Versions (OpenBSD 4.0 and SuSE10.2) and see if
 some developer has had the time to support this crap.

As mentioned before I do not need this thing to work under OpenBSD or Linux.

guido

Re: D-Link DUB-E100 new Revision does not work

[Jonathan Gray]

On Wed, Jul 19, 2006 at 11:55:05PM -0700, finley_it wrote:
> Hi Guido, 
> Maybe you are interested in knowing that Suse 10.1 handle quit well asix
> ax88772, while previous 9.3 doesn't
> 
> bue

That is totally irrelevant to us.  I can only find rev A4 not B1 DUB-E100
here in Australia.  If someone can send me a B1 I would appreciate it.

The Linksys AX88772 works fine here and I can't see any reason
why the D-Link shouldn't without looking into things further.

Re: Problem with x11/xfce4/xfce4-netload on i386, not on amd64

[Andreas Kahari]

On 19/07/06, Antoine Jacoutot <[EMAIL PROTECTED]> wrote:

On Wed, 19 Jul 2006, Andreas Kahari wrote:
> Not terribly important, but I have a problem with the "netload" panel
> plugin for Xfce4.  It shows the in/out rates for my interfaces (vr &
> re) on my amd64 machine, but on my i386 Vaio laptop with an fxp
> interface it always shows no traffic.  It is able to figure out the IP
> number for the interface, but the speeds are always zero.

For what it's worth, it works fine here on current/macppc.
Can you reproduce this on another i386 box ?


I do have another i386 at home, an ancient 133MHz machine.  It doesn't
have an fxp card in it though and I would need to back it up and
install OpenBSD on it.  I thought it would be easier to find someone
on the list with i386+fxp+xfce4...

Andreas


--
Andreas Kahari
Somewhere in the general Cambridge area, UK

pkg_add

[Claudiu Pruna]

Hi there,

Can anybody enlighten me, why in OpenBSD 3.9/i386 with GENERIC #617,
happens the followings:


ftp> get bash-3.1.1p0.tgz "|pkg_add -v -"
local: |pkg_add -v - remote: bash-3.1.1p0.tgz
227 Entering Passive Mode (129,128,5,191,166,108)
150 Opening BINARY mode data connection for bash-3.1.1p0.tgz (514696
bytes).
Error from ftp://ftp.openbsd.org/pub/OpenBSD/3.9/packages/i386/:
Unknown command.
Can't resolve -
ftp: |pkg_add -v -: short write
426 Network seems to have barfed - Let's all phone our ISP and go
postal!
15928 bytes received in 7.75 seconds (2.01 KB/s)

and PKG_PATH="ftp://ftp.openbsd.org/pub/OpenBSD/3.9/packages/i386/";


Thanks.
-- 
Claudiu Pruna <[EMAIL PROTECTED]>

Re: Web mail

[FTP]

On Wed, Jul 19, 2006 at 01:29:34PM -0700, smith wrote:
> On Wed, 19 Jul 2006 07:22:13 -0500, Eric Johnson wrote
> > Which web mail package is easiest to install and use on
> > OpenBSD?  Are there any gaping security holes?
> > 
> > Eric Johnson
> 
> Someone posted a question about a week or two ago for a chrooted web-based
> email system.  Nick Holland (I think) wrote how if you really understood
> programming, you would know how extremely difficult implementing a chrooted
> web-based email system really is.  (This is my words, Nick probably meant or
> said something else entirely but that's what I got out of it even if I'm
> mistaken.)
> 
> Anyways Nick suggested Openwebmail.  I tried it and I would say without a
> doubt it's the easiest to install.  It was hard to figure it out for me but
> after I did, I said to myself, that was easy.
> 
> Here's what you do:
> 
> Get sendmail running and spamd (most of this requires only uncommenting lines
> in several configuration files).  Now you have a spam fighting MTA.
> 
> Use pkg_add openwebmail to install it.  This will install all the
> dependencies.  Read the readme.txt file on openwebmail's website.  It shows
> how to change the rights (chmod) of a few files in
> /var/www/cgi-bin/openwebmail/*.  These same files are owned by user 276 for
> some reason, you need to change the owner to the right user but I forget which
> (I think root).  Now read man ssl to get httpd running with with https.  Add
> httpd_flags="-u -DSSL". Now go into /var/www/conf/httpd.conf and modify it so
> that all http request go to https.  This is in the virtual table section. 
> Then reboot.
> 
> The beauty is this: I don't need pop or imap or mysql or php or python or ruby
> installed.  All I need is a base openbsd system and openwebmail (using 
> pkg_add).
> 
> You may want to read man starttls too so that your MTA can encrypt email to
> any MTA that understands and uses starttls.
> 
> One other guy posted that openwebmail doesn't support maildir.  Maildir is
> supposedly better, but with valid reasons.  Even though those reasons sound
> good I haven't come across any reasons that say mbox should not be used or is
> not capable of handling a significant amount of users.  Sendmail with mbox has
> been around handling thousands of users in universities and corporations way
> before qmail and postfix came about so sendmail and mbox should be more than
> adequate.  One thing I've read that's a disadvantage to maildir is that you
> can run out of inodes and that's bad when it happens.  Keep in mind, I'm no
> big times email administrator so take this with a grain of salt but this has
> been my experience and research so far.  I'd be glad to hear from some people
> how I'm wrong on this.  I would find it interesting.
>

jaut a comment concerning chrooted webmail. Concerning "hastymail" I found the 
following:

http://hastymail.sourceforge.net/install.php

go to paragraph #5

Thanks

George

Re: scrub reassemble tcp and nat causes problems with some sites

[Daniel E. Hassler]

Argh - It might help if I explain more. I have an OpenBSD 3.8 system 
running as a transparent packet filter (TPF).
The OS X system is inside ($lanif). Apple's network - CIDR 17/8 is 
outside ($wanif).  A Cisco PIX is doing NAT. IP's on the $wanif side 
that are inside the PIX are considered as DMZ. IP's on the $lanif side 
are considered LAN.


WAN<--->PIX/NAT<--->DMZ<--->TPF<--->LAN<--->OS X

Whenever I put a scrub rule with reassemble tcp on $wanif and/or $lanif 
I have trouble with some sites. (e.g. Apple's "Software Update"). 
setting debug to loud I get the messages I mention below.


-Dan

Daniel E. Hassler wrote:


More info - I ran a test scenario.
Here is a sample of the messages I get via syslog with set debug loud 
and scrub with reassemble tcp trying to run OS X's "Software Update".


Jul 19 19:42:37 obsd38 /bsd: pf_normalize_tcp_stateful: Did not 
receive expected RFC1323 timestamp
Jul 19 19:42:37 obsd38 /bsd: TCP 192.168.1.14:65108 192.168.1.14:65108 
17.250.248.95:80 [lo=4276925920 high=4276942304 win=65535 modulator=0 
wscale=0] [lo=708430922 high=708496457 win=16384 modulator=0 wscale=0] 
9:4 A


-Dan

Daniel E. Hassler wrote:


Hi Walter,

I've seen this behavior also. When I  'set debug loud' I got more 
information recorded via syslog.

Some stuff about RFC1323 and bad-timestamp errors.
Below is a section of a pf.conf file. It would be interesting to know 
if you get similar results with

set debug loud when trying to access problem sites.

 


# NORMALIZATION: reduce/resolve ambiguities.
#
scrub on $admif all random-id reassemble tcp
#scrub on $lanif all random-id reassemble tcp
#scrub on $wanif all random-id reassemble tcp
#
# Problem using "reassemble tcp" on $lanif and/or $wanif
# Mac OS X "software update" fails.
# bad-timestamp counter increments, RFC1323 errors in syslog with 
debug loud
# All else works fine including other http on OS X. TBD: investigate 
further.

#
scrub on $lanif all random-id fragment reassemble
scrub on $wanif all random-id fragment reassemble

-Dan

Walter Haidinger wrote:


Hi!

I'm running OpenBSD 3.9 GENERIC as a NAT router.

If I add the "reassemble tcp" option to my scrub rule in pf.conf,
I have trouble connecting to some sites, particulary ebay (ebay.de, 
ebay.at and ebay.com as well as e.g. kaufen.ebay.de) and

some other few sites, from a machine behind the NAT router.
Connects time out or have long delays if the site responds at all.
If connecting directly from OpenBSD, using lynx or squid running on 
the router, there is no problem.


If I omit "reassemble tcp" everything works fine, i.e. with:
scrub all no-df fragment reassemble random-id

I've never noticed the problem before because I was running the 
squid proxy on the router. Now I've moved it to a different machine

which is NATted too. Please note that it is not a squid issue
as timeouts occur regardless of proxy use if on a NATted machine.

Unfortunately I cannot determine why only some sites have troubles
and that's why I seeking advice here on howto further diagnose
the problem.

Any hints are appreciated!

Regards, Walter


 







--
 _   _   _
  __| | __ _ _ __   | |__   __ _ ___ ___| | ___ _ __
 / _` |/ _` | '_ \  | '_ \ / _` / __/ __| |/ _ \ '__|
| (_| | (_| | | | | | | | | (_| \__ \__ \ |  __/ |
 \__,_|\__,_|_| |_| |_| |_|\__,_|___/___/_|\___|_|

[EMAIL PROTECTED]

Re: web based FTP client?

[Denny White]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1


On Jul 19 FTP wrote:

On Wed, Jul 19, 2006 at 12:43:39PM -0500, Eric Pancer wrote:

On Wed, 2006-07-19 at 19:22:00 +0200, FTP wrote...


is any 'good' web based ftp client around which can run in chrooted Apache?


Runs in chroot'ed apachehrmm...methinks you are new to all of this,
right? Maybe you should contact your local sysadmin and ask him the explain
how things work between client, server, and where things are run.

If you mean that a client executable served back from a webserver, thats
easy: it'd be a non-executable object under any document root.


Thanks for your help


If you have a browser, you have an FTP client.

However, FTP over HTTP is the major suck.




the browser itself is only for anonymous ftp :-( I actually wanted FTP over HTTP

Thanks

George




I use mozilla-firefox with the fireftp extension. Works
fine, fast. Authenticated logins. I know, I u/l stuff to
my account on my isp. No need to get your sysadmin all
in a dither. ;)

Denny White

GnuPG key  : 0x1644E79A  |  http://wwwkeys.nl.pgp.net
Fingerprint: D0A9 AD44 1F10 E09E 0E67  EC25 CB44 F2E5 1644 E79A
iD8DBQFEvy+Yy0Ty5RZE55oRAoapAJ9XDZBAZn49GzbsoIaeQmt1zkW2RQCfWXem
m48bI0FXhhsXHz3VPy1Kvro=
=aivs
-END PGP SIGNATURE-

Re: D-Link DUB-E100 new Revision does not work

[finley_it]

Hi Guido, 
Maybe you are interested in knowing that Suse 10.1 handle quit well asix
ax88772, while previous 9.3 doesn't

bue

Finley
-- 
View this message in context: 
http://www.nabble.com/D-Link-DUB-E100-new-Revision-does-not-work-tf1900867.html#a5409766
Sent from the openbsd user - misc forum at Nabble.com.