Re: compact flash format GPRS modems
On Wed, 2 Aug 2006, Nik Lam wrote: Very helpful info Damien, thanks. What's the longest that you've been able to stay online for at a stretch using only the zaurus battery? At least an hour, but I have never really timed it. -d
Re: service monitoring and pf load balancing
On 8/3/06, Bill Marquette [EMAIL PROTECTED] wrote: slbd - http://slbd.sourceforge.net/ might be what you're looking for. The CVS code has numerous fixes that aren't in the 1.2 release. Disclaimer: I'm the current maintainer (but not the author) of that code. This is great Bill :-) Does it work well on 3.9? I find x86-based system running OpenBSD 3.3 or 3.4 (others may work, but I haven't tested with anything else; OpenBSD 3.5 support is forthcoming) on the site :-( is that outdated info? Since you maintain it now I hope it would be on 3.9 or current? Thankyou so much Kind Regards Siju
Re: Isakmpd (openbsd) and racoon (macos x) interoperability
On Thu, Aug 03, 2006 at 01:20:13AM +0300, Bo Granlund wrote: Hi, I recently got a Mac Book from Apple with the latest and greatest Mac OS X installed on it. I have a setup where I connect the mac book to an wlan accesspoint which is connected to an openbsd 3.9-current machine which should provide connectivity to the Mac Book over an IPSec tunnel. I have looked at the ipsec howto at http://www.securityfocus.com/infocus/1859 . It says that everything should be nice and easy as long as both ipsec peers are OpenBSD but in this case one of the peers has to be an Mac OS X running racoon. The thing that baffles me the most is how do I generate a public key on the macosx box which could be copied into /etc/isakmpd/pubkeys/ipv4/x.x.x.x on the openbsd machine. And vice-versa, how do I generate a public key on the openbsd host that racoon somehow understands? The openbsd box is a 3.9-current (a few weeks old) and I have the following /etc/ipsec.conf: ike esp from 10.1.1.0/24 to 10.2.2.0/24 peer 10.10.10.160 ike esp from 10.10.10.1 to 10.2.2.0/24 peer 10.10.10.160 ike esp from 10.10.10.1 to 10.10.10.160 How should the macos x side be configured? I've searched the archives for clues but haven't found anything usefull yet. If somebody has ipsec working between an openbsd host and a macosx host, could you perhaps give me some hints? Well, since you've gathered no other responses, here goes nothing... At the very least, certificate-based authentication should work, as should a preshared secret (PSK). You will probably want to let both sides identify themselves with their IP address - in racoon, 'my_identifier' and 'peer_identifier' (IIRC, it's been a while). However, this does not answer your real question, which is how to use ssh-style public/private keys. I am afraid I can't help you there, and Google does not give an answer immediately. Good luck, racoon's configuration is quite arcane... Joachim
gcc 4.1.1 (= latest release) does not work on OpenBSD 3.9
OpenBSD 3.9 suplies {gcc,g++,g77} 3.3.5 with propolice as part of the base OS install (they live in /usr/bin). For people who need/want newer gcc versions, there are packages for gcc 3.3.6 and various snapshots of newer versions (3.4-20060103, 4.0-20060105, 4.1-20050909). The purpose of *this* message is to warn people that a direct install of gcc 4.1.1 (= the current release) on OpenBSD 3.9 (-release) doesn't work properly has problems: it compiles 'hello world' fine, but trying to compile a large application (a mixture of C, C++, Fortran 77, and Fortran 90) dies with (spurious) fatal compiler error messages reported inside an internal gcc header file. Compiling the same application with gcc 4.1.1 on an i686-pc-linux-gnu system works fine, so this problem seems to be an OpenBSD-gcc interaction. I've reported this to the gcc project; it's http://gcc.gnu.org/bugzilla/show_bug.cgi?id=28582 ciao, -- -- Jonathan Thornburg [EMAIL PROTECTED] Max-Planck-Institut fuer Gravitationsphysik (Albert-Einstein-Institut), Golm, Germany, Old Europe http://www.aei.mpg.de/~jthorn/home.html Washing one's hands of the conflict between the powerful and the powerless means to side with the powerful, not to be neutral. -- quote by Freire / poster by Oxfam
Re: WPA support / creating a cf image
On Wed, 2006-08-02 at 23:23 +0200, openbsd misc wrote: My question is, if there is a way to create such an image. For me it looks like an openbsd specific problem as it is posible with freebsd (www.m0n0.ch/wall). Perhaps here is someone who is an idea. quite possible and easy to do, check out flashdist: http://www.nmedia.net/~chris/soekris I also plan to use such systems for home office situations (I want to replace linksys, draytek etc.). They should provide a vpn to head office. The problem is, that many customers want wireless lan at home. We are talking about windows xp systems that need to be online at boot time (startup scripts etc). That means that WEP / Mac access control is not a solution. I need WPA. I wasn't able to find a status about that topic. WPA is not supported by OpenBSD at this time. First, get past the notion of secure wireless...it doesn't exist. The best solution for a more secure wireless network is for you to implement a WEP-encrypted environment and establish a VPN over it. later. ryanc -- Ryan Corder [EMAIL PROTECTED] Systems Engineer, NovaSys Health LLC. 501-219- ext. 646 [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
Re: gcc 4.1.1 (= latest release) does not work on OpenBSD 3.9
I wrote OpenBSD 3.9 suplies {gcc,g++,g77} 3.3.5 with propolice as part of the base OS install (they live in /usr/bin). Oops, my mistake, I should have written On i386, at the start of that sentence. Other platforms use different gcc versions... ciao, -- -- Jonathan Thornburg [EMAIL PROTECTED] Max-Planck-Institut fuer Gravitationsphysik (Albert-Einstein-Institut), Golm, Germany, Old Europe http://www.aei.mpg.de/~jthorn/home.html Washing one's hands of the conflict between the powerful and the powerless means to side with the powerful, not to be neutral. -- quote by Freire / poster by Oxfam
Re: WPA support / creating a cf image
On 2006.08.03, at 10:41 PM, Ryan Corder wrote: First, get past the notion of secure wireless...it doesn't exist. The best solution for a more secure wireless network is for you to implement a WEP-encrypted environment and establish a VPN over it. What about an open wireless network, which does not allow anything to be routed out of the OpenBSD WAP unless it is authpf authorised. Then only VPN traffic. This couldn't be considered secure enough? Shane
xterm glitches
Hello! I've been experiencing a few glitches with xterm for a while. I use -current, last build from May 18, on i386. Hope there hasn't been a relevant change to X11 in-between. WM is fvwm2 from ports (fvwm2+fvicons-2.4.19). If I use Shift + Keypad-plus or -minus to change the font xterm uses, the window gets resized from the default 80x24 to 80x1. (reproduce: start a new xterm using my keyboard shortcut I configured in fvwm2, type shift, keypad-plus, which goes from Default to Medium according to the font menu [control-mouse-3].) If I then go back to default (Shift-KP-Minus) and to Small (another Shift-KP-Minus), the Window even gets resized to 10x1. That's the one strange effect. The other one, if I use the Ctrl+Mouse3-Menu for font selection, the window keeps its 80x24 size (i.e. its pixel based size adapts according to the font size change). However if I do this while things like trn or mutt are running, strange things may happen. E.g., using trn (own build, though), changing the font from Default to Huge (as I like to when I want to read much news) while I'm in the thread selector of a newsgroup, the selector often randomly scrolls down. If I just open an xterm (80x24, running bash), it looks like this: [EMAIL PROTECTED]:~ $ in the first line, as prompt, with a space before the cursor. If I now switch from Default to Huge, it looks like this instead: [EMAIL PROTECTED]:~ $ @c3po: Cursor still after the prompt, but you see spurious junk in the second line. This didn't happen with earlier versions (even with versions which were already based on xorg). Though I didn't follow -current so tightly with X, so I can't say when exactly this glitch was introduced. Sorry. I'm of course willing to provide more detail, so ask on for what's needed. Kind regards, Hannah.
Re: ralink rum(4) driver ?
On Wed, 2 Aug 2006, Jonathan Franks wrote: On Aug 2, 2006, at 7:51 PM, Diana Eichert wrote: On Wed, 2 Aug 2006, NetNeanderthal wrote: SNIP It sounds fascinating -- OnTopicdo keep us updated on how OpenBSD fits your application./OffTopic What ever I can talk about I do. How special. Jonathan, your statement went right over my greying head, probably a sign of old age on my part. g.day
Intel pro/1000GT quad adapter [not working]
Hi all, (obsd3.9 / i386) I'm beefing up two of our bgp routers i.e. replacing Intel Pro/1000MT dual port server adapters with Intel Pro/1000GT quad-port server adapters. The GT card is the MT cards successor and should be backwards compatible, but my vanilla 3.9 installation 'no habla GT'. I've talked to Intel several times without any luck. The persons I talked to did not know the difference between SysV and BSD yet alone the difference between GT and MT (fair should be fair and normally Intel tech's know what they're talking about, but not today). During install (with a dual and a quad card in the server) four 'em' interfaces was found, but none had link according to the installer! See first dmesg (dmesg_both) below and please note my lines on the MAC's. The second dmesg (dmesg_quadonly) is from when the system has a quad card (only) installed. The MT card has a single FW82546GB chip. The GT card has two NH82546GB chip. The 'em' driver support 'i82546'. http://www.openbsd.org/i386.html ... Intel i82540, i82541, i82542, i82543, i82544, i82545, i82546, i82547, i82571, i82572 and i82573 based adapters (em http://www.openbsd.org/cgi-bin/man.cgi?query=emarch=i386sektion=4), including: ... Intel PRO/1000 Gigabit Server Adapter (SX Fiber) (PWLA8490) Intel PRO/1000F Gigabit Server Adapter (SX Fiber) (PWLA8490SX) Intel PRO/1000T Server Adapter (PWLA8490T) Intel PRO/1000XT Server Adapter (PWLA8490XT) Intel PRO/1000XS Server Adapter (SX Fiber) (PWLA8490XF) Intel PRO/1000T Desktop Adapter (PWLA8390T) Intel PRO/1000XTL Low Profile PCI Server (PWLA8490XTL) Intel PRO/1000MT Desktop Adapter (PWLA8390MT) Intel PRO/1000MT Server Adapter (PWLA8490MT) Intel PRO/1000MT Dual Port Server Adapter (PWLA8492MT) Intel PRO/1000MF Server Adapter (SX Fiber) (PWLA8490MF) Intel PRO/1000MF Dual Port Server Adapter (SX Fiber) (PWLA8492MF) Intel PRO/1000MF Server Adapter (LX Fiber) (PWLA8490LX) Intel PRO/1000MT Quad PCI-X Adapter (PWLA8494MT) ... /http://www.openbsd.org/i386.html Below is two dmesg files. The first one is with a dual + a quad card installed. The second on is with a quad card only. Please note that the following two lines are the MAC's belonging to the dual card. em0 at pci2 dev 2 function 0 Intel PRO/1000MT (82546GB) rev 0x03: irq 10, address 00:04:23:9e:f2:3a em1 at pci2 dev 2 function 1 Intel PRO/1000MT (82546GB) rev 0x03: irq 10, address 00:04:23:9e:f2:3b Please note that the following two lines are the MAC's belonging to the quad card. em2 at pci4 dev 1 function 0 Intel PRO/1000MT (82541GI) rev 0x00: irq 10, address 00:30:48:71:3b:aa em3 at pci4 dev 2 function 0 Intel PRO/1000MT (82541GI) rev 0x00: irq 10, address 00:30:48:71:3b:ab [dmesg_both] OpenBSD 3.9 (GENERIC) #617: Thu Mar 2 02:26:48 MST 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Xeon(TM) CPU 2.80GHz (GenuineIntel 686-class) 2.80 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,S BF,CNXT-ID real mem = 4160266240 (4062760K) avail mem = 3790917632 (3702068K) using 4278 buffers containing 208117760 bytes (203240K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(00) BIOS, date 09/18/03, BIOS32 rev. 0 @ 0xf0010 pcibios0 at bios0: rev 2.1 @ 0xf/0x1 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf3000/176 (9 entries) pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82801CA LPC rev 0x00) pcibios0: PCI bus #5 is the last bus bios0: ROM list: 0xc/0x8000 0xc8000/0x8e00 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel E7501 MCH Host rev 0x01 ppb0 at pci0 dev 2 function 0 Intel E7500 MCH rev 0x01 pci1 at ppb0 bus 1 Intel 82870P2 IOxAPIC rev 0x04 at pci1 dev 28 function 0 not configured ppb1 at pci1 dev 29 function 0 Intel 82870P2 PCI-PCI rev 0x04 pci2 at ppb1 bus 2 ppb2 at pci2 dev 1 function 0 unknown vendor 0x12d8 product 0x01a7 rev 0x01 pci3 at ppb2 bus 3 vendor Intel, unknown product 0x10b5 (class network subclass ethernet, rev 0x03) at pci3 dev 4 function 0 not configu red vendor Intel, unknown product 0x10b5 (class network subclass ethernet, rev 0x03) at pci3 dev 4 function 1 not configu red vendor Intel, unknown product 0x10b5 (class network subclass ethernet, rev 0x03) at pci3 dev 6 function 0 not configu red vendor Intel, unknown product 0x10b5 (class network subclass ethernet, rev 0x03) at pci3 dev 6 function 1 not configu red em0 at pci2 dev 2 function 0 Intel PRO/1000MT (82546GB) rev 0x03: irq 10, address 00:04:23:9e:f2:3a em1 at pci2 dev 2 function 1 Intel PRO/1000MT (82546GB) rev 0x03: irq 10, address 00:04:23:9e:f2:3b ahd0 at pci2 dev 3 function 0 Adaptec AIC-7902B U320 rev 0x10: irq 10 ahd0: aic7902, U320 Wide Channel A, SCSI Id=7, PCI-X 67-100Mhz, 512 SCBs scsibus0 at ahd0: 16 targets ahd1 at pci2 dev 3 function 1 Adaptec AIC-7902B U320 rev 0x10: irq 10 ahd1: aic7902, U320 Wide Channel B, SCSI Id=7, PCI-X 67-100Mhz, 512
Re: WPA support / creating a cf image
Hello, that's exacly what I'm doing at the moment... :-) But that doesn't create an image. The problem is in short: C/H/S. But it looks like I already answered my question within the question ;-). m0n0wall is using phydiskwrite (which was written to be able to flash cf cards under windows): * FreeBSD: gzcat net45xx-xxx.img | dd of=/dev/rad[n] bs=16k where n = the ad device number of your CF card (check dmesg); use net48xx-xxx.img for net4801 and wrap-xxx.img for WRAP instead (ignore the warning about trailing garbage - it's because of the digital signature) * Linux: gunzip -c net45xx-xxx.img | dd of=/dev/hdX bs=16k where X = the IDE device name of your CF card (check with hdparm -i /dev/hdX) - some adapters, particularly USB, may show up under SCSI emulation as /dev/sdX (ignore the warning about trailing garbage - it's because of the digital signature) * Windows: physdiskwrite net45xx-xxx.img I'll try to create an image using flashdist (some modifications needed, but I hope that's not to hard ;-)), gzip it and then I'll try to write it to an cf card using windows. Regards Hagen Volpers Von: Ryan Corder [mailto:[EMAIL PROTECTED] Gesendet: Do 03.08.2006 14:41 An: openbsd misc Cc: misc@openbsd.org Betreff: Re: WPA support / creating a cf image On Wed, 2006-08-02 at 23:23 +0200, openbsd misc wrote: My question is, if there is a way to create such an image. For me it looks like an openbsd specific problem as it is posible with freebsd (www.m0n0.ch/wall). Perhaps here is someone who is an idea. quite possible and easy to do, check out flashdist: http://www.nmedia.net/~chris/soekris [...]
Re: WPA support / creating a cf image
On Thu, 2006-08-03 at 16:13 +0200, openbsd misc wrote: I'll try to create an image using flashdist (some modifications needed, but I hope that's not to hard ;-)), gzip it and then I'll try to write it to an cf card using windows. check the flashdist homepage again. There is a link to a wrapper script that allows you to create an image. later. ryanc -- Ryan Corder [EMAIL PROTECTED] Systems Engineer, NovaSys Health LLC. 501-219- ext. 646 [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
WG: WPA support / creating a cf image
Sorry, wrong recipient. ;-) see below... Von: openbsd misc Gesendet: Do 03.08.2006 16:15 An: Shane J Pearson Betreff: AW: WPA support / creating a cf image Hello, my problem is, that I need the vpn at bootime. I cannot build a vpn from client to server, only from openbsd to headoffice. I'm not a fan of wireless lan, but my customers want it... The only way is to put an access point next to the wrap system, but I want an all-in-one solution, because it has to be customer-friendly. Are there any reasons why wpa is not implemented for now? Von: [EMAIL PROTECTED] im Auftrag von Shane J Pearson Gesendet: Do 03.08.2006 15:27 An: misc Misc Betreff: Re: WPA support / creating a cf image On 2006.08.03, at 10:41 PM, Ryan Corder wrote: First, get past the notion of secure wireless...it doesn't exist. The best solution for a more secure wireless network is for you to implement a WEP-encrypted environment and establish a VPN over it. What about an open wireless network, which does not allow anything to be routed out of the OpenBSD WAP unless it is authpf authorised. Then only VPN traffic. This couldn't be considered secure enough? Shane
firefox 1.5.0.6 for openbsd
hi all, i don't have any experience with how to use source or other *nix tar.gz for openbsd. i need to have firefox 1.5.0.6. do anyone know how do i get the firefox in my openbsd 3.9 thanks, and best regards, riwan
simple spamd greylisting on transparent bridge
Is this a sane minimum configuration for spamd -g on a transparent bridge? Is it unwise to only greylist? 1. Create bridge with no IP's. 2. pf=YES and spamd_flags=-g in /etc/rc.conf.local 3. Simple three line /etc/pf.conf: ext_if=xl0 rdr pass inet proto tcp from !spamd-white to any \ port smtp - 127.0.0.1 port spamd pass in on $ext_if route-to lo0 proto tcp from any to 127.0.0.1 port spamd The third line of pf.conf was inspired by the example given here: http://marc.theaimsgroup.com/?l=openbsd-miscm=108089194621750w=2 I'm not sure if my modifications for this situation are correct.
Re: Intel pro/1000GT quad adapter [not working]
On 2006/08/03 15:54, Per Engelbrecht wrote: I'm beefing up two of our bgp routers i.e. replacing Intel Pro/1000MT dual port server adapters with Intel Pro/1000GT quad-port server adapters. The GT card is the MT cards successor and should be backwards compatible, but my vanilla 3.9 installation 'no habla GT'. GT PCI ID was added post-3.9. -current snapshot is probably the easy way, and since we're approaching 4.0 it shouldn't be too stressful. If you still have problems, maybe try adjusting irq settings in bios, when I've had multi-port em(4) unable to see all ports that has been the way to get them back. real mem = 4160266240 (4062760K) hey, it's not cisco-eee :-)
Re: simple spamd greylisting on transparent bridge
Will H. Backman wrote: Is this a sane minimum configuration for spamd -g on a transparent bridge? Is it unwise to only greylist? 1. Create bridge with no IP's. 2. pf=YES and spamd_flags=-g in /etc/rc.conf.local 3. Simple three line /etc/pf.conf: ext_if=xl0 rdr pass inet proto tcp from !spamd-white to any \ port smtp - 127.0.0.1 port spamd pass in on $ext_if route-to lo0 proto tcp from any to 127.0.0.1 port spamd The third line of pf.conf was inspired by the example given here: http://marc.theaimsgroup.com/?l=openbsd-miscm=108089194621750w=2 I'm not sure if my modifications for this situation are correct. Replying to myself: Would the above rules also trap outbound connections from my MTA? I would want my MTA to be able to make outbound connections through the bridge. Should I add something to the rdr line to only redirect connections coming into the bridge? Maybe rdr on $ext_if pass inet...
Re: WPA support / creating a cf image
On Thu, 2006-08-03 at 23:27 +1000, Shane J Pearson wrote: What about an open wireless network, which does not allow anything to be routed out of the OpenBSD WAP unless it is authpf authorised. Then only VPN traffic. exactly...that would be ideal. -- Ryan Corder [EMAIL PROTECTED] Systems Engineer, NovaSys Health LLC. 501-219- ext. 646 [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
Re: WPA support / creating a cf image
Ok, that didn't work. You can create an image. But image will only work on identical cf-cards (same C/H/S). Is that an openbsd specific problem (bootloader) or how can I get rid of that? I need an image that works on every cf-card. Any idea? I don't want to switch to freebsd... Regards Hagen Volpers -Urspr|ngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von openbsd misc Gesendet: Donnerstag, 3. August 2006 16:13 An: [EMAIL PROTECTED] Cc: misc@openbsd.org Betreff: Re: WPA support / creating a cf image Hello, that's exacly what I'm doing at the moment... :-) But that doesn't create an image. The problem is in short: C/H/S. But it looks like I already answered my question within the question ;-). m0n0wall is using phydiskwrite (which was written to be able to flash cf cards under windows): * FreeBSD: gzcat net45xx-xxx.img | dd of=/dev/rad[n] bs=16k where n = the ad device number of your CF card (check dmesg); use net48xx-xxx.img for net4801 and wrap-xxx.img for WRAP instead (ignore the warning about trailing garbage - it's because of the digital signature) * Linux: gunzip -c net45xx-xxx.img | dd of=/dev/hdX bs=16k where X = the IDE device name of your CF card (check with hdparm -i /dev/hdX) - some adapters, particularly USB, may show up under SCSI emulation as /dev/sdX (ignore the warning about trailing garbage - it's because of the digital signature) * Windows: physdiskwrite net45xx-xxx.img I'll try to create an image using flashdist (some modifications needed, but I hope that's not to hard ;-)), gzip it and then I'll try to write it to an cf card using windows. Regards Hagen Volpers Von: Ryan Corder [mailto:[EMAIL PROTECTED] Gesendet: Do 03.08.2006 14:41 An: openbsd misc Cc: misc@openbsd.org Betreff: Re: WPA support / creating a cf image On Wed, 2006-08-02 at 23:23 +0200, openbsd misc wrote: My question is, if there is a way to create such an image. For me it looks like an openbsd specific problem as it is posible with freebsd (www.m0n0.ch/wall). Perhaps here is someone who is an idea. quite possible and easy to do, check out flashdist: http://www.nmedia.net/~chris/soekris [...]
Function prologue and epilogue.
Hi all, I'm studying assembly programming and at this moment I have reached the capther that talnks about functions, and so far having learned about functions' prologue and epilogue. When I implemented a function, using both prologue and epilogue, the compiler compiled it, linked it but when it comes to run the binary I have a fail on memory segment. There it follows the function's prologue and epilogue: function: pushl %ebp movl %esp, %ebp . . movl %ebp, %esp popl %ebp ret When I implement without it the binary runs perfectly. I've already done some researchs about it, but it's too difficult to find specific informations about it for OpenBSd systems, and that's why I'm asking it in the list. Could please anyone help me with this issue? Thanks. -- Joco Salvatti Undergraduating in Computer Science Federal University of Para - UFPA web: http://www.openbsd-pa.org e-mail: [EMAIL PROTECTED]
Re: firefox 1.5.0.6 for openbsd
On 8/3/06, riwanlky [EMAIL PROTECTED] wrote: hi all, i don't have any experience with how to use source or other *nix tar.gz for openbsd. i need to have firefox 1.5.0.6. do anyone know how do i get the firefox in my openbsd 3.9 thanks, and best regards, riwan The instructions with an example are clearly printed on the insert inside your CD-ROM.
Re: WPA support / creating a cf image
On Thu, 2006-08-03 at 18:40 +0200, openbsd misc wrote: Ok, that didn't work. You can create an image. But image will only work on identical cf-cards (same C/H/S). Is that an openbsd specific problem (bootloader) or how can I get rid of that? I need an image that works on every cf-card. Any idea? I don't want to switch to freebsd... no, it is a limitation of the software used to create the image, not OpenBSD. It collects C/H/S information as part of the build, therefore will only work with a CF of that size. maybe time to roll your own. -- Ryan Corder [EMAIL PROTECTED] Systems Engineer, NovaSys Health LLC. 501-219- ext. 646 [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
Re: firefox 1.5.0.6 for openbsd
On Thu, Aug 03, 2006 at 12:11:08PM -0400, David T Harris wrote: The easiest way to install firefox on OpenBSD or any other package (that is available from OpenBSD) is to download the package from the OpenBSD website (or a mirror) or the ftp mirrors. No, the easiest way is like so: $ man pkg_add [...] $ ftp ftp://ftp.openbsd.org/pub/OpenBSD/ftplist [choose a mirror] $ export PKG_PATH=ftp://your.mirror.com/pub/OpenBSD/$(sysctl -n kern.version)/packages/$(machine)/ $ sudo pkg_add -i your-package -- o--{ Will Maier }--o | web:...http://www.lfod.us/ | [EMAIL PROTECTED] | *--[ BSD Unix: Live Free or Die ]--*
Re: service monitoring and pf load balancing
On 8/3/06, Siju George [EMAIL PROTECTED] wrote: On 8/3/06, Bill Marquette [EMAIL PROTECTED] wrote: slbd - http://slbd.sourceforge.net/ might be what you're looking for. The CVS code has numerous fixes that aren't in the 1.2 release. Disclaimer: I'm the current maintainer (but not the author) of that code. This is great Bill :-) Does it work well on 3.9? I haven't specifically tested it on 3.9 at this time (soon as I have some need for it). I find x86-based system running OpenBSD 3.3 or 3.4 (others may work, but I haven't tested with anything else; OpenBSD 3.5 support is forthcoming) on the site :-( is that outdated info? Very. I haven't updated the site since taking over the maintainer role. The code in CVS should compile and run on 3.9 cleanly - as soon as I've tested it myself I was planning on rolling out a 1.3 release (and I suppose I should check for it's status in ports and update ;)). --Bill
Re: WPA support / creating a cf image
On Thu, Aug 03, 2006 at 11:27:16PM +1000, Shane J Pearson wrote: What about an open wireless network, which does not allow anything to be routed out of the OpenBSD WAP unless it is authpf authorised. Then only VPN traffic. What does authpf+VPN provide in this use case that VPN alone doesn't?
radioctl error on i386 Aug 1 snapshot; Inappropriate ioctl for device
I'm getting the following error when I try to access my bktr(4) card. $ sudo radioctl -f /dev/bktr0 -a radioctl: RIOCGINFO: Inappropriate ioctl for device I was trying to set the tuner to cable/NTSC/channel#. thanks OpenBSD 4.0-beta (GENERIC) #1036: Tue Aug 1 01:59:50 MDT 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel Pentium III (GenuineIntel 686-class, 128KB L2 cache) 599 MHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE real mem = 266891264 (260636K) avail mem = 235917312 (230388K) using 3283 buffers containing 13447168 bytes (13132K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(96) BIOS, date 07/05/00, BIOS32 rev. 0 @ 0xfd890, SMBIOS rev. 2.3 @ 0xe0010 (47 ent ries) bios0: TriGem Computer, Inc. Emachines apm0 at bios0: Power Management spec V1.2 apm0: AC on, battery charge unknown apm0: flags 30102 dobusy 0 doidle 1 pcibios0 at bios0: rev 2.1 @ 0xfd890/0x770 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfdf40/160 (8 entries) pcibios0: PCI Interrupt Router at 000:31:0 (Intel 82371FB ISA rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0x8000 0xe/0x1000! 0xe1000/0x3000! cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82810 rev 0x03: rng active, 7Kb/sec vga1 at pci0 dev 1 function 0 Intel 82810 Graphics rev 0x03: aperture at 0xf800, size 0x400 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) ppb0 at pci0 dev 30 function 0 Intel 82801AA Hub-to-PCI rev 0x02 pci1 at ppb0 bus 1 clct0 at pci1 dev 9 function 0 Cirrus Logic CS4281 CrystalClear rev 0x01 irq 11 ac97: codec id 0x43525913 (Cirrus Logic CS4297A rev 3) ac97: codec features headphone, 20 bit DAC, 18 bit ADC, Crystal Semi 3D audio0 at clct0 rl0 at pci1 dev 11 function 0 Realtek 8139 rev 0x10: irq 9, address 00:c0:f0:55:58:80 rlphy0 at rl0 phy 0: RTL internal PHY uhci0 at pci1 dev 13 function 0 VIA VT83C572 USB rev 0x50: irq 9 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci1 dev 13 function 1 VIA VT83C572 USB rev 0x50: irq 9 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: VIA UHCI root hub, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered ehci0 at pci1 dev 13 function 2 VIA VT6202 USB rev 0x51: irq 11 usb2 at ehci0: USB revision 2.0 uhub2 at usb2 uhub2: VIA EHCI root hub, rev 2.00/1.00, addr 1 uhub2: 4 ports with 4 removable, self powered bktr0 at pci1 dev 14 function 0 Brooktree BT878 rev 0x02: irq 10 bktr0: Askey/Dynalink Magic TView, Temic NTSC tuner. Brooktree BT878 Audio rev 0x02 at pci1 dev 14 function 1 not configured ichpcib0 at pci0 dev 31 function 0 Intel 82801AA LPC rev 0x02 pciide0 at pci0 dev 31 function 1 Intel 82801AA IDE rev 0x02: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: ST310212A wd0: 32-sector PIO, LBA, 9768MB, 20005650 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: SAMSUNG, CD-ROM SC-148, PT02 SCSI0 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2 uhci2 at pci0 dev 31 function 2 Intel 82801AA USB rev 0x02: irq 11 usb3 at uhci2: USB revision 1.0 uhub3 at usb3 uhub3: Intel UHCI root hub, rev 1.00/1.00, addr 1 uhub3: 2 ports with 2 removable, self powered ichiic0 at pci0 dev 31 function 3 Intel 82801AA SMBus rev 0x02: irq 9 iic0 at ichiic0 isa0 at ichpcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard, using wsdisplay0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker spkr0 at pcppi0 it0 at isa0 port 0x290/8: IT87 npx0 at isa0 port 0xf0/16: using exception 16 fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec biomask fffd netmask fffd ttymask pctr: 686-class user-level performance counters enabled mtrr: Pentium Pro MTRR support wi0 at uhub1 port 2 wi0: Intersil Prism2.x WLAN, rev 1.10/1.32, addr 2 dkcsum: wd0 matches BIOS drive 0x80 root on wd0a rootdev=0x0 rrootdev=0x300 rawdev=0x302 wi0: PRISM2.5 USB (0x8010), Firmware 1.1.0 (primary), 1.4.9 (station), address 00:02:6f:08:8e:ee
Re: WPA support / creating a cf image
On Thu, 2006-08-03 at 14:47 -0400, Jeff Quast wrote: I understand this is a problem of target systems translating C/H/S values differently. There is no problem in dynamicly using OpenBSD's idea of C/H/S values at build time. However, OpenBSD on two different machines can provide completely different C/H/S values on the exact same card. Correct me if im wrong. I don't think rolling your own would help in this way. I've heavily modified flashdist.sh to work in a different manner... I don't like the idea of building a complete system thats a mangled version of OpenBSD that needs to be maintained and provided for you. This is the common 'giving the people what they want' distrobution format, and making those of us who want to modify it even the slightest bit work that much harder. I've changed the format of flashdist to accept an overlay/ directory, containing any /etc/, /bsd, /usr/local, etc. additions or changes to overlay over the target CF card after a default install (extracting basesets). that's exactly where I was going with it. I too have heavily modified flashdist.sh for my own needs and my stuff sounds similar to yours...an overlay type of setup. the problem that the original poster is facing is that the script he is using does everything for him...including setting up and partitioning the CF. What would be nice is for similar script or program that just gathered everything up that is required for the system to run and create an image out of that. Let the user handle setting up the individual CF cards and just provide an image of the hard drive contents to be flashed over via dd. -- Ryan Corder [EMAIL PROTECTED] Systems Engineer, NovaSys Health LLC. 501-219- ext. 646 [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
Re: simple spamd greylisting on transparent bridge
Will H. Backman wrote: Is this a sane minimum configuration for spamd -g on a transparent bridge? Is it unwise to only greylist? I white-, black- and greylist (in that order). Greylisting requires regular administration due to mail server pools and such. I have not tested, but I strongly suspect that blacklisting blocks server pools that you otherwise would have to consider whitelisting. Of course, you could use greylisting as-is (without administrating/whitelisting), but then you should calculate with the risk of making legitimate legitimate mail bounce. 1. Create bridge with no IP's. 2. pf=YES and spamd_flags=-g in /etc/rc.conf.local 3. Simple three line /etc/pf.conf: ext_if=xl0 rdr pass inet proto tcp from !spamd-white to any \ port smtp - 127.0.0.1 port spamd pass in on $ext_if route-to lo0 proto tcp from any to 127.0.0.1 port spamd I have not set up a transparent bridge (with spamd, anyway), but i suspect you might have to remove the pass in rdr pass to make the pass in... rule being evaluated at all. The third line of pf.conf was inspired by the example given here: http://marc.theaimsgroup.com/?l=openbsd-miscm=108089194621750w=2 I'm not sure if my modifications for this situation are correct. Sounds reasonable. /alexander
Blob Bingo!
http://www.securityfocus.com/brief/271 .. .. The problem is not limited to Apple computers, and appears to affect drivers written by a wide range WiFi chipset makers. The Apple Macbook is known to use an Atheros WiFi chipset, but numerous other chipsets are also affected. Windows and Linux systems are at risk as well, as the vulnerability affects device drivers that are provided by chipset manufacturers. Systems running OpenBSD are unlikely to be affected based on that open-source group's refusal to use binary blobs in their device drivers, and their subsequent reverse engineering of numerous WiFi chipsets to provide open-source alternatives to manufacturer's device drivers. .. .. = = = = My Congratulations to the project, +++chefren
Re: radioctl error on i386 Aug 1 snapshot; Inappropriate ioctl for device
On 8/3/06, Diana Eichert [EMAIL PROTECTED] wrote: I'm getting the following error when I try to access my bktr(4) card. $ sudo radioctl -f /dev/bktr0 -a radioctl: RIOCGINFO: Inappropriate ioctl for device I was trying to set the tuner to cable/NTSC/channel#. OpenBSD 4.0-beta (GENERIC) #1036: Tue Aug 1 01:59:50 MDT 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC snip bktr0 at pci1 dev 14 function 0 Brooktree BT878 rev 0x02: irq 10 bktr0: Askey/Dynalink Magic TView, Temic NTSC tuner. Brooktree BT878 Audio rev 0x02 at pci1 dev 14 function 1 not configured The RIOCGINFO ioctl(2) is reserved for /dev/radioN(4) devices.. I didn't see it in your dmesg, but I seem to recall my ancient 848 enumerating radio0 at bktr0 for NTSC tuning purposes, barring memory problems (of the brain sort). I believe there are also some kernel config options to force manual enumeration of the device rather than relying on built-in autodetection code. I never had to worry about them, but you might give that a go if you're in the kernel-config neighbourhood.
Re: WPA support / creating a cf image
My plan is to build a default flashdist. Afterwards I want to build tgz to install additional files. But that all doesn't make sense as long as you aren't able to create a simple image that can be written to every CF card running on every system (as long as the kernel supports the hardware). I found this comment in flashdist.sh: # This script contains a stupid method which occasionally works to make this # media bootable on a destination which uses a different c/h/s translation # than the host system. Of course, this is really just a hack. This # hack is no longer necessary with OpenBSD's newer LBA MBR, but left in place # because it does no harm. At the moment I try to figure out how to change the image MBR to LBA. I hope that's the correct way. Regards Hagen Volpers -Urspr|ngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Ryan Corder Gesendet: Donnerstag, 3. August 2006 21:08 An: Jeff Quast Cc: misc@openbsd.org Betreff: Re: WPA support / creating a cf image On Thu, 2006-08-03 at 14:47 -0400, Jeff Quast wrote: I understand this is a problem of target systems translating C/H/S values differently. There is no problem in dynamicly using OpenBSD's idea of C/H/S values at build time. However, OpenBSD on two different machines can provide completely different C/H/S values on the exact same card. Correct me if im wrong. I don't think rolling your own would help in this way. I've heavily modified flashdist.sh to work in a different manner... I don't like the idea of building a complete system thats a mangled version of OpenBSD that needs to be maintained and provided for you. This is the common 'giving the people what they want' distrobution format, and making those of us who want to modify it even the slightest bit work that much harder. I've changed the format of flashdist to accept an overlay/ directory, containing any /etc/, /bsd, /usr/local, etc. additions or changes to overlay over the target CF card after a default install (extracting basesets). that's exactly where I was going with it. I too have heavily modified flashdist.sh for my own needs and my stuff sounds similar to yours...an overlay type of setup. the problem that the original poster is facing is that the script he is using does everything for him...including setting up and partitioning the CF. What would be nice is for similar script or program that just gathered everything up that is required for the system to run and create an image out of that. Let the user handle setting up the individual CF cards and just provide an image of the hard drive contents to be flashed over via dd. -- Ryan Corder [EMAIL PROTECTED] Systems Engineer, NovaSys Health LLC. 501-219- ext. 646 [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
Re: WPA support / creating a cf image
On 2006/08/03 14:47, Jeff Quast wrote: values differently. There is no problem in dynamicly using OpenBSD's idea of C/H/S values at build time. However, OpenBSD on two different machines can provide completely different C/H/S values on the exact yes, this was a bit of a pain for this type of thing until biosboot(8) got changed to use LBA a couple of years ago.
VPN using ipsec.conf isn't passing traffic...
Hi all, Lengthy message ahead! Here's a rough sketch of the two networks I'm trying to connect with a vpn. subnet (192.168.0.0/24) (openbsd and win xp) | | (agampoka) openbsd firewall internal (192.168.0.1) | openbsd firewall external (216.67.187.228) | | | | | DSL from AOL (yuck) | | Creative Broadxent Broadband Blaster Modem 8012U-V | | Linksys Router Public IP (172.191.191.92, dynamic) | Linksys Router 192.168.1.1 (192.168.1.200 is in the DMZ) | OpenBSD (laramie)(192.168.1.200)---HubOther Offices Subnet | 10.1.1.1 | Switch | | --- Packet 8 phone (10.1.1.7) | | Win XP (10.1.1.6) Here's my ipsec.conf file from agampoka: ike passive esp from 192.168.0.0/24 to 10.1.1.0/24 peer 172.191.191.92 ike passive esp from 216.67.187.228 to 10.1.1.0/24 peer 172.191.191.92 ike passive esp from 216.67.187.228 to 172.191.191.92 and from laramie: ike dynamic esp from 10.1.1.0/24 to 192.168.0.0/24 peer 216.67.187.228 ike dynamic esp from 172.191.191.92 to 192.168.0.0/24 peer 216.67.187.228 ike dynamic esp from 172.191.191.92 to 216.67.187.228 pf.conf on both skips enc0 and passes in quick from the other network: set skip on { lo $int_if enc0 } pass quick on $ext_if from 216.67.187.228 Started everything up with isakmpd -K -d and ipsecctl -v -f /etc/ipsec.conf on both. From the following it looks like the routes and flows are set up correctly: [EMAIL PROTECTED]:/home/jross $ netstat -rn -f encap Routing tables Encap: Source Port DestinationPort Proto SA(Address/Proto/Type/Direction) 172.191.191.92/32 0 192.168.0/24 0 0 172.191.191.92/esp/use/in 192.168.0/24 0 172.191.191.92/32 0 0 172.191.191.92/esp/require/out 172.191.191.92/32 0 216.67.187.228/32 0 0 172.191.191.92/esp/use/in 216.67.187.228/32 0 172.191.191.92/32 0 0 172.191.191.92/esp/require/out 10.1.1/24 0 192.168.0/24 0 0 172.191.191.92/esp/use/in 192.168.0/24 0 10.1.1/24 0 0 172.191.191.92/esp/require/out and this on laramie: [EMAIL PROTECTED]:/home/jross $ netstat -rn -f encap Routing tables Encap: Source Port DestinationPort Proto SA(Address/Proto/Type/Direction) 216.67.187.228/32 0 172.191.191.92/32 0 0 216.67.187.228/esp/use/in 172.191.191.92/32 0 216.67.187.228/32 0 0 216.67.187.228/esp/require/out 192.168.0/24 0 172.191.191.92/32 0 0 216.67.187.228/esp/use/in 172.191.191.92/32 0 192.168.0/24 0 0 216.67.187.228/esp/require/out 192.168.0/24 0 10.1.1/24 0 0 216.67.187.228/esp/use/in 10.1.1/24 0 192.168.0/24 0 0 216.67.187.228/esp/require/out Additionally, I see this on agampoka: [EMAIL PROTECTED]:/home/jross $ sudo ipsecctl -s all Password: FLOWS: flow esp in from 172.191.191.92 to 192.168.0.0/24 peer 172.191.191.92 srcid 216.67.187.228/32 dstid laramie.wykids.org type use flow esp out from 192.168.0.0/24 to 172.191.191.92 peer 172.191.191.92 srcid 216.67.187.228/32 dstid laramie.wykids.org type require flow esp in from 172.191.191.92 to 216.67.187.228 peer 172.191.191.92 srcid 216.67.187.228/32 dstid laramie.wykids.org type use flow esp out from 216.67.187.228 to 172.191.191.92 peer 172.191.191.92 srcid 216.67.187.228/32 dstid laramie.wykids.org type require flow esp in from 10.1.1.0/24 to 192.168.0.0/24 peer 172.191.191.92 srcid 216.67.187.228/32 dstid laramie.wykids.org type use flow esp out from 192.168.0.0/24 to 10.1.1.0/24 peer 172.191.191.92 srcid 216.67.187.228/32 dstid laramie.wykids.org type require SADB: esp tunnel from 216.67.187.228 to 172.191.191.92 spi 0xba72e151 auth hmac-sha2-256 enc aes \ authkey 0x0d1c887a24545b3984708c13b6775db09e778a0c676a82d5aeb17153e70ed917 \ enckey 0xf90f461776be158ab26fd3cb23ebaced esp tunnel from 216.67.187.228 to 172.191.191.92 spi 0x91ff auth hmac-sha2-256 enc aes \ authkey 0xc231811607a2b7ec0cb6e1613fe25999e5d910492eafdef6ec6f03defa9ce317 \ enckey 0x56bad5568b1be1a99cc3b54badd83a10 esp tunnel from 216.67.187.228 to 172.191.191.92 spi 0x61df99ce auth hmac-sha2-256 enc aes \ authkey 0x64d9a21f70ccaf9d148b157b057586df889e0f76c52df3002707a2cd1dfd57f1 \ enckey 0x5993a98da6443ddc4ba68c2cf1c64751 esp tunnel from 172.191.191.92 to 216.67.187.228 spi 0x538f5300 auth hmac-sha2-256 enc aes \ authkey
Redundant ethernet Carp (was Re:Soekris)
Well, after playing a little with trunk(4), etherchannel, and carp I am wondering something: Trying to achieve both firewall redundancy (via carp) and ethernet redundancy (via trunk(4)), would it be possible and (and maybe even recommended) to have firewall-1 connected solely to switch-1 and firewall-2 connected solely to switch-2, forgo the trunk(4), and just use carp to detect if either of the switches has failed, and fail over to the other switch/firewall combo? Am I making sense? Thanks, Tim
igmp-2 Packet Filter logging, -current
At work yesterday I installed a firewall running -current from August 2nd. pf.conf is exactly the same as my stable OpenBSD 3.9 firewall except for changing -- set skip on { lo $int_if } to set skip on lo pass quick on $int_if -- Things like this are appearing in pflog: Aug 03 10:17:26.046221 0.0.0.0 IGMP.MCAST.NET: igmp-2 [v2] [ttl 1] Aug 03 10:17:26.046233 0.0.0.0 IGMP.MCAST.NET: igmp-2 [v2] [ttl 1] Aug 03 11:10:13.578190 host14.this.com IGMP.MCAST.NET: igmp-2 [v2] [ttl 1] Aug 03 11:10:13.578200 host14.this.com IGMP.MCAST.NET: igmp-2 [v2] [ttl 1] - Is this logging an error? It has not appeared before. Darrel
Disabling suspend
Hello misc@, Sometimes my laptop goes into standby when I close the lid, but not always. Also, if it is in standby and I open the lid it wakes up. Under windows I have changed this behaviour so that I must manually enter standby and press the power button to exit it. Is there any way to get the same effect in OpenBSD? I have searched but only found linux or DOS related pages, and many of them seem to be about disabling suspend completely, whereas I just want to disable suspend caused automatically. Thank you -Nick
Re: Intel pro/1000GT quad adapter [not working]
Stuart Henderson wrote: On 2006/08/03 15:54, Per Engelbrecht wrote: I'm beefing up two of our bgp routers i.e. replacing Intel Pro/1000MT dual port server adapters with Intel Pro/1000GT quad-port server adapters. The GT card is the MT cards successor and should be backwards compatible, but my vanilla 3.9 installation 'no habla GT'. GT PCI ID was added post-3.9. -current snapshot is probably the easy way, and since we're approaching 4.0 it shouldn't be too stressful. If you still have problems, maybe try adjusting irq settings in bios, when I've had multi-port em(4) unable to see all ports that has been the way to get them back. Hi Stuart, Thank you, appreciate it! Latest i386 snap (08/03/06 12:41:00) will have to do. real mem = 4160266240 (4062760K) hey, it's not cisco-eee :-) :) /per [EMAIL PROTECTED]
Re: Disabling suspend
Nick Guenther wrote: Hello misc@, Sometimes my laptop goes into standby when I close the lid, but not always. Also, if it is in standby and I open the lid it wakes up. Under windows I have changed this behaviour so that I must manually enter standby and press the power button to exit it. Is there any way to get the same effect in OpenBSD? I have searched but only found linux or DOS related pages, and many of them seem to be about disabling suspend completely, whereas I just want to disable suspend caused automatically. You do not mention much about your hardware. More information could probably be helpful. That said, I configure my Dell Inspiron 4100 BIOS-wise. I don't know what lurks in the shadows of your BIOS config. /Alexander
Re: Disabling suspend
On 8/3/06, Alexander Hall [EMAIL PROTECTED] wrote: Nick Guenther wrote: Hello misc@, Sometimes my laptop goes into standby when I close the lid, but not always. Also, if it is in standby and I open the lid it wakes up. Under windows I have changed this behaviour so that I must manually enter standby and press the power button to exit it. Is there any way to get the same effect in OpenBSD? I have searched but only found linux or DOS related pages, and many of them seem to be about disabling suspend completely, whereas I just want to disable suspend caused automatically. You do not mention much about your hardware. More information could probably be helpful. That said, I configure my Dell Inspiron 4100 BIOS-wise. I don't know what lurks in the shadows of your BIOS config. It's a Dell Latitude C600 with BIOS revision A23. Thanks for the hint actually, just switched into the BIOS (while running the system, go go Dell :) and found the option to disable suspend-on-lid-close. I forgot to mention that I did read about apmd -a, which says: BIOS-initiated suspend or standby requests are ignored if the system is connected to line current and not running from batter- ies (user requests are still honored) On Windows it seems that it ignores standby requests from the BIOS unless you select the option that does that. I guess I was looking for a similar feature in OpenBSD. Notice that the the apmd -a doesn't work when running from batteries, which doesn't work for me. Anyway, it seems that problem is solved though, thank you. None of this so far has addressed the issue that when I open the lid it turns back on. I don't understand the details of opening the lid. My best guess is that the BIOS wakes up the OS and loads it back into RAM if neccessary. Perhaps Windows gets away with it is by, when it is woken up, checking how it was woken up and if by the lid it turns back off; I would not be surprised to find such a hack from microsoft. I was hoping it was not a hack though and OpenBSD would be capable of something similar. -Nick
Re: WPA support / creating a cf image
On Thursday 03 August 2006 22:13, openbsd misc wrote: that's exacly what I'm doing at the moment... :-) But that doesn't create an image. The problem is in short: C/H/S. I haven't had any problems installing the standard install on a cf-ide adapter in one machine and using it in another. I guess you could then just create a disk image from the cf and use that in the future. --- Lars Hansson
Re: Blob Bingo!
On 8/3/06, chefren [EMAIL PROTECTED] wrote: http://www.securityfocus.com/brief/271 .. .. The problem is not limited to Apple computers, and appears to affect drivers written by a wide range WiFi chipset makers. The Apple Macbook is known to use an Atheros WiFi chipset, but numerous other chipsets are also affected. Windows and Linux systems are at risk as well, as the vulnerability affects device drivers that are provided by chipset manufacturers. Systems running OpenBSD are unlikely to be affected based on that open-source group's refusal to use binary blobs in their device drivers, and their subsequent reverse engineering of numerous WiFi chipsets to provide open-source alternatives to manufacturer's device drivers. .. .. = = = = My Congratulations to the project, Haha wow, that is awesome. Total vindication. It was only months ago that the project's latest propaganda campaign against blobs came out and now so soon after it is proved completely right. Everyone else in the world gets owned by this (which is probably a simple buffer overflow in the passive scan code) except OpenBSD. -Nick